whats prob

[Alicia]

Hi guys,

 

May I know whats wrong with this php mysql query :

 

$checknewinvt = mysql_query("SELECT * FROM `f_chat_mask_users` WHERE `chat_mask_user_user_id`='{$_COOKIE['memberID']}' AND `mobilestat` != '1'") or die(mysql_error());

 

Error displayed :

 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

 

When I change the $_COOKIE['memberID'] to any numbers directly, it loads fine back.

 

Please advise, thanks.

[Maq]

The string syntax looks valid.  Echo out the cookie value to see what it actually is.  Also if the member_id is an integer than you don't need single quotes around it, but that shouldn't cause an error.

[Alicia]

I did echo out the cookie, it is only normal integer ID. When I replace the cookie with the ID, it works fine. I am wondering what is the prob

[Mchl]

Change your code to this

 

$memberID = mysql_real_escape_string($_COOKIE['memberID']);
$query = "SELECT * FROM `f_chat_mask_users` WHERE `chat_mask_user_user_id`='$memberID' AND `mobilestat` != '1'";
$checknewinvt = mysql_query($query) or trigger_error(mysql_error().": $query",E_USER_WARNING);

[PFMaBiSmAd]

I did echo out the cookie, it is only normal integer ID.

 

I'll bet that the actual value in the cookie also includes single-quotes as part of the value.

[Mchl]

Quote possible, but I'd expect slightly different MySQL error message

[Alicia]

I changed the code to

$memberID = mysql_real_escape_string($_COOKIE['memberID']);
$query = "SELECT * FROM `f_chat_mask_users` WHERE `chat_mask_user_user_id`='$memberID' AND `mobilestat` != '1'";
$checknewinvt = mysql_query($query) or trigger_error(mysql_error().": $query",E_USER_WARNING);

 

Still the same error. I echoed the cookie and there is no single code displayed.

 

please advise..

[Maq]

Do this and paste the exact output:

 

$query = "SELECT * FROM `f_chat_mask_users` WHERE `chat_mask_user_user_id`='$memberID' AND `mobilestat` != '1'";
echo $query;

 

 

[Mchl]

Still the same error.

 

That's impossible. You should have full query text after the error message, and it would be really helpful if you pasted it in here.

[PFMaBiSmAd]

The query that is failing is NOT the one you have been posting or modifying.

[Alicia]

This is the output :

SELECT * FROM `f_chat_mask_users` WHERE `chat_mask_user_user_id`='1749' AND `mobilestat` != '1'
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

 

 

The query that is failing is NOT the one you have been posting or modifying.

you mean I used the wrong code ? please advise. Thanks

[PFMaBiSmAd]

Perhaps if you posted all the code in the file. xxxxx out any sensitive information.

[Mchl]

We have kind of twilight zone situation here

 

Ok... what happens when you run this query?

SELECT * FROM `f_chat_mask_users` WHERE `chat_mask_user_user_id`='1749'

[Alicia]

Still the same error when I direct put the number. 

 

Here is the full script :

<?
session_start();
include"includes/mydb.php";
?>
<?
$srrt1 = mysql_query("SELECT * FROM `f_chat_users` WHERE `chat_user_id`= '{$_COOKIE['memberID']}'") or die(mysql_error());
$srrt2 = mysql_fetch_array($srrt1);
if($srrt2['chat_user_status'] == '1')
{
$stat = "Online";

}
else
{
$stat = "Offline";
}
?>
<!DOCTYPE html PUBLIC "-//WAPFORUM//DTD XHTML Mobile 1.2//EN" "http://www.openmobilealliance.org/tech/DTD/xhtml-mobile12.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="application/xhtml+xml; charset=utf-8" />
<meta http-equiv="refresh" content="3;url=im_user.php">

<title>Test</title>
</head>
<style type="text/css">
<!--
.style2 {font-size: 12px}
-->
</style>
      <style type="text/css">
<!--
div.pagination {
padding: 3px;
margin: 3px;

