Jump to content

Unexpected character in input error, please help :-\

NightBeam

By NightBeam
in PHP Coding Help

 Share

Recommended Posts

NightBeam Newbie

NightBeam

Posted
Posted

Hey im new to this site, but I figured I would try it out and see if anybody could help... I'm getting these errors when running my script:

 

 

Warning: Unexpected character in input: '\' (ASCII=92) state=1 in c:\flyoba\arrivals\arrivaltable.php on line 73

 

Parse error: parse error, unexpected T_CONSTANT_ENCAPSED_STRING in c:\flyoba\arrivals\arrivaltable.php on line 73

 

The code is starting from line 45 going to line 130:

$connection_type = $persistent ? 'mysql_pconnect' : 'mysql_connect';
$dbc = $connection_type($host, $user, $password) or trigger_error('Could not connect to database on '.$host, 'E_USER_WARNING');
$SQL = mysql_select_db($database, $dbc)or die('Could not select DB.');

$cookie_info = (isset($_COOKIE['logcookie']) ? $_COOKIE['logcookie'] : null);
$result = mysql_query('SELECT * FROM '.$dbtable.' WHERE SHA1(CONCAT('.$dbuserfield.', '.$dbpassfield.')) = \''.$cookie_info.'\'');

if (!$result) {
/* Whoops, no access for you!! */
die('You must be logged in to view this page.');
}

echo '<html>
<head>
<title="Arrival Information">
</head>
<body>';

echo '<h1>Arrival Information</h1>';

if (isset($_POST['edit'])) {

if ($result[$permissionfield] > 1) {
	$worked = mysql_query('UPDATE '.$arrivaltable.' SET `'
		.$Field2.'`= `'\''.$_POST[$Field2].'\', `'
		.$Field3.'`= `'\''.$_POST[$Field3].'\', `'
		.$Field4.'`= `'\''.$_POST[$Field4].'\', `'
		.$Field5.'`= `'\''.$_POST[$Field5].'\', `'
		.$Field6.'`= `'\''.$_POST[$Field6].'\', `'
		.$Field7.'`= `'\''.$_POST[$Field7].'\', `'
		.$Field8.'`= `'\''.$_POST[$Field8].'\', `'
		.$Field9.'`= `'\''.$_POST[$Field9].'\', `'
		.$Field10.'`= `'\''.$_POST[$Field10].'\', `'
		.$Field11.'`= `'\''.$_POST[$Field11].'\', `'
		.$Field12.'`= `'\''.$_POST[$Field12].'\', `'
		.$Field13.'`= `'\''.$_POST[$Field13].'\', `'
		.$Field14.'`= `'\''.$_POST[$Field14]
		.'\' WHERE `'.$Field1.'` = '.$_POST[$Field1]);
	echo ($worked ? '<p>The edit was successful.</p>' : '<p>The edit was not processed correctly.</p>');

} else {
	/* I'd edit this if I were you... , I couldn't think of anything else. */
	die('You do not have the authority to edit information.  Please consult an employee who does.');
}
} elseif (isset($_POST['add'])) {
	mysql_query('UPDATE '.$arrivaltable.'
if ($result[$permissionfield] === 3) {
	/* Despite the akward appearance, it's right, as far as I know. */
	/* NOTE: There are no data validation checks, since it's all text and all. */
	$worked = mysql_query('INSERT INTO '.$arrivaltable.' (`'
		.$Field2.'`, `'
		.$Field3.'`, `'
		.$Field4.'`, `'
		.$Field5.'`, `'
		.$Field6.'`, `'
		.$Field7.'`, `'
		.$Field8.'`, `'
		.$Field9.'`, `'
		.$Field10.'`, `'
		.$Field11.'`, `'
		.$Field12.'`, `'
		.$Field13.'`, `'
		.$Field14.'`) VALUES \''
		.$_POST[$Field2].'\', \''
		.$_POST[$Field3].'\', \''
		.$_POST[$Field4].'\', \''
		.$_POST[$Field5].'\', \''
		.$_POST[$Field6].'\', \''
		.$_POST[$Field7].'\', \''
		.$_POST[$Field8].'\', \''
		.$_POST[$Field9].'\', \''
		.$_POST[$Field10].'\', \''
		.$_POST[$Field11].'\', \''
		.$_POST[$Field12].'\', \''
		.$_POST[$Field13].'\', \''
		.$_POST[$Field14].'\''));
	echo ($worked ? '<p>The data was successfully entered.</p>' : '<p>The data did not get entered correctly.</p>');
} else {
	/* I'd also edit this if I were you, for the same reason as above. */
	die('You do not have the authority to add information.  Please consult an employee who does.');
}
}

Link to comment
Share on other sites
NightBeam Newbie

NightBeam

Posted
  • Author
Posted

Okay, I think we are getting somewhere now... I have a new error at line 86 though, which is currently:

 

Parse error: parse error, unexpected T_STRING in c:\flyoba\arrivals\arrivaltable.php on line 86

 

 

WHERE '".mysql_real_escape_string($_POST[$Field1])."'"

