 SQL syntax error |
  |
| NITI |
 Aug 31 2012, 05:56 AM
Post
#1
|
|
Group: Members Posts: 1 Joined: 31-August 12 Member No.: 17,716  |
I ma gettin this error when I am editting a page of my website from admin section.... It is only occuring if any image or Video is being inserted.......
ERROR is................ error :You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '420" height="315" frameborder="0" allowfullscreen="" src="http://www.youtube.com' at line 1 update newsheadline set headline="Independence Day celebrations at Akal Academy, Baru Sahib ", newsletter=" CODING of my Page is ----------- <? session_start(); include "connect_sql.php"; include "include/admin-log.php"; if($delgallery) { $dir = 'upimg/'; /* $files = scandir($dir); $f=0; foreach ($files as &$file) { if ($file==$delgallery) { unlink('upimg/'.$file); } } */ // Open a known directory, and proceed to read its contents if (is_dir($dir)) { if ($dh = opendir($dir)) { while (($file = readdir($dh)) !== false) { if ($file!='.' && $file!='..' ) { if($file==$delgallery) { unlink('upimg/'.$file); } } } closedir($dh); } } } if ( isset( $_POST ['Submit_editnews'])) { //****************For Delect Gallery form admin upimg Folder***************** if($_FILES[userfile][name]!='') { $dir = 'upimg/'; /* $files = scandir($dir); $f=0; foreach ($files as &$file) { if ($file!='.' && $file!='..' ) { $filename=explode('_',$file); if($filename[0]==$galleryid) { unlink('upimg/'.$file); break; } } } */ // Open a known directory, and proceed to read its contents if (is_dir($dir)) { if ($dh = opendir($dir)) { while (($file = readdir($dh)) !== false) { if ($file!='.' && $file!='..' ) { $filename=explode('_',$file); if($filename[0]==$galleryid) { unlink('upimg/'.$file); break; } } } closedir($dh); } } //****************For Delect Gallery form admin upimg Folder***************** //*********** **ADD **For Delect Gallery form admin upimg Folder***************** $filename=$galleryid.'_'.$_FILES[userfile][name]; $add="upimg/".$filename; // the path with the file name where the file will be stored, upload is the directory name. //echo $add; chmod("upimg",0777); if(move_uploaded_file ($_FILES[userfile][tmp_name],$add)){ $successmsg= "Successfully uploaded the mage"; chmod("$add",0777); }else{$successmsg .= "<br>Failed to upload gallery file Contact Site admin to fix the problem"; exit;} } //************End **ADD **For Delect Gallery form admin upimg Folder***************** if ($newsname2!='' && $FCKeditor1!='' ) { if (isset($_FILES['key1file'])) { @list(, , $imtype2, ) = getimagesize($_FILES['key1file']['tmp_name']); // Get image type. // We use @ to omit errors if ($imtype2 == 3) // cheking image type $ext2="png"; // to use it later in HTTP headers elseif ($imtype2 == 2) $ext2="jpeg"; elseif ($imtype2 == 1) $ext2="gif"; else $msg2 = '<font color="#CC0000"><center><b>Error: unknownffff file format</b></center></font>'; if (!isset($msg2)) // If there was no error { $data2 = file_get_contents($_FILES['key1file']['tmp_name']); $data2 = mysql_real_escape_string($data2); // Preparing data to be used in MySQL query } } $txtnewsid=$galleryid; $dd=explode('/',$dates2); $dd1=$dd[2].'-'.$dd[1].'-'.$dd[0]; if($data2!='') { $sql="update newsheadline set headline=\"".$newsname2."\", newsletter=\"".$FCKeditor1."\", img=\"".$data2."\" ,newsdate='".$dd1."', image_name=\"".$_FILES['key1file']['name']."\" where news_id='".$txtnewsid."'"; }else{ $sql="update newsheadline set headline=\"".$newsname2."\", newsletter=\"".$FCKeditor1."\",newsdate='".$dd1."' where news_id='".$txtnewsid."'"; } $result=mysql_query($sql); if(!$result) { die('error :'.mysql_error().'<br>'.$sql); } else { $successmsg = "<br><font color='#CC0000'><center><b>News Updated Successfully</b></center></font><br><br>"; } } } if ( isset( $_POST ['Submit_bill'])) { if ($newsname!='' && $FCKeditor1!='' ) { $checkdouble = mysql_num_rows(mysql_query("select * from newsheadline where headline=\"".$newsname."