In SQL, single quotes should be used for string values, not backticks. Also, there's a missing space before the 'SET' in your query which reads as - "UPDATE clinic_inventorySET. Your sql should look like -
$sql = "UPDATE clinic_inventory SET " .
"Date_Received = '$Date_Received', " .
"Number_Of_Items = '$Number_Of_Items', " .
"Item = '$Item', " .
"Expiration_Date = '$Expiration_Date', " .
"Last_Updated = '$Last_Updated', " .
"Quantity = '$Quantity' " .
"WHERE id = $id";
You are also leaving yourself wide open to SQL injection, you should rather use prepared statements and parameterized queries -
Prepared statements and stored procedures[
^]
Your code should, as a rough estimate look like this -
$sql = "UPDATE clinic_inventory SET " .
"Date_Received = ?, " .
"Number_Of_Items = ?, " .
"Item = ?, " .
"Expiration_Date = ?, " .
"Last_Updated = ?, " .
"Quantity = ? " .
"WHERE id = ?";
$stmt = $connection->prepare($sql);
if ($stmt) {
$stmt->bind_param("ssssssi", $Date_Received, $Number_Of_Items, $Item, $Expiration_Date, $Last_Updated, $Quantity, $id);
$stmt->execute();
if ($stmt->affected_rows > 0) {
$successMessage = "Item Successfully Added";
header("location: /inven/index.php");
exit;
} else {
$errorMessage = "Error updating item: " . $stmt->error;
}
$stmt->close();
} else {
$errorMessage = "Error preparing statement: " . $connection->error;
}