Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 8 years ago.
Improve this question
I've been trying to figure out this PHP error for almost a day. Sigh. I'm really new to coding but I thought I had this figured out. When I run this code, I get an error
Parse error: syntax error, unexpected 'body' (T_STRING), expecting ')' in /Users/baronjon/Sites/squaredb/functions.php on line 20
and here is the code:
<?php
function add_post($userid, $body) {
$sql = "insert into posts (user_id, body, stamp)
values ($userid, '". mysql_real_escape_string($body)."', now())";
$result = mysql_query($sql);
}
function show_posts($userid) {
$posts = array();
$sql = "select body, stamp from posts
where user_id ='$userid' order by stamp desc";
$result = mysql_query($sql);
while($data = mysql_fetch_object($result)) {
$posts[] = array( 'stamp' => $data->stamp,
'userid => $userid
'body' => $data->body //**This is line 20.**
);
}
return $posts;
}
?>
Being new to php (and coding in general) I realize that this could be really simple. But I don't see the parenthesis that it's telling me to look for.
I looked in the php manual to make sure I had the syntax correct and it seem pretty straightforward.
Can anyone point me in the right direction.
In your $posts array you are missing a trailing ' quote, and a comma.
$posts array should look like:
$posts[] = array(
'stamp' => $data->stamp,
'userid' => $userid,
'body' => $data->body //**This is line 20.**
);
Many times in PHP, when it says line 20, you should be looking at line 19.
As a commenter above mentioned I would really recommend using a code editor with syntax highlighting like vim, emacs, Sublime Text, Notepad++ or something similar. Saves my butt every day :).
You're missing an end quote on line 19 around 'userid => $userid and a comma. It should be 'userid' => $userid,.
Related
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 2 years ago.
Improve this question
In my Mysql I have this table. And I want to send data
Id is autoincrement
Id
insertId
invoceTaxApplayId
sumOfDist
if (isset($_POST['basic'])) {
$user_string = $_POST['basic'];
$basic = json_decode($user_string);
foreach ($basic as $key => $value){
$sql2 = "INSERT INTO `insert_tax_applay_map`( `insertId`, `invoceTaxApplayId`, `sumOfDist`) VALUES ('$value','', 5)";
echo $sql2; //printed
echo $key;
}
exit();
}
I can see echos, but data isn't sent to mysql.
You can fix the issue of not executing and your serious SQL injection bug with one simple trick: Prepared statements with placeholder values!
if (isset($_POST['basic'])) {
$user_string = $_POST['basic'];
$basic = json_decode($user_string);
// Prepare your database query with placeholder values
$stmt = $db->prepare("INSERT INTO insert_tax_applay_map (insertId, invoceTaxApplayId, sumOfDist) VALUES (:insertId, :invoiceTaxApplayId, :sumOfDist)");
// For each entry...
foreach ($basic as $key => $value) {
// ...execute the statement with that particular set of values.
$stmt-execute([
'insertId' => $value,
'invoiceTaxApplayId' => '',
'sumOfDist' => 5
]);
}
exit();
}
This example uses PDO but can easily be adapted to mysqli or whatever you're using.
Tip: For general guidance on PHP, see PHP the Right Way for more resources.
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 7 years ago.
Improve this question
I have a PDO PHP file making use of just one $_POST value stored on the $data array, and if an statement is true, a second value is added to that array to make a new query with two values:
<?php
session_start();
include("../conexionbbdd.php");
if($_SESSION['estado'] == 'activo' && $_SESSION['rol'] == '1'){
$data = array(
'us_id' => $_POST['us_id'],
);
$selectUsers= "SELECT * FROM ws_users WHERE us_id= :us_id";
$statementSelectUsers = $pdo->prepare($selectUsers);
$statementSelectUsers->execute($data);
$result = $statementSelectUsers->fetch(PDO::FETCH_ASSOC);
$us_fk_ui_id = $result['us_fk_ui_id'];
if($us_fk_ui_id==='1'){
$data['us_credits']=$_POST['us_credits'];
$updateUser = mysqli_query($con,"UPDATE ws_users SET us_credits = :us_credits, us_access = '1' WHERE us_id = :us_id");
$statementUpdateUser = $pdo->prepare($updateUser);
$statementUpdateUser->execute($data);
}
Everything goes fine untill the $statementUpdateUser->execute($data); line (34), where I get the usual error
PDOException: SQLSTATE[42000]: Syntax error or access violation: 1065
Query was empty in C:\wamp\www**********\actions\ad_updateUserInfo.php on
line 34
As far as I've seen, this should be due to the unexistance of one of the placeholders on the array, but if I print the array values after the $data['us_credits']=$_POST['us_credits']; it seems to be correct, having the 2 expected values needed for my query:
Array (
[0] => 2
[1] => 1.5 )
How could I check where the mistake is? There's no possibility of echoing the query as it is an object unable to transform on string.
