php code question

Hi there,

I have a page in which people update their info in mysql.  I've added some columns and tried to modify the code but am getting an sql error.

The table is called 'members', the colums are:
id  username  password  name  level  race  class  magelo  active  status  main  poj  beard  bone  sash  medallions  bot  

Using the code I'll post below, the page initially loads properly, but after submitting the update form I get the following sql error "You have an error in your SQL syntax near ''magelo'='', 'main'='Y', 'p' at line 1

I'll now post the code.  I'd really appreciate the help.  I have a feeling it's something small I'm overlooking but I could be wrong.

## here is the code

<?php require_once('Connections/thelupineorder.php'); ?>
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
  $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
  return $theValue;

$editFormAction = $HTTP_SERVER_VARS['PHP_SELF'];
  $editFormAction .= "?" . $HTTP_SERVER_VARS['QUERY_STRING'];

if ((isset($HTTP_POST_VARS["MM_update"])) && ($HTTP_POST_VARS["MM_update"] == "form1")) {
  $updateSQL = sprintf("UPDATE members SET name=%s, `level`=%s, race=%s, `class`=%s, 'magelo'=%s, 'main'=%s, 'poj'=%s, 'beard'=%s, 'bone'=%s, 'sash'=%s, 'medallions'=%s, 'bot'=%s WHERE id=%s",
                             GetSQLValueString($HTTP_POST_VARS['name'], "text"),
                             GetSQLValueString($HTTP_POST_VARS['level'], "text"),
                             GetSQLValueString($HTTP_POST_VARS['race'], "text"),
                             GetSQLValueString($HTTP_POST_VARS['class'], "text"),
                             GetSQLValueString($HTTP_POST_VARS['magelo'], "text"),
                             GetSQLValueString(isset($HTTP_POST_VARS['main']) ? "true" : "", "defined","'Y'","'N'"),
                             GetSQLValueString(isset($HTTP_POST_VARS['poj']) ? "true" : "", "defined","'Y'","'N'"),
            GetSQLValueString(isset($HTTP_POST_VARS['beard']) ? "true" : "", "defined","'Y'","'N'"),
            GetSQLValueString(isset($HTTP_POST_VARS['bone']) ? "true" : "", "defined","'Y'","'N'"),
            GetSQLValueString(isset($HTTP_POST_VARS['sash']) ? "true" : "", "defined","'Y'","'N'"),
            GetSQLValueString($HTTP_POST_VARS['medallions'], "text"),
            GetSQLValueString(isset($HTTP_POST_VARS['bot']) ? "true" : "", "defined","'Y'","'N'"),
            GetSQLValueString($HTTP_POST_VARS['id'], "int"));

mysql_select_db($database_thelupineorder, $thelupineorder);
  $Result1 = mysql_query($updateSQL, $thelupineorder) or die(mysql_error());

  $updateGoTo = "done.php";
    $updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
  header(sprintf("Location: %s", $updateGoTo));

$colname_rsmembers = "1";
if (isset($HTTP_GET_VARS['id'])) {
  $colname_rsmembers = (get_magic_quotes_gpc()) ? $HTTP_GET_VARS['id'] : addslashes($HTTP_GET_VARS['id']);
mysql_select_db($database_thelupineorder, $thelupineorder);
$query_rsmembers = sprintf("SELECT * FROM members WHERE id = %s ORDER BY name ASC", $colname_rsmembers);
$rsmembers = mysql_query($query_rsmembers, $thelupineorder) or die(mysql_error());
$row_rsmembers = mysql_fetch_assoc($rsmembers);
$totalRows_rsmembers = mysql_num_rows($rsmembers);

$colname_rsuser = "1";
if (isset($HTTP_GET_VARS['username'])) {
  $colname_rsuser = (get_magic_quotes_gpc()) ? $HTTP_GET_VARS['username'] : addslashes($HTTP_GET_VARS['username']);
mysql_select_db($database_thelupineorder, $thelupineorder);
$query_rsuser = sprintf("SELECT * FROM members WHERE username = '%s' ", $colname_rsuser);
$rsuser = mysql_query($query_rsuser, $thelupineorder) or die(mysql_error());
$row_rsuser = mysql_fetch_assoc($rsuser);
$totalRows_rsuser = mysql_num_rows($rsuser);