 

The surrounding code looks like:

 

if (isset($_POST['edit'])) {

if ($result[$permissionfield] > 1) {
	$worked = mysql_query('UPDATE '.$arrivaltable.' SET `'
		."{$Field2}='".mysql_real_escape_string($_POST[$Field2])."'"
		."{$Field3}='".mysql_real_escape_string($_POST[$Field3])."'"
		."{$Field4}='".mysql_real_escape_string($_POST[$Field4])."'"
		."{$Field5}='".mysql_real_escape_string($_POST[$Field5])."'"
		."{$Field6}='".mysql_real_escape_string($_POST[$Field6])."'"
		."{$Field7}='".mysql_real_escape_string($_POST[$Field7])."'"
		."{$Field8}='".mysql_real_escape_string($_POST[$Field8])."'"
		."{$Field9}='".mysql_real_escape_string($_POST[$Field9])."'"
		."{$Field10}='".mysql_real_escape_string($_POST[$Field10])."'"
		."{$Field11}='".mysql_real_escape_string($_POST[$Field11])."'"
		."{$Field12}='".mysql_real_escape_string($_POST[$Field12])."'"
		."{$Field13}='".mysql_real_escape_string($_POST[$Field13])."'"
		."{$Field14}='".mysql_real_escape_string($_POST[$Field14])."'"
		WHERE '".mysql_real_escape_string($_POST[$Field1])."'"
	echo ($worked ? '<p>The edit was successful.</p>' : '<p>The edit was not processed correctly.</p>');

} else {
	/* I'd edit this if I were you... , I couldn't think of anything else. */
	die('You do not have the authority to edit information.  Please consult an employee who does.');
}

Link to comment
Share on other sites
Daniel0 Advanced Member

Daniel0

Posted
Posted

Try 

if (isset($_POST['edit'])) {

if ($result[$permissionfield] > 1) {
	$worked = mysql_query('UPDATE '.$arrivaltable.' SET '
		."{$Field2}='".mysql_real_escape_string($_POST[$Field2])."'"
		."{$Field3}='".mysql_real_escape_string($_POST[$Field3])."'"
		."{$Field4}='".mysql_real_escape_string($_POST[$Field4])."'"
		."{$Field5}='".mysql_real_escape_string($_POST[$Field5])."'"
		."{$Field6}='".mysql_real_escape_string($_POST[$Field6])."'"
		."{$Field7}='".mysql_real_escape_string($_POST[$Field7])."'"
		."{$Field8}='".mysql_real_escape_string($_POST[$Field8])."'"
		."{$Field9}='".mysql_real_escape_string($_POST[$Field9])."'"
		."{$Field10}='".mysql_real_escape_string($_POST[$Field10])."'"
		."{$Field11}='".mysql_real_escape_string($_POST[$Field11])."'"
		."{$Field12}='".mysql_real_escape_string($_POST[$Field12])."'"
		."{$Field13}='".mysql_real_escape_string($_POST[$Field13])."'"
		."{$Field14}='".mysql_real_escape_string($_POST[$Field14])."'"
		."WHERE '".mysql_real_escape_string($_POST[$Field1])."'");
	echo ($worked ? '<p>The edit was successful.</p>' : '<p>The edit was not processed correctly.</p>');

} else {
	/* I'd edit this if I were you... , I couldn't think of anything else. */
	die('You do not have the authority to edit information.  Please consult an employee who does.');
}

Link to comment
Share on other sites
NightBeam Newbie

NightBeam

Posted
  • Author
Posted

Ohhh your awesome, that fixed it...  :) :) :)

 

Say, I hate to keep bothering you, but this section isn't working either:

 

Parse error: parse error, unexpected T_STRING in c:\flyoba\arrivals\arrivaltable.php on line 97

Line 96 is the start here...

