Jump to content

Parse error


fragen

Recommended Posts

Hi,
My experience in PHP is very limited. I downloaded a roster script, and it appeared to install correctly, but when I go to the admin page I get this error:
Parse error:  parse error, expecting `','' or `';'' in rosteradmin.php on line 25

Here's the script:
[code]  1: <?php
  2:
  3:
  4:
  5: //Getting the file db.php
  6:
  7: define( 'DB_PATH' , "./" );
  8:
  9: require DB_PATH."db.php";
  10:
  11:
  12:
  13: // Setting up some variables
  14:
  15: $request_id = $_REQUEST['id'];
  16:
  17:
  18:
  19: // Page: rosteradmin.php?act=addnew
  20:
  21: if ($act == addnew) {
  22:
  23: echo "
  24:
  25: <form name="form" method="post" action="rosteradmin.php?act=addnew";>
  26:
  27: <table width="80%" border="0" cellspacing="3" cellpadding="0">
  28:
  29: <tr>
  30:
  31: <td width="20%">Alias:</td>
  32:
  33: <td width="79%"><input name="alias" type="text" id="alias" size="40"></td>
  34:
  35: </tr>
  36:
  37: <tr>
  38:
  39: <td>Name:</td>
  40:
  41: <td><input name="name" type="text" id="name" size="40"></td>
  42:
  43: </tr>
  44:
  45: <tr>
  46:
  47: <td>Status:</td>
  48:
  49: <td><input name="status" type="text" id="status" size="40"> </td>
  50:
  51: </tr>
  52:
  53: <tr>
  54:
  55: <td>Country:</td>
  56:
  57: <td><input name="country" type="text" id="country" size="40"></td>
  58:
  59: </tr>
  60:
  61: <tr>
  62:
  63: <td>Email:</td>
  64:
  65: <td><input name="email" type="text" id="email" size="40"></td>
  66:
  67: </tr>
  68:
  69: <tr>
  70:
  71: <td>Speciality:</td>
  72:
  73: <td><input name="weapon" type="text" id="weapon" size="40"></td>
  74:
  75: </tr>
  76:
  77: <tr>
  78:
  79:  <td>Combat XP: </td>
  80:
  81:  <td><input name="xp" type="text" id="xp" size="65"></td>
  82:
  83: </tr>
  84:
  85: <tr>
  86:
  87:  <td>D.O.B</td>
  88:
  89:  <td><input name="dob" type="text" id="dob" size="65"></td>
  90:
  91: </tr>
  92:
  93: <tr>
  94:
  95:  <td>Homepage:</td>
  96:
  97:  <td><input name="homepage" type="text" id="homepage" value="http://" size="40"></td>
  98:
  99: </tr>
100:
101: <tr>
102:
103: <td><input name="submit" type="submit" id="submit" value="Submit">
104:
105: <input name="reset" type="reset" id="reset" value="Reset"></td>
106:
107: <td>If you mess up, a edit link will be available on submit. </td>
108:
109: </tr>
110:
111: </table>
112:
113: </form>
114:
115: ";
116:
117:
118:
119: if ($_POST['submit']) {
120:
121:
122:
123: $alias = $_POST['alias'];
124:
125: $name = $_POST['name'];
126:
127: $status = $_POST['status'];
128:
129: $country = $_POST['country'];
130:
131: $email = $_POST['email'];
132:
133: $weapon = $_POST['weapon'];
134:
135: $dob = $_POST['dob'];
136:
137: $xp = $_POST['xp'];
138:
139: $homepage = $_POST['homepage'];
140:
141:
142:
143: if (!$alias) {
144:
145: die ('Sorry, a field was left blank. Check all fields again!');
146:
147: }
148:
149: else {
150:
151: mysql_query("INSERT INTO roster(id,alias,name,status,country,email,weapon,dob,xp,homepage) VALUES('','$alias','$name','$status','$country','$email','$weapon','$dob','$xp','$homepage')") or die('Sorry, it failed<br>'.mysql_error());echo "Success! You have added the member <strong>$alias</strong> to the roster as a <strong>$status.</strong><br>What would you like to do?<br><a href="?act=addnew">Add a new member</a> &nbsp; ----&nbsp; <a href="?act=view">Edit / Delete a previous member</a>";
152:
153: }
154:
155: }
156:
157: }
158:
159:
160:
161: // Page: rosteradmin.php?act=edit&id=##
162:
163: if ($act == edit && $id == $request_id) {
164:
165: $result = mysql_query("SELECT * FROM $mysql_table WHERE id='$request_id'");
166:
167: while($row = mysql_fetch_array($result)){
168:
169: echo "
170:
171: <form name="form" method="post" action="rosteradmin.php?act=edit&id=$request_id">
172:
173: <table width="80%" border="0" cellspacing="3" cellpadding="0">
174:
175: <tr>
176:
177: <td width="20%">Alias:</td>
178:
179: <td width="79%"><input name="alias" type="text" id="alias" value="".$row['alias']."" size="40"></td>
180:
181: </tr>
182:
183: <tr>
184:
185: <td>Name:</td>
186:
187: <td><input name="name" type="text" id="name" value="".$row['name']."" size="40"></td>
188:
189: </tr>
190:
191: <tr>
192:
193: <td>Status:</td>
194:
195: <td><input name="status" type="text" id="status" value="".$row['status']."" size="40"> </td>
196:
197: </tr>
198:
199: <tr>
200:
201: <td>Country:</td>
202:
203: <td><input name="country" type="text" id="country" value="".$row['country']."" size="40"></td>
204:
205: </tr>
206:
207: <tr>
208:
209: <td>Email</td>
