MySQL server version for the right syntax to use near 'WHERE

I can't see any syntax errors but I'm not that familiar with PHP ...any ideas whats wrong ?

Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE Incident='10995922' AND  Ic_number='10001'' at line 3

$sql="SELECT Last_Name
FROM DataMove
WHERE Incident='".$Incident."' AND  Ic_number='".$Ic_number."'";

Open in new window


the entire code snippet

<?php
error_reporting(E_ALL);
$dbhost = 'Txxxxx';
$dbuser = 'xxxx';
$dbpass = 'xxxx';
$dbname='xxxxx';
$tbl_name="DataMove"; // Table name

// Connect to server and select database.


$con = mysql_connect("$dbhost","$dbuser","$dbpass");
mysql_select_db($dbname);

if (!$con)

  {
  die('Could not connect: ' . mysql_error());
  }


// Get values from form
$Incident = mysql_real_escape_string($_POST['Incident']);
$Ic_number = mysql_real_escape_string($_POST['Ic_number']);
$Last_Name = mysql_real_escape_string($_POST['Last_Name']);
$First_Name = mysql_real_escape_string($_POST['First_Name']);
$Age = mysql_real_escape_string($_POST['Age']);
$Gender = mysql_real_escape_string($_POST['Gender']);

$sql="SELECT Last_Name
FROM DataMove
WHERE Incident='".$Incident."' AND  Ic_number='".$Ic_number."'";
	
$result = mysql_query($sql,$con);
if ($result) {
	$row = mysql_fetch_array($result);
}
if ($row)
{
	
 // Update record
	$sql="UPDATE $tbl_name 
	SET Last_Name='".$Last_Name."', First_Name='".$First_Name."', Age='".$Age."',Gender='".$Gender."';
	WHERE Incident='".$Incident."' AND  Ic_number='".$Ic_number."'";
} else {
	echo "Inserted record<br/>";
 // Insert record
	$sql="INSERT INTO $tbl_name(Incident, Ic_number, Last_Name, First_Name, Age, Gender)VALUES('$Incident', '$Ic_number', '$Last_Name','$First_Name','$Age','$Gender')";
}
if (!mysql_query($sql,$con))
  {
  die('Error: ' . mysql_error());
  }
echo "201";
mysql_close($con)
?> 
                                  
                                            

Open in new window

dolamitejenkinsAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

dsackerContract ERP Admin/ConsultantCommented:
Are either columns, Incident or Ic_Number, numeric? If so, remove the single quotes.
0
Ray PaseurCommented:
Hmm.. Are there two single quote marks at the end of the string?  Looking at the SQl message it seems possible, but looking at the code, I do not see it.  Any chance that Incident is a reserved word?  Maybe wrap that in backticks.
0
PortletPaulfreelancerCommented:
I'm certain other will look at your code, but as you are using mysql_query, please note that the PHP mysql API is deprecated as at PHP 5.5 and will be removed.

You should be planning to move to MySQLi or PDO.
see this excellent article: PHP MySQL: Deprecated as of PHP 5.5.0 by Ray Paseur
0
Newly released Acronis True Image 2019

In announcing the release of the 15th Anniversary Edition of Acronis True Image 2019, the company revealed that its artificial intelligence-based anti-ransomware technology – stopped more than 200,000 ransomware attacks on 150,000 customers last year.

Ray PaseurCommented:
This is the failing query.  It has an extraneous semi-colon.

$sql="UPDATE $tbl_name
	SET Last_Name='".$Last_Name."', First_Name='".$First_Name."', Age='".$Age."',Gender='".$Gender."';
	WHERE Incident='".$Incident."' AND  Ic_number='".$Ic_number."'";

Open in new window

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Ray PaseurCommented:
You can write your queries like this.  Neatness counts, because it helps you spot errors more readily.  You also may want a LIMIT clause on this to avoid a table scan.  A table scan is like dog poop -- it's out of place no matter where you find it.

$sql
=
"
UPDATE $tbl_name
SET 
  Last_Name  = '$Last_Name'
, First_Name = '$First_Name'
, Age        = '$Age'
, Gender     = '$Gender'
WHERE 
  Incident   = '$Incident' 
AND  
  Ic_number  = '$Ic_number'
"
;

Open in new window

0
dolamitejenkinsAuthor Commented:
Thank  you
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
MySQL Server

From novice to tech pro — start learning today.