	if ($result[$permissionfield] = 3) {
	$worked = mysql_query('INSERT INTO '.$arrivaltable.' (`'
		.$Field2.'`, `'
		.$Field3.'`, `'
		.$Field4.'`, `'
		.$Field5.'`, `'
		.$Field6.'`, `'
		.$Field7.'`, `'
		.$Field8.'`, `'
		.$Field9.'`, `'
		.$Field10.'`, `'
		.$Field11.'`, `'
		.$Field12.'`, `'
		.$Field13.'`, `'
		.$Field14.'`) VALUES \''
		.$_POST[$Field2].'\', \''
		.$_POST[$Field3].'\', \''
		.$_POST[$Field4].'\', \''
		.$_POST[$Field5].'\', \''
		.$_POST[$Field6].'\', \''
		.$_POST[$Field7].'\', \''
		.$_POST[$Field8].'\', \''
		.$_POST[$Field9].'\', \''
		.$_POST[$Field10].'\', \''
		.$_POST[$Field11].'\', \''
		.$_POST[$Field12].'\', \''
		.$_POST[$Field13].'\', \''
		.$_POST[$Field14].'\''));
	echo ($worked ? '<p>The data was successfully entered.</p>' : '<p>The data did not get entered correctly.</p>');
} else {
	/* I'd also edit this if I were you, for the same reason as above. */
	die('You do not have the authority to add information.  Please consult an employee who does.');
}

 

Is there some sort of a trick to how this is supposed to work? I see how you did it on the edit portion of this script, but its not the same as the addition. Your help is much appreciated :-)

Link to comment
Share on other sites
teng84 Member

teng84

Posted
Posted

try

$worked = mysql_query("INSERT INTO $arrivaltable (
	    $Field2,
		$Field3,
		$Field4,
		$Field5,
		$Field6,
		$Field7,
		$Field8,
		$Field9,
		$Field10,
		$Field11,
		$Field12,
		$Field13,
		$Field14 ) VALUES (
		'".$_POST[$Field2]."',
		'".$_POST[$Field3]."',
		'".$_POST[$Field4]."',
		'".$_POST[$Field5]."',
		'".$_POST[$Field6]."',
		'".$_POST[$Field7]."',
		'".$_POST[$Field8]."',
		'".$_POST[$Field9]."',
		'".$_POST[$Field10]."',
		'".$_POST[$Field11]."',
		'".$_POST[$Field12]."',
		'".$_POST[$Field13]."',
		'".$_POST[$Field14]."')");

Link to comment
Share on other sites
Daniel0 Advanced Member

Daniel0

Posted
Posted

You should look into making a database class. It'll make it all much easier... Example (not tested, might not work - just fix it if it doesn't): 

<?php
abstract class Database
{
protected $link;
protected $num_queries;
protected $queries = array();
protected $last_result;

abstract public function __construct($host, $username, $password, $database, $persistent=false);
abstract public function query($sql);
abstract public function fetch_row($result=null);
abstract public function get_num_rows($result=null);
abstract public function escape_string($string);

public function insert($table, $data=array(), $escape_data=true)
{
	$fields = array();
	$values = array();
	foreach($data as $field => $value)
	{
		$fields[] = $field;
		$values[] = $escape_data ? "'".$this->escape_string($value)."'" : "'{$value}'";
	}

	return $this->query("INSERT INTO {$table} (".join(',',$fields).") VALUES (".join(',',$values).")");
}
}

class Database_MySQL extends Database
{
public function __construct($host, $username, $password, $database, $persistent=false)
{
	$function = $persistent ? 'mysql_pconnect' : 'mysql_connect';
	$this->link = @$function($host, $username, $password);

	if(!is_resource($this->link))
	{
		throw new Exception("Failed connecting to database: ".mysql_error());
	}

	if(!mysql_select_db($database, $this->link))
	{
		throw new Exception("Failed selecting database '{$database}': ".mysql_error());
	}
}

public function query($sql)
{
	$this->num_queries++;
	$this->queries[] = $sql;

	$this->last_result = mysql_query($sql, $this->link);
	if(!is_resource($this->last_result))
	{
		throw new Exception("Failed executing query: ".mysql_error());
	}

	return $last_result;
}

public function fetch_row($result=null)
{
	return mysql_fetch_assoc(is_resource($result) ? $result : $this->last_result);
}

public function get_num_rows($result=null)
{
	return mysql_num_rows(is_resource($result) ? $result : $this->last_result);
}

public function escape_string($string)
{
	return mysql_real_escape_string($string, $this->link);
}
}

