Jump to content

Archived

This topic is now archived and is closed to further replies.

fragen

Parse error

Recommended Posts

Hi,
My experience in PHP is very limited. I downloaded a roster script, and it appeared to install correctly, but when I go to the admin page I get this error:
Parse error:  parse error, expecting `','' or `';'' in rosteradmin.php on line 25

Here's the script:
[code]  1: <?php
  2:
  3:
  4:
  5: //Getting the file db.php
  6:
  7: define( 'DB_PATH' , "./" );
  8:
  9: require DB_PATH."db.php";
  10:
  11:
  12:
  13: // Setting up some variables
  14:
  15: $request_id = $_REQUEST['id'];
  16:
  17:
  18:
  19: // Page: rosteradmin.php?act=addnew
  20:
  21: if ($act == addnew) {
  22:
  23: echo "
  24:
  25: <form name="form" method="post" action="rosteradmin.php?act=addnew";>
  26:
  27: <table width="80%" border="0" cellspacing="3" cellpadding="0">
  28:
  29: <tr>
  30:
  31: <td width="20%">Alias:</td>
  32:
  33: <td width="79%"><input name="alias" type="text" id="alias" size="40"></td>
  34:
  35: </tr>
  36:
  37: <tr>
  38:
  39: <td>Name:</td>
  40:
  41: <td><input name="name" type="text" id="name" size="40"></td>
  42:
  43: </tr>
  44:
  45: <tr>
  46:
  47: <td>Status:</td>
  48:
  49: <td><input name="status" type="text" id="status" size="40"> </td>
  50:
  51: </tr>
  52:
  53: <tr>
  54:
  55: <td>Country:</td>
  56:
  57: <td><input name="country" type="text" id="country" size="40"></td>
  58:
  59: </tr>
  60:
  61: <tr>
  62:
  63: <td>Email:</td>
  64:
  65: <td><input name="email" type="text" id="email" size="40"></td>
  66:
  67: </tr>
  68:
  69: <tr>
  70:
  71: <td>Speciality:</td>
  72:
  73: <td><input name="weapon" type="text" id="weapon" size="40"></td>
  74:
  75: </tr>
  76:
  77: <tr>
  78:
  79:  <td>Combat XP: </td>
  80:
  81:  <td><input name="xp" type="text" id="xp" size="65"></td>
  82:
  83: </tr>
  84:
  85: <tr>
  86:
  87:  <td>D.O.B</td>
  88:
  89:  <td><input name="dob" type="text" id="dob" size="65"></td>
  90:
  91: </tr>
  92:
  93: <tr>
  94:
  95:  <td>Homepage:</td>
  96:
  97:  <td><input name="homepage" type="text" id="homepage" value="http://" size="40"></td>
  98:
  99: </tr>
100:
101: <tr>
102:
103: <td><input name="submit" type="submit" id="submit" value="Submit">
104:
105: <input name="reset" type="reset" id="reset" value="Reset"></td>
106:
107: <td>If you mess up, a edit link will be available on submit. </td>
108:
109: </tr>
110:
111: </table>
112:
113: </form>
114:
115: ";
116:
117:
118:
119: if ($_POST['submit']) {
120:
121:
122:
123: $alias = $_POST['alias'];
124:
125: $name = $_POST['name'];
126:
127: $status = $_POST['status'];
128:
129: $country = $_POST['country'];
130:
131: $email = $_POST['email'];
132:
133: $weapon = $_POST['weapon'];
134:
135: $dob = $_POST['dob'];
136:
137: $xp = $_POST['xp'];
138:
139: $homepage = $_POST['homepage'];
140:
141:
142:
143: if (!$alias) {
144:
145: die ('Sorry, a field was left blank. Check all fields again!');
146:
147: }
148:
149: else {
150:
151: mysql_query("INSERT INTO roster(id,alias,name,status,country,email,weapon,dob,xp,homepage) VALUES('','$alias','$name','$status','$country','$email','$weapon','$dob','$xp','$homepage')") or die('Sorry, it failed<br>'.mysql_error());echo "Success! You have added the member <strong>$alias</strong> to the roster as a <strong>$status.</strong><br>What would you like to do?<br><a href="?act=addnew">Add a new member</a> &nbsp; ----&nbsp; <a href="?act=view">Edit / Delete a previous member</a>";
152:
153: }
154:
155: }
156:
157: }
158:
159:
160:
161: // Page: rosteradmin.php?act=edit&id=##
162:
163: if ($act == edit && $id == $request_id) {
164:
165: $result = mysql_query("SELECT * FROM $mysql_table WHERE id='$request_id'");
166:
167: while($row = mysql_fetch_array($result)){
168:
169: echo "
170:
171: <form name="form" method="post" action="rosteradmin.php?act=edit&id=$request_id">
172:
173: <table width="80%" border="0" cellspacing="3" cellpadding="0">
174:
175: <tr>
176:
177: <td width="20%">Alias:</td>
178:
179: <td width="79%"><input name="alias" type="text" id="alias" value="".$row['alias']."" size="40"></td>
180:
181: </tr>
182:
183: <tr>
184:
185: <td>Name:</td>
186:
187: <td><input name="name" type="text" id="name" value="".$row['name']."" size="40"></td>
188:
189: </tr>
190:
191: <tr>
192:
193: <td>Status:</td>
194:
195: <td><input name="status" type="text" id="status" value="".$row['status']."" size="40"> </td>
196:
197: </tr>
198:
199: <tr>
200:
201: <td>Country:</td>
202:
203: <td><input name="country" type="text" id="country" value="".$row['country']."" size="40"></td>
