modificare una tabella nel database

[rocco.mod]

salve apro questa discussione perche non riesco a trovare una soluzione a questo errore , io modifico i dati dell utente sela modifica avviene, parte la modifica de permessi,adesso non capisco cosa sbaglio , mi stampa questo errore

error 17You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE id ='17'' at line 33

e questo e il codice

Codice PHP:

if(!isset($_POST['id_staff'])){$id_staff ="";}else{$id_staff = trim($_POST['id_staff']);}

if(!isset($_POST['nome'])){$nome="";}else{$nome = trim($_POST['nome']);}
if(!isset($_POST['cognome'])){$cognome="";}else{$cognome = trim($_POST['cognome']);}
if(!isset($_POST['user'])){$user="";}else{$user = trim($_POST['user']);}
if(!isset($_POST['email'])){$email="";}else{$email = trim($_POST['email']);}
if(!isset($_POST['pass'])){$pass="";}else{$pass = trim($_POST['pass']);}
if(!isset($_POST['stato'])){$stato="";}else{$stato = $_POST['stato']?1:0;}
if(!isset($_POST['id_gruppo'])){$id_gruppo="";}else{$id_gruppo = trim($_POST['id_gruppo']);}

if(!isset($_POST['telefono'])){$telefono="";}else{$telefono = trim($_POST['telefono']);}
if(!isset($_POST['signature'])){$signature="";}else{$signature = trim($_POST['signature']);}

if(!isset($_POST['change_email'])){$change_email="";}else{$change_email = $_POST['change_email']?1:0;}
if(!isset($_POST['change_signature'])){$change_signature="";}else{$change_signature = $_POST['change_signature']?1:0;}
if(!isset($_POST['change_pass'])){$change_pass="";}else{$change_pass = $_POST['change_pass']?1:0;}

if(!isset($_POST['crea_user'])){$crea_user="";}else{$crea_user = $_POST['crea_user']?1:0;}
if(!isset($_POST['edit_user'])){$edit_user="";}else{$edit_user = $_POST['edit_user']?1:0;}
if(!isset($_POST['approve_user'])){$approve_user="";}else{$approve_user = $_POST['approve_user']?1:0;}
if(!isset($_POST['banned_user'])){$banned_user="";}else{$banned_user = $_POST['banned_user']?1:0;}
if(!isset($_POST['delete_user'])){$delete_user="";}else{$delete_user = $_POST['delete_user']?1:0;}

if(!isset($_POST['add_article'])){$add_article="";}else{$add_article = $_POST['add_article']?1:0;}
if(!isset($_POST['edit_article'])){$edit_article="";}else{$edit_article = $_POST['edit_article']?1:0;}
if(!isset($_POST['delete_article'])){$delete_article="";}else{$delete_article = $_POST['delete_article']?1:0;}
if(!isset($_POST['add_categoria'])){$add_categoria="";}else{$add_categoria = $_POST['add_categoria']?1:0;}
if(!isset($_POST['edit_categoria'])){$edit_categoria="";}else{$edit_categoria = $_POST['edit_categoria']?1:0;}
if(!isset($_POST['delete_categoria'])){$delete_categoria="";}else{$delete_categoria = $_POST['delete_categoria']?1:0;}

if(!isset($_POST['add_troubleshooter'])){$add_troubleshooter="";}else{$add_troubleshooter = $_POST['add_troubleshooter']?1:0;}
if(!isset($_POST['edit_troubleshooter'])){$edit_troubleshooter="";}else{$edit_troubleshooter = $_POST['edit_troubleshooter']?1:0;}
if(!isset($_POST['delete_troubleshooter'])){$delete_troubleshooter="";}else{$delete_troubleshooter = $_POST['delete_troubleshooter']?1:0;}

if(!isset($_POST['add_news'])){$add_news="";}else{$add_news = $_POST['add_news']?1:0;}
if(!isset($_POST['edit_news'])){$edit_news="";}else{$edit_news = $_POST['edit_news']?1:0;}
if(!isset($_POST['delete_news'])){$delete_news="";}else{$delete_news = $_POST['delete_news']?1:0;}

