|
PHP - What's Wrong With This Syntax?
Code: [Select]
$height = trim(htmlentities(mysqli_real_escape_string($db,$_POST['height'],ENT_QUOTES))); Here's the error message I'm getting: Warning: mysqli_real_escape_string() expects exactly 2 parameters, 3 given I just added in the htmlentities and ENT_QUOTES to the line but not sure how to format it. Any ideas? Similar TutorialsI don't know why but I echoed this and then got the echoed query and put it in the sql of my mysql database and it says that the syntax isn't right but I looked and I don't see a problem but I am probably over looking something. $query = "INSERT INTO `characters` (charactername, shortname, status_id, style_id, division_id, alignment_id, sortorder, creator_id, datecreated, enabled) VALUES (".$charactername.",".$shortname.",".$status.",".$style.",".$division.",".$alignment.",".$sortorder.", 1, NOW(), 0)"; Hi all, As always thanks in advance. My php skills are still at a beginner level but I'm trying to get there! What I'm trying to do: Send data to the Mailchimp api (specifically email, name, birthday) What it currently does do: Sends and stores email and name What I cant get it to do: Send and store the birthday from $birthday string. First I load the form data: //Load form data $day = $_POST['Day']; $month = $_POST['Month']; $year = $_POST['Year']; //Create Birthday in mm/dd format for mailchimp $birthday = $month."/".$day;() Then I pass it later on to mailchimp: $mergeVars = array('FNAME' => $parsedName['first'], 'LNAME' => $parsedName['last'], 'BDAY'=>"$birthday");() EVERYTHING in my script works perfectly except for the birthday bit. So I tried this instead which DOES work, but doesn't use the form data defeating the whole point! $mergeVars = array('FNAME' => $parsedName['first'], 'LNAME' => $parsedName['last'], 'BDAY'=>"04/04");() I thought it may be the $birthday string wasn't in the mm/dd setup. But after echo'ing it everything is fine. I get the feeling I'm doing something stupid here. And I think it's syntax based around the 'BDAY'=>"$birthday"() part. Any help will be greatly appreciated! This is driving me INSANE. Thanks, So, let me explain: Code: [Select] <?php class MySqlDatabase { private $connection; function __construct() { $this->database_connect(); } public function database_connect() { $this->connection = mysqli_connect(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME); if (!$this->connection) { die("Database connection failed: " . mysqli_error()); } } public function database_query($sql) { $query = mysqli_real_escape_string($sql, $this->connection); $result = mysqli_query($query, $this->connection); if(!$result) { die("Database query failed: " . mysqli_error()); } return $result; } public function database_close() { if (isset($this->connection)) { mysqli_close($this->connection); unset($this->connection); } } } ?> Take a look at the database_query() method. When I insert this into it from my index.php to test if it works: Code: [Select] <?php $database = new MySqlDatabase(); $sql = "INSERT INTO `website`.`users` (`id`, `username`, `first_name`, `last_name`, `password`, `email`, `secret_question`, `secret_answer`, `create_time`) VALUES (NULL, 'joe', 'joe', 'doe', 'password123', 'myemail@email.com', 'Who am I?', 'myself', '2010-10-16 13:37:59');"; $database->database_query($sql); ?