I am having the simple php code that shows columns in table test (delete.php & delete_ac.php), when click on delete button this suppose to delete the respective column. But it is displaying error occurred and the table HTML showing blank. Not sure which steps i was wrong. Any help are very appreciated.!
http://pastebin.com/9Zz217Bn
I suggest using
echo mysqli_error();
to see what the error is.
Also you don't seem to be setting $id.
From your responses it seems that you have an error in the sql. The error might be from the way you are sending your data to the script. Tangentially you are encountering an error because you have not in any way checked the input which could be anything and are trusting that it is valid data. It helps to assume that all users are mean and want to cause damage.
So I would recommend at least an if and a test for the data being numeric. Then you could see if you were passing bad data. This might help you troubleshoot and will make your code more robust against attack, user error and things like that. You would not want someone manually typing the URL and putting id=>-1 as that would delete everything.
Like the one you commented:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'id']; ?>'' at line 1 mysql version is 5.6.12
However what you might need to do (as others have pointed out) is echo the sql and paste it into something like phpmyAdmin or some MySQL GUI and see what it you get back. The (more than likely) error may help you identify the cause of your problems. It looks like you might have ended up with the php code in the query string.
If you have short tags off then the short php you have use will not work and will end up in the link which it does seem to have done. Try:
<?php echo $rows['id']; ?>
Which I think will work for you much better.
If in doubt go back to the earlier suggestion (not just from me) to echo out the generated sql which I would expect will not look right.
While you are at it can I recommend you consider using "LIMIT 1" at the end of your SQL once you have it working? Then if anything goes wrong you only dropped the one row.
One last thing it makes folks here much happier if you just paste the code into the question.
I hope I helped you.
The problem lies in your Querystring of delete button use fuller
Thanks a lots for all answers, i am really appreciated your helpful tips. i have checked the syntax :
<td bgcolor="#FFFFFF">delete</td>
which is missing php line, after filled php line, the code working well:
<td bgcolor="#FFFFFF">delete</td>
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'id']; ?>'' at line 1 mysql version is 5.6.12
Related
So the problem is that i'm trying to upload a "new ico", my site is all about cryptocurrency. Everything is working as it did locally on my computer, but when im trying to upload a new ico it says this:
"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '�rdi, whitepaper, social, avatar) VALUES ('KickCoin','Random','Random','Random'' at line 1"
�rid = Should be saying "Værdi".
I read that the problem defiantly is something connection based with the database or so (because i didn't have the problem local)? But how do i fix it, so that my website will show "ÆØÅ" and how do i make the database able to understand "ÆØÅ", so that i can upload?
Thanks in advance,
Victor
You can change the database collation to
latin1_swedish_ci/utf8mb4_bin
This will work. Its working fine for my sites.
Before i call this question, yes i know mysql_query is a bad practice but i need to fix this first then in the near future i will move to PDO or something ok..
I have a code that works perfectly in localhost using php 5.4 the problem is when i load it in server, everything works fine, there is just one error, that at this moment , im blind at it.
On a description field, for a kind of articles in a blog, i use elrte and elfinder editor, the problem is when i send a image to store in de Database, i have different results.
In local i do store the <img src="folder/ok/img.jpg"> but in the server for some reason the same files, and code store that in the database as <img src="\"/folder/ok/img.jpg\"" >
This must be related to this lines (the description file is going on $desc)
if(isset($_POST['submit'])){
//protect and then add the posted data to variables
$titulo = protect($_POST['titulo']);
$desc = mysql_real_escape_string ($_POST['desc']);
$cat_id = protect($_POST['cat_id']);
But can somebody explain this behaviour, cause im blind at this, also i know there are security issues on this, but well at least we are not storing any NASA info.
hope anyone can help me on this
Without having looked too far into it, mysql_real_escape_string is deprecated and you should use mysqli_real_escape_string() now (which goes with the new mysqli lib)
Are you sure $_POST['desc'] is the same on localhost and server? Maybe your POST request is being formed incorrectly
I have worked with MySQL before but it has been a LONG time ago. Now I am trying to set up a database using phpMyAdmin.