if(!isset($_POST['add_files'])){$add_files="";}else{$add_files = $_POST['add_files']?1:0;}
if(!isset($_POST['edit_files'])){$edit_files="";}else{$edit_files = $_POST['edit_files']?1:0;}
if(!isset($_POST['delete_files'])){$delete_files="";}else{$delete_files = $_POST['delete_files']?1:0;}
if(!isset($_POST['add_file_category'])){$add_file_category="";}else{$add_file_category = $_POST['add_file_category']?1:0;}
if(!isset($_POST['edit_file_category'])){$edit_file_category="";}else{$edit_file_category = $_POST['edit_file_category']?1:0;}
if(!isset($_POST['delete_file_category'])){$delete_file_category="";}else{$delete_file_category = $_POST['delete_file_category']?1:0;}



if(!isset($_POST['view_unassigned_tickets'])){$view_unassigned_tickets="";}else{$view_unassigned_tickets = $_POST['view_unassigned_tickets']?1:0;}
if(!isset($_POST['view_other_tech_tickets'])){$view_other_tech_tickets="";}else{$view_other_tech_tickets = $_POST['view_other_tech_tickets']?1:0;}
if(!isset($_POST['edit_other_tech_tickets'])){$edit_other_tech_tickets="";}else{$edit_other_tech_tickets = $_POST['edit_other_tech_tickets']?1:0;}
if(!isset($_POST['reply_other_tech_tickets'])){$reply_other_tech_tickets="";}else{$reply_other_tech_tickets = $_POST['reply_other_tech_tickets']?1:0;}
if(!isset($_POST['delete_other_tech_tickets'])){$delete_other_tech_tickets="";}else{$delete_other_tech_tickets = $_POST['delete_other_tech_tickets']?1:0;}
if(!isset($_POST['close_tickets'])){$close_tickets="";}else{$close_tickets = $_POST['close_tickets']?1:0;}
if(!isset($_POST['reopen_tickets'])){$reopen_tickets="";}else{$reopen_tickets = $_POST['reopen_tickets']?1:0;}
if(!isset($_POST['create_new_tickets'])){$create_new_tickets="";}else{$create_new_tickets = $_POST['create_new_tickets']?1:0;}




if(get_magic_quotes_gpc())
{
$nome        = stripslashes($nome);
$cognome     = stripslashes($cognome);
$email       = stripslashes($email);
$user        = stripslashes($user);
$pass        = stripslashes($pass);
$telefono    = stripslashes($telefono);
$signature   = stripslashes($signature);
}
$nome      = mysql_real_escape_string($nome);
$cognome   = mysql_real_escape_string($cognome);
$email     = mysql_real_escape_string($email);
$user      = mysql_real_escape_string($user);
$pass      = mysql_real_escape_string($pass);
$telefono  = mysql_real_escape_string($telefono);
$signature = mysql_real_escape_string($signature);


if(!isset($user)OR $user==''){
echo"<span class='messageallertinsertstaff'>[img]$path_site/admin/img/icon_error.gif[/img]   Il campo username e obligatorio</span>";
return;
}if(!isset($pass)OR $pass==''){
echo"<span class='messageallertinsertstaff'>[img]$path_site/admin/img/icon_error.gif[/img]   il campo passwod e obblidatorio</span>";
return;
}elseif(!isset($pass)OR (!preg_match("/^[0-9A-Z@]{6,50}$/i", $pass))){
echo"<span class='messageallertinsertstaff'>[img]$path_site/admin/img/icon_error.gif[/img]    Il campo password è¨ composto con caratteri non ammessi</span>";
return;
}if(!isset($email) OR $email =='' ){    
echo "<span class='messageallertinsertstaff' >[img]$path_site/admin/img/icon_error.gif[/img]   Il campo email è obbligatorio</span>";
return;
}elseif(!isset($email) OR (!preg_match("/^[-0-9A-Z_\.]{1,50}@([-0-9A-Z_\.]+\.){1,50}([0-9A-Z]){2,4}$/i", $email)) ) {
echo "<span class='messageallertinsertstaff' >[img]$path_site/admin/img/icon_error.gif[/img]   Il seguente indirizzo email :[b]$email[/b]
E'composto da caratteri non validi!</span>";
return;
}

else{


for ($i=0;$i<=7;$i++) { $new_pass .= chr(rand(97, 122)); }
$psw_per_db = criptpass($new_pass);