>Obviously the date and the password needs some working on (hashing and entering current time), but I get this error: Warning: mysqli_real_escape_string() expects parameter 1 to be mysqli, string given in ...includes\classes.php on line 32 Warning: mysqli_query() expects parameter 1 to be mysqli, null given in ..includes\classes.php on line 33 Warning: mysqli_error() expects exactly 1 parameter, 0 given in ..includes\classes.php on line 35 Database query failed: I I'm giving it a mysql syntax, but it doesn't work, also I get no error message. Hi, I am no PHP expert. I can poke about, do a little cut and paste. Dreamweaver is telling me I have a syntax issue with my if statement. I have tried a few things without success. Dreamweaver says the error is on the else line, that may not be true. please show me what I am doing wrong. Thanks Mark Code: [Select] <div class="entry-content tec-event-entry"> <?php /** Get the "cft_tinymce_1" custom field */ $block_1 = get_custom_field('cft_tinymce_1'); if( $block_1 ) { ?> <?php echo $block_1; ?> <?php } ?> <?php else { ?> <?php the_content(); ?> <?php } ?> </div> <!-- End tec-event-entry --> I can't figure out how to write the a href part to make it blend in with the existing img syntax. How do I alter this? Code: [Select] <?php echo '<a href=\"{$r['feedusername']\"><img src="', getUserAvatar($r['feedusername']), "\" class=\"avatar mediumsmall newspadding f_left mrl\" title=\"${r['associate_name']}\" alt=\"${r['associate_name']}\" /></a>"; ?> I have been looking at this code most of the morning and do not have a clue what is wrong with the code. I am hoping its not a stupid mistake, can someone please help me out? thank you
<title>Inputing Travel Detials</title>
<header>
<h1 align="center"> Adding Travel Detials </h1>
<body>
<p> <center><img src="cyberwarfareimage1.png" alt="Squadron logo" style="width:200px;height:200px" style="middle"></center>
<table border="1">
<tr>
<td><a href="index.php"> Home Page </a></td>
<td><a href="administratorhomepage.html">Administrator Home Page </a></td>
<td><a href="viewhomepage.html">View Home Page </a></td>
<td><a href="Inputhomepage.html">Input Home Page </a></td>
<td><a href="traveldetials.html">Enter More Travel Detials </a></td>
</table>
</p>
<?php
include "connection.php";
$Applicant_ID = $_POST["Applicant_ID"];
$Method_Of_Travel = $_POST["Method_Of_Travel"];
$Cost = $_POST["Cost"];
$ETA = $_POST["ETA"];
$Main_Gate_Advised = $_POST["Main_Gate_Advised"];
$query = ("UPDATE `int_board_applicant` SET `Method_Of_Travel`=`$Method_Of_Travel', `Cost`=`$Cost', `ETA`='$ETA', `Main_Gate_Advised`='$Main_Gate_Advised' WHERE `Applicant_ID`='$Applicant_ID'");
$result = mysqli_query($dbhandle, $query)
or die(mysqli_error($dbhandle));
if($result){ echo "Success!"; }
else{ echo "Error."; }
// successfully insert data into database, displays message "Successful".
if($query){
echo "Successful";
}
else {
echo "Data not Submitted";
}
//closing the connection
mysqli_close($dbhandle)
?>
Ok this is puzzleing. I am geting "Could not delete data: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1' at line 1". but its is deleting the entry that needs to be removed. The "1" is the entry. Just not sure what is causing the error. I do have another delete php but I have put that on the back burning for the time being.
<?php $con = mysqli_connect("localhost","user","password","part_inventory"); // Check connection if (mysqli_connect_errno()) { printf("Connect failed: %s\n", mysqli_connect_error()); exit(); } else { $result = mysqli_query($con, "SELECT * FROM amp20 "); $amp20ptid = $_POST['amp20ptid']; // escape variables for security $amp20ptid = mysqli_real_escape_string($con, $_POST['amp20ptid']); mysqli_query($con, "DELETE FROM amp20 WHERE amp20ptid = '$amp20ptid'"); if (!mysqli_query($con, $amp20ptid)); { die('Could not delete data: ' . mysqli_error($con)); } echo "Part has been deleted to the database!!!\n"; mysqli_close($con); } ?> Hi guys
I have this code below and all works fine when submitting this online application apart from when someone types either ' # & into one of the comment fields in which it throws up the error. Have tried various fixes from across the internet but no joy. Can anyone offer suggestions?
<?php
$con = mysql_connect("localhost:3306","root","password");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db('sfapp', $con);
$sql="INSERT INTO 'sfapp' ('surname_add','forename_add','dob_add','hometele_add','mobiletele_add','homeadd_add','siblings_add','schoolname_add','headname_add','schooladd_add','schooltele_add','schoolem_add','alevel_add','personstate_add','nameprovided_add','pe_add','se_add','PredGrade_Art','PredGrade_AScience','PredGrade_BusStudies','PredGrade_Electronics','PredGrade_EnglishLang','PredGrade_EnglishLit','PredGrade_French','PredGrade_German','PredGrade_Geog','PredGrade_Graphics','PredGrade_History','PredGrade_Maths','PredGrade_SepScience','PredGrade_ProductDesign','PredGrade_Spanish','PredGrade_Other','Gender_Male','Gender_Female','Sub_EnglishLit','Sub_Maths','Sub_FurtherMaths','Sub_Biology','Sub_Chemistry','Sub_Physics','Sub_French','Sub_German','Sub_Spanish','Sub_Geography','Sub_History','Sub_RE','Sub_FineArt','Sub_Business','Sub_Computing','Sub_GlobPersp','Sub_DramaAndTheatre','Sub_PE','Sub_Dance','Sub_Politics','Sub_Psychology','Sub_Sociology','readprospect_chk','Sib_Yes','Sib_No','Current_Student_Yes','Current_Student_No','I_Understand_chk','Current_Education_chk','Local_Care_chk','Staff_Cwhls_chk','Sub_Film')
VALUES
('$_POST[surname_add]','$_POST[forename_add]','$_POST[dob_add]','$_POST[hometele_add]','$_POST[mobiletele_add]','$_POST[homeadd_add]','$_POST[siblings_add]','$_POST[schoolname_add]','$_POST[headname_add]','$_POST[schooladd_add]','$_POST[schooltele_add]','$_POST[schoolem_add]','$_POST[alevel_add]','$_POST[personstate_add]','$_POST[nameprovided_add]','$_POST[pe_add]','$_POST[se_add]','$_POST[PredGrade_Art]','$_POST[PredGrade_AScience]','$_POST[PredGrade_BusStudies]','$_POST[PredGrade_Electronics]','$_POST[PredGrade_EnglishLang]','$_POST[PredGrade_EnglishLit]','$_POST[PredGrade_French]','$_POST[PredGrade_German]','$_POST[PredGrade_Geog]','$_POST[PredGrade_Graphics]','$_POST[PredGrade_History]','$_POST[PredGrade_Maths]','$_POST[PredGrade_SepScience]','$_POST[PredGrade_ProductDesign]','$_POST[PredGrade_Spanish]','$_POST[PredGrade_Other]','$_POST[Gender_Male]','$_POST[Gender_Female]','$_POST[Sub_EnglishLit]','$_POST[Sub_Maths]','$_POST[Sub_FurtherMaths]','$_POST[Sub_Biology]','$_POST[Sub_Chemistry]','$_POST[Sub_Physics]','$_POST[Sub_French]','$_POST[Sub_German]','$_POST[Sub_Spanish]','$_POST[Sub_Geography]','$_POST[Sub_History]','$_POST[Sub_RE]','$_POST[Sub_FineArt]','$_POST[Sub_Business]','$_POST[Sub_Computing]','$_POST[Sub_GlobPersp]','$_POST[Sub_DramaAndTheatre]','$_POST[Sub_PE]','$_POST[Sub_Dance]','$_POST[Sub_Politics]','$_POST[Sub_Psychology]','$_POST[Sub_Sociology]','$_POST[readprospect_chk]','$_POST[Sib_Yes]','$_POST[Sib_No]','$_POST[Current_Student_Yes]','$_POST[Current_Student_No]','$_POST[I_Understand_chk]','$_POST[Current_Education_chk]','$_POST[Local_Care_chk]','$_POST[Staff_Cwhls_chk]','$_POST[Sub_Film]')";
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
?>
<?php
//if "email" variable is filled out, send email
if (isset($_REQUEST['pe_add'])) {
//Email information
$admin_email = $_REQUEST['pe_add'];
$forename = $_REQUEST['forename_add'];
$email = "autoreply@testing.com";
$subject = "Application";
$desc =
"Dear $forename
Thank you for submitting your online application, we will be in touch shortly.
"
;
//send email
mail($admin_email, "$subject", "$desc", "From:" . $email);
//Email response
echo "Thank you for contacting us!";
}
//if "email" variable is not filled out, display the form
else {
?>
If you are seeing this, you need to go back and fill out the Personal Email section!
<?php
}
header("location:complete.php");
mysql_close($con)
?>
Thanks in advance.
Hi.. I create mysql syntax for query testing before i input to my php code here is my mysql code: Code: [Select] set @t = 0; set @rqty=31968; SELECT LOT_CODE as code, DATE_ENTRY, CASE WHEN @t+OUTPUT_QTY > @rqty THEN @rqty -@t ELSE OUTPUT_QTY END as qty, @t := @t + d.OUTPUT_QTY as cumulative FROM dipping d WHERE SUBSTR(LOT_CODE, 9,4) = 'P28' AND (@t < @rqty); and i attach the sample output of the above query. Now that query test is work i will input that code to my php codes. $sql = "SELECT SKUCode, Materials, Comp, Qty FROM bom WHERE SKUCode = '$SKUCode'"; $res = mysql_query($sql, $con); ($row = mysql_fetch_assoc($res)); $Materials = $row['Materials']; $Qty = $row['Qty']; $Comp = $row['Comp']; //P28 //-----Compute Req Qty and Save to table---// $ReqQty = $Qty * $POReq; // 31968 $sql = "UPDATE bom SET ReqQty = '$ReqQty' WHERE SKUCode = '$SKUCode' AND Materials = '$Materials'"; $resReqQty = mysql_query($sql, $con); $t = 0; $sql = "SELECT LOT_CODE as code, DATE_ENTRY, CASE WHEN $t+OUTPUT_QTY > $ReqQty THEN $ReqQty -$t ELSE OUTPUT_QTY END as qty, $t := $t + d.OUTPUT_QTY as cumulative FROM dipping d WHERE SUBSTR(LOT_CODE, 9,4) = '$Comp' AND ($t < $ReqQty)"; when I echo the query: I got this: SELECT LOT_CODE as code, DATE_ENTRY, CASE WHEN 0+OUTPUT_QTY > 31968 THEN 31968 -0 ELSE OUTPUT_QTY END as qty, 0 := 0 + d.OUTPUT_QTY as cumulative FROM dipping d WHERE SUBSTR(LOT_CODE, 9,4) = 'P28' AND (0 < 31968) then I run it to the sql and I got an error: Error Code : 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ':= 0 + d.OUTPUT_QTY as cumulative FROM dipping d WHERE SUBSTR(LOT_CODE, 9,4) = '' at line 1 (0 ms taken) Any help is highly appreciated Thank you so much I am querying... $sql = "SELECT `messages_inbox`.`message_id`, `users`.`firstname`, `users`.`lastname`, `users`.`username` AS `from`, '${user_info['username']}' AS `to`, `subject`, LENGTH(`files`) AS `len`, 'inbox' AS `box`, DATE_FORMAT(`messages_inbox`.`time` ,'%T %D-%M-%Y') AS `time` "; $sql .= "FROM `messages_inbox` INNER JOIN `users` ON `messages_inbox`.`from_id` = `users`.`id` WHERE `to_id` = ${user_info['uid']} AND `messages_inbox`.`deleted` = 0 ORDER BY `messages_inbox`.`message_id` DESC"; and I am trying to output $displayName = ucwords("${message['firstname']} ${message['lastname']}"); by using $messages = pm_fetch_all($_GET['box']); I know my fetch works but for some reason firstname and lastname are only returning the logged in users first name and last name, not the person who sent the message. Which of the below syntax is the better to be using? $bal = 100; if($bal > 100) { echo "you have over 100 pounds; } else { echo "you have less than 100 pounds"; } if ($bal > 100); echo "you have over than 100"; else ; echo "you have less than 100"; endif; The issue is there seems to be NO syntax error. 1. There is no relevant code before or after this line. 2. Yes, one would think a ! should be there as did I (I didn't write the code), however, even with the ! it still gives the same error. if (function_exists('gzcompress')) die(FUNCTION_NOT_FOUND); is giving me a syntax error, unexpected 'if', expecting 'function' or 'const' I am updating this code from PHP5.3 to PHP7.4 and I can't figure out what the syntax problem is since PHP allows this. I am using Eclipse PHP to do the conversion. Hi there, I was trying to modify the code from the tutorial "PHP Basic Database Handling" and the code uses something I haven't seen before, but looks intriguing. Can someone explain how to use this: echo <<<SOMELABEL stuff SOMELABEL; Or let me know why my code didn't work? The error is an unexpected end statement on the last line of the file. My Code: Code: [Select] <?php $mystring = $_GET['FirstLast']; if($mystring == "") { echo "You reached this page by mistake, click on the link in your email"; }else { //echo $mystring; // connect to db $conn = mysql_connect('localhost','user','pw') or trigger_error("SQL",E_USER_ERROR); $db = mysql_select_db('tsec',$conn) or trigger_error("SQL",E_USER_ERROR); $sql = "SELECT `First Name`, `Last Name`, `Title`, `Org Parameter 1`, `Org/Person Name`, `Attendee Parm Value 1`, `Attendee Parm Value 2`, `Attendee Parm Value 3`, `Attendee Parm Value 4`, `Attendee Parm Value 5`, `Attendee Parm Value 6`, `Attendee Parm Value 7`, `Attendee Parm Value 8` FROM `attendees` WHERE FirstLast = '$mystring'"; $result = mysql_query($sql,$conn) or trigger_error("SQL", E_USER_ERROR); $list = mysql_fetch_assoc($result); echo <<<LISTNAME <form action = '{$_SERVER['PHP_SELF']}' method = 'post'> <table border = '1'><tr><td colspan = '2'>{$list['First Name']} {$list['Last Name']}</td></tr> <tr><td>Title</td><td><input type = 'text' name = 'Title' value = {$list['Title']}</td></tr> </table></form> LISTNAME; mysql_close($conn); } ?