The Web Design Group

... Making the Web accessible to all.

Welcome Guest ( Log In | Register )

 
Reply to this topicStart new topic
> You have an error in your SQL syntax
spencer_4
post Feb 9 2016, 05:10 PM
Post #1





Group: Members
Posts: 2
Joined: 9-February 16
Member No.: 23,975



Please help and thank you in advance. I cannot find the error: "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1"


<?php
$staffSel=$_GET["staffID"];
mysql_connect("localhost", "username", "password") or die(mysql_error());
//echo "Connected to MySQL<br />";
mysql_select_db("staff") or die(mysql_error());
//echo "Connected to Database";
//echo "<br />";

$page_title = "Staff Directory";

?>

<html>
<head>
<title><?php echo $page_title; ?></title>

<link rel="stylesheet" media="screen" type="text/css" href="interanet_new.css" />


<script language="javascript">

if (document.images) {
homeon = new Image(); // Active images
homeon.src = "http://intranet.law.internal/Images/home_on.jpg";

homeoff = new Image(); // Inactive images
homeoff.src = "http://intranet.law.internal/Images/home_off.jpg";


directon = new Image(); // Active images
directon.src = "http://intranet.law.internal/Images/directory_on.jpg";

directoff = new Image(); // Inactive images
directoff.src = "http://intranet.law.internal/Images/directory_off.jpg";


comphelpon = new Image(); // Active images
comphelpon.src = "http://intranet.law.internal/Images/computerhelp_on.jpg";

comphelpoff = new Image(); // Inactive images
comphelpoff.src = "http://intranet.law.internal/Images/computerhelp_off.jpg";


accnton = new Image(); // Active images
accnton.src = "http://intranet.law.internal/Images/accounting_on.jpg";

accntoff = new Image(); // Inactive images
accntoff.src = "http://intranet.law.internal/Images/accounting_off.jpg";


lienon = new Image(); // Active images
lienon.src = "http://intranet.law.internal/Images/LienMaterials_on.jpg";

lienoff = new Image(); // Inactive images
lienoff.src = "http://intranet.law.internal/Images/LienMaterials_off.jpg";



clockon = new Image(); // Active images
clockon.src = "http://intranet.law.internal/Images/clockin_on.jpg";

clockoff = new Image(); // Inactive images
clockoff.src = "http://intranet.law.internal/Images/clockin_off.jpg";


remaccon = new Image(); // Active images
remaccon.src = "http://intranet.law.internal/Images/remoteaccess_on.jpg";

remaccoff = new Image(); // Inactive images
remaccoff.src = "http://intranet.law.internal/Images/remoteaccess_off.jpg";



archiveson = new Image(); // Active images
archiveson.src = "http://intranet.law.internal/Images/archives_on.jpg";

archivesoff = new Image(); // Inactive images
archivesoff.src = "http://intranet.law.internal/Images/archives_off.jpg";

}

function imgOn(imgName) {

if (document.images) {
document[imgName].src = eval(imgName + "on.src");
}
}

function imgOff(imgName) {
if (document.images) {
document[imgName].src = eval(imgName + "off.src");
}
}

// -->
</script>



<script language="javascript" type="text/javascript">
<!--
function popitupH(url) {
newwindow=window.open(url,'remote','scrollbars=yes,height=690,width=550');
if (window.focus) {newwindow.focus()}
return false;
}

// -->
</script>


</head>
<body>
<table class="main" align="center" width="805">
<tr>
<td width=800 Background="../Images/Header_NEW.jpg">
<!-- Start menu Table -->
<table cellpadding="0" cellspacing="0" border="0" width="800" height="183">
<tr>
<td><img src="../Images/Header_NEWlogo.jpg" width="800" height="152" border="0"><br>
<?php include("../Navigation.php");?>
</td>
</tr>
</table>
<!-- End of menu Table -->
</td>
</tr>
<tr>
<td> <!-- Main Content Area -->
<table align='center'>
<tr valign="top" height = 550>
<td width=5></td>
<td width=125> <!-- Left Menu -->
<br><br><br><h5>Admin Area</h5>
<font size="2"><p><a href="NewAttorney.php">Add Attorney</a>
<br><a href="EditAttorney.php">Edit Attorney</a>
<br><br><a href="NewStaff.php">Add Staff</a>
<br><a href="EditStaff.php">Edit Staff</a>
<br><a href="AssignStaff.php">Assign Staff</a>
<br><br><a href="admin.html">Admin Home</a>
</p></font>
</td><form method="post" action="EditStaffPost.php" enctype="multipart/form-data">
<td width="25"></td>
<td align="center" width="500"> <br><br><h3>Edit a Current Staff Member</h3><hr>