\";")); if ($checkdouble==0) { // Photo thumbnail upload if (isset($_FILES['key1file'])) { @list(, , $imtype2, ) = getimagesize($_FILES['key1file']['tmp_name']); // Get image type. // We use @ to omit errors if ($imtype2 == 3) // cheking image type $ext2="png"; // to use it later in HTTP headers elseif ($imtype2 == 2) $ext2="jpeg"; elseif ($imtype2 == 1) $ext2="gif"; else $msg2 = '<font color="#CC0000"><center><b>Error: unknownffff file format</b></center></font>'; if (!isset($msg2)) // If there was no error { $data2 = file_get_contents($_FILES['key1file']['tmp_name']); $data2 = mysql_real_escape_string($data2); // Preparing data to be used in MySQL query } } //-------------------------------------------------------------------- $sql="insert into newsheadline (headline, newsletter, newsdate ,img,image_name ) values ('".$newsname."','".$FCKeditor1."',\"".date('Y-m-d')."\",\"".$data2."\",\"".$_FILES['key1file']['name']."\")"; $_SESSION['aa']=$FCKeditor1; $result=mysql_query($sql); $ga_id=mysql_insert_id(); if(!$result) { die('error :'.mysql_error()); } else { $successmsg = "<br><font color='#CC0000'><center><b>News Added Successfully</b></center></font><br><br>"; // file are uploaded in upimg folder //echo "File Name: ".$_FILES[userfile][name]."<br>"; //echo "tmp name: ".$_FILES[userfile][tmp_name]."<br>"; //echo "File Type: ".$_FILES[userfile][type]."<br>"; //echo "<br><br>"; /////////////////////////////////////////////////////////////////////////// if($_FILES[userfile][name]!='') { $filename=$ga_id.'_'.$_FILES[userfile][name]; $add="upimg/".$filename; // the path with the file name where the file will be stored, upload is the directory name. //echo $add; chmod("upimg",0777); if(move_uploaded_file ($_FILES[userfile][tmp_name],$add)){ $successmsg= "Successfully uploaded the mage"; chmod("$add",0777); }else{$successmsg .= "<br>Failed to upload gallery file Contact Site admin to fix the problem"; exit;} } } } } } ?> <!doctype html public "-//W3C//DTD HTML 4.0 Transitional//EN"> <html> <head> <title>The Kalgidhar Society</title> <link rel="stylesheet" href="../style.css" type="text/css" > <meta name="keywords" content="View2Play"> <META NAME="name" CONTENT="View2Play"> <META NAME="description" CONTENT="View2Play"> <link rel="stylesheet" href="uploadify.css" type="text/css" > <script type="text/javascript" src="js/jquery-1.3.2.min.js"></script> <script type="text/javascript" src="js/jquery.uploadify.js"></script> <link href="css/css.css" rel="stylesheet" type="text/css"> </head> <body topmargin=0 leftmargin=0 class="bodyadmin"> <table width="100%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td colspan="2"><? include"header.php";?></td> </tr> <tr> <td colspan="2"><table width="95%" border="0" cellspacing="0" cellpadding="0"> <tr> <td align="right"> </td> </tr> <tr> <td align="right" height="11"></td> </tr> </table></td> </tr> <tr> <td width="17%" valign="top"><? print $approvemsg; print $activemsg; print $successmsg; // LOGGED IN if ($loginflag==1 ) { include ('include/menus.php'); // news LIST start ?></td> <td width="83%" valign="top"><? echo $sucessmsg; ?> <? // START MAIN if ($submiteditbtn) { $merge_category=''; $merge_obj=''; $gcategory=$category; if ($gcategory) { foreach ($gcategory as $tas) { $merge_category .= $tas. ", "; } $merge_category = substr($merge_category,0,-2); } if ($objlist) { foreach ($objlist as $tasobj) { $merge_obj .= $tasobj. ", "; } $merge_obj = substr($merge_obj,0,-2); } $sqlvideoupd = "Update video_list set featured='".$prefervideo."', videoname='".$videoname."', category='".$merge_category."', objective='".$merge_obj."', payable='".$prefervideo."', keywords='".$keywords."', description='".$description."' where video_list_id='".$videoid."';"; $resultvideoupd = mysql_query($sqlvideoupd); if (!$resultvideoupd) die('<br><br>Invalid query1: ' . mysql_error()); else print "<br><center><b>$videoname UPDATED</b></center><br><br>"; } // DELETE News if (isset($newsdel)) { for ($i=0; $i<count($_SESSION['sessnews_id']); $i++) { if ($newsdel[$i]) { //DELETE Category processing $sqldelc='DELETE FROM newsheadline where news_id=\''.