Jump to content


Photo

Parse error


  • Please log in to reply
10 replies to this topic

#1 fragen

fragen
  • New Members
  • Pip
  • Newbie
  • 4 posts
  • LocationBlackwood NJ

Posted 26 August 2006 - 06:04 PM

Hi,
My experience in PHP is very limited. I downloaded a roster script, and it appeared to install correctly, but when I go to the admin page I get this error:
Parse error:  parse error, expecting `','' or `';'' in rosteradmin.php on line 25

Here's the script:
  1: <?php
   2: 
   3: 
   4: 
   5: //Getting the file db.php
   6: 
   7: define( 'DB_PATH' , "./" );
   8: 
   9: require DB_PATH."db.php";
  10: 
  11: 
  12: 
  13: // Setting up some variables
  14: 
  15: $request_id = $_REQUEST['id'];
  16: 
  17: 
  18: 
  19: // Page: rosteradmin.php?act=addnew
  20: 
  21: if ($act == addnew) {
  22: 
  23: echo "
  24: 
  25: <form name="form" method="post" action="rosteradmin.php?act=addnew";>
  26: 
  27: <table width="80%" border="0" cellspacing="3" cellpadding="0">
  28: 
  29: <tr>
  30: 
  31: <td width="20%">Alias:</td>
  32: 
  33: <td width="79%"><input name="alias" type="text" id="alias" size="40"></td>
  34: 
  35: </tr>
  36: 
  37: <tr>
  38: 
  39: <td>Name:</td>
  40: 
  41: <td><input name="name" type="text" id="name" size="40"></td>
  42: 
  43: </tr>
  44: 
  45: <tr>
  46: 
  47: <td>Status:</td>
  48: 
  49: <td><input name="status" type="text" id="status" size="40"> </td>
  50: 
  51: </tr>
  52: 
  53: <tr>
  54: 
  55: <td>Country:</td>
  56: 
  57: <td><input name="country" type="text" id="country" size="40"></td>
  58: 
  59: </tr>
  60: 
  61: <tr>
  62: 
  63: <td>Email:</td>
  64: 
  65: <td><input name="email" type="text" id="email" size="40"></td>
  66: 
  67: </tr>
  68: 
  69: <tr>
  70: 
  71: <td>Speciality:</td>
  72: 
  73: <td><input name="weapon" type="text" id="weapon" size="40"></td>
  74: 
  75: </tr>
  76: 
  77: <tr>
  78: 
  79:   <td>Combat XP: </td>
  80: 
  81:   <td><input name="xp" type="text" id="xp" size="65"></td>
  82: 
  83: </tr>
  84: 
  85: <tr>
  86: 
  87:   <td>D.O.B</td>
  88: 
  89:   <td><input name="dob" type="text" id="dob" size="65"></td>
  90: 
  91: </tr>
  92: 
  93: <tr>
  94: 
  95:   <td>Homepage:</td>
  96: 
  97:   <td><input name="homepage" type="text" id="homepage" value="http://" size="40"></td>
  98: 
  99: </tr>
 100: 
 101: <tr>
 102: 
 103: <td><input name="submit" type="submit" id="submit" value="Submit">
 104: 
 105: <input name="reset" type="reset" id="reset" value="Reset"></td>
 106: 
 107: <td>If you mess up, a edit link will be available on submit. </td>
 108: 
 109: </tr>
 110: 
 111: </table>
 112: 
 113: </form>
 114: 
 115: ";
 116: 
 117: 
 118: 
 119: if ($_POST['submit']) {
 120: 
 121: 
 122: 
 123: $alias = $_POST['alias'];
 124: 
 125: $name = $_POST['name'];
 126: 
 127: $status = $_POST['status'];
 128: 
 129: $country = $_POST['country'];
 130: 
 131: $email = $_POST['email'];
 132: 
 133: $weapon = $_POST['weapon'];
 134: 
 135: $dob = $_POST['dob'];
 136: 
 137: $xp = $_POST['xp'];
 138: 
 139: $homepage = $_POST['homepage'];
 140: 
 141: 
 142: 
 143: if (!$alias) {
 144: 
 145: die ('Sorry, a field was left blank. Check all fields again!');
 146: 
 147: }
 148: 
 149: else {
 150: 
