473,386 Members | 1,708 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > help a beginner

Join Bytes to post your question to a community of 473,386 software developers and data experts.

Help a beginner

I have done simple php script and I have corrected every little error I got
but now I stucked. I keep getting "You have an error in your SQL syntax
near '' at line 9 ", and I don't know what to do. The code is the following:

<?php
require('config.php');
$conn = mysql_connect(SQL_HOST, SQL_USER, SQL_PASS) or
die ('Could not connect to MySQL database.' .mysql_error());
mysql_select_db (SQL_DB, $conn);

$display_block = "<h1>$project_name Categories</h1>
<P>Select a Category to see details.</P>";

//validate project
$get_project = "SELECT
c.cat_name,
p.project_name
FROM
category
AS c LEFT JOIN
project AS p ON p.id = c.project_id
WHERE
c.id = $_GET[cat_id]";

$get_project_res = mysql_query($get_project) or die (mysql_error());

if (mysql_num_rows($get_project_res) < 1) {
//invalid item
$display_block .= "<p><em>Invalid project selection.</em></p>";
} else {
//valid project, get info
$project_name =
strtoupper(stripslashes(mysql_result($get_project_ res,0,'project_name')));
$cat_name = stripslashes(mysql_result($get_project_res,0,'cat_ name'));
}
?>

<html>
<head>
<title>Projects</title>
</head>
<body>
<?php print $display_block; ?>
</body>
</html>

I have to tables, one is category and other one is project. On the main page
I have data from project table, and on the other page (code up) I want to
show data from other table but only valid for project example 1 or 2 etc.

Tnx in advance, sorry for any gramatic mistake, english is not my first
language :)
Jul 17 '05 #1
8 1745
Igor Slivka wrote:
I have done simple php script and I have corrected every little error I got
but now I stucked. I keep getting "You have an error in your SQL syntax
near '' at line 9 ", and I don't know what to do. The code is the following:


It's always worth echo'ing the SQL command.

$result = mysql_query($query) or die("$query<br>".mysql_error());

.... just don't leave them in your released app, the queries give too
much away.
Jul 17 '05 #2
> //validate project
$get_project = "SELECT
c.cat_name,
p.project_name
FROM
category
AS c LEFT JOIN
project AS p ON p.id = c.project_id
WHERE
c.id = $_GET[cat_id]";


Try to do this as here:

$get_project = "SELECT c.cat_name, p.project_name FROM category c, project
p WHERE c.id=$_GET[cat_id] AND p.id=c.project_id";
Jul 17 '05 #3
Alex_r wrote:
//validate project
$get_project = "SELECT
c.cat_name,
p.project_name
FROM
category
AS c LEFT JOIN
project AS p ON p.id = c.project_id
WHERE
c.id = $_GET[cat_id]";


Try to do this as here:

$get_project = "SELECT c.cat_name, p.project_name FROM category c,
project p WHERE c.id=$_GET[cat_id] AND p.id=c.project_id";


Well this was nice try, but unfortunatly it doesn't work :(.
Know it's reporting php error on 'AND ...'
Hm, strange thing is that original code (with different tables name) IS
working with one other very simple db. Go figure...
Jul 17 '05 #4
> It's always worth echo'ing the SQL command.
$result = mysql_query($query) or die("$query<br>".mysql_error());
... just don't leave them in your released app, the queries give too
much away.


LikeI said, i'm just beginning with php. Tnx for the tip thou :))
Any idea what to do with the code? I should be pretty simple, show
categories that are related to project 1 (or 2,3 for that matter), nothing
fancy and complex. I' m really confused.
Jul 17 '05 #5
.oO("Igor Slivka" <igor.slivka@REMOVE THISri.htnet.hr>)
I have done simple php script and I have corrected every little error I got
but now I stucked. I keep getting "You have an error in your SQL syntax
near '' at line 9 ", and I don't know what to do. The code is the following:
[...]

//validate project
$get_project = "SELECT
c.cat_name,
p.project_name
FROM
category
AS c LEFT JOIN
project AS p ON p.id = c.project_id
WHERE
c.id = $_GET[cat_id]";


The above query relies on a URL-parameter and uses it without any
checking, which makes the code vulnerable to SQL-injection (google for
details on that).

And what happens if there's no such parameter at all? The query becomes
invalid and causes an error message on the last (9th) line.

