0

error:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

Its valid sql I checked I just don't understand what would cause that error. I also tried different statements and they worked. So I don't get it.

code:

<?php $con = mysql_connect('localhost','me','omglol');
mysql_select_db('dancks_db',$con);
?>
<?php
session_start();
$session_name = "forces";
$com=0;
function logout()
{
        $_SESSION = array();
        session_destroy();
        //header('Location:http://cs4.sunyocc.edu/~j.d.dancks/index.php');
}
if(!isset($_SESSION['time']) || !isset($_SESSION['nick']))
{
        $com=2;
        logout();
}
else if($_SESSION['time'] < time())
{
        $com=3;
        logout();
}
?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

$query_Recordset1 = sprintf("select * from Item where ItemID=%i",$_GET['id']);
$Recordset1 = mysql_query($query_Recordset1, $con) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
if(mysql_num_rows($Recordset1)!=1)
{
    header('Location:http://cs4.sunyocc.edu/~j.d.dancks/onestopshop/productnotfound.html');
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<?php echo "<title>".$row_Recordset1['name']."</title>\n"; ?>
</head>
<body>
<div id="header">
<?php echo "<h1>".$row_Recordset1['name']."</h1>\n"; ?>
</div>
<div id="content">
   <div id="image-container-left">
      <div style="background-color:black; border:thick;">
         <?php
            if(isset($row_Recordset1['image']))
            {
                echo "<img src=\"images/".$row_Recordset1['image']."\" />\n";
            }
            else
            {
                echo "<img src=\"images/noimage.jpg\" />\n";
            }
         ?>
      </div>
   </div>
   <div id="right-container">
      <div id="info">
         <div id="description">
            <?php
                echo "<p>".$row_Recordset1['descr']."</p>\n";
            ?>
         </div>
         <div id="bids">
            <?php echo "<h2>Highest Bid: $".$row_Recordset1['highest_bid']."</h2>\n"; ?>
            <?php if(isset($_SESSION['name']))
            {
            echo "            <p>Place your bid here:</p>
            <form id=\"bid-enter\" action=\"registerbid.php\" method=\"post\">\n
                <input type=\"text\" name=\"bid\" />\n
                <input type=\"hidden\" name=\"prod\" value=".$row_Recordset1['ItemID']."\" />\n
                <input type=\"submit\" />\n
            </form>\n";
            }
            ?>
         </div>
      </div>
      <div id="nav-pane">
      </div>
   </div>
</div>
<div id="footer">
</div>
</body>
</html>
<?php
mysql_free_result($Recordset1);
?>
5
Contributors
7
Replies
8
Views
4 Years
Discussion Span
Last Post by radow
0

@dancks

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

Try to used double qoutes not single qoutes

From this

<?php 

$con = mysql_connect('localhost','me','omglol');

mysql_select_db('dancks_db',$con);

?>

to this:

<?php 

$con = mysql_connect("localhost","me","omglol");

mysql_select_db("dancks_db",$con);

?>
0

From what I can tell it doesn't change anything. I added:

$selected=mysql_select_db("dancks_db",$con);
{
    die("Couldn't select db");
}

and the die was triggered. So it doesn't fail when connecting, just when pick the database

0

@dancks

and the die was triggered. So it doesn't fail when connecting, just when pick the database

So you can connected to the db but not able select?

Instead of this:

$selected=mysql_select_db("dancks_db",$con);
{
die("Couldn't select db");
}

Try this:

<?php $con = mysql_connect("localhost","me","omglol"); ?>

<?php mysql_query("your db", $con); ?>

1

I added line at line between 58 and 59 like following, copy that output of query, run that in phpmyadmin directly

$query_Recordset1 = sprintf("select * from Item where ItemID=%i",$_GET['id']);
echo $query_Recordset1;
$Recordset1 = mysql_query($query_Recordset1, $con) or die(mysql_error());
0

Adam Adamski got it right I was using an undefined type identifier. I replaced %i with %d and it worked.

Also untrivedi echoing the query before executing would've been the smart thing to do for debugging. Thanks guys.

0

I think what variable $_GET['id'] empty. Before will execute query, add check

if(!empty($_GET[id]))
{
    //execute MySQL query
}

and to bring this variable to an "int" ((int)$_GET['id'])

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.