jbrill Posted July 17, 2007 Share Posted July 17, 2007 Hey guys, im writing an application for myself (so don't worry about any security issues, im new to php). Im getting the following error: Did not Load : You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE id='14'' at line 12 for this code below: <? $idr = $_GET['idr']; include 'admin_header.php'; $dlrquery="SELECT * FROM suppliers WHERE id='$idr'"; $dlrinfo = mysql_query($dlrquery); $dlr = mysql_fetch_array($dlrinfo); $curprov = $dlr['prov']; $curcity = $dlr['city']; // this part validates whether the user is logged in as a administrator or not if($_SESSION['type'] == "admin") { // execute the real stuff if the login is valid include 'admin_suppliermenu.php'; if($_POST['submit']) { // codes to execute if something has been submitted already - this part loads it up and then takes you back to the whole list. // validations for valid entries $name = htmlspecialchars($_POST['name']); $phone = htmlspecialchars($_POST['phone']); $fax = htmlspecialchars($_POST['fax']); $email = htmlspecialchars($_POST['email']); $address = htmlspecialchars($_POST['address']); $city = htmlspecialchars($_POST['city']); $prov = htmlspecialchars($_POST['prov']); $postal = htmlspecialchars($_POST['postal']); $insert = "UPDATE suppliers SET name='".$name."', phone='".$phone."', fax='".$fax."', email='".$email."', address='".$address."', city='".$city."', prov='".$prov."', postal='".$postal."', WHERE id='$idr'"; mysql_query($insert); $success = mysql_affected_rows(); if($success == 1) {echo "Actions Successful."; echo "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"0; URL=admin_finddlr.php\">"; } else{die('Did not Load : '.mysql_error());} } else{ // codes to run for the form itself .................................................. <? require 'admin_footer.php'; ?> Link to comment https://forums.phpfreaks.com/topic/60453-solved-whats-up-with-this-code/ Share on other sites More sharing options...
trq Posted July 17, 2007 Share Posted July 17, 2007 so don't worry about any security issues, im new to php Its best to teach yourself good habbits starting out, otherwsie you 'll have yourself bad habbits. And bad habbits are hard to break. Anyway, you might want to point out line 12. Normally just the relevent code is sufficient. Link to comment https://forums.phpfreaks.com/topic/60453-solved-whats-up-with-this-code/#findComment-300701 Share on other sites More sharing options...
jbrill Posted July 17, 2007 Author Share Posted July 17, 2007 so any suggestions? Link to comment https://forums.phpfreaks.com/topic/60453-solved-whats-up-with-this-code/#findComment-300707 Share on other sites More sharing options...
calabiyau Posted July 17, 2007 Share Posted July 17, 2007 $dlrquery="SELECT * FROM suppliers WHERE id='$idr'"; // try changing this line to below $dlrquery="SELECT * FROM suppliers WHERE id=".$idr; Link to comment https://forums.phpfreaks.com/topic/60453-solved-whats-up-with-this-code/#findComment-300708 Share on other sites More sharing options...
AndyB Posted July 17, 2007 Share Posted July 17, 2007 Use more rational error messages while testing: Change: else{die('Did not Load : '.mysql_error());} to: else{die('Did not Load : '.mysql_error(). ' with query '. $insert);} Post the error message you get with that change. Link to comment https://forums.phpfreaks.com/topic/60453-solved-whats-up-with-this-code/#findComment-300729 Share on other sites More sharing options...
jbrill Posted July 17, 2007 Author Share Posted July 17, 2007 Did not Load : You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE id='14'' at line 12 with query UPDATE suppliers SET name='Test', phone='test1', fax='test2', email='test3', address='test4', city='Richmond', prov='BC', postal='test5', WHERE id='14' theres the error i got Link to comment https://forums.phpfreaks.com/topic/60453-solved-whats-up-with-this-code/#findComment-300738 Share on other sites More sharing options...
AndyB Posted July 17, 2007 Share Posted July 17, 2007 postal='test5', WHERE id='14' should be postal='test5' WHERE id='14' Link to comment https://forums.phpfreaks.com/topic/60453-solved-whats-up-with-this-code/#findComment-300741 Share on other sites More sharing options...
jbrill Posted July 17, 2007 Author Share Posted July 17, 2007 im an idiot, thank you Link to comment https://forums.phpfreaks.com/topic/60453-solved-whats-up-with-this-code/#findComment-300749 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.