Jump to content

i get this error


zhshero

Recommended Posts

i get this error when i send a message to a user when i use this    '  in a message :S

 

Could not send the message:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '','','http://zhshero.freehostingcloud.com/members/zhshero/1290146596.jpg')' at line 1

 

Link to comment
https://forums.phpfreaks.com/topic/219163-i-get-this-error/
Share on other sites

message_user.php

<?php 
    include "sessionStore.php";
?>


<?


$Username = $_GET['msg'];
$user = mysql_query("SELECT * FROM users WHERE Username = '$Username'");
$lvl = mysql_query("SELECT * FROM users WHERE Level_access = '$Level_access'");
$lvl=mysql_fetch_assoc($lvl);
$user=mysql_fetch_assoc($user);
?>

<head>
<title>Zhshero Friends</title>
<link href="themes/theme1/default.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header">
<h1>Zhshero Friends</h1>
<h2>Menu</h2>
<ul>
	<li class="first"><a href="home.php" accesskey="1" title="">Home</a></li>
	<li><a href="mymembers.php" accesskey="2" title="">members</a></li>
	<li><a href="#" accesskey="3" title="">Services</a></li>
	<li><a href="#" accesskey="4" title="">About</a></li>
	<li><a href="/inbox/" accesskey="5" title="">inbox</a></li>
</ul>
</div>
<div id="content">
<div id="colOne">
<h3>

sending msg to <? echo $user['Username']?> </h3>
<ul class="list">
<img src="<? echo $user['main_P']?>" width="150" height="150"/><br>
</ul>
	<p> </p>
	<h3>news box</h3>

<p>

<a href=view_photos.php?users_photo=<? echo $user['Username']?>>view my photos</a><br>
<a href=message_user.php?msg=<? echo $user['Username']?>>send me a msg</a>

</p>
</div>
<div id="colTwo">
	<p>
<?php

echo "<center><table border='1' boredercolor='red'><tr><td><b><font color=blue>sending a msg to ".$user['Username']."</td></tr></table></center><br>";


$userfinal = get_username($_SESSION['user_id']);

$userhehe=$userfinal;
?><font color=white><? echo $user1['Username']?><center>
<form name="message" action="/inbox/messageck.php"
method="post">
<input type="text" rows="8" name="message_title" value="no titled"> <br>
<input type="hidden" name="message_to" value="<? echo $user['Username']?>"><br>
Message: <br>
<textarea rows="20" cols="50" name="message_content">
</textarea>
<?php
echo '<input type="hidden" name="message_from" value="'.$userhehe.'"><br>';
?>
<input type="submit" value="Submit">
</form>
</p>
</div>
</div>
<div id="footer">
<p>Copyright (c) 2006 Sitename.com. All rights reserved. Design by <a href="http://freecsstemplates.org/">Free CSS Templates</a>.</p>
</div>

<div style="font-size: 0.8em; text-align: center;">
<br />
Design downloaded from Zeroweb.org: <a href="http://www.zeroweb.org">Free website templates, layouts, and tools.</a><br />
<br />
</div>
</body>
</html>

 

messageck.php

		<?php 
    include "sessionStore.php"; 
?>
<head>
<title>Zhshero Friends</title>
<link href="../themes/theme1/default.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header">
<h1>Zhshero Friends</h1>
<h2>Menu</h2>
<ul>
	<li><a href="../home.php" accesskey="1" title="">Home</a></li>
	<li><a href="../mymembers.php" accesskey="2" title="">members</a></li>
	<li><a href="../update_profile.php" accesskey="3" title="">settings</a></li>
	<li class="first"><a href="/inbox/" accesskey="5" title="">inbox</a></li>
	<li><a href="../logout.php" accesskey="4" title="">logout</a></li>
</ul>
</div>

<div id="colTwo">


<?
$userfinal2 = get_main_P($_SESSION['user_id']);

$title=$_POST['message_title'];
$to=$_POST['message_to'];
$content=$_POST['message_content'];
$from=$_POST['message_from'];
$time=$_POST['message_date'];


$ck_reciever = "SELECT Username FROM users WHERE Username = '".$to."'";

        
        if( mysql_num_rows( mysql_query( $ck_reciever ) ) == 0 ){
die("The user you are trying to contact don't excist. Please go back and try again.<br>
<form name=\"back\" action=\"new_message.php\"
method=\"post\">
<input type=\"submit\" value=\"Try Again\">
</form>
");
}
elseif(strlen($content) < 1){
die("Your can't send an empty message!<br>
<form name=\"back\" action=\"new_message.php\"
method=\"post\">
<input type=\"submit\" value=\"Try Again\">
</form>
");
}
elseif(strlen($title) < 1){
die("You must have a Title!<br>
<form name=\"back\" action=\"new_message.php\"
method=\"post\">
<input type=\"submit\" value=\"Try Again\">
</form>
");
}else{
mysql_query("INSERT INTO messages (from_user, to_user, message_title, message_contents, message_date, user_photo) VALUES ('$from','$to','$title','$content','$time','$userfinal2')") OR die("Could not send the message: <br>".mysql_error());
echo "The Message Was Successfully Sent!";
?>
<form name="back" action="index.php"
method="post">
<input type="submit" value="Back to The Inbox">
</form>
<?php
}
?>
</div>

<div id="footer">
<p>Copyright (c) 2006 Sitename.com. All rights reserved. Design by <a href="http://freecsstemplates.org/">Free CSS Templates</a>.</p>
</div>

<div style="font-size: 0.8em; text-align: center;">
<br />
Design downloaded from Zeroweb.org: <a href="http://www.zeroweb.org">Free website templates, layouts, and tools.</a><br />
<br />
</div>
</body>
</html>



<center><a href="http://www.adleaf.com" style="font-size:12px;">Free Advertising</a><br/><script type="text/javascript">
riv_client = 318310;
riv_backgroundColor = '000000';
riv_borderColor = '000066';
riv_headlineColor = '669900';
riv_textColor = 'FFFFFF';
riv_linkColor = 'CC3300';
riv_adWidth = 728;
riv_adHeight = 90;
riv_adType = 4;
</script>
<script type="text/javascript" src="http://ad1.adleaf.com/js/rivad.js"></script>

Link to comment
https://forums.phpfreaks.com/topic/219163-i-get-this-error/#findComment-1136492
Share on other sites

stripslashes() if magic_quotes_gpc is not turned off and then mysql_real_escape_string() all your variables used in the MySQL query.

 

if there's still an error, output the query string

 

$query = "INSERT INTO messages (from_user, to_user,...";
var_dump($query);
mysql_query($query);

Link to comment
https://forums.phpfreaks.com/topic/219163-i-get-this-error/#findComment-1136500
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.