I think it should be:
Here is the SQL code:
if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) {
$updateSQL = sprintf("UPDATE candidates SET numberVotes=numberVotes+1 WHERE id=%s",
GetSQLValueString($_POST['voteValue'], "int"));
Here is the Form PHP/HTML:
<form action="<?php echo $editFormAction; ?>" method="POST" name="form1" id="form1">
<?php do { ?>
<input type="radio" value="<?php echo $row_rsCandidates['id']; ?>" name="voteValue" /><?php echo $row_rsCandidates['candidate']; ?><br />
<?php } while ($row_rsCandidates = mysql_fetch_assoc($rsCandidates)); ?>