[PHP-DB] error
I am getting the following error when I try to use my edit.php script: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 I can't seem to find anything wrong with my syntax below. Has anyone ever had this issue? I have been googling it for a couple hours now. Thank you in advance! Chris ?php error_reporting(E_ALL); ini_set('display_errors', '1'); /* EDIT.PHP Allows user to edit specific entry in database */ // creates the edit record form // since this form is used multiple times in this file, I have made it a function that is easily reusable function renderForm($id, $Cricket_Region, $Market, $error) { ? !DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01//EN http://www.w3.org/TR/html4/strict.dtd; html head titleEdit Record/title /head body ?php // if there are any errors, display them if ($error != '') { echo 'div style=padding:4px; border:1px solid red; color:red;'.$error.'/div'; } ? form action= method=post input type=hidden name=id value=?php echo $id; ?/ div pstrongID:/strong ?php echo $id; ?/p strongCricket Region: */strong input type=text name=Cricket Region value=?php echo $Cricket_Region; ?/br/ strongMarket: */strong input type=text name=Market value=?php echo $Market; ?/br/ p* Required/p input type=submit name=submit value=Submit /div /form /body /html ?php } // connect to the database include('../PHP_Scripts/connect-db.php'); // check if the form has been submitted. If it has, process the form and save it to the database if (isset($_POST['submit'])) { // confirm that the 'id' value is a valid integer before getting the form data if (is_numeric($_POST['id'])) { // get form data, making sure it is valid $id = $_POST['id']; $Cricket_Region = mysql_real_escape_string(htmlspecialchars($_POST['Cricket_Region'])); $Market = mysql_real_escape_string(htmlspecialchars($_POST['Market'])); // check that firstname/lastname fields are both filled in if ($Cricket_Region == '' || $Market == '') { // generate error message $error = 'ERROR: Please fill in all required fields!'; //error, display form renderForm($id, $Cricket_Region, $Market, $error); } else { // save the data to the database mysql_query(UPDATE expiringleases SET Cricket_Region='$Cricket_Region', Market='$Market' WHERE id='$id') or die(mysql_error()); // once saved, redirect back to the view page header(Location: view.php); } } else { // if the 'id' isn't valid, display an error echo 'Error!'; } } else // if the form hasn't been submitted, get the data from the db and display the form { // get the 'id' value from the URL (if it exists), making sure that it is valid (checking that it is numeric/larger than 0) if (isset($_GET['id'])) { // query db $id = $_GET['id']; $result = mysql_query(SELECT * FROM expiringleases WHERE id=$id) or die(mysql_error()); $row = mysql_fetch_array($result); // check that the 'id' matches up with a row in the databse if($row) { // get data from db $Cricket_Region = $row['Cricket_Region']; $Market = $row['Market']; // show form renderForm($id, $Cricket_Region, $Market, ''); } else // if no match, display result { echo No results!; } } else // if the 'id' in the URL isn't valid, or if there is no 'id' value, display an error { echo 'Error!'; } } ? -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] error
I believe this line should read.. ini_set('display_errors', 1); Just something I think I caught. Might not be your solution though. HTH, Karl On Apr 7, 2011, at 11:00 PM, Chris Stinemetz wrote: ini_set('display_errors', '1'); Karl DeSaulniers Design Drumm http://designdrumm.com -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] error
The two query statements are different - in one you quote $id and in the other you don't. It is definitely a mysql error so it's not the line you suggested. Karl DeSaulniers k...@designdrumm.com wrote in message news:6fe62364-f9fc-4612-8c5d-6ce48fc66...@designdrumm.com... I believe this line should read.. ini_set('display_errors', 1); -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] error