I am trying to setup this database for the Article Friendly script. The instructions state that you need to use a little script that they have furnished:
define("DB_NAME","a6852953_article");
define("SERVER_NAME","'mysql12.000webhost.com'");
define("USER_NAME","a6852953_article");
define("PASSWORD","*********");
$dbhost=SERVER_NAME;
$dbuser=USER_NAME;
$dbpasswd=PASSWORD;
$dbname=DB_NAME;
It chokes on the first line, and if I remove that it chokes on whatever is there.
The syntax looks correct to me with what little I remember and I also checked the manual for 5.1 which is what my host uses.
Can anyone spot anything wrong?
Looks like it might actually be choking on the second line...
define("SERVER_NAME","'mysql12.000webhost.com'");
... likely because you have single quotes inside the double quotes. Try changing the line to this:
define("SERVER_NAME","mysql12.000webhost.com");
If it is the first line however, make sure that the database you listed already exists -- if not, you should be able to login to phpMyAdmin and run:
CREATE DATABASE a6852953_article
:)
I am working on a client's application www.islamicaim.com. I have problem in url writing in video section. I was using url something like http://islamicaim.com/video_play.php?id=6 for playing videos. Videos work fine but now according to the new requirement of the client I want to write the url something like http://www.islamicaim.com/category/author/video/title.php for making the SEO friendly url.
I have stored the name of an author in database and name can contain space some thing like mr xyz. While using this name I am facing problem. If any one can suggest me how I can achieve this goal as i am a learner of Php. Thanks.....
Here is my query $q2="select id from media_author where name='".$author_name."'";
while $author_name has value "mr xyz"
and I am recieving this error You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 i have checked this query by running in sql it works fine..
Link where I am having problem is at http://islamicaim.com/media_details.php?category=Talawat-e-Quran&author=Qari%20Syed%20Sadaqat%20Ali
I'm not sure what specific error you are having as you basically just said it presently isn't working for you. But as you said the issue is the url can contain "mr xyz", it's probably that you need to replace the space with a %20.
I don't know PHP but I'm guessing that it, like every other language, has a call to encode a url - call that on your url and that will transform all characters that need to be in the %xx form.
Can't see any problem with your query, unless there is a problem with something else. Have you tried all the possibilities for this? Such as:
$q2 = "SELECT id FROM media_author WHERE name = $author_name";
Or
$q2 = "SELECT * FROM media_author WHERE name = '$author_name'";
Maybe you should add some more related code for us to check.
i have some php source it can send form data info to other page under mysql 4.x version.
but after upgraded to mysql 5.x version, this php source can't send form data info to other page.
i was searched many info, but don't have idea what's wrong with my php source.
i just can guess this is related with mysql upgrade and i have to edit my php source,
but lack of knowledge it very tough for me.
if anyone help me or give some hint it really appreciate!
my php source is consist of 3 part.
form sender page ( http://pastebin.com/3Sg7SyWV )
-> submited form data info checking page ( http://pastebin.com/WEx5tEn2 )
-> insert form data to DB ( http://pastebin.com/918iZkgw )
for several day i was search and search but lack of my knowledge about php and mysql
it very hard to resolve.
Thanks in advance
You're not checking if your insert query succeeds. I can't tell which MySQL library you're using, but generally they all return FALSE if a query fails, so you could change your query line to something like:
$DB->ExecSql($InsertQuery) or die($DB->whatever_returns_error_information());
If something's wrong with the query, then this would abort the script and output any error information produced.
As well, it doesn't look like you're escaping your query data anywhere. That leaves you wide open to SQL injection. And as well, any of the form data which contains even a single quote (') will "break" the query by introducing syntax errors. If you had proper error checking in there, you'd have gotten a syntax error report.
For that matter, where are you extracting the submitted data and building all those variables you paste into the query? There's only one place in your three scripts where $_POST is referred to, and it seems to be in an error output function which simply dumps out each key/value as hidden form fields (and in there you're also not escaping/quoting the data, so your form itself is vulnerable to XSS attacks).