You have an error in your SQL syntax |
You have an error in your SQL syntax |
spencer_4 |
Feb 9 2016, 05:10 PM
Post
#1
|
Group: Members Posts: 2 Joined: 9-February 16 Member No.: 23,975 |
Please help and thank you in advance. I cannot find the error: "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1"
<?php $staffSel=$_GET["staffID"]; mysql_connect("localhost", "username", "password") or die(mysql_error()); //echo "Connected to MySQL<br />"; mysql_select_db("staff") or die(mysql_error()); //echo "Connected to Database"; //echo "<br />"; $page_title = "Staff Directory"; ?> <html> <head> <title><?php echo $page_title; ?></title> <link rel="stylesheet" media="screen" type="text/css" href="interanet_new.css" /> <script language="javascript"> if (document.images) { homeon = new Image(); // Active images homeon.src = "http://intranet.law.internal/Images/home_on.jpg"; homeoff = new Image(); // Inactive images homeoff.src = "http://intranet.law.internal/Images/home_off.jpg"; directon = new Image(); // Active images directon.src = "http://intranet.law.internal/Images/directory_on.jpg"; directoff = new Image(); // Inactive images directoff.src = "http://intranet.law.internal/Images/directory_off.jpg"; comphelpon = new Image(); // Active images comphelpon.src = "http://intranet.law.internal/Images/computerhelp_on.jpg"; comphelpoff = new Image(); // Inactive images comphelpoff.src = "http://intranet.law.internal/Images/computerhelp_off.jpg"; accnton = new Image(); // Active images accnton.src = "http://intranet.law.internal/Images/accounting_on.jpg"; accntoff = new Image(); // Inactive images accntoff.src = "http://intranet.law.internal/Images/accounting_off.jpg"; lienon = new Image(); // Active images lienon.src = "http://intranet.law.internal/Images/LienMaterials_on.jpg"; lienoff = new Image(); // Inactive images lienoff.src = "http://intranet.law.internal/Images/LienMaterials_off.jpg"; clockon = new Image(); // Active images clockon.src = "http://intranet.law.internal/Images/clockin_on.jpg"; clockoff = new Image(); // Inactive images clockoff.src = "http://intranet.law.internal/Images/clockin_off.jpg"; remaccon = new Image(); // Active images remaccon.src = "http://intranet.law.internal/Images/remoteaccess_on.jpg"; remaccoff = new Image(); // Inactive images remaccoff.src = "http://intranet.law.internal/Images/remoteaccess_off.jpg"; archiveson = new Image(); // Active images archiveson.src = "http://intranet.law.internal/Images/archives_on.jpg"; archivesoff = new Image(); // Inactive images archivesoff.src = "http://intranet.law.internal/Images/archives_off.jpg"; } function imgOn(imgName) { if (document.images) { document[imgName].src = eval(imgName + "on.src"); } } function imgOff(imgName) { if (document.images) { document[imgName].src = eval(imgName + "off.src"); } } // --> </script> <script language="javascript" type="text/javascript"> <!-- function popitupH(url) { newwindow=window.open(url,'remote','scrollbars=yes,height=690,width=550'); if (window.focus) {newwindow.focus()} return false; } // --> </script> </head> <body> <table class="main" align="center" width="805"> <tr> <td width=800 Background="../Images/Header_NEW.jpg"> <!-- Start menu Table --> <table cellpadding="0" cellspacing="0" border="0" width="800" height="183"> <tr> <td><img src="../Images/Header_NEWlogo.jpg" width="800" height="152" border="0"><br> <?php include("../Navigation.php");?> </td> </tr> </table> <!-- End of menu Table --> </td> </tr> <tr> <td> <!-- Main Content Area --> <table align='center'> <tr valign="top" height = 550> <td width=5></td> <td width=125> <!