Php pdo update statement

Question

I need to update my database so I write:

try {        
                $STH = $db->prepare("UPDATE zemljiste (naziv, ha, ar, m2, udeo_ha, udeo_ar, udeo_m2, lokacija, osnov, kat_kul, 2013_kol, ocekivano) VALUES (:1,:2,:3,:4,:5,:6,:7,:8,:9,:10,:11,:12) WHERE id = :id_akt AND user_id=:13");
                $STH->bindParam(':id_akt', $_POST['naziv']);

                $STH->bindParam(':1', $_POST['naziv']);
                $STH->bindParam(':2', $_POST['ha']);
                $STH->bindParam(':3', $_POST['ar']);
                $STH->bindParam(':4', $_POST['m2']);
                $STH->bindParam(':5', $_POST['udeo_ha']);
                $STH->bindParam(':6', $_POST['udeo_ar']);
                $STH->bindParam(':7', $_POST['udeo_m2']);
                $STH->bindParam(':8', $_POST['lokacija']);
                $STH->bindParam(':9', $_POST['osnov']);
                $STH->bindParam(':10', $_POST['kultura']);
                $STH->bindParam(':11', $_POST['prinos_2013']);
                $STH->bindParam(':12', $_POST['ocekivano']);
                $STH->bindParam(':13', $user_id);




                $STH->execute();

but I get error:

SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '(naziv, ha, ar, m2, udeo_ha, udeo_ar, udeo_m2, lokacija, osnov, kat_kul, 2013_ko' at line 1

Data submitted successfully

How I can solve this? What is exactly error in my code?

Answer 1

UPDATE syntax is wrong and you should avoid integer placeholders

$query ="UPDATE `zemljiste` 
         SET naziv = :naziv, ha = :ha, ar = :ar, m2 = :m2, udeo_ha = :udeo_ha, 
         udeo_ar = :udeo_ar, udeo_m2 = :udeo_m2, lokacija=:lokacija, osnov = :osnov, 
         kat_kul = :kultura, 2013_kol=:prinos_2013, ocekivano = :ocekivano  
         WHERE id = :id_akt AND user_id=:user_id";

$STH = $db->prepare($query);

$STH->bindParam(':id_akt', $_POST['naziv']);
$STH->bindParam(':naziv', $_POST['naziv']);
$STH->bindParam(':ha', $_POST['ha']);
$STH->bindParam(':ar', $_POST['ar']);
$STH->bindParam(':m2', $_POST['m2']);
$STH->bindParam(':udeo_ha', $_POST['udeo_ha']);
$STH->bindParam(':udeo_ar', $_POST['udeo_ar']);
$STH->bindParam(':udeo_m2', $_POST['udeo_m2']);
$STH->bindParam(':lokacija', $_POST['lokacija']);
$STH->bindParam(':osnov', $_POST['osnov']);
$STH->bindParam(':kultura', $_POST['kultura']);
$STH->bindParam(':prinos_2013', $_POST['prinos_2013']);
$STH->bindParam(':ocekivano', $_POST['ocekivano']);
$STH->bindParam(':user_id', $user_id);

$STH->execute();

Answer 2

You're using a syntax for INSERT statement in UPDATE, which is wrong.

It should look like this,

UPDATE table SET key=:value, key1=:value1 WHERE id=:id AND foo=:bar. So just replace,

"UPDATE zemljiste (naziv, ha, ar, m2, udeo_ha, udeo_ar, udeo_m2, lokacija, osnov, kat_kul, 2013_kol, ocekivano) VALUES (:1,:2,:3,:4,:5,:6,:7,:8,:9,:10,:11,:12) WHERE id = :id_akt AND user_id=:13"

with

UPDATE zemljiste SET naziv =:1, ha =:2, ...... WHERE id=:id_akt AND user_id = :13

Answer 3

You are using the wrong syntax for update. It should be:

UPDATE zemljiste SET naziv=:1, ha=:2, ar=:3, ... WHERE ...