 151: mysql_query("INSERT INTO roster(id,alias,name,status,country,email,weapon,dob,xp,homepage) VALUES('','$alias','$name','$status','$country','$email','$weapon','$dob','$xp','$homepage')") or die('Sorry, it failed<br>'.mysql_error());echo "Success! You have added the member <strong>$alias</strong> to the roster as a <strong>$status.</strong><br>What would you like to do?<br><a href="?act=addnew">Add a new member</a> &nbsp; ----&nbsp; <a href="?act=view">Edit / Delete a previous member</a>";
 152: 
 153: }
 154: 
 155: }
 156: 
 157: }
 158: 
 159: 
 160: 
 161: // Page: rosteradmin.php?act=edit&id=##
 162: 
 163: if ($act == edit && $id == $request_id) {
 164: 
 165: $result = mysql_query("SELECT * FROM $mysql_table WHERE id='$request_id'");
 166: 
 167: while($row = mysql_fetch_array($result)){
 168: 
 169: echo "
 170: 
 171: <form name="form" method="post" action="rosteradmin.php?act=edit&id=$request_id">
 172: 
 173: <table width="80%" border="0" cellspacing="3" cellpadding="0">
 174: 
 175: <tr>
 176: 
 177: <td width="20%">Alias:</td>
 178: 
 179: <td width="79%"><input name="alias" type="text" id="alias" value="".$row['alias']."" size="40"></td>
 180: 
 181: </tr>
 182: 
 183: <tr>
 184: 
 185: <td>Name:</td>
 186: 
 187: <td><input name="name" type="text" id="name" value="".$row['name']."" size="40"></td>
 188: 
 189: </tr>
 190: 
 191: <tr>
 192: 
 193: <td>Status:</td>
 194: 
 195: <td><input name="status" type="text" id="status" value="".$row['status']."" size="40"> </td>
 196: 
 197: </tr>
 198: 
 199: <tr>
 200: 
 201: <td>Country:</td>
 202: 
 203: <td><input name="country" type="text" id="country" value="".$row['country']."" size="40"></td>
 204: 
 205: </tr>
 206: 
 207: <tr>
 208: 
 209: <td>Email</td>
 210: 
 211: <td><input name="email" type="text" id="email" value="".$row['email']."" size="40"></td>
 212: 
 213: </tr>
 214: 
 215: <tr>
 216: 
 217: <td>Speciality:</td>
 218: 
 219: <td><input name="weapon" type="text" id="weapon" value="".$row['weapon']."" size="40"></td>
 220: 
 221: </tr>
 222: 
 223: <tr>
 224: 
 225: <td>D.O.B</td>
 226: 
 227: <td><input name="dob" type="text" id="dob" value="".$row['dob']."" size="65"></td>
 228: 
 229: </tr>
 230: 
 231: <tr>
 232: 
 233:   <td>Homepage:</td>
 234: 
 235:   <td><input name="content" type="text" id="homepage" value="".$row['homepage']."" size="65"></td>
 236: 
 237: </tr>
 238: 
 239: <tr>
 240: 
 241: <td><input name="submit" type="submit" id="submit" value="Edit"></td>
 242: 
 243: <td></td>
 244: 
 245: </tr>
 246: 
 247: </table>
 248: 
 249: </form>
 250: 
 251: ";
 252: 
 253: 
 254: 
 255: if ($_POST['submit']) {
 256: 
 257: 
 258: 
 259: $alias = $_POST['alias'];
 260: 
 261: $name = $_POST['name'];
 262: 
 263: $status = $_POST['status'];
 264: 
 265: $country = $_POST['country'];
 266: 
 267: $email = $_POST['email'];
 268: 
 269: $weapon = $_POST['weapon'];
 270: 
 271: $dob = $_POST['dob'];
 272: 
 273: $xp = $_POST['xp'];
 274: 
 275: $homepage = $_POST['homepage'];
 276: 
 277: 
 278: 
 279: mysql_query("UPDATE $mysql_table SET alias='$alias', name='$name', status='$status', country='$country', email='$email', weapon='$weapon', dob='$dob', xp='$xp', homepage='$homepage' WHERE id='$request_id'") or die('Sorry, it failed');
 280: 
 281: echo "Success! $alias has been edited.<br>What would you like to do?<br><a href="?act=addnew">Add a new member</a> &nbsp; ----&nbsp; <a href="?act=view">Edit / Delete a member</a>";
