Jump to content

Recommended Posts

Hi I am trying to learn php and am working on a cms website. I keep on getting this error

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '[id]' at line 1

I looked at the MySql manual and cannot find what is wrong any suggestion would be greatly appreciated. Thank you.

The is the line of code to link to the Edit.php page and holds the id of the post.

echo "<a href=\"edit.php?id=$posts[iD]\">Edit</a>";

This is in the Edit page and it gives me the error above.

<?php

include('Connection.php');

$query = 'SELECT * FROM site_content WHERE ID = $_GET[id]';

 

$result = mysql_query($query) or die(mysql_error());

 

$post = mysql_fetch_array($result);

?>

1) You should be sanitzing and preventing SQL injections with mysql_real_escape_string.

$id = mysql_real_escape_string($_GET['id']);

 

2) You are probably receiving the error because the column ID probably is not of type integer.  Which will require you to put single quotes around the value.

  $query = "SELECT * FROM site_content WHERE ID = '$id'";

(Note: Used the new $id variable and changed the primary string to double quotes while using singles around $id.)

Thank you that works now there is no more errors, but now my link from my admin page which holds that id value will not carry over to the edit page and when I click the link I just get an HTTP 404 error and on my Edit page the values of the posts do not show. I have tried fixing my link through researches I found but did not help can someone help me look at it. Thank you.

This my Administration page.

<?php
$query = "SELECT * FROM site_content";
$result = mysql_query($query);
while($posts = mysql_fetch_array($result)) {
echo "<a href=\"edit.php?id=$posts[iD]\">Edit</a>";echo "</div><br>";
?>

This is in the Edite page

<?php
include('Connection.php');
$id = mysql_real_escape_string($_GET['id']);
$query = "SELECT * FROM sit_posts WHERE ID = 'id'";
$result = mysql_query($query);
$posts = mysql_fetch_array($result);

<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST" name="editform">
<table>
            <tr>
<td><label for="TitleName">Post Title</label></td>
<td><input type="text" name="TitleName" value="<?php echo $posts['Post_Title']; ?>" /></td>			
            </tr>
            <tr>
<td><label for="AuthorName">Post Author</label></td>
<td><input type="text" name="AuthorName" value="<?php echo $posts['Post_Author']; ?>" /></td>			
              </tr>
</table>
</form>
?>

 

The red is where the problem is. Thank you.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.