Help - Search - Members - Calendar
Full Version: You have an error in your SQL syntax
HTMLHelp Forums > Programming > Databases
Please help and thank you in advance. I cannot find the error: "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1"

mysql_connect("localhost", "username", "password") or die(mysql_error());
//echo "Connected to MySQL<br />";
mysql_select_db("staff") or die(mysql_error());
//echo "Connected to Database";
//echo "<br />";

$page_title = "Staff Directory";


<title><?php echo $page_title; ?></title>

<link rel="stylesheet" media="screen" type="text/css" href="interanet_new.css" />

<script language="javascript">

if (document.images) {
homeon = new Image(); // Active images
homeon.src = "";

homeoff = new Image(); // Inactive images
homeoff.src = "";

directon = new Image(); // Active images
directon.src = "";

directoff = new Image(); // Inactive images
directoff.src = "";

comphelpon = new Image(); // Active images
comphelpon.src = "";

comphelpoff = new Image(); // Inactive images
comphelpoff.src = "";

accnton = new Image(); // Active images
accnton.src = "";

accntoff = new Image(); // Inactive images
accntoff.src = "";

lienon = new Image(); // Active images
lienon.src = "";

lienoff = new Image(); // Inactive images
lienoff.src = "";

clockon = new Image(); // Active images
clockon.src = "";

clockoff = new Image(); // Inactive images
clockoff.src = "";

remaccon = new Image(); // Active images
remaccon.src = "";

remaccoff = new Image(); // Inactive images
remaccoff.src = "";

archiveson = new Image(); // Active images
archiveson.src = "";

archivesoff = new Image(); // Inactive images
archivesoff.src = "";


function imgOn(imgName) {

if (document.images) {
document[imgName].src = eval(imgName + "on.src");

function imgOff(imgName) {
if (document.images) {
document[imgName].src = eval(imgName + "off.src");

// -->

<script language="javascript" type="text/javascript">
function popitupH(url) {,'remote','scrollbars=yes,height=690,width=550');
if (window.focus) {newwindow.focus()}
return false;

// -->

<table class="main" align="center" width="805">
<td width=800 Background="../Images/Header_NEW.jpg">
<!-- Start menu Table -->
<table cellpadding="0" cellspacing="0" border="0" width="800" height="183">
<td><img src="../Images/Header_NEWlogo.jpg" width="800" height="152" border="0"><br>
<?php include("../Navigation.php");?>
<!-- End of menu Table -->
<td> <!-- Main Content Area -->
<table align='center'>
<tr valign="top" height = 550>
<td width=5></td>
<td width=125> <!-- Left Menu -->
<br><br><br><h5>Admin Area</h5>
<font size="2"><p><a href="NewAttorney.php">Add Attorney</a>
<br><a href="EditAttorney.php">Edit Attorney</a>
<br><br><a href="NewStaff.php">Add Staff</a>
<br><a href="EditStaff.php">Edit Staff</a>
<br><a href="AssignStaff.php">Assign Staff</a>
<br><br><a href="admin.html">Admin Home</a>
</td><form method="post" action="EditStaffPost.php" enctype="multipart/form-data">
<td width="25"></td>
<td align="center" width="500"> <br><br><h3>Edit a Current Staff Member</h3><hr>

<!-- Col 1 ------------------------------------------------------------------------------------------------>
<table align="left">
// Retrieve all the data for the selected staff member from the staff table
$result = mysql_query("SELECT * FROM staff where staff_id=$staffSel") or die(mysql_error());
$row = mysql_fetch_array($result);
echo "<tr><td></td><td width=125 class=main>Photo of: </td><td class=main>".$row['first_name']." ".$row['last_name']."</td><td></td></tr>";
echo "<input type=hidden name=first_name value=".$row['first_name'].">";
echo "<input type=hidden name=last_name value=".$row['last_name'].">";
<tr><td></td><td class="main">New Photo: </td><td class="main"><input type="file" name="photo">

<tr><td></td><td></td><td class="main"><input type="submit" name="image" value=" Update Photo "> </td><td></td></tr>

</td> <!-- end of col 1 ------------------------------------------------------------------------------------->
<td width="50"></td>
<td> <!-- Col 2 -------------------------------------------------------------------------------------------->
<table align="left">
<tr><td width="25"></td><td></td><td width="25"></tr>
<tr valign="top">
<td></td> <!--left margin column-->
<!-- Photo Section -->
<td align="left" class="main">
<!-- Image of Staff Member Selected-->
$result = mysql_query("SELECT image FROM staff where staff_id=$staffSel")or die(mysql_error());
echo "<img src=\"".$row['image']."\" width=\"125\" />";
<td></td> <!--right column border -->
</td> <!-- end of Col 2 ----------------------------------------------------------------------------------------->
</td> <!-- End of main content Area -->
<tr align="center">
<td valign="center" align="right" Background="../Images/footer.jpg" height="30"> <p class="footer">"We're here for you!"   Please <a href="" class="webMenu">email</a> us if you have any problems or questions.  </p> </td>
I think this line:
$result = mysql_query("SELECT * FROM staff where staff_id=$staffSel") or die(mysql_error());
should be:
$result = mysql_query("SELECT * FROM staff where staff_id='$staffSel'") or die(mysql_error());
Notice the single quote around the variable? Is $staffSel alpha or numeric? Alpha needs the single quotes, numeric doesn't.
Charles that was the issue, $staffSel is alpha and the single quotes fixed the issue, thank you!
QUOTE(spencer_4 @ Feb 9 2016, 05:58 PM) *

Charles that was the issue, $staffSel is alpha and the single quotes fixed the issue, thank you!

Glad that fixed the problem. You really shouldn't be using mysql_* functions anymore. They have been removed from PHP 7. You should be using mysqli_* functions or PDO. Also, you should be using the mysqli_real_escape_string function on all alpha data. Some characters will cause an error if not escaped.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2021 Invision Power Services, Inc.