$colname_rsauth = "1";
if (isset($HTTP_COOKIE_VARS['username'])) {
  $colname_rsauth = (get_magic_quotes_gpc()) ? $HTTP_COOKIE_VARS['username'] : addslashes($HTTP_COOKIE_VARS['username']);
$colname2_rsauth = "1";
if (isset($HTTP_COOKIE_VARS['adminpw'])) {
  $colname2_rsauth = (get_magic_quotes_gpc()) ? $HTTP_COOKIE_VARS['adminpw'] : addslashes($HTTP_COOKIE_VARS['adminpw']);
mysql_select_db($database_thelupineorder, $thelupineorder);
$query_rsauth = sprintf("SELECT * FROM members,admin WHERE members.username = '%s'  or admin.adminpw = '%s'", $colname_rsauth,$colname2_rsauth);
$rsauth = mysql_query($query_rsauth, $thelupineorder) or die(mysql_error());
$row_rsauth = mysql_fetch_assoc($rsauth);
$totalRows_rsauth = mysql_num_rows($rsauth);
  <table width="690" border="1" bordercolor="#0099CC" background="background2.gif">
      <td width="720">
<form name="form1" method="POST" action="<?php echo $editFormAction; ?>">
          <?php if ($totalRows_rsauth == 0) { // Show if recordset empty ?>
          <p align="center"><font size="2" face="Lucida Sans Unicode">Im sorry
            the Username/Password you entered is not valid.</font></p>
          <?php } // Show if recordset empty ?>
          <?php if ($totalRows_rsauth > 0) { // Show if recordset not empty ?>
          <table width="75%" border="0" align="center">
              <td width="50%"><div align="right">Name:</div></td>
              <td width="50%"> <input name="name" type="text" id="name2" value="<?php echo $row_rsmembers['name']; ?>" size="40">
              <td><div align="right">Level:</div></td>
              <td> <select name="level" id="select">
                  <option value="1" <?php if (!(strcmp(1, $row_rsmembers['level']))) {echo "SELECTED";} ?>>1</option>
                  <option value="2" <?php if (!(strcmp(2, $row_rsmembers['level']))) {echo "SELECTED";} ?>>2</option>
                  <option value="3" <?php if (!(strcmp(3, $row_rsmembers['level']))) {echo "SELECTED";} ?>>3</option>
                  <option value="4" <?php if (!(strcmp(4, $row_rsmembers['level']))) {echo "SELECTED";} ?>>4</option>
                  <option value="5" <?php if (!(strcmp(5, $row_rsmembers['level']))) {echo "SELECTED";} ?>>5</option>
                  <option value="6" <?php if (!(strcmp(6, $row_rsmembers['level']))) {echo "SELECTED";} ?>>6</option>
                  <option value="7" <?php if (!(strcmp(7, $row_rsmembers['level']))) {echo "SELECTED";} ?>>7</option>
                  <option value="8" <?php if (!(strcmp(8, $row_rsmembers['level']))) {echo "SELECTED";} ?>>8</option>
                  <option value="9" <?php if (!(strcmp(9, $row_rsmembers['level']))) {echo "SELECTED";} ?>>9</option>
                  <option value="10" <?php if (!(strcmp(10, $row_rsmembers['level']))) {echo "SELECTED";} ?>>10</option>
                  <option value="11" <?php if (!(strcmp(11, $row_rsmembers['level']))) {echo "SELECTED";} ?>>11</option>
                  <option value="12" <?php if (!(strcmp(12, $row_rsmembers['level']))) {echo "SELECTED";} ?>>12</option>
                  <option value="13" <?php if (!(strcmp(13, $row_rsmembers['level']))) {echo "SELECTED";} ?>>13</option>
                  <option value="14" <?php if (!(strcmp(14, $row_rsmembers['level']))) {echo "SELECTED";} ?>>14</option>
                  <option value="15" <?php if (!(strcmp(15, $row_rsmembers['level']))) {echo "SELECTED";} ?>>15</option>
                  <option value="16" <?php if (!(strcmp(16, $row_rsmembers['level']))) {echo "SELECTED";} ?>>16</option>
                  <option value="17" <?php if (!(strcmp(17, $row_rsmembers['level']))) {echo "SELECTED";} ?>>17</option>
                  <option value="18" <?php if (!(strcmp(18, $row_rsmembers['level']))) {echo "SELECTED";} ?>>18</option>
                  <option value="19" <?php if (!(strcmp(19, $row_rsmembers['level']))) {echo "SELECTED";} ?>>19</option>
                  <option value="20" <?php if (!(strcmp(20, $row_rsmembers['level']))) {echo "SELECTED";} ?>>20</option>
