By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
432,650 Members | 1,778 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 432,650 IT Pros & Developers. It's quick & easy.

help finding "Parse error: syntax error, unexpected T_STRING"

riverdale1567
P: 13
Hi I am a newbie trying to get some of my first code working, yada yada yada.

I have a drop down box which chooses a state then takes the post data to 'processform2.php' to use that to pull up all the rows which have the corresponding state.
I am getting this 'Parse error: syntax error, unexpected T_STRING in /home/attorney/public_html/' on line 13
Expand|Select|Wrap|Line Numbers
  1. <?
  2. $username="XXXXXXXX";
  3. $password="XXXXXX";
  4. $database="XXXXXXXX";
  5.  
  6.  
  7. ini_set('display_errors',1);
  8. error_reporting(E_ALL);
  9.  
  10.  
  11. mysql_connect("localhost",$username,$password);
  12. @mysql_select_db($database) or die( "Unable to select database");
  13. $query='SELECT * FROM BIZ_APARTMENTS WHERE $_POST('bizState')';
  14. $result=mysql_query($query);
  15.  
  16. $num=mysql_numrows($result);
  17.  
  18. mysql_close();
  19.  
  20. echo "<b><center>Buildings in State</center></b><br><br>";
  21.  
  22. $i=0;
  23. while ($i < $num) {
  24.  
  25. $name=mysql_result($result,$i,"bizName");
  26. $address=mysql_result($result,$i,"bizAddress");
  27. $city=mysql_result($result,$i,"bizCity");
  28. $state=mysql_result($result,$i,"bizState");
  29. $zip=mysql_result($result,$i,"bizZip");
  30. $phone=mysql_result($result,$i,"bizPhone");
  31. $email=mysql_result($result,$i,"bizEmail");
  32.  
  33. echo "<b>Name: $name</b><br>Phone: $phone<br>Type: $type<br>Address: $address<br>City: $city<br>State: $state<br>Zip: $zip<br>Email:$email<br>";
  34.  
  35. $i++;
  36. }
  37.  
  38. ?>
Thanks a million,
Dec 16 '09 #1
Share this Question
Share on Google+
14 Replies


Dormilich
Expert Mod 5K+
P: 8,639
the apostrophe at offset 51 closes the string, after that you have to use the command end (;) or string concatenation operator (.).

and please please secure your SQL against SQL Injection (e.g. by means of mysql_real_escape_string())
Dec 16 '09 #2

kovik
Expert 100+
P: 1,044
Line 13 is messed up a lot. Firstly, your query is invalid. It will return results, but not what you think. The WHERE clause requires a condition that each row that you want to select has to meet. If you were to say "WHERE 1", then all rows would be selected. If you were to say "WHERE `id` = 1", then only rows where "`id` = 1" is true would be selected. Conditions are more than just a single variable.

Secondly, you can't have the same type of quotation marks inside of the same type of quotation marks without escaping them (using the "\" character).

Thirdly, arrays do not use parentheses for subscript; they use brackets ("[" and "]").

Fourthly, all data in the $_POST array is user input. Therefore, it is unsafe in its raw form. Cleanse it using mysql_real_escape_string().
Dec 16 '09 #3

riverdale1567
P: 13
Hi, first let me say thank you to both of you for helping me, I really appreciate it. I have reworked it a little bit but now no error message, but just a echo of my heading only.
here are the 2 php scripts that are involved. Building Select try it out, plz
Expand|Select|Wrap|Line Numbers
  1. <?php
  2. /*  Program name: buildSelect.php
  3.  *  Description:  Program builds a selection list 
  4.  *                from the database.
  5.  */
  6. ?>
  7. <html>
  8. <head><title>Building info by state</title></head>
  9. <body>
  10. <?php
  11.   $user="attorney_test";
  12.   $host="localhost";
  13.   $password="Baronj55";
  14.   $database = "attorney_test";
  15.  
  16.   $cxn = mysqli_connect($host,$user,$password,$database)
  17.          or die ("couldn't connect to server");
  18.   $query = "SELECT DISTINCT bizState FROM BIZ_APARTMENTS ORDER BY bizState";
  19.   $result = mysqli_query($cxn,$query)
  20.             or die ("Couldn't execute query.");
  21.  
  22.  /* create form containing selection list */
  23.   echo "<form action='processform2.php' method='POST'>
  24.         <select name='b'>\n";
  25.  
  26.   while ($row = mysqli_fetch_assoc($result))
  27.   {
  28.      extract($row);
  29.      echo "<option value='$bizState'>$bizState\n";
  30.   }
  31.   echo "</select>\n";
  32.   echo "<input type='submit' value='Select State in which building is located'>
  33.         </form>\n";
  34. ?>
  35. </body></html>
  36.  
here is the 2nd script
Expand|Select|Wrap|Line Numbers
  1. <?
  2. $username="attorney_test";
  3. $password="Baronj55";
  4. $database="attorney_test";
  5. $table="BIZ_APARTMENTS";  
  6. $column="bizState";
  7. ini_set('display_errors',1);
  8. error_reporting(E_ALL);
  9.  
  10.  
  11. mysql_connect("localhost",$username,$password);
  12. @mysql_select_db($database) or die( "Unable to select database");
  13. $query="SELECT * FROM $table WHERE bizState='$_POST'";
  14. $result=mysql_query($query);
  15. $ret = mysql_query($query) or die(mysql_error());  
  16. $num=mysql_numrows($result);
  17.  
  18. mysql_real_escape_string($result)
  19.  mysql_close();
  20.  
  21.  
  22.  
  23.  echo "<b><center>Buildings in State</center></b><br><br>";
  24.  
  25. $i=0;
  26. while ($i < $num) {
  27. $name=mysql_result($result,$i,"bizName");
  28. $address=mysql_result($result,$i,"bizAddress");
  29. $city=mysql_result($result,$i,"bizCity");
  30. $state=mysql_result($result,$i,"bizState");
  31. $zip=mysql_result($result,$i,"bizZip");
  32. $phone=mysql_result($result,$i,"bizPhone");
  33. $email=mysql_result($result,$i,"bizEmail");
  34.  
  35.  echo "<b>Name: $name</b><br>Phone: $phone<br>Type: $type<br>Address: $address<br>City: $city<br>State: $state<br>Zip: $zip<br>Email:$email<br>";
  36.  
  37. $i++;
  38.  }
  39.  
  40.  
  41.  ?>
  42.  
  43.  
thanks again for all the help, having actual human break it down for you is invaluable.
Dec 18 '09 #4