204:
205: </tr>
206:
207: <tr>
208:
209: <td>Email</td>
210:
211: <td><input name="email" type="text" id="email" value="".$row['email']."" size="40"></td>
212:
213: </tr>
214:
215: <tr>
216:
217: <td>Speciality:</td>
218:
219: <td><input name="weapon" type="text" id="weapon" value="".$row['weapon']."" size="40"></td>
220:
221: </tr>
222:
223: <tr>
224:
225: <td>D.O.B</td>
226:
227: <td><input name="dob" type="text" id="dob" value="".$row['dob']."" size="65"></td>
228:
229: </tr>
230:
231: <tr>
232:
233:  <td>Homepage:</td>
234:
235:  <td><input name="content" type="text" id="homepage" value="".$row['homepage']."" size="65"></td>
236:
237: </tr>
238:
239: <tr>
240:
241: <td><input name="submit" type="submit" id="submit" value="Edit"></td>
242:
243: <td></td>
244:
245: </tr>
246:
247: </table>
248:
249: </form>
250:
251: ";
252:
253:
254:
255: if ($_POST['submit']) {
256:
257:
258:
259: $alias = $_POST['alias'];
260:
261: $name = $_POST['name'];
262:
263: $status = $_POST['status'];
264:
265: $country = $_POST['country'];
266:
267: $email = $_POST['email'];
268:
269: $weapon = $_POST['weapon'];
270:
271: $dob = $_POST['dob'];
272:
273: $xp = $_POST['xp'];
274:
275: $homepage = $_POST['homepage'];
276:
277:
278:
279: mysql_query("UPDATE $mysql_table SET alias='$alias', name='$name', status='$status', country='$country', email='$email', weapon='$weapon', dob='$dob', xp='$xp', homepage='$homepage' WHERE id='$request_id'") or die('Sorry, it failed');
280:
281: echo "Success! $alias has been edited.<br>What would you like to do?<br><a href="?act=addnew">Add a new member</a> &nbsp; ----&nbsp; <a href="?act=view">Edit / Delete a member</a>";
282:
283: }
284:
285: }
286:
287: }
288:
289:
290:
291: // Page: rosteradmin.php?act=delete&id=##
292:
293: if ($act == delete && $id == $request_id) {
294:
295: $result = mysql_query("SELECT * FROM $mysql_table WHERE id='$request_id'");
296:
297: while($row = mysql_fetch_array($result)){
298:
299:
300:
301: echo "
302:
303: <form action='?act=delete&id=".$row['id']."' method='post' name='form1'>
304:
305: Are you sure you want to delete: <strong>".$row['alias']."<strong>?
306:
307: <br>
308:
309: <input name='yes' type='checkbox' id='yes' value='checkbox'>
310:
311: Yes<br>
312:
313: <input name='no' type='checkbox' id='no' value='checkbox'>
314:
315: No
316:
317: <br>
318:
319: <input name='submit' type='submit' id='submit' value='Submit'>
320:
321: </form>";
322:
323: }
324:
325:
326:
327: if ($_POST['submit']){
328:
329:
330:
331: if ($_POST['yes'] && $_POST['no']){
332:
333: die('Error! : Are you trying to confuse me?');
334:
335: }
336:
337:
338:
339: if ($_POST['yes']){
340:
341:
342:
343: $result = mysql_query("SELECT * FROM $mysql_table WHERE id='$request_id'");
344:
345: while($row = mysql_fetch_array($result)){
346:
347:
348:
349: mysql_query("DELETE FROM $mysql_table WHERE id='$request_id'");
350:
351: echo "
352:
353: Thanks, the member <strong>".$row['alias'].".</strong> has been deleted. <a href='?'>Click here</a> to continue.
354:
355: ";
356:
357: }
358:
359: }
360:
361:
362:
363: if ($_POST['no']){
364:
365: die('<a href="?">Click here</a> to continue.');
366:
367: }
368:
369:
370:
371: if (!$_POST['yes'] && !$_POST['no']){
372:
373: die('Oops, you forgot to respond to my question.');
374:
375: }
376:
377:
378:
379:
380:
381: }
382:
383: }
384:
385:
386:
387: // Page: rosteradmin.php?act=view
388:
389: if ($act == view) {
390:
391: echo "
392:
393: <table width="700" border="0" cellspacing="0" cellpadding="0">
394:
395: <tr>
396:
397: <td><strong>ID</strong></td>
398:
399: <td><strong>Alias</strong></td>
400:
401: <td><strong>Status</strong></td>
402:
403: <td><strong>Email</strong></td>
404:
405: <td><strong>Edit / Delete</strong></td>
406:
407: </tr>
408:
409: ";
410:
411: $result = mysql_query("SELECT * FROM $mysql_table ORDER BY ID ASC");
412:
413: while($row = mysql_fetch_array($result)){
414:
415: echo "
416:
417: <tr>
418:
419: <td>".$row['id']."</td>
420:
421: <td>".$row['alias']."</td>
422:
423: <td>".$row['status']."</td>
424:
425: <td><a href="mailto:".$row['email']."">".$row['alias']."</a></td>
426:
427: <td><a href="rosteradmin.php?act=edit&id=".$row['id']."">Edit</a> / <a href="rosteradmin.php?act=delete&id=".$row['id']."">Delete</a></td>
428:
429: </tr>
430:
431: ";
432:
433: }
434:
435: echo "</table>";
436:
437: }
438:
439:
440:
441: // Page: rosteradmin.php
442:
443: if (!$act) {
444:
445: echo "
446:
447: What would you like to do?<br><a href="?act=addnew">Add a new member</a> &nbsp; ----&nbsp; <a href="?act=view">Edit / Delete a member </a>
448:
449: ";
450:
451: }
452:
453: ?>[/code]