$updateUser = mysqli_query($con,"UPDATE ws_users SET us_credits = :us_credits, us_access = '1' WHERE us_id = :us_id");
^^^ WTF??
You have to pay more attention to the code you write. Stack Overflow is NOT the service for finding typos for you.
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 8 years ago.
Improve this question
I can't figure out why I have the syntax error I receive a syntax error on line 25 once i start adding values of $_SESSION part, I am new to php and coding so any help would be appreciated.
<?php
ini_set('display_errors', 1);
//Adjust error reporting:
error_reporting(E_ALL | E_STRICT);
include('includes/session_config.inc');
require ('mysqli_connect.php');
$q = "INSERT INTO cards (sender_last,
sender_first,
sender_email,
recipient_last,
recepient_first,
recepient_email,
subject,
message,
image,
identifier,
date_entered
)
VALUES ($_SESSION['postcard']['from_first']',
$_SESSION['postcard']['from_last']',
$_SESSION['postcard']['from_email']',
$_SESSION['postcard']['to_first']',
$_SESSION['postcard']['to_last']',
$_SESSION['postcard']['to_email'],
$_SESSION['postcard']['subject'],
$_SESSION['postcard']['message'],
$_SESSION['postcard']['image'],
$_SESSION['postcard']['identifier']
NOW()
)";
try this, Don't use to long multidimentional array directly in query, Use like this save in varialbe then use it, and other also care full for SQL injection, and also u have missed the comma before NOW() at the end of query.
<?php
ini_set('display_errors', 1);
//Adjust error reporting:
error_reporting(E_ALL | E_STRICT);
include('includes/session_config.inc');
require ('mysqli_connect.php');
$from_first = mysql_real_escape_string($_SESSION['postcard']['from_first']);
$from_last = mysql_real_escape_string($_SESSION['postcard']['from_last']);
$from_email = mysql_real_escape_string($_SESSION['postcard']['from_email']);
$to_first = mysql_real_escape_string($_SESSION['postcard']['to_first']);
$to_last = mysql_real_escape_string($_SESSION['postcard']['to_last']);
$to_email = mysql_real_escape_string($_SESSION['postcard']['to_email']);
$subject = mysql_real_escape_string($_SESSION['postcard']['subject']);
$message = mysql_real_escape_string($_SESSION['postcard']['message']);
$image = mysql_real_escape_string($_SESSION['postcard']['image']);
$identifier = mysql_real_escape_string($_SESSION['postcard']['identifier']);
$q = "INSERT INTO cards (sender_last,
sender_first,
sender_email,
recipient_last,
recepient_first,
recepient_email,
subject,
message,
image,
identifier,
date_entered
)
VALUES ($from_first,
$from_last,
$from_email,
$to_first,
$to_last,
$to_email,
$subject,
$message,
$image,
$identifier,
NOW()
)";
Your values are strings, but you have only ending ': VALUES ($_SESSION...', $_SESSION...', replace it with VALUES ('{$_SESSION...}', '{$_SESSION...}'. Also missing , before NOW() in values list
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
i got an db that i can add stuff in it with this sql statement using pdo type of connection .. :
$sql_createAD = "INSERT INTO `kijilikedb`.`advertise` (`AD_ID`, `AD_NAME`, `REF_STATE`, `REF_USER`, `REF_CAT`, `REF_SUB`, `REF_DESC`, `REG_DATE`, `EXP_DATE`, `AD_TYPE`, `AD_PRICE` , `IMAGE`) VALUES (NULL,'".$_POST['Title']."','".$_POST['state']."','',".$currentCAT.",'".$_POST['sub']."', ".$currentDescId.", '".$today."', '".$EXP."','".$_POST['type']."','".$_POST['Price']."','".mysql_real_escape_string(file_get_contents($_FILES['image']['tmp_name']))."')";
$con->query($sql_createAD );
