[PHP]Edit user page, SQL syntax error!

I have a user database with various user information. So I wanted to make an administration editing form to allow admins to edit the user profiles.

My edit form page is is coded as follows.
it uses the HTTP_GET_VARS so it gets that info from example: editpage.php?username=someusername

editpage.php

<?php
/////////////
$conn = mysql_connect("\\\\REMOVED///");
mysql_select_db("razer");
//////////////////
$request = "SELECT * FROM users WHERE username='".$HTTP_GET_VARS['username']."'";
$results = mysql_query($request,$conn);
$row33 = mysql_fetch_array ($results);
////////////FORM////////////////
echo "<form method='post' action='edit.php'>";
echo "<p>ID: <input name='id' type='text' id='id' value=".$row33['id'].">";
echo "</p><p>";
echo "<p>Username: <input name='username' type='text' id='username' value=".$row33['username'].">";
echo "</p><p>";
echo "<p>Password: <input name='password' type='text' id='password' value=".$row33['password'].">";
echo "</p><p>";
echo "<p>Email: <input name='email' type='text' id='email' value=".$row33['email'].">";
echo "</p><p>";
echo "<p>Group: <input name='group' type='text' id='group' value=".$row33['group'].">";
echo "</p><p>";
echo "<p>Points: <input name='points' type='text' id='points' value=".$row33['points'].">";
echo "</p><p>";
echo "<p>Xfire: <input name='xfire' type='text' id='xfire' value=".$row33['xfire'].">";
echo "</p><p>";
echo "<p>AIM: <input name='aim' type='text' id='aim' value=".$row33['aim'].">";
echo "</p><p>";
echo "<p>ICQ: <input name='icq' type='text' id='icq' value=".$row33['icq'].">";
echo "</p><p>";
echo "<p>Yahoo: <input name='yahoo' type='text' id='yahoo' value=".$row33['yahoo'].">";
echo "</p><p>";
echo "<p>MSN: <input name='msn' type='text' id='msn' value=".$row33['msn'].">";
echo "</p><p>";
echo "<input type='submit' name='Update!' value='Update!'>";
echo "</p>";
echo "</form>";
/////////////////
?>

So this page seems fine and I don’t think has any problems.

This should all lead to edit.php which is as follows:

edit.php

<?php
/////Connection////////////
$conn = mysql_connect("\\\\\REMOVED//////");
mysql_select_db("razer");
//////////////////////////


/////Some Variables I get from the form////////
$id = $_REQUEST['id'];
$username = $_REQUEST['username'];
$password = $_REQUEST['password'];
$email = $_REQUEST['email'];
$group = $_REQUEST['group'];
$points = $_REQUEST['points'];
$xfire = $_REQUEST['xfire'];
$aim = $_REQUEST['aim'];
$icq = $_REQUEST['icq'];
$yahoo = $_REQUEST['yahoo'];
$msn = $_REQUEST['msn'];
///////////////////////////


$request = "UPDATE users SET id = '$id', username = '$username', password = '$password', email = '$email', group = '$group', points = '$points', xfire = '$xfire', aim = '$aim', icq = '$icq', yahoo = '$yahoo', msn = '$msn' WHERE username = '$username'";

$results = mysql_query($request,$conn)
    or die("<img src='http://www.razergames.com/forums/images/smilies/emot-zoid.gifQuery failed: ".mysql_error());
if($results){
    echo "Account: $user changed.";
    }
else{
echo "Unable to do stuff. Go tell an admin. I said go!>-O <img src='http://www.razergames.com/forums/images/smilies/emot-zoid.gif'>";
    }


?>

This page gets the error:

Query failed: You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'group = ‘6’, points = ‘0’, xfire = ‘evileks’, aim = ‘ludnix’, i

So alteast the error is display, but can anyone see where the actualy syntax error is?

The server I am using is running PHP version:
4.3.11

bwh2 was correct in that the issue was the lack of backticks and ‘’.