$_SESSION['sessnews_id'][$i].'\';'; $resultdelc = mysql_query($sqldelc); if (!$resultdelc) die('<br><br>Invalid query: ' . mysql_error()); else print "<font color=#CC0000><center><b>DELETED SUCCESSFUL</b></center></font><br><br>"; } } } $editpage = 0; // Edit news if (isset($newsedit)) { for ($i=0; $i<count($_SESSION['sessnews_id']); $i++) { if ($newsedit[$i]) { //DELETE Category processing $sqleditc='select * from newsheadline where news_id=\''.$_SESSION['sessnews_id'][$i].'\' LIMIT 1;'; $resulteditc = mysql_query($sqleditc); if (!$resulteditc) die('<br><br>Invalid query: ' . mysql_error()); $recordedit = mysql_fetch_array($resulteditc); if ($recordedit) { $gnewsid = $recordedit['news_id']; $gheadline = $recordedit['headline']; $gheaddate = $recordedit['newsdate']; $gnewsletter = $recordedit['newsletter']; $gimage_name=$recordedit['image_name']; $editpage = 1; } } } } ?> <!-- LOGGED IN START MAIN --> <!-- START MAIN --> <form action="newslist.php" method="post" enctype="multipart/form-data" name="addvideoform" id="addvideoform" > <table width="90%" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#EEEEEE" class="bord_grey"> <tr> <td colspan="4" class="header_row"><img src="images/spacer.gif" width="15" height="16" border="0" alt="" /> NEWS LIST<img src="images/spacer.gif" width="15" height="16" border="0" alt="" /></td> </tr> <tr> <td class="tableleft" width="59"><img src="images/spacer.gif" width="3" height="100" border="0" alt="" /></td> <td colspan="2" valign="top"><!-- START MAIN --> <? if ($editpage==0) { ?> <br /> <? $sqlnews = "SELECT * FROM newsheadline order by newsdate desc"; $resultnews = mysql_query($sqlnews); if (!$resultnews) die('<br><br>Invalid query: ' . mysql_error()); $recordnews = mysql_fetch_array($resultnews); if ($recordnews) { print "<table cellpadding=0 cellspacing=0 border=0 width='710' align=center bgcolor='#CCCCCC' class='bord_grey'>"; print "<tr><td height='30'> </td><td><center>EDIT</center></td><td><center>DEL</center></td></tr>"; $sno=1; $_SESSION['sessnews_id']=array(); while ($recordnews) { $_SESSION['sessnews_id'][] = $recordnews["news_id"]; $getdatenews = $recordnews["newsdate"]; $datearray = explode("-",$getdatenews); $gdateformat = mktime(0,0,0,$datearray[1],$datearray[2],$datearray[0]); $pi = $sno-1; if ($sno%2==0) $gcolor = ' class="tdrowsodd"'; else $gcolor = ' class="tdrowseven"'; print "<tr class='odd'><td $gcolor><br> $sno. <b>".$recordnews["headline"]."</b>, <i>".date('d M Y',$gdateformat)."</i></td><td $gcolor ><center><INPUT TYPE=\"image\" SRC=\"images/icon-edit.png\" width=16 height=16 BORDER=0 ALT=\"Edit it\" name=\"newsedit[".$pi."]\" onClick='changeaction()' ></center></td><td $gcolor><center><INPUT TYPE=\"image\" SRC=\"images/icondel.png\" width=16 height=16 BORDER=0 ALT=\"Delete it\" name=\"newsdel[".$pi."]\" onClick=\"return confirm('Are you sure you want to delete news no.: ".$sno."?')\"></center></td></tr>"; $sno++; $recordnews = mysql_fetch_array($resultnews); } print "</table>"; } else print "<br><center> - No records -</center>"; } if ($editpage==1) { include('fckeditor/editnews.php'); } ?> <!-- END MAIN --> </td> <td class="tableright" width="44"><img src="images/spacer.gif" width="5" height="16" border="0" alt="" /></td> </tr> <tr> <td class="tablebottomleft" colspan="4" height="18"></td> </tr> </table> </form> <? // End ADD VIDEO } else Print "INVALID USER"; ?> <!-- END MAIN --> <? include ('include/login.php'); // END LAST COLUMN ?></td> </tr> <tr> <td height="100" colspan="2"> </td> </tr> <tr> <td colspan="2"><? include ('include/footer.php'); ?></td> </tr> </table> </body> </html> PLzzz replyyyyyyyyyyyyyyy A soon As Possible................ |
  |
 
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
|
Lo-Fi Version | Time is now: 26th April 2024 - 07:01 PM |
Invision Power Board
© 2024 IPS, Inc.
Licensed to: HTMLHelp.com, LLC