error
am 08.04.2011 06:00:27 von Chris Stinemetz
I am getting the following error when I try to use my edit.php script:
You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use
near '' at line 1
I can't seem to find anything wrong with my syntax below.
Has anyone ever had this issue?
I have been googling it for a couple hours now.
Thank you in advance!
Chris
error_reporting(E_ALL);
ini_set('display_errors', '1');
/*
EDIT.PHP
Allows user to edit specific entry in database
*/
// creates the edit record form
// since this form is used multiple times in this file, I have made
it a function that is easily reusable
function renderForm($id, $Cricket_Region, $Market, $error)
{
?>
"http://www.w3.org/TR/html4/strict.dtd">
Edit Record
// if there are any errors, display them
if ($error != '')
{
echo ''.$error.'
';
}
?>
}
// connect to the database
include('../PHP_Scripts/connect-db.php');
// check if the form has been submitted. If it has, process the form
and save it to the database
if (isset($_POST['submit']))
{
// confirm that the 'id' value is a valid integer before getting the form data
if (is_numeric($_POST['id']))
{
// get form data, making sure it is valid
$id = $_POST['id'];
$Cricket_Region =
mysql_real_escape_string(htmlspecialchars($_POST['Cricket_Re gion']));
$Market = mysql_real_escape_string(htmlspecialchars($_POST['Market'])) ;
// check that firstname/lastname fields are both filled in
if ($Cricket_Region == '' || $Market == '')
{
// generate error message
$error = 'ERROR: Please fill in all required fields!';
//error, display form
renderForm($id, $Cricket_Region, $Market, $error);
}
else
{
// save the data to the database
mysql_query("UPDATE expiringleases SET
Cricket_Region='$Cricket_Region', Market='$Market' WHERE id='$id'")
or die(mysql_error());
// once saved, redirect back to the view page
header("Location: view.php");
}
}
else
{
// if the 'id' isn't valid, display an error
echo 'Error!';
}
}
else
// if the form hasn't been submitted, get the data from the db and
display the form
{
// get the 'id' value from the URL (if it exists), making sure that
it is valid (checking that it is numeric/larger than 0)
if (isset($_GET['id']))
{
// query db
$id = $_GET['id'];
$result = mysql_query("SELECT * FROM expiringleases WHERE id=$id")
or die(mysql_error());
$row = mysql_fetch_array($result);
// check that the 'id' matches up with a row in the databse
if($row)
{
// get data from db
$Cricket_Region = $row['Cricket_Region'];
$Market = $row['Market'];
// show form
renderForm($id, $Cricket_Region, $Market, '');
}
else
// if no match, display result
{
echo "No results!";
}
}
else
// if the 'id' in the URL isn't valid, or if there is no 'id' value,
display an error
{
echo 'Error!';
}
}
?>
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: error
am 08.04.2011 06:12:36 von Karl DeSaulniers
I believe this line should read..
ini_set('display_errors', 1);
Just something I think I caught. Might not be your solution though.
HTH,
Karl
On Apr 7, 2011, at 11:00 PM, Chris Stinemetz wrote:
> ini_set('display_errors', '1');
Karl DeSaulniers
Design Drumm
http://designdrumm.com
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: error
am 08.04.2011 06:31:39 von Jim Giner
The two query statements are different - in one you quote $id and in the
other you don't.
It is definitely a mysql error so it's not the line you suggested.
"Karl DeSaulniers" wrote in message
news:6FE62364-F9FC-4612-8C5D-6CE48FC662E5@designdrumm.com...
>I believe this line should read..
>
> ini_set('display_errors', 1);
>
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: error
am 08.04.2011 07:13:26 von Chris Stinemetz
I am pretty sure it is in my code. I am just getting an error form one
of my echoes. Still can't get it to work correctly though. Any help is
greatly appreciated.
Thank you,
Chris
/*
EDIT.PHP
Allows user to edit specific entry in database
*/
// creates the edit record form
// since this form is used multiple times in this file, I have made
it a function that is easily reusable
function renderForm($id, $Cricket_Region, $Market, $error)
{
?>
"http://www.w3.org/TR/html4/strict.dtd">
Edit Record
// if there are any errors, display them
if ($error != '')
{
echo ''.$error.'
';
}
?>
}
// connect to the database
include('../PHP_Scripts/connect-db.php');
// check if the form has been submitted. If it has, process the form
and save it to the database
if (isset($_POST['submit']))
{
// confirm that the 'id' value is a valid integer before getting the form data
if (is_string($_POST['Search_Ring']))
{
// get form data, making sure it is valid
$id = $_POST['Search_Ring'];
$Cricket_Region =
mysql_real_escape_string(htmlspecialchars($_POST['Cricket_Re gion']));
$Market = mysql_real_escape_string(htmlspecialchars($_POST['Market'])) ;
// check that Cricket_Region/Market fields are both filled in
if ($Cricket_Region == '' || $Market == '')
{
// generate error message
$error = 'ERROR: Please fill in all required fields!';
//error, display form
renderForm($id, $Cricket_Region, $Market, $error);
}
else
{
// save the data to the database
mysql_query("UPDATE expiringleases SET
Cricket_Region='$Cricket_Region', Market='$Market' WHERE
Search_Ring='$id'")
or die(mysql_error());
// once saved, redirect back to the view page
header("Location: ATC.php");
}
}
else
{
// if the 'id' isn't valid, display an error
echo 'Error!';
}
}
else
// if the form hasn't been submitted, get the data from the db and
display the form
{
// get the 'id' value from the URL (if it exists), making sure that
it is valid (checing that it is numeric/larger than 0)
if (isset($_GET['Search_Ring']))
{
// query db
$id = $_GET['Search_Ring'];
$result = mysql_query("SELECT * FROM expiringleases WHERE Search_Ring=$id")
or die(mysql_error());
$row = mysql_fetch_array($result);
// check that the 'id' matches up with a row in the databse
if($row)
{
// get data from db
$Cricket_Region = $row['Cricket_Region'];
$Market = $row['Market'];
// show form
renderForm($id, $Cricket_Region, $Market, '');
}
else
// if no match, display result
{
echo "No results!";
}
}
else
// if the 'id' in the URL isn't valid, or if there is no 'id' value,
display an error
{
echo 'Error!';
}
}
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: error
am 08.04.2011 07:45:08 von Karl DeSaulniers
Hi Chris,
I believe you only need to do a htmlspecialchars when displaying data
as readable text that your retrieved from the database after inserting.
