keysikg Posted February 26, 2013 Share Posted February 26, 2013 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'https://s-static.ak.fbcdn.net/common/error.png') top center ' at line 1I am getting this error on my website. Any way to fix it? It is really frustrating, I am trying to get my website to work for 3 days,and now this thing shows.... Quote Link to comment https://forums.phpfreaks.com/topic/274980-you-have-an-error-in-your-sql-syntax/ Share on other sites More sharing options...
daviddivine Posted February 26, 2013 Share Posted February 26, 2013 This is because your SQL query is incorrect. Try running the same query in phpmyadmin and you should probably get the same error. Quote Link to comment https://forums.phpfreaks.com/topic/274980-you-have-an-error-in-your-sql-syntax/#findComment-1415188 Share on other sites More sharing options...
TOA Posted February 26, 2013 Share Posted February 26, 2013 (edited) Escape your data. It would help if you posted code though Edited February 26, 2013 by TOA Quote Link to comment https://forums.phpfreaks.com/topic/274980-you-have-an-error-in-your-sql-syntax/#findComment-1415193 Share on other sites More sharing options...
Jessica Posted February 26, 2013 Share Posted February 26, 2013 Looks like you're not properly sanitizing your input. Quote Link to comment https://forums.phpfreaks.com/topic/274980-you-have-an-error-in-your-sql-syntax/#findComment-1415194 Share on other sites More sharing options...
Barand Posted February 26, 2013 Share Posted February 26, 2013 echo the actual query string that you are trying to execute and post here. Quote Link to comment https://forums.phpfreaks.com/topic/274980-you-have-an-error-in-your-sql-syntax/#findComment-1415202 Share on other sites More sharing options...
keysikg Posted February 26, 2013 Author Share Posted February 26, 2013 To be honest guys, I am really newbie when it comes to php and coding stuff. I don't understand half of those things you mentioned and I really need help to set up this so I can get back to CPA. If you could me provide more details for what should I search in my files to change and what to replace, I would really appreciate it. I searched on Google for last 2 days but I just can't get this thing done properly. Quote Link to comment https://forums.phpfreaks.com/topic/274980-you-have-an-error-in-your-sql-syntax/#findComment-1415232 Share on other sites More sharing options...
Barand Posted February 26, 2013 Share Posted February 26, 2013 ...and I really need help to set up this And we need help to help you. We cannot look over you shoulder and see what you can see and we are not psychic. Telling us you have a problem tells us nothing useful at all if we don't know the context. Quote Link to comment https://forums.phpfreaks.com/topic/274980-you-have-an-error-in-your-sql-syntax/#findComment-1415233 Share on other sites More sharing options...
keysikg Posted February 26, 2013 Author Share Posted February 26, 2013 Okay. So... I have bought facebook viral app few months ago for 200$. It has really good potentional. I uploaded it today on my website with godaddy hosting. I had huge problem with - Deprecated: Function ereg_replace() is deprecated in /home/content/32/10528532/html/shockvideo/admincpanel/login.php(2) : eval()'d code on line 1I switched from PHP 5.3 to PHP 5.2 to get my problem resolved and it was resolved indeed. Now I am getting this error that I mentioned in first post. I didn't have that error with PHP 5.3.In index.php there is this code, maybe it means something for resolving this: <?php } if ($user) { $accessTokenShort = $facebook->getAccessToken(); $accessToken = GetLongLivedAccessToken($accessTokenShort, $app_id, $app_secret); $user_id = $user_profile['id']; $email = $user_profile['email']; $now = date("Y-m-d H:i:s"); $date = strtotime("+50 day", strtotime("$now")); $date_baza = date("Y-m-d H:i:s", $date); require "admincpanel/web_config.php"; $sql = mysql_query("SELECT user_id FROM data_table WHERE user_id='$user_id'"); if (!(empty($sql))) $broj_korisnika = mysql_num_rows($sql); else $broj_korisnika = '0'; if (!($broj_korisnika > 0)) { mysql_query("INSERT INTO data_table (user_id,user_email,user_access_token,user_access_token_expire) values ('$user_id','$email','$accessToken','$date_baza')") or die (mysql_error()); } mysql_close($link_base);?> If any more info is needed I will gladly provide it. Thanks so much Quote Link to comment https://forums.phpfreaks.com/topic/274980-you-have-an-error-in-your-sql-syntax/#findComment-1415235 Share on other sites More sharing options...
Barand Posted February 27, 2013 Share Posted February 27, 2013 best way to debug is $sql = "INSERT INTO data_table (user_id,user_email,user_access_token,user_access_token_expire) values ('$user_id','$email','$accessToken','$date_baza')"; mysql_query($sql) or die(mysql_error() . "<pre>$sql</pre>"); That way you can see the query that is submitted Quote Link to comment https://forums.phpfreaks.com/topic/274980-you-have-an-error-in-your-sql-syntax/#findComment-1415240 Share on other sites More sharing options...
keysikg Posted February 27, 2013 Author Share Posted February 27, 2013 best way to debug is $sql = "INSERT INTO data_table (user_id,user_email,user_access_token,user_access_token_expire) values ('$user_id','$email','$accessToken','$date_baza')"; mysql_query($sql) or die(mysql_error() . "<pre>$sql</pre>"); That way you can see the query that is submitted Is that exactly code that I need to copy paste over mine or? Sorry, I am really really newbie about this,I just need to get this code done so I can get back to job Quote Link to comment https://forums.phpfreaks.com/topic/274980-you-have-an-error-in-your-sql-syntax/#findComment-1415252 Share on other sites More sharing options...
jcbones Posted February 27, 2013 Share Posted February 27, 2013 Yes, that is the exact code that replaces: mysql_query("INSERT INTO data_table (user_id,user_email,user_access_token,user_access_token_expire) values ('$user_id','$email','$accessToken','$date_baza')") or die (mysql_error()); I think this problem is caused by bad coding practices, which isn't your fault (since you bought the script). Anything string that heads to the database, needs to be run through mysql_real_escape_string. If it is a float, or integer, it needs to be cast as such. Quote Link to comment https://forums.phpfreaks.com/topic/274980-you-have-an-error-in-your-sql-syntax/#findComment-1415274 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.