<?php
// require $_SERVER['DOCUMENT_ROOT'].'/lalala2022lalala/connect.php';
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
$con=mysqli_connect('localhost','root','','bhara');
if(!$con) {
die("Connection failed: ". mysqli_connect_error());
}
$query = "SELECT * FROM pendaftaran";
$result = $con->query($query);
?>
<?php
}
if (isset($_POST['save'])){
$stat = $_POST['stat'];
$insert = "UPDATE pendaftaran SET stat = $stat WHERE id = $row['no']";
if (mysqli_query($con,$insert)) {
echo "<script>alert('Sukses add');</script>";
}else {
echo "<script>alert('Gagal add');</script>";
}
}
?>
Those above are some of the code.
Error:
Parse error: syntax error, unexpected string content "", expecting "-" or identifier or variable or number in C:\xampp\htdocs\Bharatika\sisiAdmin.php on line 146
Line 146 is:
enter image description here
Please help solve this
>Solution :
There is indeed a problem with the syntax of the 146th line, but that isn’t the primary problem you have here.
You should read up on this question for a better way to query mysql from inside PHP, even after fixing the syntax problem, you’re open to SQL injection, allowing any visitor to delete your entire database:
How can I prevent SQL injection in PHP?
Changing the query into a prepared statement solves your syntax problem along the way.
I’m hesitant to include the quickfix for the syntax, as i DO NOT think you should use this fix and continue onwards (i really think you should follow the advice in the link above), but it is:
$insert = "UPDATE pendaftaran SET stat = " . $stat . " WHERE id = " . $row['no'];