}

div.pagination a {
padding: 2px 5px 2px 5px;
margin: 2px;
border: 1px solid #AAAADD;

text-decoration: none; /* no underline */
color: #000099;
}
div.pagination a:hover, div.pagination a:active {
border: 1px solid #000099;

color: #000;
}
div.pagination span.current {
padding: 2px 5px 2px 5px;
margin: 2px;
	border: 1px solid #000099;

	font-weight: bold;
	background-color: #000099;
	color: #FFF;
}
div.pagination span.disabled {
	padding: 2px 5px 2px 5px;
	margin: 2px;
	border: 1px solid #EEE;

	color: #DDD;
}
refre {
font-size: 0.5em;
}

-->
      </style>
<body>

<div class="mainwrapper">

    <div id="content">

	<div class="min-width">

	  <table width="260" border="0" cellspacing="5" cellpadding="0">
            <tr>
              <td>  

<span class="text2"><span class="style2">This page will refresh every : 3seconds<br />
ReadInvitation :<br />
<?
$memberID = mysql_real_escape_string($_COOKIE['memberID']);
//$memberID = '1749';
//$query = "SELECT * FROM `f_chat_mask_users` WHERE `chat_mask_user_user_id`='1749' AND `mobilestat` != '1'";
$query = "SELECT * FROM `f_chat_mask_users` WHERE `chat_mask_user_user_id`='$memberID' AND `mobilestat` != '1'";
echo $query;
$checknewinvt = mysql_query($query) or trigger_error(mysql_error().": $query",E_USER_WARNING);
//$checknewinvt = mysql_query("SELECT * FROM `f_chat_mask_users` WHERE `chat_mask_user_user_id`={$_COOKIE['memberID']} AND `mobilestat` != '1'") or die(mysql_error());
$checknewinvt2 = mysql_num_rows($checknewinvt);																																			
if($checknewinvt2 > 0) 
{
?>
<table border="0" cellspacing="0" cellpadding="7">
  <tr>
    <td width="37" valign="top"><img src="images/new.gif" /></td>
    <td width="227" valign="top">
<?
	while($fetchcheck = mysql_fetch_array($checknewinvt))
	{
		$userreq = mysql_query("SELECT DISTINCT `chat_mask_user_user_id` FROM f_chat_mask_users WHERE chat_mask_user_mask_id='{$fetchcheck['chat_mask_user_mask_id']}' AND chat_mask_user_user_id != {$row['ID']}") or die(mysql_error());
		$userreq2 = mysql_fetch_array($userreq);
		$sendName = mysql_query("SELECT * FROM Profiles WHERE ID='{$userreq2['chat_mask_user_user_id']}'");
		$sendName2 = mysql_fetch_array($sendName);
	echo "{$sendName2['NickName']} -<a href=\"imR.php?pid={$fetchcheck['chat_mask_user_mask_id']}\" target=\"_blank\">ReadNow</a><br>";
	} // close while loop
	?>
    </td> </tr>
</table>
	<?
}
else
{
echo 'XXX Message';	
}
?>
              </body>

</html>

[PFMaBiSmAd]

The query that is failing is the one later on the page containing the following term because there is no code setting $row -

chat_mask_user_user_id != {$row['ID']}

 

The reason for the mismatch in information being outout is because you are echoing $query then getting the mysql_error() output from a following die() instruction.

 

As previously written (long long ago...), what trigger_error() does is dependent on error_reporting/display_errors/log_errors settings and should not be used in a debugging environment unless accompanied by instructions that would cause its output to become visible.

 

Since we don't really know what you intended by the chat_mask_user_user_id != {$row['ID']} term, it will be a little hard to help with what it should be.

[Mchl]

As previously written (long long ago...), what trigger_error() does is dependent on error_reporting/display_errors/log_errors settings and should not be used in a debugging environment unless accompanied by instructions that would cause its output to become visible.