update fields

hermzz

i need to update a database field. so i use:

$primary = $_POST['primary'];
    $nombre = $_POST['user'];
    $name = $_POST['name'];
    $password = $_POST['password'];
    $puesto = $_POST['puesto'];

if ($nombre=='' || $password=='' || $puesto=='') {
    echo "<center class='body'>Error, debes rellenar todos los campos obligatorios <b>*</b></center>";
} else { 
            mysql_query ("UPDATE `phpsp_users` SET `user` = $nombre, `name` = $name, `password` = $password, `job` = $puesto, `userlevel` = '1' WHERE `primary_key` = '9' LIMIT 1;");
    echo "<center><div class='texto-link'>Tu perfil ha sido cambiada<br><br>- <a href='index.php'>Seguir</a> -</div><center>";
}

the problem is that i wont update the field. phpmyadmin displayed this when i update a field from their system page:

$sql = 'UPDATE phpsp_users SET user = \ 'user\ ', name = \ 'name\ ', password = \ 'password\ ', job = \ 'puesto\ ' WHERE primary_key = \ '9\ ' LIMIT 1;';

but if i put a variable in between \ ' \ ' it will set the field to the name of the variable rather than the value of the varible.
any ideas of what i may be doing wrong?

xblue

hi, you don't need to put table and column names in quotes, but you need them around non-numerical values.

mysql_query ("UPDATE phpsp_users SET user = '$nombre', name = '$name', ... WHERE primary_key = 9 LIMIT 1") or die (mysql_error());

if there are still problems, the mysql_error might help.