Here is the updated code for anyone viewing this page who might have a similar problem.

editpage.php

<?php
/////////////
$conn = mysql_connect("//REMOVED//");
mysql_select_db("razer");
//////////////////
$request = "SELECT * FROM users WHERE username='".$HTTP_GET_VARS['username']."'";
$results = mysql_query($request,$conn);
$row33 = mysql_fetch_array ($results);
////////////FORM////////////////
echo "<form method='post' action='edit.php'>";
echo "<p>Username: <input name='username' type='text' id='username' value=".$row33['username'].">";
echo "</p><p>";
echo "<p>Email: <input name='email' type='text' id='email' value=".$row33['email'].">";
echo "</p><p>";
echo "<p>Group: <input name='group' type='text' id='group' value=".$row33['group'].">";
echo "</p><p>";
echo "<p>Points: <input name='points' type='text' id='points' value=".$row33['points'].">";
echo "</p><p>";
echo "<p>Xfire: <input name='xfire' type='text' id='xfire' value=".$row33['xfire'].">";
echo "</p><p>";
echo "<p>AIM: <input name='aim' type='text' id='aim' value=".$row33['aim'].">";
echo "</p><p>";
echo "<p>ICQ: <input name='icq' type='text' id='icq' value=".$row33['icq'].">";
echo "</p><p>";
echo "<p>Yahoo: <input name='yahoo' type='text' id='yahoo' value=".$row33['yahoo'].">";
echo "</p><p>";
echo "<p>MSN: <input name='msn' type='text' id='msn' value=".$row33['msn'].">";
echo "</p><p>";
echo "<input type='submit' name='Update!' value='Update!'>";
echo "</p>";
echo "</form>";
/////////////////
?>
<?php
/////////////
$conn = mysql_connect("//REMOVED//");
mysql_select_db("razer");
//////////////////
$request = "SELECT * FROM users WHERE username='".$HTTP_GET_VARS['username']."'";
$results = mysql_query($request,$conn);
$row33 = mysql_fetch_array ($results);
////////////FORM////////////////
echo "<form method='post' action='edit.php'>";
echo "<p>Username: <input name='username' type='text' id='username' value=".$row33['username'].">";
echo "</p><p>";
echo "<p>Email: <input name='email' type='text' id='email' value=".$row33['email'].">";
echo "</p><p>";
echo "<p>Group: <input name='group' type='text' id='group' value=".$row33['group'].">";
echo "</p><p>";
echo "<p>Points: <input name='points' type='text' id='points' value=".$row33['points'].">";
echo "</p><p>";
echo "<p>Xfire: <input name='xfire' type='text' id='xfire' value=".$row33['xfire'].">";
echo "</p><p>";
echo "<p>AIM: <input name='aim' type='text' id='aim' value=".$row33['aim'].">";
echo "</p><p>";
echo "<p>ICQ: <input name='icq' type='text' id='icq' value=".$row33['icq'].">";
echo "</p><p>";
echo "<p>Yahoo: <input name='yahoo' type='text' id='yahoo' value=".$row33['yahoo'].">";
echo "</p><p>";
echo "<p>MSN: <input name='msn' type='text' id='msn' value=".$row33['msn'].">";
echo "</p><p>";
echo "<input type='submit' name='Update!' value='Update!'>";
echo "</p>";
echo "</form>";
/////////////////
?>

edit.php

<?php
/////Connection////////////
$conn = mysql_connect("//REMOVED//");
mysql_select_db("razer");
//////////////////////////


/////Some Variables I get from the form////////

$username = $_REQUEST['username'];
$password = $_REQUEST['password'];
$email = $_REQUEST['email'];
$group = $_REQUEST['group'];
$points = $_REQUEST['points'];
$xfire = $_REQUEST['xfire'];
$aim = $_REQUEST['aim'];
$icq = $_REQUEST['icq'];
$yahoo = $_REQUEST['yahoo'];
$msn = $_REQUEST['msn'];
///////////////////////////

$request = "UPDATE `users` SET `username` = '$username', `password` = '$password', `email` = '$email', `group` = '$group', `points` = '$points', `xfire` = '$xfire', `aim` = '$aim', `icq` = '$icq', `yahoo` = '$yahoo', `msn` = '$msn' WHERE `username` = '$username'";

$results = mysql_query($request,$conn)
    or die("<img src='http://www.razergames.com/forums/images/smilies/emot-zoid.gif'>Query failed: ".mysql_error());
if($results){
    echo "Account: $username changed.";
    }
else{
    echo "Unable to do stuff. Go tell an admin. I said go!>-O <img src='http://www.razergames.com/forums/images/smilies/emot-zoid.gif'>";
    }


?>

That’s it and it works!

Thanks for the help!

You’re not escaping any data before putting it in the database, so you could be vulnerable to SQL injection

nice work λ, i’ve been looking for a good sql injection article.