kovik
Expert 100+
P: 1,044
You're going to have to be more clear abt what the error is if you want more help.
Dec 18 '09 #5

riverdale1567
P: 13
Hi Kovik
I am not sure what my error is exactly now, when I go to my first page Building Select and select a state from the drop down. On the following , 'results' page all i get is the page heading and nothing else.
My goal of the 2 scripts is to be able to select a state from the first script then display all the apartment buildings from that state in the second script.
I hope this clarifies.
Thanks a lot, I really appreciate the help.
Dec 18 '09 #6

kovik
Expert 100+
P: 1,044
Expand|Select|Wrap|Line Numbers
  1. $query="SELECT * FROM $table WHERE bizState='$_POST'";
You do realize that $_POST is an array, right? print_r() $_POST and see what it gives you. You should know where to go from there.

Also, all data in the $_POST array is user input. As such, you have to cleanse or validate the data. For textual input, mysql_real_escape_string() will come in handy.
Dec 18 '09 #7

Dormilich
Expert Mod 5K+
P: 8,639
you may additionally want to look into PHP Filter Functions.
Dec 18 '09 #8

kovik
Expert 100+
P: 1,044
@Dormilich
How long have you been hiding this little treasure from us? o.O
I love PHP. :D
Dec 18 '09 #9

Dormilich
Expert Mod 5K+
P: 8,639
wait until I rant about Prepared Statements again.
Dec 18 '09 #10

kovik
Expert 100+
P: 1,044
OMFG! That is the syntax that my query() function in my database uses. o.o

Expand|Select|Wrap|Line Numbers
  1. /**
  2.  * Query the database
  3.  * @param string Database query
  4.  * @param array Values to substitute into query
  5.  * @return Vol_Database_MySql
  6.  */
  7. public function query($query, array $substitutions);
Replaces values from $substitutions into the places that question marks are in $query (using mysql_real_escape_string and typecasting of numeric values). I thought it was clever and original >.<
Dec 18 '09 #11

riverdale1567
P: 13
for instance if i select Iowa, i get back 'Array ( [b] => IA )' What does the 'b' before the '=>' stand for? Also how do i get the post data to be used as part of the 'where' so that only rows with column 'bizState' matching $_POST are pulled.

I plead my massive ignorance as I try to teach myself here. Again many thanks for your patience.
thank you,thank you,thank you,thank you...
Dec 18 '09 #12

kovik
Expert 100+
P: 1,044
"Array ( [b] => IA )" means that the array has an element at index "b" that has the value "IA".

In order to access th value "IA", you want to access the "b" index. So, your query should be:
Expand|Select|Wrap|Line Numbers
  1. $query = "SELECT * FROM $table WHERE bizState='"
  2.        . mysql_real_escape_string($_POST['b']) . "'";
Dec 18 '09 #13

riverdale1567
P: 13
how freakin cool, it actually WORKS!!!

Can I Pick Your Brains A Little Further?...

Can you give me a general idea on how I could take these results and turn them into a page full of links each one pointing to a separate page for each result.
I think i understand a little how to concatenate together a url from the results, but do i point it to a template or something to generate a gazillion pages from the results or what?
Many thanks from a newbie fumbling in the dark.
Dec 18 '09 #14

kovik
Expert 100+
P: 1,044
You'll likely want to make use of the query string. The query string is the part of a URL that is followed by a question mark (?). It is a series of variables and values that will exist in the $_GET array. Example:

Expand|Select|Wrap|Line Numbers
  1. // index.php
  2. $result = mysql_query("select `id`, `name` from `table`");
  3.  
  4. while ($data = mysql_fetch_object($result)) {
  5.     echo '<a href="item.php?id=', $result->id, '">', $result->name, '</a>';
  6. }
Expand|Select|Wrap|Line Numbers
  1. // item.php
  2. $item = null;
  3.  
  4. if (isset($_GET['id'])) {
  5.     $id = (int)$_GET['id'];
  6.     $result = mysql_query("select * from `table` where `id` = {$id}");
  7.     $item = mysql_fetch_object($result);
  8. }
  9.  
  10. if (!$item) {
  11.     echo 'Invalid item.';
  12. } else {
  13.     echo 'Item name: ', $item->name;
  14. }
Dec 18 '09 #15

Post your reply

Sign in to post your reply or Sign up for a free account.