$modifico_staff= mysql_query("UPDATE staff SET
nome ='$nome',
cognome ='$cognome',
telefono ='$telefono',
nick ='$user',
email ='$email',
pass ='$psw_per_db',
stato ='$stato',
id_gruppo ='$id_gruppo',
firma ='$signature',
date_ultima_mod='".date("j F Y  g:i:s a")."'
WHERE id='$id_staff'");
if($modifico_staff){
if(!isset($_POST['id_staff'])){$id_staff ="";}else{$id_staff = trim($_POST['id_staff']);}


$modifico_permessi_staff= mysql_query("UPDATE permission_staff SET
view_ticket_unasignated = '$view_unassigned_tickets',
view_ticket_oter_staff = '$view_other_tech_tickets',
edit_ticket_oter_staff = '$edit_other_tech_tickets',
replay_ticket_oter_staff = '$reply_other_tech_tickets',
delete_ticket_oter_staff = '$delete_other_tech_tickets',
closed_ticket = '$close_tickets',
reopen_ticket = '$reopen_tickets',
create_new_ticket = '$create_new_tickets',
add_article = '$add_article',
edit_article = '$edit_article',
delete_article = '$delete_article',
add_category = '$add_categoria',
edit_category = '$edit_categoria',
delete_category = '$delete_categoria',
add_troubleshooter ='$add_troubleshooter',
edit_troubleshooter ='$edit_troubleshooter',
delete_troubleshooter = '$delete_troubleshooter',
add_news = '$add_news',
edit_news = '$edit_news',
delete_news = '$delete_news',
add_download = '$add_files',
edit_download = '$edit_files',
delete_download = '$delete_files',
add_File_Category ='$add_file_category',
edit_File_Category ='$edit_file_category',
delete_File_Category ='$delete_file_category',
add_user ='$crea_user',
edit_user ='$edit_user',
approve_user ='$approve_user',
banned_user ='$banned_user',
delete_user  ='$delete_user',
WHERE id ='$id_staff'");
if($modifico_permessi_staff){

echo"qui partira l email e l allert e attivo";
  }else{
  echo"error $id_staff".mysql_error();

  }
    
   
 }else{
 echo"qui e l errore  se non  modifica i dati e no i permessi";
 }



} 


[meganoide]

ma la query che invii quale risulta essere (errore a parte)?

[rocco.mod]

scusa ma non ho capito la domanda comunque ora non mi da piu erroe pero non mdifica i dati

[meganoide]

dicevo di farti stampare la query UPDATE.... così come viene elaborata dalla pagina e inviata a mysql...In questo modo puoi vedere cose c'è di sbagliato nella stessa

[rocco.mod]

si ho appena risolto , grazie comunque

[rocco.mod]

ora non mi funziona la query nuovamente, io l ho trasformata in variabile e l ho stampata e mi da

error UPDATE `permission_staff` SET `view_ticket_unasignated` = '1', `view_ticket_oter_staff` = '1', `edit_ticket_oter_staff` = '1', `replay_ticket_oter_staff` = '1', `delete_ticket_oter_staff` = '1', `closed_ticket` = '0', `reopen_ticket` = '0', `create_new_ticket` = '0', `add_article` = '1', `edit_article` = '1', `delete_article` = '1', `add_category` = '1', `edit_category` = '1', `delete_category` = '1', `add_troubleshooter` = '1', `edit_troubleshooter` = '1', `delete_troubleshooter` = '1', `add_news` = '1', `edit_news` = '1', `delete_news` = '1', `add_download` = '1', `edit_download` = '1', `delete_download` = '1', `add_File_Category` = '1', `edit_File_Category` = '1', `delete_File_Category` = '1', `add_user` = '0', `edit_user` = '0', `approve_user` = '1', `banned_user` = '1', `delete_user` = '1' WHERE `id` = '2' LIMIT 1 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'modifico_permessi' at line 1