MYSQL Syntax Error

[A123Schmidt]

Says I'm getting a MySQL syntax error

but I'm not seeing the syntax error.
help anybody?

$result=mysql_query("UPDATE Stores SET Store='$store', Email='$email', Address='$address', Phone='$phone', Manager='$manager' WHERE id='$store_id'") or die(mysql_error());

[NoEffinWay]

What does the error say?

[A123Schmidt]

MySQL Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1' at line 1
1

[NoEffinWay]

Is one the value of '$store_id'? If so, try this: $result=mysql_query("UPDATE Stores SET Store='$store', Email='$email', Address='$address', Phone='$phone', Manager='$manager' WHERE id=$store_id") or die(mysql_error());

[A123Schmidt]

$store_id is the id column in the MySQL database, and I'm trying to edit a row

this the error that I'm getting now

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

here is the html form

<!DOCTYPE HTML>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Untitled Document</title>
<link rel="stylesheet" href="admin-style.css" type="text/css" />
</head>

<body id="edit-delete-store">
<?php
include "header.php"
?>

<div class="top-content-page"></div>
<div class="main-page">
<?php
include "database-connection.php";




$store_id = $_GET['id'];
$result = mysql_query("SELECT * FROM Stores WHERE id = '$store_id'");
$row = mysql_fetch_array($result);




?>

<h2>Edit Store No: <?php echo $row['Store']; ?></h2>


<div class="border">

<div class="form">
<form method="post" action="change-store.php ">
<input type="hidden" name="id" value="<?php echo $row['id']; ?>" />
<div class="line">
<div class="line-label">
<label for="storeNumberUpdate"><strong>Store Number:</strong></label>
</div>
<input type="text" name="storeNumberUpdate" value="<?php echo $row['Store']; ?>" />
</div>
<div class="line">
<div class="line-label">
<label for="storeEmail"><strong>Email:</strong></label>
</div>
<input type="text" name="storeEmailUpdate" value="<?php echo $row['Email']; ?>" />
</div>
<div class="line">
<div class="line-label">
<label for="storeAddress"><strong>Address:</strong></label>
</div>
<input type="text" name="storeAddressUpdate" value="<?php echo $row['Address']; ?>" />
</div>
<div class="line">
<div class="line-label">
<label for="storePhoneNumber"><strong>Phone Number:</strong></label>
</div>
<input type="text" name="storePhoneNumberUpdate" value="<?php echo $row['Phone']; ?>" />
</div>
<div class="line">
<div class="line-label">
<label for="storeManger"><strong>Manager:</strong></label>
</div>
<input type="text" name="storeManagerUpdate" value="<?php echo $row['Manager']; ?>" />
</div>
<input type="submit" name="Edit" value="Edit" />
</form>

</div>
<?php
mysql_close($con);
?>

</div>
<footer>
<p class="footer-text">Horizon Holding &copy; Copyright. All Rights Reserved.</p>
</footer>


</div>



</body>
</html>


//here is the change-store.php file

<?php
include "database-connection.php";


$store = $_POST['storeNumberUpdate'];
$email = $_POST['storeEmailUpdate'];
$address = $_POST['storeAddressUpdate'];
$phone = $_POST['storePhoneUpdate'];
$manager = $_POST['storeManagerUpdate'];

$store_id = $_GET['id'];

$result=mysql_query("UPDATE Stores SET Store='$store', Email='$email', Address='$address', Phone='$phone', Manager='$manager' WHERE id=$store_id") or die(mysql_error());
if (!mysql_query($result)) {
echo "MySQL Error: " . mysql_error() . "<br />" . $result;
}

$row = mysql_fetch_array($result);




mysql_close($con);
header("location:edit-delete-store.php");



?>

[NoEffinWay]

Ok, well revert to you query.
$store_id = $_GET['id'];
Nothing is being passed via GET, it is all POST data
So it should be:
$store_id = $_POST['id'];

[A123Schmidt]

still not working

getting this error

MySQL Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1' at line 1
1

[NoEffinWay]

Not that you fixed the GET thing, try my query. I think it is having issues because you are comparing an integer to a string.

[NogDog]

A bit of a style thingy that can make it easier to locate the error:

PHP Code:

$sql = "
    UPDATE Stores
    SET
        Store='$store',
        Email='$email',
        Address='$address',
        Phone='$phone',
        Manager='$manager'
    WHERE id='$store_id'
";
$result = mysql_query($sql);
if($result == false) {
    die("<pre>".mysql_error()."\n$sql</pre>");
} 


Since I don't see you using mysql_real_escape_string() anywhere, my best guess without seeing the results of that error output is some unescaped special character in one of the variables being used in the query. In any case, I'd strongly recommend moving up to the MySQLi extension or even the PDO extension and make use of prepared statements and bound parameters, and let PHP handle any escaping that's needed itself.