Hi I am a newbie trying to get some of my first code working, yada yada yada.
I have a drop down box which chooses a state then takes the post data to 'processform2.php' to use that to pull up all the rows which have the corresponding state.
I am getting this 'Parse error: syntax error, unexpected T_STRING in /home/attorney/public_html/' on line 13 - <?
-
$username="XXXXXXXX";
-
$password="XXXXXX";
-
$database="XXXXXXXX";
-
-
-
ini_set('display_errors',1);
-
error_reporting(E_ALL);
-
-
-
mysql_connect("localhost",$username,$password);
-
@mysql_select_db($database) or die( "Unable to select database");
- $query='SELECT * FROM BIZ_APARTMENTS WHERE $_POST('bizState')';
-
$result=mysql_query($query);
-
-
$num=mysql_numrows($result);
-
-
mysql_close();
-
-
echo "<b><center>Buildings in State</center></b><br><br>";
-
-
$i=0;
-
while ($i < $num) {
-
-
$name=mysql_result($result,$i,"bizName");
-
$address=mysql_result($result,$i,"bizAddress");
-
$city=mysql_result($result,$i,"bizCity");
-
$state=mysql_result($result,$i,"bizState");
-
$zip=mysql_result($result,$i,"bizZip");
-
$phone=mysql_result($result,$i,"bizPhone");
-
$email=mysql_result($result,$i,"bizEmail");
-
-
echo "<b>Name: $name</b><br>Phone: $phone<br>Type: $type<br>Address: $address<br>City: $city<br>State: $state<br>Zip: $zip<br>Email:$email<br>";
-
-
$i++;
-
}
-
-
?>
Thanks a million,
14  5322 
the apostrophe at offset 51 closes the string, after that you have to use the command end (;) or string concatenation operator (.).
and please please secure your SQL against SQL Injection (e.g. by means of mysql_real_escape_string())
Line 13 is messed up a lot. Firstly, your query is invalid. It will return results, but not what you think. The WHERE clause requires a condition that each row that you want to select has to meet. If you were to say "WHERE 1", then all rows would be selected. If you were to say "WHERE `id` = 1", then only rows where "`id` = 1" is true would be selected. Conditions are more than just a single variable.
Secondly, you can't have the same type of quotation marks inside of the same type of quotation marks without escaping them (using the "\" character).
Thirdly, arrays do not use parentheses for subscript; they use brackets ("[" and "]").
Fourthly, all data in the $_POST array is user input. Therefore, it is unsafe in its raw form. Cleanse it using mysql_real_escape_string().
Hi, first let me say thank you to both of you for helping me, I really appreciate it. I have reworked it a little bit but now no error message, but just a echo of my heading only.
here are the 2 php scripts that are involved. Building Select try it out, plz - <?php
-
/* Program name: buildSelect.php
-
* Description: Program builds a selection list
-
* from the database.
-
*/
-
?>
-
<html>
-
<head><title>Building info by state</title></head>
-
<body>
-
<?php
-
$user="attorney_test";
-
$host="localhost";
-
$password="Baronj55";
-
$database = "attorney_test";
-
-
$cxn = mysqli_connect($host,$user,$password,$database)
-
or die ("couldn't connect to server");
-
$query = "SELECT DISTINCT bizState FROM BIZ_APARTMENTS ORDER BY bizState";
-
$result = mysqli_query($cxn,$query)
-
or die ("Couldn't execute query.");
-
-
/* create form containing selection list */
-
echo "<form action='processform2.php' method='POST'>
-
<select name='b'>\n";
-
-
while ($row = mysqli_fetch_assoc($result))
-
{
-
extract($row);
-
echo "<option value='$bizState'>$bizState\n";
-
}
-
echo "</select>\n";
-
echo "<input type='submit' value='Select State in which building is located'>
-
</form>\n";
-
?>
-
</body></html>
-
here is the 2nd script - <?
-
$username="attorney_test";
-
$password="Baronj55";
-
$database="attorney_test";
-
$table="BIZ_APARTMENTS";
-
$column="bizState";
-
ini_set('display_errors',1);
-
error_reporting(E_ALL);
-
-
-
mysql_connect("localhost",$username,$password);
-
@mysql_select_db($database) or die( "Unable to select database");
-
$query="SELECT * FROM $table WHERE bizState='$_POST'";
-
$result=mysql_query($query);
-
$ret = mysql_query($query) or die(mysql_error());
-
$num=mysql_numrows($result);
-
-
mysql_real_escape_string($result)
-
mysql_close();
-
-
-
-
echo "<b><center>Buildings in State</center></b><br><br>";
-
-
$i=0;
-
while ($i < $num) {
-
$name=mysql_result($result,$i,"bizName");
-
$address=mysql_result($result,$i,"bizAddress");
-
$city=mysql_result($result,$i,"bizCity");
-
$state=mysql_result($result,$i,"bizState");
-
$zip=mysql_result($result,$i,"bizZip");
-
$phone=mysql_result($result,$i,"bizPhone");
-
$email=mysql_result($result,$i,"bizEmail");
-
-
echo "<b>Name: $name</b><br>Phone: $phone<br>Type: $type<br>Address: $address<br>City: $city<br>State: $state<br>Zip: $zip<br>Email:$email<br>";
-
-
$i++;
-
}
-
-
-
?>
-
-
thanks again for all the help, having actual human break it down for you is invaluable.
You're going to have to be more clear abt what the error is if you want more help.
Hi Kovik
I am not sure what my error is exactly now, when I go to my first page Building Select and select a state from the drop down. On the following , 'results' page all i get is the page heading and nothing else.
My goal of the 2 scripts is to be able to select a state from the first script then display all the apartment buildings from that state in the second script.
I hope this clarifies.
