Jump to content

HELP! I can't figure what the syntax error is!


Recommended Posts

I'm new to PHP and I'm trying to build a mock address book. DW CC keeps telling me that there are two syntax errors on lines 113 and 226, please help me figure what the issue is! Thanks!

1: <?php 
2: include 'ch20_include.php'; 
3: doDB(); 
4: 
5: if ((!$_POST) | | ($_GET[ 'master_id' ] != "")) { 
6: 	// haven't seen the form, so show it 
7: 	$display_block = "
8: 	<form method=\"post\" action=\"".$_SERVER [ ' PHP_SELF ' ] ."\" >"; 
9: 	if (isset($_GET[ ' master_id ' ])) { 
10: 		// create safe version of ID 
11: 		$safe_id = mysqli_real_escape_string( $mysqli, $_GET [ ' master_id' ]); 
12: 
13: 		// get first, last names for display/ tests validity 
14: 		$get_names_sql = "SELECT concat_ws( ' ', f_name, l_name) AS display_name 
15: 					FROM master_name WHERE id = ' " .$safe_id. " ' " ; 
16: 		$get_names_res = mysqli_query($mysqli, $get_names_sql) 
17: 					or die(mysqli_error( $mysqli)) ; 
18: 
19: 		if (mysqli_num_rows ($get_names_res) == 1) { 
20: 			while ($name_info = mysqli_fetch_array($get_names_res)) { 
21: 				$display_name = stripslashes($name_info[ ' display_name ']); 
22: 				} 
23: 			} 
24: 		} 
25: 
26: 		if (isset($display_name)) { 
27: 			$display_block .= "<p>Adding information for 
28: 			<strong>$display_name</strong>:</p>";
29: 		} else { 
30: 			$display_block .= <<<END_OF_TEXT	<fieldset> 
31: 			<legend>First/Last Names:</legend><br/> 
32: 			<input type="text" name="f_name" size="30" 
33: 				maxlength="75" required="required" /> 
34: 			<input type="text" name="l_name" size="30" 
35: 				maxlength="75" required="required" /> 
36: 			</fieldset> 
37: 	END_OF_TEXT; 
38: 		} 
39: 		$display_block .= <<<END_OF_TEXT 
40: 		<p><label for="address">Street Address:</label><br/> 
41: 		<input type="text" id="address" name="address" 
42: 			size="30" /></p> 
43:
44: 		<fieldset> 
45: 		<legend>City/State/Zip:</legend><br/> 
46: 		<input type="text" name="city" size="30" maxlength="50" /> 
47: 		<input type="text" name="state" size="5" maxlength="2" /> 
48: 		<input type="text" name="zipcode" size="10" maxlength="10" /> 
49: 		</fieldset> 
50: 
51: 		<fieldset> 
52: 		<legend>Address Type:</legend><br/>
53: 		<input type="radio" id="add_type_h" name="add_type" 
54: 			value="home" checked /> 
55: 			<label for="add_type_h">home</label> 
56: 		<input type="radio" id="add_type_w" name="add_type" 
57: 			value="work" /> 
58: 			<label for="add_type_w">work</label> 
59: 		<input type="radio" id="add_type_o" name="add_type" 
60: 			value="other"/> 
61: 			<label for="add_type_o">other</label> 
62: 		</fieldset> 
63: 
64: 		<fieldset> 
65: 
66: 		<legend>Telephone Number:</legend><br/> 
67: 		<input type="text" name="tel_number" size="30" maxlength="25" /> 
68: 		<input type="radio" id="tel_type_h" name="tel_type" 
69: 			value="home" checked /> 
70: 			<label for="tel_type_h">home</label> 
71: 		<input type="radio" id="tel_type_w" name="tel_type" 
72: 			value="work" /> 
73: 			<label for="tel_type_w">work</label> 
74: 		<input type="radio" id="tel_type_o" name="tel_type" 
75: 			value="other" /> 
76: 			<label for="tel_type_o">other</label>
77: 		</fieldset> 
78: 
79: 		<fieldset> 
80: 		<legend>Fax Number:</legend><br/> 
81: 		<input type="text" name="fax_number" size="30" maxlength="25" /> 
82: 		<input type="radio" id="fax_type_h" name="fax_type" 
83: 			value="home" checked /> 
84: 			<label for="fax_type_h">home</label> 
85: 		<input type="radio" id="fax_type_w" name="fax_type" 
86: 			value="work" /> 
87: 			<label for="fax_type_w">work</label> 
88: 		<input type="radio" id="fax_type_o" name="fax_type" 
89: 			value="other" /> 
90: 			<label for="fax_type_o">other</label> 
91: 		</fieldset> 
92: 
93: 		<fieldset> 
94: 		<legend>Email Address:</legend><br/> 
95: 		<input type="email" name="email" size="30" maxlength="150" /> 
96: 		<input type="radio" id="email_type_h" name="email_type" 
97: 			value="home" checked /> 
98: 			<label for="email_type_h">home</label> 
99: 		<input type="radio" id="email_type_w" name="email_type" 
100: 			value="work" />
101: 			<label for="email_type_w">work</label> 
102: 		<input type="radio" id="email_type_o" name="email_type" 
103: 			value="other" /> 
104: 			<label for="email_type_o">other</label> 
105: 		</fieldset> 
106: 
107: 		<p><label for="note">Personal Note:</label><br/> 
108: 		<textarea id="note" name="note" cols="35" 
109: 				rows="3"></textarea></p> 
110: 	END_OF_TEXT; 
111: 		if ($_GET) { 
112: 			$display_block .= "<input type=\"hidden\" name=\"master_id\" 