                  <option value="21" <?php if (!(strcmp(21, $row_rsmembers['level']))) {echo "SELECTED";} ?>>21</option>
                  <option value="22" <?php if (!(strcmp(22, $row_rsmembers['level']))) {echo "SELECTED";} ?>>22</option>
                  <option value="23" <?php if (!(strcmp(23, $row_rsmembers['level']))) {echo "SELECTED";} ?>>23</option>
                  <option value="24" <?php if (!(strcmp(24, $row_rsmembers['level']))) {echo "SELECTED";} ?>>24</option>
                  <option value="25" <?php if (!(strcmp(25, $row_rsmembers['level']))) {echo "SELECTED";} ?>>25</option>
                  <option value="26" <?php if (!(strcmp(26, $row_rsmembers['level']))) {echo "SELECTED";} ?>>26</option>
                  <option value="27" <?php if (!(strcmp(27, $row_rsmembers['level']))) {echo "SELECTED";} ?>>27</option>
                  <option value="28" <?php if (!(strcmp(28, $row_rsmembers['level']))) {echo "SELECTED";} ?>>28</option>
                  <option value="29" <?php if (!(strcmp(29, $row_rsmembers['level']))) {echo "SELECTED";} ?>>29</option>
                  <option value="30" <?php if (!(strcmp(30, $row_rsmembers['level']))) {echo "SELECTED";} ?>>30</option>
                  <option value="31" <?php if (!(strcmp(31, $row_rsmembers['level']))) {echo "SELECTED";} ?>>31</option>
                  <option value="32" <?php if (!(strcmp(32, $row_rsmembers['level']))) {echo "SELECTED";} ?>>32</option>
                  <option value="33" <?php if (!(strcmp(33, $row_rsmembers['level']))) {echo "SELECTED";} ?>>33</option>
                  <option value="34" <?php if (!(strcmp(34, $row_rsmembers['level']))) {echo "SELECTED";} ?>>34</option>
                  <option value="35" <?php if (!(strcmp(35, $row_rsmembers['level']))) {echo "SELECTED";} ?>>35</option>
                  <option value="36" <?php if (!(strcmp(36, $row_rsmembers['level']))) {echo "SELECTED";} ?>>36</option>
                  <option value="37" <?php if (!(strcmp(37, $row_rsmembers['level']))) {echo "SELECTED";} ?>>37</option>
                  <option value="38" <?php if (!(strcmp(38, $row_rsmembers['level']))) {echo "SELECTED";} ?>>38</option>
                  <option value="39" <?php if (!(strcmp(39, $row_rsmembers['level']))) {echo "SELECTED";} ?>>39</option>
                  <option value="40" <?php if (!(strcmp(40, $row_rsmembers['level']))) {echo "SELECTED";} ?>>40</option>
                  <option value="41" <?php if (!(strcmp(41, $row_rsmembers['level']))) {echo "SELECTED";} ?>>41</option>
                  <option value="42" <?php if (!(strcmp(42, $row_rsmembers['level']))) {echo "SELECTED";} ?>>42</option>
                  <option value="43" <?php if (!(strcmp(43, $row_rsmembers['level']))) {echo "SELECTED";} ?>>43</option>
                  <option value="44" <?php if (!(strcmp(44, $row_rsmembers['level']))) {echo "SELECTED";} ?>>44</option>
                  <option value="45" <?php if (!(strcmp(45, $row_rsmembers['level']))) {echo "SELECTED";} ?>>45</option>
                  <option value="46" <?php if (!(strcmp(46, $row_rsmembers['level']))) {echo "SELECTED";} ?>>46</option>
                  <option value="47" <?php if (!(strcmp(47, $row_rsmembers['level']))) {echo "SELECTED";} ?>>47</option>
                  <option value="48" <?php if (!(strcmp(48, $row_rsmembers['level']))) {echo "SELECTED";} ?>>48</option>
                  <option value="49" <?php if (!(strcmp(49, $row_rsmembers['level']))) {echo "SELECTED";} ?>>49</option>
                  <option value="50" <?php if (!(strcmp(50, $row_rsmembers['level']))) {echo "SELECTED";} ?>>50</option>
                  <option value="51" <?php if (!(strcmp(51, $row_rsmembers['level']))) {echo "SELECTED";} ?>>51</option>
                  <option value="52" <?php if (!(strcmp(52, $row_rsmembers['level']))) {echo "SELECTED";} ?>>52</option>
                  <option value="53" <?php if (!(strcmp(53, $row_rsmembers['level']))) {echo "SELECTED";} ?>>53</option>