210:
211: <td><input name="email" type="text" id="email" value="".$row['email']."" size="40"></td>
212:
213: </tr>
214:
215: <tr>
216:
217: <td>Speciality:</td>
218:
219: <td><input name="weapon" type="text" id="weapon" value="".$row['weapon']."" size="40"></td>
220:
221: </tr>
222:
223: <tr>
224:
225: <td>D.O.B</td>
226:
227: <td><input name="dob" type="text" id="dob" value="".$row['dob']."" size="65"></td>
228:
229: </tr>
230:
231: <tr>
232:
233:  <td>Homepage:</td>
234:
235:  <td><input name="content" type="text" id="homepage" value="".$row['homepage']."" size="65"></td>
236:
237: </tr>
238:
239: <tr>
240:
241: <td><input name="submit" type="submit" id="submit" value="Edit"></td>
242:
243: <td></td>
244:
245: </tr>
246:
247: </table>
248:
249: </form>
250:
251: ";
252:
253:
254:
255: if ($_POST['submit']) {
256:
257:
258:
259: $alias = $_POST['alias'];
260:
261: $name = $_POST['name'];
262:
263: $status = $_POST['status'];
264:
265: $country = $_POST['country'];
266:
267: $email = $_POST['email'];
268:
269: $weapon = $_POST['weapon'];
270:
271: $dob = $_POST['dob'];
272:
273: $xp = $_POST['xp'];
274:
275: $homepage = $_POST['homepage'];
276:
277:
278:
279: mysql_query("UPDATE $mysql_table SET alias='$alias', name='$name', status='$status', country='$country', email='$email', weapon='$weapon', dob='$dob', xp='$xp', homepage='$homepage' WHERE id='$request_id'") or die('Sorry, it failed');
280:
281: echo "Success! $alias has been edited.<br>What would you like to do?<br><a href="?act=addnew">Add a new member</a> &nbsp; ----&nbsp; <a href="?act=view">Edit / Delete a member</a>";
282:
283: }
284:
285: }
286:
287: }
288:
289:
290:
291: // Page: rosteradmin.php?act=delete&id=##
292:
293: if ($act == delete && $id == $request_id) {
294:
295: $result = mysql_query("SELECT * FROM $mysql_table WHERE id='$request_id'");
296:
297: while($row = mysql_fetch_array($result)){
298:
299:
300:
301: echo "
302:
303: <form action='?act=delete&id=".$row['id']."' method='post' name='form1'>
304:
305: Are you sure you want to delete: <strong>".$row['alias']."<strong>?
306:
307: <br>
308:
309: <input name='yes' type='checkbox' id='yes' value='checkbox'>
310:
311: Yes<br>
312:
313: <input name='no' type='checkbox' id='no' value='checkbox'>
314:
315: No
316:
317: <br>
318:
319: <input name='submit' type='submit' id='submit' value='Submit'>
320:
321: </form>";
322:
323: }
324:
325:
326:
327: if ($_POST['submit']){
328:
329:
330:
331: if ($_POST['yes'] && $_POST['no']){
332:
333: die('Error! : Are you trying to confuse me?');
334:
335: }
336:
337:
338:
339: if ($_POST['yes']){
340:
341:
342:
343: $result = mysql_query("SELECT * FROM $mysql_table WHERE id='$request_id'");
344:
345: while($row = mysql_fetch_array($result)){
346:
347:
348:
349: mysql_query("DELETE FROM $mysql_table WHERE id='$request_id'");
350:
351: echo "
352:
353: Thanks, the member <strong>".$row['alias'].".</strong> has been deleted. <a href='?'>Click here</a> to continue.
354:
355: ";
356:
357: }
358:
359: }
360:
361:
362:
363: if ($_POST['no']){
364:
365: die('<a href="?">Click here</a> to continue.');
366:
367: }
368:
369:
370:
371: if (!$_POST['yes'] && !$_POST['no']){
372:
373: die('Oops, you forgot to respond to my question.');
374:
375: }
376:
377:
378:
379:
380:
381: }
382:
383: }
384:
385:
386:
387: // Page: rosteradmin.php?act=view
388:
389: if ($act == view) {
390:
391: echo "
392:
393: <table width="700" border="0" cellspacing="0" cellpadding="0">
394:
395: <tr>
396:
397: <td><strong>ID</strong></td>
398:
399: <td><strong>Alias</strong></td>
400:
401: <td><strong>Status</strong></td>
402:
403: <td><strong>Email</strong></td>
404:
405: <td><strong>Edit / Delete</strong></td>
406:
407: </tr>
408:
409: ";
410:
411: $result = mysql_query("SELECT * FROM $mysql_table ORDER BY ID ASC");
412:
413: while($row = mysql_fetch_array($result)){
414:
415: echo "
416:
417: <tr>
418:
419: <td>".$row['id']."</td>
420:
421: <td>".$row['alias']."</td>
422:
423: <td>".$row['status']."</td>
424:
425: <td><a href="mailto:".$row['email']."">".$row['alias']."</a></td>
426:
427: <td><a href="rosteradmin.php?act=edit&id=".$row['id']."">Edit</a> / <a href="rosteradmin.php?act=delete&id=".$row['id']."">Delete</a></td>
428:
429: </tr>
430:
431: ";
432:
433: }
434:
435: echo "</table>";
436:
437: }
438:
439:
440:
441: // Page: rosteradmin.php
442:
443: if (!$act) {
444:
445: echo "
446:
447: What would you like to do?<br><a href="?act=addnew">Add a new member</a> &nbsp; ----&nbsp; <a href="?act=view">Edit / Delete a member </a>
448:
449: ";
450:
451: }
452:
453: ?>[/code]
Link to comment
Share on other sites