$db = new Database_MySQL('localhost', 'root', '', 'something');
$db->insert('users',array(
	'username'	=> 'Somebody',
	'password'	=> md5('qwerty'),
	'email'		=> 'somebody@example.com',
));
?>

Link to comment
Share on other sites
teng84 Member

teng84

Posted
Posted 

You should look into making a database class. It'll make it all much easier... Example (not tested, might not work - just fix it if it doesn't):

 

dude teaching a NOOBIE a class is not a good idea teach him how to walk first before letting him to run maybe all we can do for now is to correct the errors hes getting 

Link to comment
Share on other sites
Daniel0 Advanced Member

Daniel0

Posted
Posted 

You should look into making a database class. It'll make it all much easier... Example (not tested, might not work - just fix it if it doesn't):

 

dude teaching a NOOBIE a class is not a good idea teach him how to walk first before letting him to run maybe all we can do for now is to correct the errors hes getting 

 

Why? It isn't really as hard as somebody makes it seem like. Going through http://php.net/oop5 should enable you to understand the code I posted before. I found this link in one of the comments on the OOP5 section in the manual - it's an okay read too.

Link to comment
Share on other sites
teng84 Member

teng84

Posted
Posted

maybe your adding additional puzzle in his mind but i agree using a class or a function is great but are you sure he will learn it in a day.

 

BUT : I suggest to all members of this forum what daniel said use a class or function

 

Link to comment
Share on other sites
NightBeam Newbie

NightBeam

Posted
  • Author
Posted

Parse error: parse error, unexpected T_STRING in c:\flyoba\arrivals\arrivaltable.php on line 143

 

 

echo '
<table>
<tr>
	<td>'.ucwords($Field1).'</td>
	<td><input hidden="text" name="'.$Field1.'" value="'.$arrival[$Field1].)'"></td>
</tr>
<tr>
	<td>'.ucwords($Field2).'</td>
	<td><input type="text" name="'.$Field2.'" value="'.$arrival[$Field2].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field3).'</td>
	<td><input type="text" name="'.$Field3.'" value="'.$arrival[$Field3].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field4).'</td>
	<td><input type="text" name="'.$Field4.'" value="'.$arrival[$Field4].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field5).'</td>
	<td><input type="text" name="'.$Field5.'" value="'.$arrival[$Field5].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field6).'</td>
	<td><input type="text" name="'.$Field6.'" value="'.$arrival[$Field6].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field7).'</td>
	<td><input type="text" name="'.$Field7.'" value="'.$arrival[$Field7].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field8).'</td>
	<td><input type="text" name="'.$Field8.'" value="'.$arrival[$Field8].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field9).'</td>
	<td><input type="text" name="'.$Field9.'" value="'.$arrival[$Field9].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field10).'</td>
	<td><input type="text" name="'.$Field10.'" value="'.$arrival[$Field10].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field11).'</td>
	<td><input type="text" name="'.$Field11.'" value="'.$arrival[$Field11].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field12).'</td>
	<td><input type="text" name="'.$Field12.'" value="'.$arrival[$Field12].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field13).'</td>
	<td><input type="text" name="'.$Field13.'" value="'.$arrival[$Field13].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field14).'</td>
	<td><textarea name="'.$Field14.'" rows="5" cols="60" >'.$arrival[$Field14].'</textarea></td>
</tr>
<tr>
	<td colspan="2"><input type="submit" name="edit" value="Accept Edit"></td>
</tr>

</table>';

 

line 143 is the --- <td><input hidden="text" name="'.$Field1.'" value="'.$arrival[$Field1].)'"></td>

 

I have a feeling it has to do with line 142 and the few '  that are in there...

 

Link to comment
Share on other sites
Daniel0 Advanced Member

Daniel0

Posted
Posted

Change 

		<td><input hidden="text" name="'.$Field1.'" value="'.$arrival[$Field1].)'"></td>

to 

		<td><input hidden="text" name="'.$Field1.'" value="'.$arrival[$Field1].'"></td>

 

When you see an error. Look at what it says, look at the line. The closing parenthesis wasn't that hard to spot ;)

Link to comment
Share on other sites
Daniel0 Advanced Member

Daniel0

Posted
Posted

Running just this: 