                  <option value="54" <?php if (!(strcmp(54, $row_rsmembers['level']))) {echo "SELECTED";} ?>>54</option>
                  <option value="55" <?php if (!(strcmp(55, $row_rsmembers['level']))) {echo "SELECTED";} ?>>55</option>
                  <option value="56" <?php if (!(strcmp(56, $row_rsmembers['level']))) {echo "SELECTED";} ?>>56</option>
                  <option value="57" <?php if (!(strcmp(57, $row_rsmembers['level']))) {echo "SELECTED";} ?>>57</option>
                  <option value="58" <?php if (!(strcmp(58, $row_rsmembers['level']))) {echo "SELECTED";} ?>>58</option>
                  <option value="59" <?php if (!(strcmp(59, $row_rsmembers['level']))) {echo "SELECTED";} ?>>59</option>
                  <option value="60" <?php if (!(strcmp(60, $row_rsmembers['level']))) {echo "SELECTED";} ?>>60</option>
                  <option value="61" <?php if (!(strcmp(61, $row_rsmembers['level']))) {echo "SELECTED";} ?>>61</option>
                  <option value="62" <?php if (!(strcmp(62, $row_rsmembers['level']))) {echo "SELECTED";} ?>>62</option>
                  <option value="63" <?php if (!(strcmp(63, $row_rsmembers['level']))) {echo "SELECTED";} ?>>63</option>
                  <option value="64" <?php if (!(strcmp(64, $row_rsmembers['level']))) {echo "SELECTED";} ?>>64</option>
                  <option value="65" <?php if (!(strcmp(65, $row_rsmembers['level']))) {echo "SELECTED";} ?>>65</option>
                </select> </td>
              <td><div align="right">Class:</div></td>
              <td> <select name="class" id="select2">
                  <option value="Bard" <?php if (!(strcmp("Bard", $row_rsmembers['class']))) {echo "SELECTED";} ?>>Bard
                  <option value="Beastlord" <?php if (!(strcmp("Beastlord", $row_rsmembers['class']))) {echo "SELECTED";} ?>>Beastlord
                  <option value="Cleric" <?php if (!(strcmp("Cleric", $row_rsmembers['class']))) {echo "SELECTED";} ?>>Cleric
                  <option value="Druid" <?php if (!(strcmp("Druid", $row_rsmembers['class']))) {echo "SELECTED";} ?>>Druid
                  <option value="Enchanter" <?php if (!(strcmp("Enchanter", $row_rsmembers['class']))) {echo "SELECTED";} ?>>Enchanter
                  <option value="Magician" <?php if (!(strcmp("Magician", $row_rsmembers['class']))) {echo "SELECTED";} ?>>Magician
                  <option value="Monk" <?php if (!(strcmp("Monk", $row_rsmembers['class']))) {echo "SELECTED";} ?>>Monk
                  <option value="Necromancer" <?php if (!(strcmp("Necromancer", $row_rsmembers['class']))) {echo "SELECTED";} ?>>Necromancer
                  <option value="Paladin" <?php if (!(strcmp("Paladin", $row_rsmembers['class']))) {echo "SELECTED";} ?>>Paladin
                  <option value="Ranger" <?php if (!(strcmp("Ranger", $row_rsmembers['class']))) {echo "SELECTED";} ?>>Ranger
                  <option value="Rogue" <?php if (!(strcmp("Rogue", $row_rsmembers['class']))) {echo "SELECTED";} ?>>Rogue
                  <option value="Shadowknight" <?php if (!(strcmp("Shadowknight", $row_rsmembers['class']))) {echo "SELECTED";} ?>>Shadow
                  <option value="Shaman" <?php if (!(strcmp("Shaman", $row_rsmembers['class']))) {echo "SELECTED";} ?>>Shaman
                  <option value="Warrior" <?php if (!(strcmp("Warrior", $row_rsmembers['class']))) {echo "SELECTED";} ?>>Warrior
                  <option value="Wizard" <?php if (!(strcmp("Wizard", $row_rsmembers['class']))) {echo "SELECTED";} ?>>Wizard
                </select> </td>
              <td><div align="right">Race:</div></td>
              <td> <select name="race" id="select3">
                  <option value="Barbarian" <?php if (!(strcmp("Barbarian", $row_rsmembers['race']))) {echo "SELECTED";} ?>>Barbarian
                  <option value="Dark Elf" <?php if (!(strcmp("Dark Elf", $row_rsmembers['race']))) {echo "SELECTED";} ?>>Dark