113: 				value=\"".$_GET['master_id'] ."\" >"; 
114: 		} 
115: 		$display_block .= <<<END_OF_TEXT 
116: 		<button type="submit" name="submit" 
117: 			value="send">Add Entry</button> 
118: 		</form> 
119: 	END_OF_TEXT; 
120: 	} else if ($_POST) { 
121: 		// time to add to tables, so check for required fields 
122: 		if ((($_POST['f_name'] == "") || ($_POST[‘l_name'] == "")) && 
123: 			(!isset($_POST['master_id']))) { 
124: 				header("Location: addentry.php");
125: 				exit; 
126: 		} 
127: 
128: 		// connect to database 
129: 		doDB(); 
130: 		// create clean versions of input strings 
131: 		$safe_f_name = mysqli_real_escape_string($mysqli, 
132: 			$_POST['f_name']); 
133: 		$safe_l_name = mysqli_real_escape_string($mysqli, 
134: 			$_POST['l_name']); 
135: 		$safe_address = mysqli_real_escape_string($mysqli, 
136: 			$_POST['address']); 
137: 		$safe_city = mysqli_real_escape_string($mysqli, 
138: 			$_POST['city']); 
139: 		$safe_state = mysqli_real_escape_string($mysqli, 
140: 			$_POST[ state']); 
141: 		$safe_zipcode = mysqli_real_escape_string($mysqli, 
142: 			$_POST['zipcode']); 
143: 		$safe_tel_number = mysqli_real_escape_string($mysqli, 
144: 			$_POST['tel_number']); 
145: 		$safe_fax_number = mysqli_real_escape_string($mysqli, 
146:			$_POST['fax_number']); 
147: 		$safe_email = mysqli_real_escape_string($mysqli, 
148: 			$_POST['email']);
149: 		$safe_note = mysqli_real_escape_string($mysqli, 
150: 			$_POST['note']); 
151: 
152: 		if (!$_POST['master_id']) { 
153: 			// add to master_name table 
154: 			$add_master_sql = "INSERT INTO master_name (date_added, date_modified, 
155: 							f_name, l_name) VALUES (now(), now(), 
156: 							'".$safe_f_name."', '".$safe_l_name."')"; 
157: 			$add_master_res = mysqli_query($mysqli, $add_master_sql) 
158: 							or die(mysqli_error($mysqli)); 
159: 
160: 			// get master_id for use with other tables 
161: 			$master_id = mysqli_insert_id($mysqli); 
162:		 } else { 
163: 			$master_id = mysqli_real_escape_string($mysqli, $_POST['master_id']); 
164: 		} 
165: 
166: 		if (($_POST['address']) || ($_POST['city']) || 
167: 			($_POST['state']) || ($_POST['zipcode'])) { 
168: 			// something relevant, so add to address table 
169: 			$add_address_sql = "INSERT INTO address (master_id, 
170: 				date_added, date_modified, address, city, state,
171: 				zipcode, type) VALUES 
172: 				('".$master_id."', now(), now(), 
173: 				'".$safe_address."', '".$safe_city."', 
174: 				'".$safe_state."' , '".$safe_zipcode."' , 
175: 				'".$_POST[‘add_type']."')"; 
176: 			$add_address_res = mysqli_query($mysqli, $add_address_sql) 
177: 				or die(mysqli_error($mysqli)); 
178: 		} 
179: 
180: 		if ($_POST['tel_number']) { 
181: 			// something relevant, so add to telephone table 
182: 			$add_tel_sql = "INSERT INTO telephone (master_id, date_added, 
183: 				date_modified, tel_number, type) VALUES 
184: 				('".$master_id."', now(), now(), 
185: 				'".$safe_tel_number."', '".$_POST[‘tel_type']."')"; 
186: 			$add_tel_res = mysqli_query($mysqli, $add_tel_sql) 
187: 				or die(mysqli_error($mysqli)); 
188: 		} 
189: 
190: 		if ($_POST['fax_number']) { 
191: 			// something relevant, so add to fax table 
192: 			$add_fax_sql = "INSERT INTO fax (master_id, date_added, 
193: 				date_modified, fax_number, type) VALUES 
194: 				('".$master_id."', now(), now(), '".$safe_fax_number."',
195: 				'".$_POST['fax_type']."')"; 
196: 			$add_fax_res = mysqli_query($mysqli, $add_fax_sql) 
197: 				or die(mysqli_error($mysqli)); 
198: 		} 
199: 		if ($_POST['email']) { 
200: 			// something relevant, so add to email table 
201: 			$add_email_sql = "INSERT INTO email (master_id, date_added, 
202: 				date_modified, email, type) VALUES 
203: 				('".$master_id."', now(), now(), '".$safe_email."', 
204: 				'".$_POST['email_type']."')"; 
205: 			$add_email_res = mysqli_query($mysqli, $add_email_sql) 
206: 				or die(mysqli_error($mysqli)); 
207: 		} 
208: 
209: 		if ($_POST['note']) { 
210: 			// something relevant, so add to notes table 
211: 			$add_notes_sql = "UPDATE personal_notes set note = 
212: 						'".$safe_note."', date_modified = now() 
213: 						WHERE master_id = '".$master_id."'"; 
214: 		} 
215: 		mysqli_close($mysqli); 
216: 		$display_block = "<p>Your entry has been added. Would you 
217: 			like to <a href=\"addentry.php\">add another</a>?</p>"; 
218: }
219: ?> 
220: <!DOCTYPE html> 
221: <head> 
222: <title>Add an Entry</title> 
223: </head> 
224: <body> 
225: <h1>Add an Entry</h1> 
226: <?php echo $display_block; ?> 
227: </body> 
228: </html>







