lollabelt Posted September 13, 2010 Share Posted September 13, 2010 OK...Before I begin, I should tell you that I just started learning php two days ago ( See, I'm only a designer)... So im not very good.... OK so I am building a yellowpages website that mimics dexknows.com or yellowpages.com in functionality (and just about everything else too)...And this is the code I have so far, but it pop ups with an errror... Any help would be greatly appreciated...Thanks: <?php $con = mysql_connect("localhost","root",""); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("general", $con); $var = @$_POST['search']; $trimmed = trim($var); if ($trimmed == "") { echo "<p>Please enter a search...</p>"; exit; } $query = "SELECT * FROM gjbusinesses where name like \"%$trimmed%\" OR description like \"%$trimmed%\"; $result = mysql_query($query); while($row = mysql_fetch_array($result)) { echo $row['name']; echo $row['phone']; echo $row['address1]; echo $row['website']; echo "Description:"; echo " "; echo $row['description']; echo "</strong>"; echo "<hr>"; echo "</hr>"; echo "<br />"; } ?> Link to comment https://forums.phpfreaks.com/topic/213307-need-serious-help/ Share on other sites More sharing options...
schilly Posted September 13, 2010 Share Posted September 13, 2010 What's the error? I'm hoping you removed the root password on the code you posted and it's not blank. You also shouldn't use root to connect to your db. If you can put your code in the PHP tag (PHP button in the toolbar) it would be much easier to read =) Link to comment https://forums.phpfreaks.com/topic/213307-need-serious-help/#findComment-1110626 Share on other sites More sharing options...
lollabelt Posted September 13, 2010 Author Share Posted September 13, 2010 Oh Sorry about not putting the php tag...I removed the password... error is Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING..................on line 33 Link to comment https://forums.phpfreaks.com/topic/213307-need-serious-help/#findComment-1110627 Share on other sites More sharing options...
PFMaBiSmAd Posted September 13, 2010 Share Posted September 13, 2010 You already have a thread for this problem. Stop creating new threads for the same thing. Link to comment https://forums.phpfreaks.com/topic/213307-need-serious-help/#findComment-1110636 Share on other sites More sharing options...
schilly Posted September 13, 2010 Share Posted September 13, 2010 echo $row['address1]; Missing quote. Link to comment https://forums.phpfreaks.com/topic/213307-need-serious-help/#findComment-1110641 Share on other sites More sharing options...
the182guy Posted September 13, 2010 Share Posted September 13, 2010 $var = @$_POST['search']; $trimmed = trim($var); if ($trimmed == "") { echo "<p>Please enter a search...</p>"; exit; } $query = "SELECT * FROM gjbusinesses where name like \"%$trimmed%\" OR description like \"%$trimmed%\"; $result = mysql_query($query); SQL Injection vulnerability there. See mysql_real_escape_string(). Link to comment https://forums.phpfreaks.com/topic/213307-need-serious-help/#findComment-1110661 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.