                  <option value="Dwarf" <?php if (!(strcmp("Dwarf", $row_rsmembers['race']))) {echo "SELECTED";} ?>>Dwarf
                  <option value="Erudite" <?php if (!(strcmp("Erudite", $row_rsmembers['race']))) {echo "SELECTED";} ?>>Erudite
                  <option value="Froglok" <?php if (!(strcmp("Froglok", $row_rsmembers['race']))) {echo "SELECTED";} ?>>Froglok
                  <option value="Gnome" <?php if (!(strcmp("Gnome", $row_rsmembers['race']))) {echo "SELECTED";} ?>>Gnome
                  <option value="Half Elf" <?php if (!(strcmp("Half Elf", $row_rsmembers['race']))) {echo "SELECTED";} ?>>Half
                  <option value="Halfling" <?php if (!(strcmp("Halfling", $row_rsmembers['race']))) {echo "SELECTED";} ?>>Hafling
                  <option value="High Elf" <?php if (!(strcmp("High Elf", $row_rsmembers['race']))) {echo "SELECTED";} ?>>High
                  <option value="Human" <?php if (!(strcmp("Human", $row_rsmembers['race']))) {echo "SELECTED";} ?>>Human
                  <option value="Iksar" <?php if (!(strcmp("Iksar", $row_rsmembers['race']))) {echo "SELECTED";} ?>>Iksar
                  <option value="Ogre" <?php if (!(strcmp("Ogre", $row_rsmembers['race']))) {echo "SELECTED";} ?>>Ogre
                  <option value="Troll" <?php if (!(strcmp("Troll", $row_rsmembers['race']))) {echo "SELECTED";} ?>>Troll
                  <option value="Vah Shir" <?php if (!(strcmp("Vah Shir", $row_rsmembers['race']))) {echo "SELECTED";} ?>>Vah
                  <option value="Wood Elf" <?php if (!(strcmp("Wood Elf", $row_rsmembers['race']))) {echo "SELECTED";} ?>>Wood
                  Elf </select> </td>
              <td><div align="right">Magelo: </div></td>
              <td> <input name="magelo" type="text" id="magelo2" value="<?php echo $row_rsmembers['magelo']; ?>" size="40">
              <td><div align="right">Is this your main:</div></td>
              <td> <input <?php if (!(strcmp($row_rsmembers['main'],"Y"))) {echo "checked";} ?> name="main" type="checkbox" id="main2" value="Main">
              <td><div align="right">PoJ Trial Done: </div></td>
              <td> <input <?php if (!(strcmp($row_rsmembers['poj'],"Y"))) {echo "checked";} ?> name="poj" type="checkbox" id="poj2" value="poj">
              <td><div align="right">PoStorms Beard: </div></td>
              <td> <input <?php if (!(strcmp($row_rsmembers['beard'],"Y"))) {echo "checked";} ?> name="beard" type="checkbox" id="beard2" value="beard">
              <td><div align="right">PoStorms Bone: </div></td>
              <td> <input <?php if (!(strcmp($row_rsmembers['bone'],"Y"))) {echo "checked";} ?> name="bone" type="checkbox" id="bone2" value="bone">
              <td><div align="right">PoStorms Sash: </div></td>
              <td> <input <?php if (!(strcmp($row_rsmembers['sash'],"Y"))) {echo "checked";} ?> name="sash" type="checkbox" id="sash2" value="sash">
              <td><div align="right">PoStorms Medallions:</div></td>
              <td> <select name="medallions" id="select4">
                  <option value="0" <?php if (!(strcmp("0", $row_rsmembers['medallions']))) {echo "SELECTED";} ?>>0
                  <option value="1" <?php if (!(strcmp("1", $row_rsmembers['medallions']))) {echo "SELECTED";} ?>>1
                  <option value="2" <?php if (!(strcmp("2", $row_rsmembers['medallions']))) {echo "SELECTED";} ?>>2
                </select> </td>
              <td><div align="right">BoT Flagged: </div></td>
              <td> <input <?php if (!(strcmp($row_rsmembers['bot'],"Y"))) {echo "checked";} ?> name="bot" type="checkbox" id="bot2" value="bot">
              <td colspan="2"><div align="center">
                  <input type="submit" name="Submit" value="Done">
              <td><input name="id" type="hidden" id="id2" value="<?php echo $row_rsmembers['id']; ?>"></td>
          <input type="hidden" name="MM_update" value="form1">
          <?php } // Show if recordset not empty ?>
        </form> </td>