I am pretty sure it is in my code. I am just getting an error form one of my echoes. Still can't get it to work correctly though. Any help is greatly appreciated. Thank you, Chris ?php /* EDIT.PHP Allows user to edit specific entry in database */ // creates the edit record form // since this form is used multiple times in this file, I have made it a function that is easily reusable function renderForm($id, $Cricket_Region, $Market, $error) { ? !DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01//EN http://www.w3.org/TR/html4/strict.dtd; html head titleEdit Record/title /head body ?php // if there are any errors, display them if ($error != '') { echo 'div style=padding:4px; border:1px solid red; color:red;'.$error.'/div'; } ? form action= method=post input type=hidden name=id value=?php echo $id; ?/ div pstrongID:/strong ?php echo $id; ?/p strongFirst Name: */strong input type=text name=Cricket_Region value=?php echo $Cricket_Region; ?/br/ strongLast Name: */strong input type=text name=Market value=?php echo $Market; ?/br/ p* Required/p input type=submit name=submit value=Submit /div /form /body /html ?php } // connect to the database include('../PHP_Scripts/connect-db.php'); // check if the form has been submitted. If it has, process the form and save it to the database if (isset($_POST['submit'])) { // confirm that the 'id' value is a valid integer before getting the form data if (is_string($_POST['Search_Ring'])) { // get form data, making sure it is valid $id = $_POST['Search_Ring']; $Cricket_Region = mysql_real_escape_string(htmlspecialchars($_POST['Cricket_Region'])); $Market = mysql_real_escape_string(htmlspecialchars($_POST['Market'])); // check that Cricket_Region/Market fields are both filled in if ($Cricket_Region == '' || $Market == '') { // generate error message $error = 'ERROR: Please fill in all required fields!'; //error, display form renderForm($id, $Cricket_Region, $Market, $error); } else { // save the data to the database mysql_query(UPDATE expiringleases SET Cricket_Region='$Cricket_Region', Market='$Market' WHERE Search_Ring='$id') or die(mysql_error()); // once saved, redirect back to the view page header(Location: ATC.php); } } else { // if the 'id' isn't valid, display an error echo 'Error!'; } } else // if the form hasn't been submitted, get the data from the db and display the form { // get the 'id' value from the URL (if it exists), making sure that it is valid (checing that it is numeric/larger than 0) if (isset($_GET['Search_Ring'])) { // query db $id = $_GET['Search_Ring']; $result = mysql_query(SELECT * FROM expiringleases WHERE Search_Ring=$id) or die(mysql_error()); $row = mysql_fetch_array($result); // check that the 'id' matches up with a row in the databse if($row) { // get data from db $Cricket_Region = $row['Cricket_Region']; $Market = $row['Market']; // show form renderForm($id, $Cricket_Region, $Market, ''); } else // if no match, display result { echo No results!; } } else // if the 'id' in the URL isn't valid, or if there is no 'id' value, display an error { echo 'Error!'; } } -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] error
Hi Chris, I believe you only need to do a htmlspecialchars when displaying data as readable text that your retrieved from the database after inserting. And probably some other situations as well, but I don't think you need to do htmlspecialchars on the mysql_real_escape data when inserting into the database. HTH, Best, On Apr 8, 2011, at 12:13 AM, Chris Stinemetz wrote: mysql_real_escape_string(htmlspecialchars( Karl DeSaulniers Design Drumm http://designdrumm.com -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] error
Hi Chris, Try this.. Or season to taste.. $q = UPDATE expiringleases SET Cricket_Region = '.mysql_real_escape_string($Cricket_Region).', Market = . $Market.' WHERE Search_Ring = '.mysql_real_escape_string($id).'; mysql_query($q) or die(mysql_error()); Best, Karl On Apr 8, 2011, at 12:13 AM, Chris Stinemetz wrote: // save the data to the database mysql_query(UPDATE expiringleases SET Cricket_Region='$Cricket_Region', Market='$Market' WHERE Search_Ring='$id') or die(mysql_error()); Karl DeSaulniers Design Drumm http://designdrumm.com -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] error
Ooops. Sry, forgot an escape. $q = UPDATE expiringleases SET Cricket_Region = '.mysql_real_escape_string($Cricket_Region).', Market = .mysql_real_escape_string($Market).' WHERE Search_Ring = '.mysql_real_escape_string($id).'; mysql_query($q) or die(mysql_error()); Best, Karl On Apr 8, 2011, at 12:52 AM, Karl DeSaulniers wrote: Hi Chris, Try this.. Or season to taste.. $q = UPDATE expiringleases SET Cricket_Region = '.mysql_real_escape_string($Cricket_Region).', Market = . $Market.' WHERE Search_Ring = '.mysql_real_escape_string($id).'; mysql_query($q) or die(mysql_error()); Best, Karl On Apr 8, 2011, at 12:13 AM, Chris Stinemetz wrote: // save the data to the database mysql_query(UPDATE expiringleases SET Cricket_Region='$Cricket_Region', Market='$Market' WHERE Search_Ring='$id') or die(mysql_error()); Karl DeSaulniers Design Drumm http://designdrumm.com -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Karl DeSaulniers Design Drumm http://designdrumm.com -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php