Php MYSQL语法错误1064_Php_Mysql_Mysql Error 1064

Php MYSQL语法错误1064

php mysql

Php MYSQL语法错误1064,php,mysql,mysql-error-1064,Php,Mysql,Mysql Error 1064,我只是不明白为什么从这个查询中得到错误1064 //prep the data for database use $manufacturer_id = $_GET['id']; $manufacturer_display_name = mysql_prep($_POST['manufacturer_display_name']); $manufacturer_name = mysql_prep($_POST['manufacturer_name']); $query = "UPDATE IT

我只是不明白为什么从这个查询中得到错误1064

//prep the data for database use
$manufacturer_id = $_GET['id'];
$manufacturer_display_name = mysql_prep($_POST['manufacturer_display_name']);
$manufacturer_name = mysql_prep($_POST['manufacturer_name']);


$query = "UPDATE IT_manufacturer SET
        manufacturer_name = '{$manufacturer_name}',
        manufacturer_display_name = '{$manufacturer_display_name}',
        WHERE manufacturer_id = {$manufacturer_id}
        ";

$result = mysql_query($query, $connection);
confirm_query ($result);

如果我回显变量$manufacturer\u name、$manufacturer\u display\u name、$manufacturer\u id，它们都有值，但会出现此错误

无法执行查询您的SQL语法有错误；在第4行错误号1064处的“WHERE manufacturer_id=1”附近，查看与您的MySQL服务器版本相对应的手册，了解要使用的正确语法

任何帮助都应删除where前面的逗号

    $query = "UPDATE IT_manufacturer SET manufacturer_name = '{$manufacturer_name}',
                 manufacturer_display_name = '{$manufacturer_display_name}' 
                 WHERE manufacturer_id = {$manufacturer_id} ";

逗号仅分隔要设置的不同变量，而不是从何处设置的变量。

删除何处之前的逗号：

'{$manufacturer_display_name}', WHERE manufacturer_id
                             ^^^

该示例不安全（请尝试“/？id=2或1=1”）。