## EOF ##

Help?  :)
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

basically it's your sql syntax from the $updateSQL query i think. you should have the query in the form UPDATE blah SET blah = 'blah', but you have UPDATE blah SET 'blah' = 'blah' for some of them. for some reason only some of them are like this, others are without single quotes and others use ``. using `columnname` is fine, as is leaving them out, but make sure you're not putting single quotes (') around them



Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
First off I would simplify the format of your sql statement. Its good in form once everything is working but when things go wrong or if you have to keep updating that syntx you will be in for a world of hurt in figuring things out.  Personally I would assign all those $HTTP_POST_VARS prior to putting it in the string and then format the statement with ". ." and so forth. Makes it a little bit cleaner, but I admit your style of doing it, is unique compared to most I've worked with.

Secondly - Have you tried to echo the string ( $updateSQL ) to see exactly what it is sending to the database?

Thirdly - Have you taken that echo and tried to directly update your SQL table rather than doing it from the web?

while you are testing and formating the string disable your mysql_query by commenting it out

Those last two things done should point you directly at the problem - though I am curious why some of your field names have ' and some don't -
   SET name=%s, `level`=%s, race=%s, `class`=%s, 'magelo'=%s, 'main'=%s, 'poj'=%s,
     'beard'=s, 'bone'=%s, 'sash'=%s, 'medallions'=%s, 'bot'=%s

--your name and race have no quotes but the rest do..? This could aslo be a problem as it throws off your variable to %s's or might not - I'm not quite sure with that.

If you are still confused about the problem - please echo the response string back here -- and if you haven't done so - instilling some sort of form error checking to make sure there are no surprise chars going into your code that would break it would also be a good idea.

Hope this helps,
source2k3Author Commented:
It turns out my code was fine overall.  The problem was simply a combination of 2 things.  

1) 2 extra spaces in one of the queries.
2) The lack of parity with the ' 's as loz pointed out.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.