Thanks a lot, I really appreciate the help.
- $query="SELECT * FROM $table WHERE bizState='$_POST'";
You do realize that $_POST is an array, right? print_r() $_POST and see what it gives you. You should know where to go from there.
Also, all data in the $_POST array is user input. As such, you have to cleanse or validate the data. For textual input, mysql_real_escape_string() will come in handy.
@Dormilich
How long have you been hiding this little treasure from us? o.O
I love PHP. :D
OMFG! That is the syntax that my query() function in my database uses. o.o - /**
-
* Query the database
-
* @param string Database query
-
* @param array Values to substitute into query
-
* @return Vol_Database_MySql
-
*/
-
public function query($query, array $substitutions);
Replaces values from $substitutions into the places that question marks are in $query (using mysql_real_escape_string and typecasting of numeric values). I thought it was clever and original >.<
for instance if i select Iowa, i get back 'Array ( [b] => IA )' What does the 'b' before the '=>' stand for? Also how do i get the post data to be used as part of the 'where' so that only rows with column 'bizState' matching $_POST are pulled.
I plead my massive ignorance as I try to teach myself here. Again many thanks for your patience.
thank you,thank you,thank you,thank you...
"Array ( [b] => IA )" means that the array has an element at index "b" that has the value "IA".
In order to access th value "IA", you want to access the "b" index. So, your query should be: - $query = "SELECT * FROM $table WHERE bizState='"
-
. mysql_real_escape_string($_POST['b']) . "'";
how freakin cool, it actually WORKS!!!
Can I Pick Your Brains A Little Further?...
Can you give me a general idea on how I could take these results and turn them into a page full of links each one pointing to a separate page for each result.
I think i understand a little how to concatenate together a url from the results, but do i point it to a template or something to generate a gazillion pages from the results or what?
Many thanks from a newbie fumbling in the dark.
You'll likely want to make use of the query string. The query string is the part of a URL that is followed by a question mark (?). It is a series of variables and values that will exist in the $_GET array. Example: - // index.php
-
$result = mysql_query("select `id`, `name` from `table`");
-
-
while ($data = mysql_fetch_object($result)) {
-
echo '<a href="item.php?id=', $result->id, '">', $result->name, '</a>';
-
}
- // item.php
-
$item = null;
-
-
if (isset($_GET['id'])) {
-
$id = (int)$_GET['id'];
-
$result = mysql_query("select * from `table` where `id` = {$id}");
-
$item = mysql_fetch_object($result);
-
}
-
-
if (!$item) {
-
echo 'Invalid item.';
-
} else {
-
echo 'Item name: ', $item->name;
-
}
Sign in to post your reply or Sign up for a free account.
Similar topics
by: Steven |
last post by:
I got a "Parse error: parse error in ..." in this line:
if(empty($_POST){
.....
But if I fist assign $ssn=$_POST; and then if(empty($ssn){ ......
|
by: Andrew E |
last post by:
Hi all
I've written a python program that adds orders into our order routing
simulation system. It works well, and has a syntax along these...
|
by: |
last post by:
Some time ago I installed VC# 2003, made a small generic project, compile
with the allow unsafe flag and I get the error below:
"error CS1577:...
|
by: Flip |
last post by:
I know the int.Parse("123") will result in an int of 123, but what happens
with a null? I believe it give a null exception (seems like I get either...
|
by: pinky |
last post by:
Hi all
I am having one web service where in at a time of calling one webmethod
through client application i am continuously getting following...
|
by: jacqueharper |
last post by:
I am having a problem with an Excel ListObject in my C# .NET
application. I am trying to map an XML schema to a ListObject, and
continue to get the...
|
by: comp.lang.tcl |
last post by:
set php {<? print_r("Hello World"); ?>}
puts $php; # PRINTS OUT <? print_r("Hello World"); ?>
puts
When I try this within TCL I get the...
|
by: JToe |
last post by:
Hi,
I have a sql statement which is as follows:-
INSERT INTO expense(Jan) SELECT sum(ECFAmount) FROM Transaction WHERE Date BETWEEN...
|
by: ana10192000 |
last post by:
VB6.0
Private dbParts as Database
Private dbParts as Recordset
guys help, i can't execute my program
compiler error says: " user-defined type...
|
by: Kemmylinns12 |
last post by:
Blockchain technology has emerged as a transformative force in the business world, offering unprecedented opportunities for innovation and...
|
by: Naresh1 |
last post by:
What is WebLogic Admin Training?
WebLogic Admin Training is a specialized program designed to equip individuals with the skills and knowledge...
|
by: jalbright99669 |
last post by:
Am having a bit of a time with URL Rewrite. I need to incorporate http to https redirect with a reverse proxy. I have the URL Rewrite rules made...
|
by: antdb |
last post by:
Ⅰ. Advantage of AntDB: hyper-convergence + streaming processing engine
In the overall architecture, a new "hyper-convergence" concept was...
|
by: Matthew3360 |
last post by:
Hi, I have a python app that i want to be able to get variables from a php page on my webserver. My python app is on my computer. How would I make it...
|
by: Matthew3360 |
last post by:
Hi,
I have been trying to connect to a local host using php curl. But I am finding it hard to do this. I am doing the curl get request from my web...
|
by: Carina712 |
last post by:
Setting background colors for Excel documents can help to improve the visual appeal of the document and make it easier to read and understand....
|
by: BLUEPANDA |
last post by:
At BluePanda Dev, we're passionate about building high-quality software and sharing our knowledge with the community. That's why we've created a SaaS...
|
by: Rahul1995seven |
last post by:
Introduction:
In the realm of programming languages, Python has emerged as a powerhouse. With its simplicity, versatility, and robustness, Python...
| | |
