Bookmarks

Yahoo Gmail Google Facebook Delicious Twitter Reddit Stumpleupon Myspace Digg

Search queries

www.webdp.net, Event 9 IIS log failed to write entry, wwwxxx jeffs, Catastrophic failure Unexpected method call sequence. 0x8000ffff (-2147418113)., ksh lock a file, [unixODBC][Driver Manager]Driver's SQLAllocHandle on SQL_HANDLE_DBC failed, sed: -e expression #1, char 1: unterminated address regex, procmail + change subject, w2ksp4.exe download, /proc/kallsyms format

Links

XODOX
Impressum

#1: error

Posted on 2011-04-08 06:00:27 by Chris Stinemetz

I am getting the following error when I try to use my edit.php script:

You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use
near '' at line 1

I can't seem to find anything wrong with my syntax below.

Has anyone ever had this issue?

I have been googling it for a couple hours now.

Thank you in advance!

Chris

<?php
error_reporting(E_ALL);
ini_set('display_errors', '1');
/*
EDIT.PHP
Allows user to edit specific entry in database
*/

// creates the edit record form
// since this form is used multiple times in this file, I have made
it a function that is easily reusable
function renderForm($id, $Cricket_Region, $Market, $error)
{
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Edit Record</title>
</head>
<body>
<?php
// if there are any errors, display them
if ($error != '')
{
echo '<div style="padding:4px; border:1px solid red;
color:red;">'.$error.'</div>';
}
?>

<form action="" method="post">
<input type="hidden" name="id" value="<?php echo $id; ?>"/>
<div>
<p><strong>ID:</strong> <?php echo $id; ?></p>
<strong>Cricket Region: *</strong> <input type="text" name="Cricket
Region" value="<?php echo $Cricket_Region; ?>"/><br/>
<strong>Market: *</strong> <input type="text" name="Market"
value="<?php echo $Market; ?>"/><br/>
<p>* Required</p>
<input type="submit" name="submit" value="Submit">
</div>
</form>
</body>
</html>
<?php
}



// connect to the database
include('../PHP_Scripts/connect-db.php');


// check if the form has been submitted. If it has, process the form
and save it to the database
if (isset($_POST['submit']))
{
// confirm that the 'id' value is a valid integer before getting the form data
if (is_numeric($_POST['id']))
{
// get form data, making sure it is valid
$id = $_POST['id'];
$Cricket_Region =
mysql_real_escape_string(htmlspecialchars($_POST['Cricket_Re gion']));
$Market = mysql_real_escape_string(htmlspecialchars($_POST['Market'])) ;

// check that firstname/lastname fields are both filled in
if ($Cricket_Region == '' || $Market == '')
{
// generate error message
$error = 'ERROR: Please fill in all required fields!';

//error, display form
renderForm($id, $Cricket_Region, $Market, $error);
}
else
{
// save the data to the database
mysql_query("UPDATE expiringleases SET
Cricket_Region='$Cricket_Region', Market='$Market' WHERE id='$id'")
or die(mysql_error());

// once saved, redirect back to the view page
header("Location: view.php");
}
}
else
{
// if the 'id' isn't valid, display an error
echo 'Error!';
}
}
else
// if the form hasn't been submitted, get the data from the db and
display the form
{

// get the 'id' value from the URL (if it exists), making sure that
it is valid (checking that it is numeric/larger than 0)
if (isset($_GET['id']))
{
// query db
$id = $_GET['id'];
$result = mysql_query("SELECT * FROM expiringleases WHERE id=$id")
or die(mysql_error());
$row = mysql_fetch_array($result);

// check that the 'id' matches up with a row in the databse
if($row)
{

// get data from db
$Cricket_Region = $row['Cricket_Region'];
$Market = $row['Market'];

// show form
renderForm($id, $Cricket_Region, $Market, '');
}
else
// if no match, display result
{
echo "No results!";
}
}
else
// if the 'id' in the URL isn't valid, or if there is no 'id' value,
display an error
{
echo 'Error!';
}
}
?>

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Report this message

#2: Re: error

Posted on 2011-04-08 06:12:36 by Karl DeSaulniers

I believe this line should read..

ini_set('display_errors', 1);

Just something I think I caught. Might not be your solution though.

HTH,
Karl


On Apr 7, 2011, at 11:00 PM, Chris Stinemetz wrote:

> ini_set('display_errors', '1');

Karl DeSaulniers
Design Drumm
http://designdrumm.com


--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Report this message

#3: Re: error

Posted on 2011-04-08 06:31:39 by Jim Giner

The two query statements are different - in one you quote $id and in the
other you don't.