Share this post


Link to post
Share on other sites
every where where you use echo you need to use \" instead of " for any " that are within your echo ""; i would do it for you but u have ALOT to change..

Share this post


Link to post
Share on other sites
Use HEREDOC syntax if you have a lot of HTML to echo

But yeah do what shocker-z sys. You need to escape your double quotes in your echo statement. You cannot use double quotes in an echo statement if you start of your echo with a double quote. This is the correct way:

[code=php:0]echo "<form action=\"page.php\" method=\"post\">";[/code]


Or use HEREDOC for large HTML Blocks:
[code=php:0]echo <<<HTML
<form action="page.php" method="post">
  .. html here ..
</form>
HTML;[/code]

Share this post


Link to post
Share on other sites
i will remember that one wildteen i've never seen that used before but looks very useful :)

Share this post


Link to post
Share on other sites
I have saved you the hassel of correcting the errors for you. I also noticed you had a few syntax errors and unneeded code.

Download the attachment below

Note do not indent or put anything before or after any instance of HTML; otherwise you'll get errors.

Plus whilst going through your code I noticed you dont valid urser input. Never use raw user input. Otherwise your SQL Queries will be prone for SQL Injection attacks, which is not good. At lease use mysql_real_escape_string to help prevent this on your input vars for example:
[code]$name = mysql_real_escape_string($_POST['name']);[/code]

[attachment deleted by admin]

Share this post


Link to post
Share on other sites
[quote author=wildteen88 link=topic=105734.msg422557#msg422557 date=1156630219]
I have saved you the hassel of correcting the errors for you. I also noticed you had a few syntax errors and unneeded code.

Download the attachment below

Note do not indent or put anything before or after any instance of HTML; otherwise you'll get errors.

Plus whilst going through your code I noticed you dont valid urser input. Never use raw user input. Otherwise your SQL Queries will be prone for SQL Injection attacks, which is not good. At lease use mysql_real_escape_string to help prevent this on your input vars for example:
[code]$name = mysql_real_escape_string($_POST['name']);[/code]
[/quote]

Thanks alot  :D Where do I put that code ? $name = mysql_real_escape_string($_POST['name']);
PS - I didn't write the script. I'm very noobish when it comes to PHP  :o

Share this post


Link to post
Share on other sites
That file did the trick, but unfortunately, the script isn't realy what I wanted  :(
It's very bland, and doesn't give much detail. I'm looking for something more like this:
[url=http://www.the-rota.com/]http://www.the-rota.com/[/url] (Click on ROSTER).
I'd like to have something I could integrate into My site like that, and have more detail  ;D

Share this post


Link to post
Share on other sites
[quote author=fragen link=topic=105734.msg422629#msg422629 date=1156639734]
I'd like to have something I could integrate into My site like that, and have more detail  ;D
[/quote]

Nobody is going to write that for you, but the basics are the same as the script you now have that works.  Just work at adding whatever detail you decide you want.  Post your code as you run into problems.

It'll be a fine learning experience.

Share this post


Link to post
Share on other sites
[quote author=AndyB link=topic=105734.msg422643#msg422643 date=1156642918]
[quote author=fragen link=topic=105734.msg422629#msg422629 date=1156639734]
I'd like to have something I could integrate into My site like that, and have more detail  ;D
[/quote]

Nobody is going to write that for you, but the basics are the same as the script you now have that works.  Just work at adding whatever detail you decide you want.  Post your code as you run into problems.

It'll be a fine learning experience.
[/quote]

You mean I have to DO stuff ?  :'( Hehe...

Share this post


Link to post
Share on other sites
We aint here to write scripts for you. We are here to help you with the developement of your scripts, sorting out errors, or answering your questions about the PHP lanaguage etc. We can provide little code snippets but not fully fledged scripts.

If you want someone to write you a script post a request in the PHP Freelancing forum.

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.