hey all im working on securing my php but this bit errors out any help please.
error
There was an error, please try again.You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '(`lastpost`, `lastposttime`, `lasttopic`, `lastid`) VALUES ('JerryLouise', 'Octo' at line 1
PHP:
$sql = sprintf("UPDATE `forum-topics` (`lastpost`, `lastposttime`, `lasttopic`, `lastid`) VALUES ('%s', '%s', '%d', '%s') WHERE `id` = '$topic'",
mysql_real_escape_string($username),
mysql_real_escape_string($today),
mysql_real_escape_string($_POST['subject']),
mysql_real_escape_string($number),
mysql_real_escape_string($topic));
$query = mysql_query($sql);
if(!$query) {
///// error out /////
echo "There was an error, please try again.";
print mysql_error();
}
error
There was an error, please try again.You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '(`lastpost`, `lastposttime`, `lasttopic`, `lastid`) VALUES ('JerryLouise', 'Octo' at line 1