Good day!

I work with CI. I fulfill the request:

function edit_template($data = array()) { if ($data) { $sql = " UPDATE {$this->_db} SET title = " . $this->db->escape($data['title']) . ", check = " . $this->db->escape($data['check']) . ", message = " . $this->db->escape($data['message']) . " WHERE id = " . $this->db->escape($data['id']) . " "; $this->db->query($sql); if ($this->db->affected_rows()) { return TRUE; } } return FALSE; }

I get the error:

Error Number: 1064

You have an error in your SQL syntax; If you’re on the line, you’ll have to check it.

UPDATE sms_template SET title = 'Deposit account', check = '1', message = '23', WHERE id = '1'

What am I doing wrong? Without the check = " . $this->db->escape($data['check']) . ", everything works without errors.

Grateful for any help!

  • one
    check what type in the table has in your php? - br3t
  • Type - INT. Long 11 - Anton Bogomolov
  • one
    And trying to put a string? - br3t
  • I tried changing the type to varchar or text - the result remains the same. - Anton Bogomolov
  • It worked! Thanks - Anton Bogomolov

1 answer 1

1) Wrap all table and field names in special quotes
2) Manipulate data, leading it to the correct type. Do not wrap integer variables in quotes.

 $sql = " UPDATE `{$this->_db}` SET `title` = " . $this->db->escape($data['title']) . ", `check` = " . intval($data['check']) . ", `message` = " . $this->db->escape($data['message']) . " WHERE `id` = " . intval($data['id']) . " ";
  • Why didn't you say you need to use PDO? - Alex78191