views:

34

answers:

3

I am using mysqli prepared statments and I am trying to write a prepared statement with an UPDATE, but I think I am off somewhere.

Here's my code:

$upload_folder = 'Some String';
$sql = 'UPDATE orders (upload_location)
        SET (?)
        WHERE order_id = 160';

$stmt = $conn->stmt_init();
if($stmt->prepare($sql)){
  $stmt->bind_param('s', $upload_folder);
  $location_inserted = $stmt->execute();
}

What am I doing wrong?

+4  A: 
SET foo = ?

You haven't specified which column to update.

David Dorward
A: 

you are using SET keqword instead of VALUES as it's supposed by query format.

Col. Shrapnel
+2  A: 

the correct sql-syntax for update is:

UPDATE table SET column = ?
knittl