in big ..... im adding an article that contain information and everyting .... but when im adding the img to the database im using ".mysql_real_escape_string" that is a depreciated methode that i should use anymore ...... so now i want to replace it ... but i read there is no alternative for this in pfo ...... but im shure i can find an work around it ..... so plz help me finding it! :D
i find that maybe if im using an $con->prepare() for the insert and execute() for puting it in the db it could work ... but in doest for me ..... the error i get when i doing is :
SQLSTATE[HY093]: Invalid parameter number: mixed named and positional parameters
look at the try i did :
$query = "INSERT INTO `kijilikedb`.`advertise` (`AD_ID`, `AD_NAME`, `REF_STATE`, `REF_USER`, `REF_CAT`, `REF_SUB`, `REF_DESC`, `REG_DATE`, `EXP_DATE`, `AD_TYPE`, `AD_PRICE` , `IMAGE`) VALUES (NULL,'".$_POST['Title']."','".$_POST['state']."','',".$currentCAT.",'".$_POST['sub']."', ".$currentDescId.", '".$today."', '".$EXP."','".$_POST['type']."','".$_POST['Price']."','".file_get_contents($_FILES['image']['tmp_name'])."')";
$preparedQuery = $con->prepare($query);
$preparedQuery->execute();
Here's how I would do it with a prepared statement with parameters:
$query = "INSERT INTO kijilikedb.advertise
SET AD_ID = :ad_id,
AD_NAME = :ad_name,
REF_STATE = :ref_state,
REF_USER = :ref_user,
REF_CAT = :ref_cat,
REF_SUB = :ref_sub,
REF_DESC = :ref_desc,
REG_DATE = :reg_date,
EXP_DATE = :exp_date,
AD_TYPE = :ad_type,
AD_PRICE = :ad_price,
IMAGE = :image";
This uses an alternative syntax for INSERT. It's a bit easier to read and easier to match up your column names with your query parameter placeholders. But this syntax doesn't support multi-row inserts.
Next, create an associative array with your values. The keys match the parameter placeholder names above (the leading colon character is not required).
When you use query parameters, you must not use any escape-string method (FWIW, PDO::quote() does escaping, but adds the quote marks as well).
$values = array(
'ad_id' => NULL,
'ad_name' => $_POST['Title'],
'ref_state' => $_POST['state'],
'ref_user' => '',
'ref_cat' => $currentCAT,
'ref_sub' => $_POST['sub'],
'ref_desc' => $currentDescId,
'reg_date' => $today,
'exp_date' => $EXP,
'ad_type' => $_POST['type'],
'ad_price' => $_POST['Price'],
'image' => file_get_contents($_FILES['image']['tmp_name'])
);
Then finally, the prepare/execute is a simple two lines of code:
$preparedQuery = $con->prepare($query);
$preparedQuery->execute($values);
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 9 years ago.
Improve this question
I need to format Date time to specific date format using php.
Now date format
2014-02-10 09:32:24
I need format
2014/02/10
error is :Parse error: syntax error, unexpected '$ModifiedDate' (T_VARIABLE), expecting ',' or ';' in ................. line
Here i tried like this
<?php
include(config.php);
$sql = "SELECT Id,Title,description,Image,Category,ModifiedDate from News WHERE ISActive=true";
$query = mysql_query($sql);
if(mysql_num_rows($query)>0){
while($test = mysql_fetch_array($query))
{
$Mod = $test['ModifiedDate'];
$ModifiedDate = date_format($Mod, 'yyyy/MM/dd');
echo"<td><font color='black'>"$ModifiedDate"</font></td>";
}
}
else
{
echo "No Records";
}
?>
You forgot to concatenate the variable. Do like this
echo"<td><font color='black'>".$ModifiedDate."</font></td>";
//^----- ^----- Add those dots !
Use below format,
date_format($Mod, 'YY/MM/DD');
try this code:
$ModifiedDate = date_format($Mod, 'Y/m/d');