[PHP-DB] error
I am getting the following error when I try to use my edit.php script:
You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use
near '' at line 1
I can't seem to find anything wrong with my syntax below.
Has anyone ever had this issue?
I have been googling it for a couple hours now.
Thank you in advance!
Chris
?php
error_reporting(E_ALL);
ini_set('display_errors', '1');
/*
EDIT.PHP
Allows user to edit specific entry in database
*/
// creates the edit record form
// since this form is used multiple times in this file, I have made
it a function that is easily reusable
function renderForm($id, $Cricket_Region, $Market, $error)
{
?
!DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01//EN
http://www.w3.org/TR/html4/strict.dtd;
html
head
titleEdit Record/title
/head
body
?php
// if there are any errors, display them
if ($error != '')
{
echo 'div style=padding:4px; border:1px solid red;
color:red;'.$error.'/div';
}
?
form action= method=post
input type=hidden name=id value=?php echo $id; ?/
div
pstrongID:/strong ?php echo $id; ?/p
strongCricket Region: */strong input type=text name=Cricket
Region value=?php echo $Cricket_Region; ?/br/
strongMarket: */strong input type=text name=Market
value=?php echo $Market; ?/br/
p* Required/p
input type=submit name=submit value=Submit
/div
/form
/body
/html
?php
}
// connect to the database
include('../PHP_Scripts/connect-db.php');
// check if the form has been submitted. If it has, process the form
and save it to the database
if (isset($_POST['submit']))
{
// confirm that the 'id' value is a valid integer before getting the form data
if (is_numeric($_POST['id']))
{
// get form data, making sure it is valid
$id = $_POST['id'];
$Cricket_Region =
mysql_real_escape_string(htmlspecialchars($_POST['Cricket_Region']));
$Market = mysql_real_escape_string(htmlspecialchars($_POST['Market']));
// check that firstname/lastname fields are both filled in
if ($Cricket_Region == '' || $Market == '')
{
// generate error message
$error = 'ERROR: Please fill in all required fields!';
//error, display form
renderForm($id, $Cricket_Region, $Market, $error);
}
else
{
// save the data to the database
mysql_query(UPDATE expiringleases SET
Cricket_Region='$Cricket_Region', Market='$Market' WHERE id='$id')
or die(mysql_error());
// once saved, redirect back to the view page
header(Location: view.php);
}
}
else
{
// if the 'id' isn't valid, display an error
echo 'Error!';
}
}
else
// if the form hasn't been submitted, get the data from the db and
display the form
{
// get the 'id' value from the URL (if it exists), making sure that
it is valid (checking that it is numeric/larger than 0)
if (isset($_GET['id']))
{
// query db
$id = $_GET['id'];
$result = mysql_query(SELECT * FROM expiringleases WHERE id=$id)
or die(mysql_error());
$row = mysql_fetch_array($result);
// check that the 'id' matches up with a row in the databse
if($row)
{
// get data from db
$Cricket_Region = $row['Cricket_Region'];
$Market = $row['Market'];
// show form
renderForm($id, $Cricket_Region, $Market, '');
}
else
// if no match, display result
{
echo No results!;
}
}
else
// if the 'id' in the URL isn't valid, or if there is no 'id' value,
display an error
{
echo 'Error!';
}
}
?
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] error
I believe this line should read..
ini_set('display_errors', 1);
Just something I think I caught. Might not be your solution though.
HTH,
Karl
On Apr 7, 2011, at 11:00 PM, Chris Stinemetz wrote:
ini_set('display_errors', '1');
Karl DeSaulniers
Design Drumm
http://designdrumm.com
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] error
The two query statements are different - in one you quote $id and in the
other you don't.
It is definitely a mysql error so it's not the line you suggested.
Karl DeSaulniers k...@designdrumm.com wrote in message
news:6fe62364-f9fc-4612-8c5d-6ce48fc66...@designdrumm.com...
I believe this line should read..
ini_set('display_errors', 1);
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] error
I am pretty sure it is in my code. I am just getting an error form one
of my echoes. Still can't get it to work correctly though. Any help is
greatly appreciated.
Thank you,
Chris
?php
/*
EDIT.PHP
Allows user to edit specific entry in database
*/
// creates the edit record form
// since this form is used multiple times in this file, I have made
it a function that is easily reusable
function renderForm($id, $Cricket_Region, $Market, $error)
{
?
!DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01//EN
http://www.w3.org/TR/html4/strict.dtd;
html
head
titleEdit Record/title
/head
body
?php
// if there are any errors, display them
if ($error != '')
{
echo 'div style=padding:4px; border:1px solid red;
color:red;'.$error.'/div';
}
?
form action= method=post
input type=hidden name=id value=?php echo $id; ?/
div
pstrongID:/strong ?php echo $id; ?/p
strongFirst Name: */strong input type=text
name=Cricket_Region value=?php echo $Cricket_Region; ?/br/
strongLast Name: */strong input type=text name=Market
value=?php echo $Market; ?/br/
p* Required/p
input type=submit name=submit value=Submit
/div
/form
/body
/html
?php
}
// connect to the database
include('../PHP_Scripts/connect-db.php');
// check if the form has been submitted. If it has, process the form
and save it to the database
if (isset($_POST['submit']))
{
// confirm that the 'id' value is a valid integer before getting the form data
if (is_string($_POST['Search_Ring']))
{
// get form data, making sure it is valid
$id = $_POST['Search_Ring'];
$Cricket_Region =
mysql_real_escape_string(htmlspecialchars($_POST['Cricket_Region']));
$Market = mysql_real_escape_string(htmlspecialchars($_POST['Market']));
// check that Cricket_Region/Market fields are both filled in
if ($Cricket_Region == '' || $Market == '')
{
// generate error message
$error = 'ERROR: Please fill in all required fields!';
//error, display form
renderForm($id, $Cricket_Region, $Market, $error);
}
else
{
// save the data to the database
mysql_query(UPDATE expiringleases SET
Cricket_Region='$Cricket_Region', Market='$Market' WHERE
Search_Ring='$id')
or die(mysql_error());
// once saved, redirect back to the view page
header(Location: ATC.php);
}
}
else
{
// if the 'id' isn't valid, display an error
echo 'Error!';
}
}
else
// if the form hasn't been submitted, get the data from the db and
display the form
{
// get the 'id' value from the URL (if it exists), making sure that
it is valid (checing that it is numeric/larger than 0)
if (isset($_GET['Search_Ring']))
{
// query db
$id = $_GET['Search_Ring'];
$result = mysql_query(SELECT * FROM expiringleases WHERE Search_Ring=$id)
or die(mysql_error());
$row = mysql_fetch_array($result);
// check that the 'id' matches up with a row in the databse
if($row)
{
// get data from db
$Cricket_Region = $row['Cricket_Region'];
$Market = $row['Market'];
// show form
renderForm($id, $Cricket_Region, $Market, '');
}
else
// if no match, display result
{
echo No results!;
}
}
else
// if the 'id' in the URL isn't valid, or if there is no 'id' value,
display an error
{
echo 'Error!';
}
}
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] error
Hi Chris, I believe you only need to do a htmlspecialchars when displaying data as readable text that your retrieved from the database after inserting. And probably some other situations as well, but I don't think you need to do htmlspecialchars on the mysql_real_escape data when inserting into the database. HTH, Best, On Apr 8, 2011, at 12:13 AM, Chris Stinemetz wrote: mysql_real_escape_string(htmlspecialchars( Karl DeSaulniers Design Drumm http://designdrumm.com -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] error
Hi Chris, Try this.. Or season to taste.. $q = UPDATE expiringleases SET Cricket_Region = '.mysql_real_escape_string($Cricket_Region).', Market = . $Market.' WHERE Search_Ring = '.mysql_real_escape_string($id).'; mysql_query($q) or die(mysql_error()); Best, Karl On Apr 8, 2011, at 12:13 AM, Chris Stinemetz wrote: // save the data to the database mysql_query(UPDATE expiringleases SET Cricket_Region='$Cricket_Region', Market='$Market' WHERE Search_Ring='$id') or die(mysql_error()); Karl DeSaulniers Design Drumm http://designdrumm.com -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] error
Ooops. Sry, forgot an escape. $q = UPDATE expiringleases SET Cricket_Region = '.mysql_real_escape_string($Cricket_Region).', Market = .mysql_real_escape_string($Market).' WHERE Search_Ring = '.mysql_real_escape_string($id).'; mysql_query($q) or die(mysql_error()); Best, Karl On Apr 8, 2011, at 12:52 AM, Karl DeSaulniers wrote: Hi Chris, Try this.. Or season to taste.. $q = UPDATE expiringleases SET Cricket_Region = '.mysql_real_escape_string($Cricket_Region).', Market = . $Market.' WHERE Search_Ring = '.mysql_real_escape_string($id).'; mysql_query($q) or die(mysql_error()); Best, Karl On Apr 8, 2011, at 12:13 AM, Chris Stinemetz wrote: // save the data to the database mysql_query(UPDATE expiringleases SET Cricket_Region='$Cricket_Region', Market='$Market' WHERE Search_Ring='$id') or die(mysql_error()); Karl DeSaulniers Design Drumm http://designdrumm.com -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Karl DeSaulniers Design Drumm http://designdrumm.com -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
