Jump to content

SQL Syntax error

aleborg

By aleborg
in PHP Coding Help

Recommended Posts

aleborg Newbie

aleborg

Posted
Posted

Hi I am having some problem with this code. I am getting error!

 

//control id

$id = $_REQUEST['id'];



define('PUN_ROOT', './');

require PUN_ROOT.'include/common.php';

$style = 'forum';



// Load the userlist.php language file

require PUN_ROOT.'lang/'.$pun_user['language'].'/userlist.php';



// Load the search.php language file

require PUN_ROOT.'lang/'.$pun_user['language'].'/search.php';



$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / Show ad';





//remove ad

if(isset($_POST['delete_ad'])){



if($pun_user['group_id'] == 1){

	$query = ('SELECT a.id FROM ads AS a WHERE id = ' . $id);

}

else{

	$query = ('SELECT a.id FROM ads AS a WHERE id = ' . $id . ' AND a.userid = ' . $pun_user['id']);

}



$result = $db->query($query) or die (mysql_error());

if (!$db->num_rows($result)){ //felaktiv användare

	header("Location: index.php");

}





//remove picture

$query = 'SELECT image_url FROM ads WHERE id = '.$id;

$result = $db->query($query) or die(mysql_error());

$image_url = $db->result($result);

if($image_url != ""){

	@unlink("uploads/images/" . $image_url);

}

$query = 'DELETE FROM ads WHERE id = '.$id;

$result = $db->query($query) or die(mysql_error());

redirect("viewads.php", "Annonsen har raderats");

}



define('PUN_ALLOW_INDEX', 1);

require PUN_ROOT.'header.php';



$query = ('SELECT u.username, u.registration_ip, a.id, a.userid, a.posted, a.header, a.body, a.image_url, a.name, a.email, a.lan, a.telephone, a.ad_type, a.category, a.price FROM ads AS a JOIN punbb_users AS u on a.userid = u.id WHERE a.id = ' . $id);

$result = $db->query($query) or die (mysql_error());

$ad_data = $db->fetch_assoc($result);



?>

<form method="post">

<input type="hidden" name="id" value="<?php echo $ad_data['id']; ?>" />

<input type="hidden" name="userid" value="<?php echo $ad_data['userid']; ?>" />

<div id="viewprofile" class="block">

  <h2><span><?php echo $ad_data['header']; ?></span></h2>

  <div class="box">

    <div class="fakeform">

      <div class="inform">

        <fieldset>

        <div class="infldset"><?php if($ad_data['image_url'] != ""): ?> <img src="uploads/images/<?php echo $ad_data['image_url'];?>" /> <?php endif; ?>

          <div class="clearer"></div>

        </div>

        <p style="width: 500px;"><?php echo $ad_data['body']; ?> </p>



        <br />

        <p><strong>Pris:</strong> <?php echo $ad_data['price']; ?>:-</p>



        <br />

        </fieldset>

      </div>

      <div class="inform">

        <fieldset>

        <legend>Contact</legend>

        <div class="infldset">

          <?php if($pun_user['is_guest']): ?>

		<p>You have to be logged on to see contact info</p>

		<?php endif; ?>

          <?php if(!$pun_user['is_guest']): ?>

		<dl>

            <dt>Name: </dt>

            <dd><?php echo $ad_data['name']; ?> </dd>

            <dt>E-mail: </dt>

            <dd><a href="mailto:<?php echo $ad_data['email']; ?>"><?php echo $ad_data['email']; ?></a> </dd>

            <dt>Phonenumber: </dt>

            <dd><?php echo  $ad_data['telephone'] == "" ? "-" : $ad_data['telephone']; ?> </dd>

          </dl>

		<?php endif; ?>

          <div class="clearer"></div>

        </div>

        </fieldset>

      </div>

<?php if( ($ad_data['userid'] == $pun_user['id']) || $pun_user['group_id'] == 1): //1 == admin?> 

			<div class="inform">

				<fieldset>

					<legend>Modify</legend>

					<div class="infldset">

						<?php if($pun_user['group_id'] == 1):?>

						<p>Name: <?php echo $ad_data['username']; ?></p>

						<?php endif; ?>

						<input type="button" value="Modify" ONCLICK="window.location.href='editad.php?id=<?php echo $ad_data['id'];?>'">  <input type="submit" name="delete_ad" value="Remove" onclick="return confirm('Ad will be removed, continue?');" />



					</div>

				</fieldset>

			</div>

<?php endif; ?>

    </div>

  </div>

</div>

</form>

<?php

 

 

Error:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

Link to comment
https://forums.phpfreaks.com/topic/225399-sql-syntax-error/
Share on other sites
litebearer Member

litebearer

Posted
Posted

Look closely at ALL your query statements. I believe you are missing encapsulating single quotes.

 

Example:

Your code:

if($pun_user['group_id'] == 1){
	$query = ('SELECT a.id FROM ads AS a WHERE id = ' . $id);
}else{
$query = ('SELECT a.id FROM ads AS a WHERE id = ' . $id . ' AND a.userid = ' . $pun_user['id']);
}

 

revised:

if($pun_user['group_id'] == 1){
	$query = "SELECT a.id FROM ads AS a WHERE id = '$id";
}else{
$punuser = $punuser['id'];
$query = "SELECT a.id FROM ads AS a WHERE id = '$id' AND a.userid = '$punuser'";
}

Link to comment
https://forums.phpfreaks.com/topic/225399-sql-syntax-error/#findComment-1163985
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.