lollabelt Posted September 13, 2010 Share Posted September 13, 2010 OK...Before I begin, I should tell you that I just started learning php two days ago ( See, I'm only a designer)... So im not very good.... OK so I am building a yellowpages website that mimics dexknows.com or yellowpages.com in functionality (and just about everything else too)...And this is the code I have so far, but it pop ups with an errror... Any help would be greatly appreciated...Thanks: <?php $con = mysql_connect("localhost","root",""); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("general", $con); $var = @$_POST['search']; $trimmed = trim($var); if ($trimmed == "") { echo "<p>Please enter a search...</p>"; exit; } $query = "SELECT * FROM gjbusinesses where name like \"%$trimmed%\" OR description like \"%$trimmed%\"; $result = mysql_query($query); while($row = mysql_fetch_array($result)) { echo $row['name']; echo $row['phone']; echo $row['address1]; echo $row['website']; echo "Description:"; echo " "; echo $row['description']; echo "</strong>"; echo "<hr>"; echo "</hr>"; echo "<br />"; } ?> Quote Link to comment https://forums.phpfreaks.com/topic/213307-need-serious-help/ Share on other sites More sharing options...
schilly Posted September 13, 2010 Share Posted September 13, 2010 What's the error? I'm hoping you removed the root password on the code you posted and it's not blank. You also shouldn't use root to connect to your db. If you can put your code in the PHP tag (PHP button in the toolbar) it would be much easier to read =) Quote Link to comment https://forums.phpfreaks.com/topic/213307-need-serious-help/#findComment-1110626 Share on other sites More sharing options...
lollabelt Posted September 13, 2010 Author Share Posted September 13, 2010 Oh Sorry about not putting the php tag...I removed the password... error is Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING..................on line 33 Quote Link to comment https://forums.phpfreaks.com/topic/213307-need-serious-help/#findComment-1110627 Share on other sites More sharing options...
PFMaBiSmAd Posted September 13, 2010 Share Posted September 13, 2010 You already have a thread for this problem. Stop creating new threads for the same thing. Quote Link to comment https://forums.phpfreaks.com/topic/213307-need-serious-help/#findComment-1110636 Share on other sites More sharing options...
schilly Posted September 13, 2010 Share Posted September 13, 2010 echo $row['address1]; Missing quote. Quote Link to comment https://forums.phpfreaks.com/topic/213307-need-serious-help/#findComment-1110641 Share on other sites More sharing options...
the182guy Posted September 13, 2010 Share Posted September 13, 2010 $var = @$_POST['search']; $trimmed = trim($var); if ($trimmed == "") { echo "<p>Please enter a search...</p>"; exit; } $query = "SELECT * FROM gjbusinesses where name like \"%$trimmed%\" OR description like \"%$trimmed%\"; $result = mysql_query($query); SQL Injection vulnerability there. See mysql_real_escape_string(). Quote Link to comment https://forums.phpfreaks.com/topic/213307-need-serious-help/#findComment-1110661 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.