<?php
echo '
<table>
<tr>
	<td>'.ucwords($Field1).'</td>
	<td><input hidden="text" name="'.$Field1.'" value="'.$arrival[$Field1].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field2).'</td>
	<td><input type="text" name="'.$Field2.'" value="'.$arrival[$Field2].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field3).'</td>
	<td><input type="text" name="'.$Field3.'" value="'.$arrival[$Field3].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field4).'</td>
	<td><input type="text" name="'.$Field4.'" value="'.$arrival[$Field4].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field5).'</td>
	<td><input type="text" name="'.$Field5.'" value="'.$arrival[$Field5].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field6).'</td>
	<td><input type="text" name="'.$Field6.'" value="'.$arrival[$Field6].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field7).'</td>
	<td><input type="text" name="'.$Field7.'" value="'.$arrival[$Field7].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field8).'</td>
	<td><input type="text" name="'.$Field8.'" value="'.$arrival[$Field8].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field9).'</td>
	<td><input type="text" name="'.$Field9.'" value="'.$arrival[$Field9].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field10).'</td>
	<td><input type="text" name="'.$Field10.'" value="'.$arrival[$Field10].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field11).'</td>
	<td><input type="text" name="'.$Field11.'" value="'.$arrival[$Field11].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field12).'</td>
	<td><input type="text" name="'.$Field12.'" value="'.$arrival[$Field12].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field13).'</td>
	<td><input type="text" name="'.$Field13.'" value="'.$arrival[$Field13].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field14).'</td>
	<td><textarea name="'.$Field14.'" rows="5" cols="60" >'.$arrival[$Field14].'</textarea></td>
</tr>
<tr>
	<td colspan="2"><input type="submit" name="edit" value="Accept Edit"></td>
</tr>

</table>';
?>

produces no error. So it did fix it

Link to comment
Share on other sites
NightBeam Newbie

NightBeam

Posted
  • Author
Posted

So that would mean I have an error somewhere else in the code  ???

 

I just copied and pasted exactly what you put, directly over what I had (just to be sure it was the same) and I still get the error  :(

I have updated the code slightly.

 

The same error exists still:

Parse error: parse error, unexpected T_STRING in c:\flyoba\arrivals\arrivaltable.php on line 137

 

Line 137: <td><input hidden="text" name="'.$Field1.'" value="'.$arrival[$Field1].'"></td>

 

 

if (isset($_GET['edit'])) {
if ($result[$permissionfield] > 1) {
$arrival = mysql_fetch_assoc(mysql_query('SELECT * FROM '.$arrivaltable.' WHERE '.$$idfield.' = "'."));
echo '
<table>
<tr>
	<td>'.ucwords($Field1).'</td>
	<td><input hidden="text" name="'.$Field1.'" value="'.$arrival[$Field1].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field2).'</td>
	<td><input type="text" name="'.$Field2.'" value="'.$arrival[$Field2].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field3).'</td>
	<td><input type="text" name="'.$Field3.'" value="'.$arrival[$Field3].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field4).'</td>
	<td><input type="text" name="'.$Field4.'" value="'.$arrival[$Field4].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field5).'</td>
	<td><input type="text" name="'.$Field5.'" value="'.$arrival[$Field5].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field6).'</td>
	<td><input type="text" name="'.$Field6.'" value="'.$arrival[$Field6].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field7).'</td>
	<td><input type="text" name="'.$Field7.'" value="'.$arrival[$Field7].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field8).'</td>
	<td><input type="text" name="'.$Field8.'" value="'.$arrival[$Field8].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field9).'</td>
	<td><input type="text" name="'.$Field9.'" value="'.$arrival[$Field9].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field10).'</td>
	<td><input type="text" name="'.$Field10.'" value="'.$arrival[$Field10].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field11).'</td>
	<td><input type="text" name="'.$Field11.'" value="'.$arrival[$Field11].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field12).'</td>
	<td><input type="text" name="'.$Field12.'" value="'.$arrival[$Field12].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field13).'</td>
	<td><input type="text" name="'.$Field13.'" value="'.$arrival[$Field13].'"></td>
</tr>
<tr>
	<td>'.ucwords($Field14).'</td>
	<td><textarea name="'.$Field14.'" rows="5" cols="60" >'.$arrival[$Field14].'</textarea></td>
</tr>
<tr>
	<td colspan="2"><input type="submit" name="edit" value="Accept Edit"></td>
</tr>

</table>';
$skip = true;
} else {
	/* Ditto here. */
	die('You do not have the authority to edit information.  Please consult an employee who does.');
}	
}

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.