php - mysql check manual error -

php - mysql check manual error -

came across error have never seen before after writing next code:

$query= "update `pharm_log` set `text` = ". $bloodtest . " `id` = " . $patientid; $result = mysql_query($query) or die(mysql_error());

my error message

"you have error in sql syntax; check manual corresponds mysql server version right syntax utilize near 'pressure test: 235/43 id = 1' @ line 1"

any 1 have thought on how prepare this? appreciated

the string literal (value of $bloodtest) must wrap single quotes,

$query= "update `pharm_log` set `text` = '". $bloodtest . "' `id` = " . $patientid; $result = mysql_query($query) or die(mysql_error());

as sidenote, query vulnerable sql injection if value(s) of variables came outside. please take @ article below larn how prevent it. using preparedstatements can rid of using single quotes around values.

how prevent sql injection in php?

php mysql