And probably some other situations as well, but I don't think you
need to do htmlspecialchars on the
mysql_real_escape data when inserting into the database.
HTH,
Best,
On Apr 8, 2011, at 12:13 AM, Chris Stinemetz wrote:
> mysql_real_escape_string(htmlspecialchars(
Karl DeSaulniers
Design Drumm
http://designdrumm.com
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: error
am 08.04.2011 07:52:10 von Karl DeSaulniers
Hi Chris,
Try this..
Or season to taste..
$q = "UPDATE expiringleases SET Cricket_Region =
'".mysql_real_escape_string($Cricket_Region)."', Market = ".
$Market."' WHERE Search_Ring = '".mysql_real_escape_string($id)."'";
mysql_query($q) or die(mysql_error());
Best,
Karl
On Apr 8, 2011, at 12:13 AM, Chris Stinemetz wrote:
> // save the data to the database
> mysql_query("UPDATE expiringleases SET
> Cricket_Region='$Cricket_Region', Market='$Market' WHERE
> Search_Ring='$id'")
> or die(mysql_error());
Karl DeSaulniers
Design Drumm
http://designdrumm.com
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: error
am 08.04.2011 07:57:08 von Karl DeSaulniers
Ooops.
Sry, forgot an escape.
$q = "UPDATE expiringleases SET Cricket_Region =
'".mysql_real_escape_string($Cricket_Region)."', Market =
".mysql_real_escape_string($Market)."' WHERE Search_Ring =
'".mysql_real_escape_string($id)."'";
mysql_query($q) or die(mysql_error());
Best,
Karl
On Apr 8, 2011, at 12:52 AM, Karl DeSaulniers wrote:
> Hi Chris,
> Try this..
> Or season to taste..
>
> $q = "UPDATE expiringleases SET Cricket_Region =
> '".mysql_real_escape_string($Cricket_Region)."', Market = ".
> $Market."' WHERE Search_Ring = '".mysql_real_escape_string($id)."'";
> mysql_query($q) or die(mysql_error());
>
> Best,
> Karl
>
>
> On Apr 8, 2011, at 12:13 AM, Chris Stinemetz wrote:
>
>> // save the data to the database
>> mysql_query("UPDATE expiringleases SET
>> Cricket_Region='$Cricket_Region', Market='$Market' WHERE
>> Search_Ring='$id'")
>> or die(mysql_error());
>
> Karl DeSaulniers
> Design Drumm
> http://designdrumm.com
>
>
> --
> PHP Database Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
Karl DeSaulniers
Design Drumm
http://designdrumm.com
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: error
am 08.04.2011 13:13:53 von Phpster
On 2011-04-08, at 1:57 AM, Karl DeSaulniers wrote:
> Ooops.
> Sry, forgot an escape.
>=20
> $q =3D "UPDATE expiringleases SET Cricket_Region =3D '".mysql_real_escape_=
string($Cricket_Region)."', Market =3D ".mysql_real_escape_string($Market)."=
' WHERE Search_Ring =3D '".mysql_real_escape_string($id)."'";
> mysql_query($q) or die(mysql_error());
>=20
>=20
> Best,
> Karl
>=20
>=20
>=20
> On Apr 8, 2011, at 12:52 AM, Karl DeSaulniers wrote:
>=20
>> Hi Chris,
>> Try this..
>> Or season to taste..
>>=20
>> $q =3D "UPDATE expiringleases SET Cricket_Region =3D '".mysql_real_escape=
_string($Cricket_Region)."', Market =3D ".$Market."' WHERE Search_Ring =3D '=
".mysql_real_escape_string($id)."'";
>> mysql_query($q) or die(mysql_error());
>>=20
>> Best,
>> Karl
>>=20
>>=20
>> On Apr 8, 2011, at 12:13 AM, Chris Stinemetz wrote:
>>=20
>>> // save the data to the database
>>> mysql_query("UPDATE expiringleases SET
>>> Cricket_Region=3D'$Cricket_Region', Market=3D'$Market' WHERE
>>> Search_Ring=3D'$id'")
>>> or die(mysql_error());
>>=20
>> Karl DeSaulniers
>> Design Drumm
>> http://designdrumm.com
>>=20
>>=20
>> --=20
>> PHP Database Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>>=20
>=20
> Karl DeSaulniers
> Design Drumm
> http://designdrumm.com
>=20
>=20
> --=20
> PHP Database Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>=20
Try echoing out the SQL and then runningnit thru some GUI like phpmyadmin. I=
t is usually pretty self evident where the problem is at that point
Bastien Koert
Sent from my iPhone=
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php