It is definitely a mysql error so it's not the line you suggested.

"Karl DeSaulniers" <karl@designdrumm.com> wrote in message
news:6FE62364-F9FC-4612-8C5D-6CE48FC662E5@designdrumm.com...
>I believe this line should read..
>
> ini_set('display_errors', 1);
>



--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Report this message

#4: Re: error

Posted on 2011-04-08 07:13:26 by Chris Stinemetz

I am pretty sure it is in my code. I am just getting an error form one
of my echoes. Still can't get it to work correctly though. Any help is
greatly appreciated.

Thank you,

Chris

<?php
/*
EDIT.PHP
Allows user to edit specific entry in database
*/

// creates the edit record form
// since this form is used multiple times in this file, I have made
it a function that is easily reusable
function renderForm($id, $Cricket_Region, $Market, $error)
{
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Edit Record</title>
</head>
<body>
<?php
// if there are any errors, display them
if ($error != '')
{
echo '<div style="padding:4px; border:1px solid red;
color:red;">'.$error.'</div>';
}
?>

<form action="" method="post">
<input type="hidden" name="id" value="<?php echo $id; ?>"/>
<div>
<p><strong>ID:</strong> <?php echo $id; ?></p>
<strong>First Name: *</strong> <input type="text"
name="Cricket_Region" value="<?php echo $Cricket_Region; ?>"/><br/>
<strong>Last Name: *</strong> <input type="text" name="Market"
value="<?php echo $Market; ?>"/><br/>
<p>* Required</p>
<input type="submit" name="submit" value="Submit">
</div>
</form>
</body>
</html>
<?php
}



// connect to the database
include('../PHP_Scripts/connect-db.php');

// check if the form has been submitted. If it has, process the form
and save it to the database
if (isset($_POST['submit']))
{
// confirm that the 'id' value is a valid integer before getting the form data
if (is_string($_POST['Search_Ring']))
{
// get form data, making sure it is valid
$id = $_POST['Search_Ring'];
$Cricket_Region =
mysql_real_escape_string(htmlspecialchars($_POST['Cricket_Re gion']));
$Market = mysql_real_escape_string(htmlspecialchars($_POST['Market'])) ;

// check that Cricket_Region/Market fields are both filled in
if ($Cricket_Region == '' || $Market == '')
{
// generate error message
$error = 'ERROR: Please fill in all required fields!';

//error, display form
renderForm($id, $Cricket_Region, $Market, $error);
}
else
{
// save the data to the database
mysql_query("UPDATE expiringleases SET
Cricket_Region='$Cricket_Region', Market='$Market' WHERE
Search_Ring='$id'")
or die(mysql_error());

// once saved, redirect back to the view page
header("Location: ATC.php");
}
}
else
{
// if the 'id' isn't valid, display an error
echo 'Error!';
}
}
else
// if the form hasn't been submitted, get the data from the db and
display the form
{

// get the 'id' value from the URL (if it exists), making sure that
it is valid (checing that it is numeric/larger than 0)
if (isset($_GET['Search_Ring']))
{
// query db
$id = $_GET['Search_Ring'];
$result = mysql_query("SELECT * FROM expiringleases WHERE Search_Ring=$id")
or die(mysql_error());
$row = mysql_fetch_array($result);

// check that the 'id' matches up with a row in the databse
if($row)
{

// get data from db
$Cricket_Region = $row['Cricket_Region'];
$Market = $row['Market'];

// show form
renderForm($id, $Cricket_Region, $Market, '');
}
else
// if no match, display result
{
echo "No results!";
}
}
else
// if the 'id' in the URL isn't valid, or if there is no 'id' value,
display an error
{
echo 'Error!';
}
}

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Report this message

#5: Re: error

Posted on 2011-04-08 07:45:08 by Karl DeSaulniers

Hi Chris,
I believe you only need to do a htmlspecialchars when displaying data
as readable text that your retrieved from the database after inserting.
And probably some other situations as well, but I don't think you
need to do htmlspecialchars on the
mysql_real_escape data when inserting into the database.

