TGWSE_GY Posted April 13, 2009 Share Posted April 13, 2009 Every time I run my login system and it gets to activity.php and MYSQL errors out with You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '', '04-12-09', '22:25:14', '')' at line 1 <?php // Set login credentials include('config.php'); $con = mysql_connect($Host, $Login, $Pass); $Date = date('m-d-y'); $Start = date('H:i:s'); $IP = $_SERVER['Remote_ADDR']; $cID = mysql_query("SELECT CustID FROM Login WHERE Usr = '$varUser'"); mysql_select_db("login_ums", $con); //$testActive = mysql_query("SELECT * FROM 'ActiveUsers' WHERE Usr = '$varUsr'"); $testActive = mysql_query("SELECT * FROM `ActiveUsers` WHERE Usr = '$varUsr'") or die(mysql_error()); if (mysql_num_rows($testActive)) { include('suspect.php'); die('That user is already logged in, please try again or contact the webmaster'); } else { mysql_query("INSERT INTO ActiveUsers ( CustID,Usr,Date,Start,IP ) VALUES ('$cID', $varUsr', '$Date', '$Start', '$IP')") or die(mysql_error()); <------ This line is where the error is occurring mysql_close($con); include('set_cookie.php'); } ?> Any help would be appreciated I have been trying to fix this for hours. Thanks Guys! Link to comment https://forums.phpfreaks.com/topic/153824-solved-sql-syntax-error/ Share on other sites More sharing options...
mandred Posted April 13, 2009 Share Posted April 13, 2009 mysql_query("INSERT INTO ActiveUsers (CustID, Usr, Date, Start, IP) VALUES ('$cID', '$varUsr', '$Date', '$Start', '$IP')") or die(mysql_error()); You were missing a single quote in front of $varUsr. Link to comment https://forums.phpfreaks.com/topic/153824-solved-sql-syntax-error/#findComment-808452 Share on other sites More sharing options...
TGWSE_GY Posted April 13, 2009 Author Share Posted April 13, 2009 Thanks that worked great, but now there is another problem everything posts to the database fine except $cID I don't think I have made any mistakes but it is possible, does anyone have any ideas? Thanks Link to comment https://forums.phpfreaks.com/topic/153824-solved-sql-syntax-error/#findComment-808541 Share on other sites More sharing options...
Maq Posted April 13, 2009 Share Posted April 13, 2009 Echo out $cID right before the query to make sure there's a value. If not, you're going to have to keep backtracking and echoing the $cID to see where it's getting lost. Link to comment https://forums.phpfreaks.com/topic/153824-solved-sql-syntax-error/#findComment-808558 Share on other sites More sharing options...
mandred Posted April 13, 2009 Share Posted April 13, 2009 replace: $cID = mysql_query("SELECT CustID FROM Login WHERE Usr = '$varUser'"); with: $cID = mysql_result(mysql_query("SELECT CustID FROM Login WHERE Usr = '$varUser'"), 0); look up the mysql_result function on php.net. Link to comment https://forums.phpfreaks.com/topic/153824-solved-sql-syntax-error/#findComment-808712 Share on other sites More sharing options...
revraz Posted April 13, 2009 Share Posted April 13, 2009 Also, that line is in the wrong place. You need to select the DB before you can run a query. Link to comment https://forums.phpfreaks.com/topic/153824-solved-sql-syntax-error/#findComment-808891 Share on other sites More sharing options...
TGWSE_GY Posted April 13, 2009 Author Share Posted April 13, 2009 Thanks guys, mandred I did what you said and I have a new error Warning: mysql_result(): supplied argument is not a valid MySQL result resource in /home/.deceasing/thegayestever/thegayestcommunityever.com/dev/php/includes/content/login_2/activity.php on line 16 <?php // Set login credentials include('config.php'); $con = mysql_connect($Host, $Login, $Pass); $Date = date('m-d-y'); $Start = date('H:i:s'); $IP = $_SERVER['REMOTE_ADDR']; mysql_select_db("login_ums", $con); //$cID = mysql_query("SELECT CustID FROM `login` WHERE Usr = '$varUsr'") or die(mysql_error()); $custident = mysql_result(mysql_query("SELECT CustID FROM Login WHERE Usr = '$varUser'"), 0); <--error here //$testActive = mysql_query("SELECT * FROM 'ActiveUsers' WHERE Usr = '$varUsr'"); $testActive = mysql_query("SELECT * FROM ActiveUsers WHERE Usr = '$varUsr'") or die(mysql_error()); if (mysql_num_rows($testActive)) { include('suspect.php'); die('That user is already logged in, please try again or contact the webmaster '); } else { mysql_query("INSERT INTO ActiveUsers ( CustID,Usr,Date,Start,IP ) VALUES ('$custident', '$varUsr', '$Date', '$Start', '$IP')") or die(mysql_error()); mysql_close($con); include('set_cookie.php'); } ?> Thanks again guys, I appreciate all the help! Link to comment https://forums.phpfreaks.com/topic/153824-solved-sql-syntax-error/#findComment-808923 Share on other sites More sharing options...
mandred Posted April 14, 2009 Share Posted April 14, 2009 Where is the $varUser variable coming from? You can't use an unset variable in this query. Link to comment https://forums.phpfreaks.com/topic/153824-solved-sql-syntax-error/#findComment-809080 Share on other sites More sharing options...
TGWSE_GY Posted April 14, 2009 Author Share Posted April 14, 2009 It was set on the calling script, anyways its fixed I was not using the proper syntax with mysql_by_assoc(). Thanks for the help guys.!!!!! ;D ;D ;D ;D Link to comment https://forums.phpfreaks.com/topic/153824-solved-sql-syntax-error/#findComment-809083 Share on other sites More sharing options...
Maq Posted April 14, 2009 Share Posted April 14, 2009 It was set on the calling script, anyways its fixed I was not using the proper syntax with mysql_by_assoc(). Thanks for the help guys.!!!!! ;D ;D ;D ;D Hmmm, don't see that in your script anywhere, unless I overlooked it. At least it works. Link to comment https://forums.phpfreaks.com/topic/153824-solved-sql-syntax-error/#findComment-809086 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.