What's wrong with this query?

1

I have a DBUpdate function that updates the data in the database. This function creates a query based on the array passed as a parameter.

For example, if I send this array (as $visit )

  'ips' => '192.168.25.1, 127.0.0.1'
  'real' => 1
  'last' => '2017-05-19 18:15:50'
  'desktop' => 10

When running DBExecute('clientes', $visit, 'country = pt_BR') this query is returned:

UPDATE ac_analytics SET ips = '192.168.25.1, 127.0.0.1', real = '1', last = '2017-05-19 18:15:50', desktop = '10' WHERE country = 'pt_BR'

And then I get the sql error:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'real = '1', last = '2017-05-19 18:15:50', desktop = '10' WHERE country = 'pt_BR'' at line 1

My full update function:

//Altera registros
function DBUpdate($table, array $data, $where = null){
    foreach ($data as $key => $value) {
        $fields[] = "{$key} = '{$value}'";
    }

    $fields = implode(', ', $fields);

    $table = DB_PREFIX.'_'.$table;
    $where = ($where) ? " WHERE {$where}" : null;

    $query = "UPDATE {$table} SET {$fields}{$where}";
    return DBExecute($query); // Função de execução de queries
}
    
asked by anonymous 19.05.2017 / 23:26

1 answer

1

With a comment from a user (who for some reason deleted the comment) I was able to detect the problem. My query had words reserved by MySQL, in which I had 2 options:

  • Change the table name to a name that is not reserved by the system. You can check this link .
  • Use escape characters in my query. ' ips ' = '192.168.25.1, 127.0.0.1'
19.05.2017 / 23:51