Use HEREDOC syntax if you have a lot of HTML to echo

But yeah do what shocker-z sys. You need to escape your double quotes in your echo statement. You cannot use double quotes in an echo statement if you start of your echo with a double quote. This is the correct way:

[code=php:0]echo "<form action=\"page.php\" method=\"post\">";[/code]


Or use HEREDOC for large HTML Blocks:
[code=php:0]echo <<<HTML
<form action="page.php" method="post">
  .. html here ..
</form>
HTML;[/code]
Link to comment
Share on other sites

I have saved you the hassel of correcting the errors for you. I also noticed you had a few syntax errors and unneeded code.

Download the attachment below

Note do not indent or put anything before or after any instance of HTML; otherwise you'll get errors.

Plus whilst going through your code I noticed you dont valid urser input. Never use raw user input. Otherwise your SQL Queries will be prone for SQL Injection attacks, which is not good. At lease use mysql_real_escape_string to help prevent this on your input vars for example:
[code]$name = mysql_real_escape_string($_POST['name']);[/code]

[attachment deleted by admin]
Link to comment
Share on other sites

[quote author=wildteen88 link=topic=105734.msg422557#msg422557 date=1156630219]
I have saved you the hassel of correcting the errors for you. I also noticed you had a few syntax errors and unneeded code.

Download the attachment below

Note do not indent or put anything before or after any instance of HTML; otherwise you'll get errors.

Plus whilst going through your code I noticed you dont valid urser input. Never use raw user input. Otherwise your SQL Queries will be prone for SQL Injection attacks, which is not good. At lease use mysql_real_escape_string to help prevent this on your input vars for example:
[code]$name = mysql_real_escape_string($_POST['name']);[/code]
[/quote]

Thanks alot  :D Where do I put that code ? $name = mysql_real_escape_string($_POST['name']);
PS - I didn't write the script. I'm very noobish when it comes to PHP  :o
Link to comment
Share on other sites

That file did the trick, but unfortunately, the script isn't realy what I wanted  :(
It's very bland, and doesn't give much detail. I'm looking for something more like this:
[url=http://www.the-rota.com/]http://www.the-rota.com/[/url] (Click on ROSTER).
I'd like to have something I could integrate into My site like that, and have more detail  ;D
Link to comment
Share on other sites

[quote author=fragen link=topic=105734.msg422629#msg422629 date=1156639734]
I'd like to have something I could integrate into My site like that, and have more detail  ;D
[/quote]

Nobody is going to write that for you, but the basics are the same as the script you now have that works.  Just work at adding whatever detail you decide you want.  Post your code as you run into problems.

It'll be a fine learning experience.
Link to comment
Share on other sites

[quote author=AndyB link=topic=105734.msg422643#msg422643 date=1156642918]
[quote author=fragen link=topic=105734.msg422629#msg422629 date=1156639734]
I'd like to have something I could integrate into My site like that, and have more detail  ;D
[/quote]

Nobody is going to write that for you, but the basics are the same as the script you now have that works.  Just work at adding whatever detail you decide you want.  Post your code as you run into problems.

It'll be a fine learning experience.
[/quote]

You mean I have to DO stuff ?  :'( Hehe...
Link to comment
Share on other sites

We aint here to write scripts for you. We are here to help you with the developement of your scripts, sorting out errors, or answering your questions about the PHP lanaguage etc. We can provide little code snippets but not fully fledged scripts.

If you want someone to write you a script post a request in the PHP Freelancing forum.
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.