homepage Welcome to WebmasterWorld Guest from 54.211.235.255
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
Forum Library, Charter, Moderators: coopster & jatar k

PHP Server Side Scripting Forum

    
Syntax error but where?
apollo23




msg:3608536
 2:45 pm on Mar 23, 2008 (gmt 0)

Hi Guys

This is the error message i get when i run my script:

"Error : You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'id = '1'' at line 1"

Below is my script"

<?php
include 'library/config.php';
include 'library/opendb.php';

if(isset($_GET['id']))
{
$query = "SELECT id, filename, keywords, description, headline, article". "FROM content" .
"WHERE id = '{$_GET['id']}'";
$result = mysql_query($query) or die('Error : ' . mysql_error());
list($id, $filename, $keywords, $description, $headline, $article) = mysql_fetch_array($result, MYSQL_NUM);

$article = htmlspecialchars($article);
}
else if(isset($_POST['filename']))
{
$id = $_POST['id'];
$filename = $_POST['filename'];
$keywords = $_POST['keywords'];
$description= $_POST['description'];
$headline = $_POST['headline'];
$article = $_POST['article'];

if(!get_magic_quotes_gpc())
{
$id= addslashes($id);
$filename = addslashes($filename);
$keywords = addslashes($keywords);
$description= addslashes($description);
$headline = addslashes($headline);
$article= addslashes($article);
}

// update the article in the database
$query = "UPDATE content ".
"SET filename = '$filename', keywords = '$keywords', description = '$description', headline = '$headline', article = '$article' ".
"WHERE id = '$id'";
mysql_query($query) or die('Error : ' . mysql_error());

// then remove the cached file
$cacheDir = dirname(__FILE__) . '/cache/';
$cacheFile = $cacheDir . '_' . $_GET['id'] . '.html';

@unlink($cacheFile);

// and remove the index.html too because the file list
// is changed
@unlink($cacheDir . 'index.html');

echo "<p align='center'>Article updated</p>";

// now we will display $filename & $article
// so strip out any slashes
$filename = stripslashes($filename);
$keywords = stripslashes($keywords);
$description= stripslashes($description);
$headline = stripslashes($headline);
$article = stripslashes($article);
}

include 'library/closedb.php';
?>
<form method="post" action="cms-edit.php">
<input type="hidden" name="id" value="<?=$id;?>">
<table width="700" border="0" cellpadding="2" cellspacing="1" class="box" align="center">
<tr>
<td width="100">Filename</td>
<td><input name="filename" type="text" class="box" id="filename"></td>
</tr>
<tr>
<td width="100">Keywords</td>
<td><textarea name="keywords" cols="50" rows="5" class="box" id="keywords"></textarea></td>
</tr>
<tr>
<td width="100">Description</td>
<td><textarea name="description" cols="50" rows="3" class="box" id="description"></textarea></td>
</tr>
<tr>
<td width="100">Headline</td>
<td><textarea name="headline" cols="50" rows="1" class="box" id="headline"></textarea></td>
</tr>
<tr>
<td width="100">Article</td>
<td><textarea name="article" cols="50" rows="10" class="box" id="article"></textarea></td>
</tr>
<tr>
<td width="100">&nbsp;</td>
<td>&nbsp;</td>
</tr>
<tr>
<td colspan="2" align="center"><input name="update" type="submit" class="box" id="update" value="Update Article"></td>
</tr>
</table>
<p align="center"><a href="cms-admin.php">Back to admin page</a></p>
</form>
</body>
</html>

I am trying to build my own CMS script. Its painfully slow!

Thanks.

 

rocknbil




msg:3608571
 3:36 pm on Mar 23, 2008 (gmt 0)

Whenever you get a mysql error, it's good to echo or store the selects in a variable to print out, then paste them on a command line.

$query = "SELECT id, filename, keywords, description, headline, article". "FROM content" .
"WHERE id = '{$_GET['id']}'";

If you remove the concatenation, (" . ") you have

$query = "SELECT id, filename, keywords, description, headline, articleFROM contentWHERE id = '{$_GET['id']}'";

You are missing some spaces. In fact, you don't really need the concatenation in that statement, do you?

apollo23




msg:3609113
 1:38 pm on Mar 24, 2008 (gmt 0)

Hi rocknbil

It works.

As you can see,i am a newbie.

Based on the textbook that i hv read, you are right that there is no need for concatenation. However i am copy the script from others and therefore prefer to keep the script in its original state.

Thanks.

apollo23




msg:3610065
 2:54 pm on Mar 25, 2008 (gmt 0)

Hi rocknbil

Am just pondering your suggestion on:

"Whenever you get a mysql error, it's good to echo or store the selects in a variable to print out, then paste them on a command line."

Can you share how it can be done? Am new and i think its good to newbie like me for debugging.

Thanks

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved