dadamssg Posted January 18, 2009 Share Posted January 18, 2009 so im trying to set the a variable which will contain a stripped version of what my user entered into a form...im getting an error with this $description = strip_tags(trim($_POST['description']); it says its "Parse error: syntax error, unexpected ';' on line 52". the whole code is below, i want to check three fields for blanks, return an error if there is a blank, and then im trying to set thier input to new cleaned and formatted variables to enter them into my database <?php /* Program: postit.php * Desc: puts entered data in database */ Session_start(); if (@$_session['auth'] != "yes") { header("Location: login.php"); exit(); } include("caneck.inc"); switch (@$_POST['do']) { case "post": /*check title, description, and location for blanks*/ if ($_POST['title'] == "") { $blanks[] = "title"; } if ($_POST['description'] == "") { $blanks[] = "description"; } if ($_POST['location'] == "") { $blanks[] = "location"; } if(isset($blanks)) { $message = "Please fill out: "; foreach($blanks as $value) { $message .= "$value, "; } extract($_POST); include("postform.inc"); exit(); /*clean data and set new variables to insert into table*/ $cnx = mysqli_connect($host,$user,$passwd,$dbname); $title = strip_tags(trim($_POST['title']); $description = strip_tags(trim($_POST['description']); $location = strip_tags(trim($_POST['location']); /*check whether title already exists*/ $sql = "SELECT title FROM Post WHERE title = '$title'"; $result = mysqli_query($cnx,$sql) or die("Couldn't execute select query.") $num = mysqli_num_rows($result); if ($num > 0) { $message_new = "The title, $title, is already in use. Please choose another title."; include("postform.inc"); exit(); } /*add new event to database*/ else { if($_POST['sampm'] == "pm") { $_POST['shour'] = $_POST['shour'] + 12; } $startDT = $_POST['syear']."-".$_POST['smonth']."-".$_POST['sday']."- ".$_POST['shour'].":".$_POST['sminute'].":00"; $endDT = $_POST['eyear']."-".$_POST['emonth']."-".$_POST['eday']."- ".$_POST['ehour'].":".$_POST['eminute'].":00"; $today= date("Y-m-d h:i:s"); $_SESSION['logname'] = $logname; $_POST['eventType'] = $eventType $sql = "INSERT INTO Post (loginName, createDate, title, description, Location, eventType, startDT, endDT) VALUES ('$logname', '$today', '$title', '$description', '$location', '$eventType', '$startDT', '$endDT')"; $result = mysqli_query($cnx,$sql) or die("Can't execute insert query.") header("Location: login.php" ?> Quote Link to comment Share on other sites More sharing options...
Prismatic Posted January 18, 2009 Share Posted January 18, 2009 $description = strip_tags(trim($_POST['description'])); You weren't closing out the strip_tags function. Quote Link to comment Share on other sites More sharing options...
dadamssg Posted January 18, 2009 Author Share Posted January 18, 2009 thanks! now i have a T_VARIABLE error on line 65...the code below...i don't know what a T_VARIABLE error is...any clue? $num = mysqli_num_rows($result); Quote Link to comment Share on other sites More sharing options...
Prismatic Posted January 18, 2009 Share Posted January 18, 2009 Here try this, I cleaned up your code. Make sure you close any function parentheses function("blahblah"; vs function("blahblah"); Also make sure you properly end your lines $var = $somevar vs $var = $somevar; and close any open brackets. Try running this <?php /* Program: postit.php * Desc: puts entered data in database */ Session_start(); if (@$_session['auth'] != "yes") { header("Location: login.php"); exit(); } include("caneck.inc"); switch ($_POST['do']) { case "post": /*check title, description, and location for blanks*/ if ($_POST['title'] == "") { $blanks[] = "title"; } if ($_POST['description'] == "") { $blanks[] = "description"; } if ($_POST['location'] == "") { $blanks[] = "location"; } if(isset($blanks)) { $message = "Please fill out: "; foreach($blanks as $value) { $message .= $value .", "; } extract($_POST); include("postform.inc"); exit(); /*clean data and set new variables to insert into table*/ $cnx = mysqli_connect($host,$user,$passwd,$dbname); $title = strip_tags(trim($_POST['title'])); $description = strip_tags(trim($_POST['description'])); $location = strip_tags(trim($_POST['location'])); /*check whether title already exists*/ $sql = "SELECT title FROM Post WHERE title = '$title'"; $result = mysqli_query($cnx,$sql) or die("Couldn't execute select query."); $num = mysqli_num_rows($result); if ($num > 0) { $message_new = "The title, $title, is already in use. Please choose another title."; include("postform.inc"); exit(); } /*add new event to database*/ else { if($_POST['sampm'] == "pm") { $_POST['shour'] = $_POST['shour'] + 12; } $startDT = $_POST['syear']."-".$_POST['smonth']."-".$_POST['sday']."- ".$_POST['shour'].":".$_POST['sminute'].":00"; $endDT = $_POST['eyear']."-".$_POST['emonth']."-".$_POST['eday']."- ".$_POST['ehour'].":".$_POST['eminute'].":00"; $today= date("Y-m-d h:i:s"); $_SESSION['logname'] = $logname; $_POST['eventType'] = $eventType; $sql = "INSERT INTO Post (loginName, createDate, title, description, Location, eventType, startDT, endDT) VALUES ('$logname', '$today', '$title', '$description', '$location', '$eventType', '$startDT', '$endDT')"; $result = mysqli_query($cnx,$sql) or die("Can't execute insert query."); header("Location: login.php"); } } } ?> [/code Quote Link to comment Share on other sites More sharing options...
dadamssg Posted January 18, 2009 Author Share Posted January 18, 2009 thanks for that alot! but...when i tried to pull it up, i got a HTTP 404...can't find my page...its in the right folder...could it be something wrong with my file that contains the html for the form?? Quote Link to comment Share on other sites More sharing options...
dadamssg Posted January 18, 2009 Author Share Posted January 18, 2009 anybody?? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.