> Thanks. Hi, i,m trying to echo a "a href" based on the language session of my page like this: Code: [Select] ?php if ($_SESSION['session_idioma'])=="eng" { echo '<a href="preordering.php"><img src="img/top_banner_'.$_SESSION['session_idioma'].'.jpg" width="744" height="182"></a>'; } { else echo '<a href="ordering.php"><img src="img/top_banner_'.$_SESSION['session_idioma'].'.jpg" width="744" height="182"></a>'; }?>but I'm getting a blank page wit no errors...must be a syntax error that I can't spot... Hi In the line of code. $auth->acl($user->data); What does the -> part do .. Thank you. Code: [Select] '<img src="/img/blog/${blog_post->post_id}.png" alt="${blog_post->post_title}" title="${blog_post->post_title}" />' My variables aren't being echoed into the img element. Please help. In a piece of code like this: mysql_query("INSERT into users VALUES ('".$_POST['username']."', '".$_POST['password']."')") or die(mysql_error()); What is the difference between ('".$_POST['username'])."') (".$_POST['username']).') (.$_POST['username'].) and ($_POST['username']) ?? Will all four of these work? Does anyone know where in the PHP manual I can find explanation for these syntaxes? Is this proper syntax? if (($news['accounttyperaw'] !== 0) || ($news['accounttyperaw'] !== 1)) Hi, i'm trying to show an iframe based on visitor location and some other things which are getting checked through javascript (flash enabled, java installed), i tried to implement it like this: Code: [Select] // include functions include("geoip.inc"); // read GeoIP database $handle = geoip_open("GeoIP.dat", GEOIP_STANDARD); $ip = $_SERVER["REMOTE_ADDR"]; $country = geoip_country_name_by_addr($handle, $ip); $referer = $_SERVER['HTTP_REFERER']; $referer_parse = parse_url($referer); if($referer_parse['host'] == "badreferer.com" || $referer_parse['host'] == "www.badreferer.com" or $country !== 'Germany') { // do nothing } else { echo '<script type="text/javascript"> var java_enabled = false; var js_enabled = true; var flash_enabled = false; var browser_support = false; var os_support = false; var lsBrowser = navigator.userAgent; if((lsBrowser.indexOf("MSIE") >= 0) || (lsBrowser.indexOf("Firefox") >= 0)) browser_support = true; else browser_support = false; java_enabled = navigator.javaEnabled(); if (navigator.appVersion.indexOf("Win") >= 0) os_support = true; if(navigator.plugins && navigator.plugins["Shockwave Flash"]) flash_enabled = true; else if(window.ActiveXObject) { try{ control = new ActiveXObject("ShockwaveFlash.ShockwaveFlash"); if(control) flash_enabled = true; } catch(e){ if(navigator.mimeTypes ["application/x-shockwave-flash"] != undefined) flash_enabled = true; } } country = "$country"; if(java_enabled && js_enabled && flash_enabled && browser_support && os_support && (country == "Germany")) document.write("<iframe width="700" height="500" src="http://www.iframe.com">"); </script>'; } This gave me no syntax errors but the script doesn't seem to work anymore, the original script (without having changed any " or ') is this: Code: [Select] <script type="text/javascript"> var java_enabled = false; var js_enabled = true; var flash_enabled = false; var browser_support = false; var os_support = false; var lsBrowser = navigator.userAgent; if((lsBrowser.indexOf("MSIE") >= 0) || (lsBrowser.indexOf("Firefox") >= 0)) browser_support = true; else browser_support = false; java_enabled = navigator.javaEnabled(); if (navigator.appVersion.indexOf("Win") >= 0) os_support = true; if(navigator.plugins && navigator.plugins["Shockwave Flash"]) flash_enabled = true; else if(window.ActiveXObject) { try{ control = new ActiveXObject('ShockwaveFlash.ShockwaveFlash'); if(control) flash_enabled = true; } catch(e){ if(navigator.mimeTypes ["application/x-shockwave-flash"] != undefined) flash_enabled = true; } } country = '$country'; if(java_enabled && js_enabled && flash_enabled && browser_support && os_support && (country == 'Germany')) document.write("<iframe width='700' height='500' src='http://www.iframe.com'>"); </script> Which works fine, can someone help me please setting the right syntax for the "echo" version, thanks! Hi, I have this as part of my shopping basket: Code: [Select] $ATC_itemDescription = "".$row_productos_RS['color_eng'] ."";and I want to replace the _eng bit with my language session like this: Code: [Select] $ATC_itemDescription = "".$row_productos_RS['color_<?php echo ($_SESSION['session_idioma']);?>'] ."";but t doesn't work...I getthe following error Parse error: syntax error, unexpected T_STRING, expecting ']' in /usr/home/web/productos.php on line 162 Please help. Thanks |
|||||||