Jump to content

Recommended Posts

I have the following problem, I am trying to store a php path in a SQL table (the field is a 'TEXT' field), db structure is latin2.

Here is the short path that i am trying to store ([b]the code is actually a parameter for a link[/b]):

[code]wisdom2.php?MAXIMID=<?php echo $row_menu['ID']; ?>[/code]

However, I get this error message when I try to run a page that tries to extract the php code:

[code]You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '? ORDER BY AUTHOR ASC' at line 1[/code]

Now, if I were to simply write the same piece of code in a php page, it works fine, does anyone have an answer to why it is not working when the piece of code is stored in a SQL Database?

(Pls don't respond w/ the obvious answer,  ;) I need it to be this way for a reason .... )

Thank you,
Link to comment
https://forums.phpfreaks.com/topic/20328-storing-php-syntax-variables-in-sql/
Share on other sites

Do you mean this is in your SQL statement, similar to this:

[code=php:0]
$sql = "INSERT INTO table (path) VALUES ('wisdom2.php?MAXIMID=<?php echo $row_menu['ID']; ?>')";
[/code]

If so, then it's because of the single quotes around 'ID'.  Have you tried to use htmlentities() on the string first of all, that works?

That would insert:

[code]
wisdom2.php?MAXIMID=&lt;?php echo $row_menu[&#039;ID&#039;]; ?&gt;
[/code]

Or just escaping the single quotes by doubling them up, like so:

[code=php:0]
$sql = "INSERT INTO table (path) VALUES ('wisdom2.php?MAXIMID=<?php echo $row_menu[''ID'']; ?>')"; // notice two single quotes around ID
[/code]

Let me know how you get on.
Rich
Actually its not a Select statement, its actually meant to be added as a url parameter after an existing link.

For example on the page wisdom2.php, there is a link:
[code]www.blanksite.com/URL PARAMETER here[/code]


The URL PARAMETER, is brought from the database which i am trying to get working.


Sorry, about that.

Ok, in the db is:
[code]'wisdom2.php?MAXIMID=<?php echo $row_menu['ID']; ?>[/code]

What I want the final result is to change the url of the browser window (when clicked) to:
[code]'wisdom2.php?MAXIMID=<?php echo $row_menu['ID']; ?>[/code]

the php tag would actually be a number of a recordset (depending on the row menu).

Thus, that output would be something like:
[code]'wisdom2.php?MAXIMID=5[/code]



when you have this error:
[quote]You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '? ORDER BY AUTHOR ASC' at line 1[/quote]
-it is always complaining about a mysql_query(); statement somewhere when you get that error statement.  When it says line 1 like that, it usually means that the mysql_query() is located in an include file.  The error is not caused by the code you presented.  Is there an include coded in the first line of your source code?

you should be able to search your source code for "ORDER BY AUTHOR ASC" and that will tell you the source code line the error occurred on.
Mainewoods,

I found the line:

[code]
$query_quotes = sprintf("SELECT * FROM wisdom_backup WHERE MAXIMID = %s ORDER BY AUTHOR ASC", $colname_quotes);
[/code]

The whole reason for this is to clear a url parameter that is added to the URL in the browser everytime a user 'votes' on a record.  Thus, if the user doesn't vote, then this line is irrelevant. But, when the user 'votes' it adds a URL parameter to the browser, so that if the user decides to vote on another record, it will count 2 votes (1 for the new vote hit, and 1 for the previous vote hit, because each url parameter is now in the url shown in the browser). 

So essentially, after the user votes, I just want to clear the URL parameter.

Does this make sense? Or am I over-thinking this?

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.