HTH,
Best,

On Apr 8, 2011, at 12:13 AM, Chris Stinemetz wrote:

> mysql_real_escape_string(htmlspecialchars(

Karl DeSaulniers
Design Drumm
http://designdrumm.com


--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Report this message

#6: Re: error

Posted on 2011-04-08 07:52:10 by Karl DeSaulniers

Hi Chris,
Try this..
Or season to taste..

$q = "UPDATE expiringleases SET Cricket_Region =
'".mysql_real_escape_string($Cricket_Region)."', Market = ".
$Market."' WHERE Search_Ring = '".mysql_real_escape_string($id)."'";
mysql_query($q) or die(mysql_error());

Best,
Karl


On Apr 8, 2011, at 12:13 AM, Chris Stinemetz wrote:

> // save the data to the database
> mysql_query("UPDATE expiringleases SET
> Cricket_Region='$Cricket_Region', Market='$Market' WHERE
> Search_Ring='$id'")
> or die(mysql_error());

Karl DeSaulniers
Design Drumm
http://designdrumm.com


--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Report this message

#7: Re: error

Posted on 2011-04-08 07:57:08 by Karl DeSaulniers

Ooops.
Sry, forgot an escape.

$q = "UPDATE expiringleases SET Cricket_Region =
'".mysql_real_escape_string($Cricket_Region)."', Market =
".mysql_real_escape_string($Market)."' WHERE Search_Ring =
'".mysql_real_escape_string($id)."'";
mysql_query($q) or die(mysql_error());


Best,
Karl



On Apr 8, 2011, at 12:52 AM, Karl DeSaulniers wrote:

> Hi Chris,
> Try this..
> Or season to taste..
>
> $q = "UPDATE expiringleases SET Cricket_Region =
> '".mysql_real_escape_string($Cricket_Region)."', Market = ".
> $Market."' WHERE Search_Ring = '".mysql_real_escape_string($id)."'";
> mysql_query($q) or die(mysql_error());
>
> Best,
> Karl
>
>
> On Apr 8, 2011, at 12:13 AM, Chris Stinemetz wrote:
>
>> // save the data to the database
>> mysql_query("UPDATE expiringleases SET
>> Cricket_Region='$Cricket_Region', Market='$Market' WHERE
>> Search_Ring='$id'")
>> or die(mysql_error());
>
> Karl DeSaulniers
> Design Drumm
> http://designdrumm.com
>
>
> --
> PHP Database Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>

Karl DeSaulniers
Design Drumm
http://designdrumm.com


--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Report this message

#8: Re: error

Posted on 2011-04-08 13:13:53 by Phpster

On 2011-04-08, at 1:57 AM, Karl DeSaulniers <karl@designdrumm.com> wrote:

> Ooops.
> Sry, forgot an escape.
>=20
> $q =3D "UPDATE expiringleases SET Cricket_Region =3D '".mysql_real_escape_=
string($Cricket_Region)."', Market =3D ".mysql_real_escape_string($Market)."=
' WHERE Search_Ring =3D '".mysql_real_escape_string($id)."'";
> mysql_query($q) or die(mysql_error());
>=20
>=20
> Best,
> Karl
>=20
>=20
>=20
> On Apr 8, 2011, at 12:52 AM, Karl DeSaulniers wrote:
>=20
>> Hi Chris,
>> Try this..
>> Or season to taste..
>>=20
>> $q =3D "UPDATE expiringleases SET Cricket_Region =3D '".mysql_real_escape=
_string($Cricket_Region)."', Market =3D ".$Market."' WHERE Search_Ring =3D '=
".mysql_real_escape_string($id)."'";
>> mysql_query($q) or die(mysql_error());
>>=20
>> Best,
>> Karl
>>=20
>>=20
>> On Apr 8, 2011, at 12:13 AM, Chris Stinemetz wrote:
>>=20
>>> // save the data to the database
>>> mysql_query("UPDATE expiringleases SET
>>> Cricket_Region=3D'$Cricket_Region', Market=3D'$Market' WHERE
>>> Search_Ring=3D'$id'")
>>> or die(mysql_error());
>>=20
>> Karl DeSaulniers
>> Design Drumm
>> http://designdrumm.com
>>=20
>>=20
>> --=20
>> PHP Database Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>>=20
>=20
> Karl DeSaulniers
> Design Drumm
> http://designdrumm.com
>=20
>=20
> --=20
> PHP Database Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>=20

Try echoing out the SQL and then runningnit thru some GUI like phpmyadmin. I=
t is usually pretty self evident where the problem is at that point

Bastien Koert
Sent from my iPhone=

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Report this message