You have all kinds of problems.

 

1. Stop using Dream Weaver and use a proper IDE

2. Stop needlessly mixing all your html with php

3. Learn how to properly use heredoc

4. Don't post code with all the line numbers. Our own proper IDE's will give us the line numbers if we need it.

5. Basically your Php processing should be at the top of the page and the HTML at the bottom, although you should be at least separating the HTML from the page with an include or ideally use a proper template engine like TWIG.

6. You can't be mixing quote types.

7. Your missing brackets

8. Your missing parenthesis

9. Your missing quotes.

 

If you used a proper ide you would have seen all those careless mistakes. The code is full of it from top to bottom.

Edited by benanamen

First off: Please don't post your question into multiple forums. Pick one forum. We can always move your thread if that's necessary.

 

A good way to untangle spaghetti code is to put all the business logic (i. e. the actual code) on top of the script and keep all the HTML markup at the bottom:

<?php

// PHP code goes here
$foo = 1;

?>
<!DOCTYPE html>
<html lang="en">
    <head>
        <meta charset="utf-8">
        <title>Title</title>
    </head>
    <body>
        <!-- HTML markup goes here -->
        <!-- Use the PHP template syntax for simple PHP actions (variable insertions, if statements etc.) -->
        <?php if ($foo == 1): ?>
            <p>bar</p>
        <?php else: ?>
            <p>baz</p>
        <?php endif; ?>
    </body>
</html>

Like benanamen said, avoid mixing languages whenever possible, otherwise you'll quickly end up with an unreadable mess of PHPSQLHTMLJavaScriptCSS.

Edited by Jacques1

the HEREDOC ending tags ( END_OF_TEXT; in your code)  must start in the 1st column and be the only thing on the line. it's not clear if what you posted was the result of how you added the line numbers or if you actually have some white-space ahead of the Heredoc ending tags.
 
you also have at least one weird single-quote, in front of the l_name array index, on about line 122, that needs to be a simple single-quoted  -

f ((($_POST['f_name'] == "") || ($_POST[l_name] == "")) &&

 
there's a missing single-quote on about line 140, ahead of the state array index name -
 

$_POST[ state']);

 
there's another weird quote on about line 175, ahead of the add_type array index name -
 

'".$_POST[‘add_type']."')";

 
and there's more after that point, but i stopped looking. you can find these type of things by looking at the color highlighting, or lack of, in your programming editor. at each of these, the color highlighting stopped changing at that point.

 

edit: here's some more suggestions -

 

1) use exceptions to handle database statement errors. this will eliminate all the logic from the code that's testing if the queries (and connection) worked.

 

2) use prepared queries. this will eliminate all the mysqli_real_escapes_string function calls from the code and all the extra variables being used to hold the escaped data.

 

3) if you are building a double-quoted php string, rather than escaping double-quotes within the string, just use single-quotes within the string.

 

4) you can put php variables directly inside a double-quoted php string. no need for a bunch of concatenation dots.

 

these things will greatly simplify your code, so that you/we/i can see what it is trying to do.

Edited by mac_gyver
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.