A possible solution with a default value of '0':

$cat_id = isset($_GET['cat_id']) ? intval($_GET['cat_id']) : 0;
$get_project = "
SELECT c.cat_name, p.project_name
FROM category AS c
LEFT JOIN project AS p ON p.id = c.project_id
WHERE c.id = $cat_id";

HTH
Micha
Jul 17 '05 #6
Igor Slivka wrote:
I have done simple php script and I have corrected every little error I got
but now I stucked. I keep getting "You have an error in your SQL syntax
near '' at line 9 ", and I don't know what to do. The code is the following:

<?php
require('config.php');
$conn = mysql_connect(SQL_HOST, SQL_USER, SQL_PASS) or
die ('Could not connect to MySQL database.' .mysql_error());
mysql_select_db (SQL_DB, $conn);

$display_block = "<h1>$project_name Categories</h1>
<P>Select a Category to see details.</P>";

//validate project
$get_project = "SELECT
c.cat_name,
p.project_name
FROM
category
AS c LEFT JOIN
project AS p ON p.id = c.project_id
WHERE
c.id = $_GET[cat_id]";

$get_project_res = mysql_query($get_project) or die (mysql_error());

if (mysql_num_rows($get_project_res) < 1) {
//invalid item
$display_block .= "<p><em>Invalid project selection.</em></p>";
} else {
//valid project, get info
$project_name =
strtoupper(stripslashes(mysql_result($get_project_ res,0,'project_name')));
$cat_name = stripslashes(mysql_result($get_project_res,0,'cat_ name'));
}
?>

<html>
<head>
<title>Projects</title>
</head>
<body>
<?php print $display_block; ?>
</body>
</html>

I have to tables, one is category and other one is project. On the main page
I have data from project table, and on the other page (code up) I want to
show data from other table but only valid for project example 1 or 2 etc.

Tnx in advance, sorry for any gramatic mistake, english is not my first
language :)

Are p.id or c.project_id text values?

Steve
Jul 17 '05 #7
> The above query relies on a URL-parameter and uses it without any
checking, which makes the code vulnerable to SQL-injection (google for
details on that).
Thank You! Will do :)
Just learning so i'm reading a tons of book and that are all pretty simple
(as u can see :)) but even that's enough for me ;)
And what happens if there's no such parameter at all? The query
becomes invalid and causes an error message on the last (9th) line.
A possible solution with a default value of '0':
$cat_id = isset($_GET['cat_id']) ? intval($_GET['cat_id']) : 0;
$get_project = "
SELECT c.cat_name, p.project_name
FROM category AS c
LEFT JOIN project AS p ON p.id = c.project_id
WHERE c.id = $cat_id";


Yup, thank You once again! :) Know i'm getting somewhere.
Well expect few other questions like this one, thank U all for replaying :)

Best regards, Igor
Jul 17 '05 #8
> Are p.id or c.project_id text values?

Of course, not that stupid ;>.
Anyway i'm going somwhere with above response, thank U all once more ;)
Jul 17 '05 #9
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

15
Help With Python
by: Judi Keplar | last post by:
I am currently taking a course to learn Python and was looking for some help. I need to write a Python statement to print a comma- separated repetition of the word, "Spam", written 511 times...
Python
15
Help Cursor Based Stored Procedure Is Getting Slower and Slower!
by: Philip Mette | last post by:
I am begginner at best so I hope someone that is better can help. I have a stored procedure that updates a view that I wrote using 2 cursors.(Kind of a Inner Loop) I wrote it this way Because I...
Microsoft SQL Server
8
C++ beginner's book... Please help.
by: Grrrbau | last post by:
I'm a beginner. I'm looking for a good C++ book. Someone told me about Lafore's "Object-Oriented Programming in C++". What do you think? Grrrbau
C / C++
7
Beginner needs help fast
by: BobJohnson | last post by:
Just started learning C++ and I need some help with my homework, shouldn't take long for people around here. I need to create a simple money calculator but I don't know how to make the output...
C / C++
16
please help (novice)
by: ranger | last post by:
Hi, I'm a beginner with C++, studying on my own from a book and I've encoutered quite some problems.. If possible, someone out there might help me out.. The problem is the following.. I've...
C / C++
1
Beginner's help using count/Dcount function
by: Simon Matthews | last post by:
Hope someone can help an Access beginner! I've just started keeping my surgical logbook on access and it's a simple flat-file affair. I have created several queries that will list cases...
Microsoft Access / VBA
1
help! (urgent)
by: newbie | last post by:
Hi I am using a toolkit written in c++ that consists of three parts 1) video captur 2) image processin 3) OpenGL wrappe The video capture program only works with local hardware (for...
.NET Framework
1
Beginner needing help with return data from a webservice.
by: hl | last post by:
Hi, I'm a beginner and need a little help with getting data back from a web service. I am using VB.Net and have added a web reference to a Wsdl that was provided to me. My reference.vb file...
.NET Framework
6
printing the permutation, help
by: fool | last post by:
Dear group, Given a string I have to print the permutation, using some looping tricks. This is not a Home work problem. My best try as beginner is: #include<stdio.h> #include<stdlib.h> ...
C / C++
1
Help Me With This Please
by: macmac | last post by:
I'm new to this forum and I am in a beginner level with programming too. I posted this thing out hoping that somebody could help me out in making this program. I am working right now as a C++...
C / C++
0
Easy Steps to Fix "Canon Printer Won't Connect to WiFi Network"
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
General
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!