 282: 
 283: }
 284: 
 285: }
 286: 
 287: }
 288: 
 289: 
 290: 
 291: // Page: rosteradmin.php?act=delete&id=##
 292: 
 293: if ($act == delete && $id == $request_id) {
 294: 
 295: $result = mysql_query("SELECT * FROM $mysql_table WHERE id='$request_id'");
 296: 
 297: while($row = mysql_fetch_array($result)){
 298: 
 299: 
 300: 
 301: echo "
 302: 
 303: <form action='?act=delete&id=".$row['id']."' method='post' name='form1'>
 304: 
 305: Are you sure you want to delete: <strong>".$row['alias']."<strong>?
 306: 
 307: <br>
 308: 
 309: <input name='yes' type='checkbox' id='yes' value='checkbox'>
 310: 
 311: Yes<br>
 312: 
 313: <input name='no' type='checkbox' id='no' value='checkbox'>
 314: 
 315: No
 316: 
 317: <br>
 318: 
 319: <input name='submit' type='submit' id='submit' value='Submit'>
 320: 
 321: </form>";
 322: 
 323: }
 324: 
 325: 
 326: 
 327: if ($_POST['submit']){
 328: 
 329: 
 330: 
 331: if ($_POST['yes'] && $_POST['no']){
 332: 
 333: die('Error! : Are you trying to confuse me?');
 334: 
 335: }
 336: 
 337: 
 338: 
 339: if ($_POST['yes']){
 340: 
 341: 
 342: 
 343: $result = mysql_query("SELECT * FROM $mysql_table WHERE id='$request_id'");
 344: 
 345: while($row = mysql_fetch_array($result)){
 346: 
 347: 
 348: 
 349: mysql_query("DELETE FROM $mysql_table WHERE id='$request_id'");
 350: 
 351: echo "
 352: 
 353: Thanks, the member <strong>".$row['alias'].".</strong> has been deleted. <a href='?'>Click here</a> to continue.
 354: 
 355: ";
 356: 
 357: }
 358: 
 359: }
 360: 
 361: 
 362: 
 363: if ($_POST['no']){
 364: 
 365: die('<a href="?">Click here</a> to continue.');
 366: 
 367: }
 368: 
 369: 
 370: 
 371: if (!$_POST['yes'] && !$_POST['no']){
 372: 
 373: die('Oops, you forgot to respond to my question.');
 374: 
 375: }
 376: 
 377: 
 378: 
 379: 
 380: 
 381: }
 382: 
 383: }
 384: 
 385: 
 386: 
 387: // Page: rosteradmin.php?act=view
 388: 
 389: if ($act == view) {
 390: 
 391: echo "
 392: 
 393: <table width="700" border="0" cellspacing="0" cellpadding="0">
 394: 
 395: <tr>
 396: 
 397: <td><strong>ID</strong></td>
 398: 
 399: <td><strong>Alias</strong></td>
 400: 
 401: <td><strong>Status</strong></td>
 402: 
 403: <td><strong>Email</strong></td>
 404: 
 405: <td><strong>Edit / Delete</strong></td>
 406: 
 407: </tr>
 408: 
 409: ";
 410: 
 411: $result = mysql_query("SELECT * FROM $mysql_table ORDER BY ID ASC");
 412: 
 413: while($row = mysql_fetch_array($result)){
 414: 
 415: echo "
 416: 
 417: <tr>
 418: 
 419: <td>".$row['id']."</td>
 420: 
 421: <td>".$row['alias']."</td>
 422: 
 423: <td>".$row['status']."</td>
 424: 
 425: <td><a href="mailto:".$row['email']."">".$row['alias']."</a></td>
 426: 
 427: <td><a href="rosteradmin.php?act=edit&id=".$row['id']."">Edit</a> / <a href="rosteradmin.php?act=delete&id=".$row['id']."">Delete</a></td>
 428: 
 429: </tr>
 430: 
 431: ";
 432: 
 433: }
 434: 
 435: echo "</table>";
 436: 
 437: }
 438: 
 439: 
 440: 
 441: // Page: rosteradmin.php
 442: 
 443: if (!$act) {
 444: 
 445: echo "
 446: 
 447: What would you like to do?<br><a href="?act=addnew">Add a new member</a> &nbsp; ----&nbsp; <a href="?act=view">Edit / Delete a member </a>
 448: 
 449: ";
 450: 
 451: }
 452: 
 453: ?>


#2 shocker-z

shocker-z
  • Members
  • PipPipPip
  • Advanced Member
  • 864 posts
  • LocationNottingham

Posted 26 August 2006 - 06:10 PM

every where where you use echo you need to use \" instead of " for any " that are within your echo ""; i would do it for you but u have ALOT to change..
www: www.ukchat.ws | irc: irc.ukchat.ws chan: #blufudge

#3 AdRock

AdRock
  • Members
  • PipPipPip
  • Advanced Member
  • 911 posts

Posted 26 August 2006 - 09:23 PM

or uou could replace the double quotes " with single quotes '
If your topic has been solved, please mark the topic as SOLVED.

This helps others from identifying which topics need help still

#4 wildteen88

wildteen88
  • Staff Alumni
  • Advanced Member
  • 10,482 posts
  • LocationUK, Bournemouth

Posted 26 August 2006 - 09:24 PM

Use HEREDOC syntax if you have a lot of HTML to echo

But yeah do what shocker-z sys. You need to escape your double quotes in your echo statement. You cannot use double quotes in an echo statement if you start of your echo with a double quote. This is the correct way:

echo "<form action=\"page.php\" method=\"post\">";


Or use HEREDOC for large HTML Blocks:
echo <<<HTML
<form action="page.php" method="post">
  .. html here ..
</form>
HTML;


#5 shocker-z

shocker-z
  • Members
  • PipPipPip
  • Advanced Member
  • 864 posts
  • LocationNottingham

Posted 26 August 2006 - 09:28 PM

i will remember that one wildteen i've never seen that used before but looks very useful :)
www: www.ukchat.ws | irc: irc.ukchat.ws chan: #blufudge

#6 wildteen88

wildteen88
  • Staff Alumni
  • Advanced Member
  • 10,482 posts
  • LocationUK, Bournemouth

Posted 26 August 2006 - 10:10 PM

I have saved you the hassel of correcting the errors for you. I also noticed you had a few syntax errors and unneeded code.

Download the attachment below

Note do not indent or put anything before or after any instance of HTML; otherwise you'll get errors.

Plus whilst going through your code I noticed you dont valid urser input. Never use raw user input. Otherwise your SQL Queries will be prone for SQL Injection attacks, which is not good. At lease use mysql_real_escape_string to help prevent this on your input vars for example:
$name = mysql_real_escape_string($_POST['name']);

[attachment deleted by admin]

#7 fragen

fragen
  • New Members
  • Pip
  • Newbie
  • 4 posts
  • LocationBlackwood NJ

Posted 27 August 2006 - 12:34 AM

I have saved you the hassel of correcting the errors for you. I also noticed you had a few syntax errors and unneeded code.

Download the attachment below

Note do not indent or put anything before or after any instance of HTML; otherwise you'll get errors.

Plus whilst going through your code I noticed you dont valid urser input. Never use raw user input. Otherwise your SQL Queries will be prone for SQL Injection attacks, which is not good. At lease use mysql_real_escape_string to help prevent this on your input vars for example:

$name = mysql_real_escape_string($_POST['name']);


Thanks alot  :D Where do I put that code ? $name = mysql_real_escape_string($_POST['name']);
PS - I didn't write the script. I'm very noobish when it comes to PHP  :o

#8 fragen

fragen
  • New Members
  • Pip
  • Newbie
  • 4 posts
  • LocationBlackwood NJ

Posted 27 August 2006 - 12:48 AM

That file did the trick, but unfortunately, the script isn't realy what I wanted  :(
It's very bland, and doesn't give much detail. I'm looking for something more like this:
http://www.the-rota.com/ (Click on ROSTER).
I'd like to have something I could integrate into My site like that, and have more detail  ;D


#9 AndyB

AndyB
  • Staff Alumni
  • Advanced Member
  • 5,465 posts
  • LocationToronto

Posted 27 August 2006 - 01:41 AM

I'd like to have something I could integrate into My site like that, and have more detail  ;D


Nobody is going to write that for you, but the basics are the same as the script you now have that works.  Just work at adding whatever detail you decide you want.  Post your code as you run into problems.

It'll be a fine learning experience.
Legend has it that reading the manual never killed anyone.
My site

#10 fragen

fragen
  • New Members
  • Pip
  • Newbie
  • 4 posts
  • LocationBlackwood NJ

Posted 27 August 2006 - 04:06 AM

I'd like to have something I could integrate into My site like that, and have more detail  ;D


Nobody is going to write that for you, but the basics are the same as the script you now have that works.  Just work at adding whatever detail you decide you want.  Post your code as you run into problems.

It'll be a fine learning experience.


You mean I have to DO stuff ?  :'( Hehe...

#11 wildteen88

wildteen88
  • Staff Alumni
  • Advanced Member
  • 10,482 posts
  • LocationUK, Bournemouth

Posted 27 August 2006 - 12:20 PM

We aint here to write scripts for you. We are here to help you with the developement of your scripts, sorting out errors, or answering your questions about the PHP lanaguage etc. We can provide little code snippets but not fully fledged scripts.

If you want someone to write you a script post a request in the PHP Freelancing forum.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users