<table>
<tr><td>
<!-- Col 1 ------------------------------------------------------------------------------------------------>
<table align="left">
<tr></tr>
<?php
// Retrieve all the data for the selected staff member from the staff table
$result = mysql_query("SELECT * FROM staff where staff_id=$staffSel") or die(mysql_error());
$row = mysql_fetch_array($result);
echo "<tr><td></td><td width=125 class=main>Photo of: </td><td class=main>".$row['first_name']." ".$row['last_name']."</td><td></td></tr>";
echo "<input type=hidden name=first_name value=".$row['first_name'].">";
echo "<input type=hidden name=last_name value=".$row['last_name'].">";
?>
<tr><td></td><td class="main">New Photo: </td><td class="main"><input type="file" name="photo">
</td><td></td></tr>

<tr><td></td><td></td><td class="main"><input type="submit" name="image" value=" Update Photo "> </td><td></td></tr>
</form></table>

</td> <!-- end of col 1 ------------------------------------------------------------------------------------->
<td width="50"></td>
<td> <!-- Col 2 -------------------------------------------------------------------------------------------->
<table align="left">
<tr><td width="25"></td><td></td><td width="25"></tr>
<tr valign="top">
<td></td> <!--left margin column-->
<td>
</td>
<!-- Photo Section -->
<td align="left" class="main">
<!-- Image of Staff Member Selected-->
<?php
$result = mysql_query("SELECT image FROM staff where staff_id=$staffSel")or die(mysql_error());
$row=mysql_fetch_array($result);
echo "<img src=\"".$row['image']."\" width=\"125\" />";
?>
</td>
<td></td> <!--right column border -->
</tr></table>
</td> <!-- end of Col 2 ----------------------------------------------------------------------------------------->
</tr></table>
</td>
</tr>
</table>
</td> <!-- End of main content Area -->
</tr>
<tr align="center">
<td valign="center" align="right" Background="../Images/footer.jpg" height="30"> <p class="footer">"We're here for you!"   Please <a href="mailto:litigationsupport@dbbwlaw.com" class="webMenu">email</a> us if you have any problems or questions.  </p> </td>
</tr>
</table>
</body>
</html>
User is offlinePM
Go to the top of the page
Toggle Multi-post QuotingQuote Post
CharlesEF
post Feb 9 2016, 06:45 PM
Post #2


This is My Life
*******

Group: Members
Posts: 1,433
Joined: 27-April 13
From: Edinburg, Texas
Member No.: 19,088



I think this line:
CODE
$result = mysql_query("SELECT * FROM staff where staff_id=$staffSel") or die(mysql_error());
should be:
CODE
$result = mysql_query("SELECT * FROM staff where staff_id='$staffSel'") or die(mysql_error());
Notice the single quote around the variable? Is $staffSel alpha or numeric? Alpha needs the single quotes, numeric doesn't.
User is offlinePM
Go to the top of the page
Toggle Multi-post QuotingQuote Post
spencer_4
post Feb 9 2016, 06:58 PM
Post #3





Group: Members
Posts: 2
Joined: 9-February 16
Member No.: 23,975



Charles that was the issue, $staffSel is alpha and the single quotes fixed the issue, thank you!
User is offlinePM
Go to the top of the page
Toggle Multi-post QuotingQuote Post
CharlesEF
post Feb 9 2016, 08:17 PM
Post #4


This is My Life
*******

Group: Members
Posts: 1,433
Joined: 27-April 13
From: Edinburg, Texas
Member No.: 19,088



QUOTE(spencer_4 @ Feb 9 2016, 05:58 PM) *

Charles that was the issue, $staffSel is alpha and the single quotes fixed the issue, thank you!

Glad that fixed the problem. You really shouldn't be using mysql_* functions anymore. They have been removed from PHP 7. You should be using mysqli_* functions or PDO. Also, you should be using the mysqli_real_escape_string function on all alpha data. Some characters will cause an error if not escaped.
User is offlinePM
Go to the top of the page
Toggle Multi-post QuotingQuote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



- Lo-Fi Version Time is now: 19th October 2017 - 10:29 PM