-- Left Menu --> <br><br><br><h5>Admin Area</h5> <font size="2"><p><a href="NewAttorney.php">Add Attorney</a> <br><a href="EditAttorney.php">Edit Attorney</a> <br><br><a href="NewStaff.php">Add Staff</a> <br><a href="EditStaff.php">Edit Staff</a> <br><a href="AssignStaff.php">Assign Staff</a> <br><br><a href="admin.html">Admin Home</a> </p></font> </td><form method="post" action="EditStaffPost.php" enctype="multipart/form-data"> <td width="25"></td> <td align="center" width="500"> <br><br><h3>Edit a Current Staff Member</h3><hr> <table> <tr><td> <!-- Col 1 ------------------------------------------------------------------------------------------------> <table align="left"> <tr></tr> <?php // Retrieve all the data for the selected staff member from the staff table $result = mysql_query("SELECT * FROM staff where staff_id=$staffSel") or die(mysql_error()); $row = mysql_fetch_array($result); echo "<tr><td></td><td width=125 class=main>Photo of: </td><td class=main>".$row['first_name']." ".$row['last_name']."</td><td></td></tr>"; echo "<input type=hidden name=first_name value=".$row['first_name'].">"; echo "<input type=hidden name=last_name value=".$row['last_name'].">"; ?> <tr><td></td><td class="main">New Photo: </td><td class="main"><input type="file" name="photo"> </td><td></td></tr> <tr><td></td><td></td><td class="main"><input type="submit" name="image" value=" Update Photo "> </td><td></td></tr> </form></table> </td> <!-- end of col 1 -------------------------------------------------------------------------------------> <td width="50"></td> <td> <!-- Col 2 --------------------------------------------------------------------------------------------> <table align="left"> <tr><td width="25"></td><td></td><td width="25"></tr> <tr valign="top"> <td></td> <!--left margin column--> <td> </td> <!-- Photo Section --> <td align="left" class="main"> <!-- Image of Staff Member Selected--> <?php $result = mysql_query("SELECT image FROM staff where staff_id=$staffSel")or die(mysql_error()); $row=mysql_fetch_array($result); echo "<img src=\"".$row['image']."\" width=\"125\" />"; ?> </td> <td></td> <!--right column border --> </tr></table> </td> <!-- end of Col 2 -----------------------------------------------------------------------------------------> </tr></table> </td> </tr> </table> </td> <!-- End of main content Area --> </tr> <tr align="center"> <td valign="center" align="right" Background="../Images/footer.jpg" height="30"> <p class="footer">"We're here for you!" Please <a href="mailto:litigationsupport@dbbwlaw.com" class="webMenu">email</a> us if you have any problems or questions. </p> </td> </tr> </table> </body> </html> |
CharlesEF |
Feb 9 2016, 06:45 PM
Post
#2
|
Programming Fanatic Group: Members Posts: 1,981 Joined: 27-April 13 From: Edinburg, Texas Member No.: 19,088 |
I think this line:
CODE $result = mysql_query("SELECT * FROM staff where staff_id=$staffSel") or die(mysql_error()); should be:CODE $result = mysql_query("SELECT * FROM staff where staff_id='$staffSel'") or die(mysql_error()); Notice the single quote around the variable? Is $staffSel alpha or numeric? Alpha needs the single quotes, numeric doesn't. |
spencer_4 |
Feb 9 2016, 06:58 PM
Post
#3
|
Group: Members Posts: 2 Joined: 9-February 16 Member No.: 23,975 |
Charles that was the issue, $staffSel is alpha and the single quotes fixed the issue, thank you!
|
CharlesEF |
Feb 9 2016, 08:17 PM
Post
#4
|
Programming Fanatic Group: Members Posts: 1,981 Joined: 27-April 13 From: Edinburg, Texas Member No.: 19,088 |
Charles that was the issue, $staffSel is alpha and the single quotes fixed the issue, thank you! Glad that fixed the problem. You really shouldn't be using mysql_* functions anymore. They have been removed from PHP 7. You should be using mysqli_* functions or PDO. Also, you should be using the mysqli_real_escape_string function on all alpha data. Some characters will cause an error if not escaped. |
Lo-Fi Version | Time is now: 24th April 2024 - 06:17 AM |