Page 1 of 1

Unexpected T_STRING

Posted: Tue Jul 18, 2006 1:34 am
by cturner
I have the following code and I don't know why it is happening:
Parse error: parse error, unexpected T_STRING in /home/blu6592/public_html/diary2/modify_entry.php on line 4
Here is my code that I am working with:

Code: Select all

require "config.php";

$query = 'UPDATE diary_contents SET diary_entry = '$_POST['diary_entry']'';
	
if (mysql_query ($query)) {
	print '<p>The diary entry has been modified. <a href=view.php>Click here</a> to continue.</p>';
} else {
	print "<p>Could not add the entry because: <b>" . mysql_error() .
	"</b>. The query was $query.</p>";
}

mysql_close();

Posted: Tue Jul 18, 2006 1:37 am
by RobertGonzalez
You're not escaping your quotes.

Code: Select all

$query = 'UPDATE diary_contents SET diary_entry = '$_POST['diary_entry']'';
Should be

Code: Select all

$query = 'UPDATE diary_contents SET diary_entry = \'' . $_POST['diary_entry'] . '\'';

Posted: Tue Jul 18, 2006 1:37 am
by daedalus__
It's happening because you have an unexpected T_STRING.

You are missing the string concatenator:

Code: Select all

require "config.php"; 

$query = 'UPDATE diary_contents SET diary_entry = ' . $_POST['diary_entry'] . ''; 
        
if (mysql_query ($query)) { 
        print '<p>The diary entry has been modified. <a href=view.php>Click here</a> to continue.</p>'; 
} else { 
        print "<p>Could not add the entry because: <b>" . mysql_error() . 
        "</b>. The query was $query.</p>"; 
} 

mysql_close();

Posted: Tue Jul 18, 2006 1:37 am
by daedalus__
argh you beat me!

Posted: Tue Jul 18, 2006 1:38 am
by RobertGonzalez
Daed,

1) Haha, I beat you to it.
2) bbCode formatting doesn't work inside of code or php tags.

Posted: Tue Jul 18, 2006 1:39 am
by daedalus__
It looks like you aren't escaping your post data either, you should probably

Code: Select all

mysql_real_escape_string($_POST['diary_entry'])

Posted: Tue Jul 18, 2006 1:41 am
by cturner
Thanks. Problem is now solved.