Page 1 of 1

simple syntax error (i think)

Posted: Thu Aug 23, 2007 10:33 pm
by lafflin
I've been looking at this line for longer than I care to admit, can anyone see anything wrong with it? I'm going to swan dive from an overpass if I don't figure this out. Thanks.

Code: Select all

$query0 = "SELECT sid FROM student_info WHERE first_name LIKE '"$fn"' AND last_name LIKE '"$ln"' AND dob LIKE '"$dob"'" ;
	$result0 = @mysql_query ($query0);
error:
Parse error: syntax error, unexpected T_VARIABLE in C:\wamp\www\XXXXXXXXX\Student_info.php on line 82

82 is the first line above.

any help given is much appreciated

Posted: Thu Aug 23, 2007 10:44 pm
by John Cartwright
As our syntax highlighter is showing you, you are not escaping your quotes properly. Have a look here to understand how to properly use quotes

Posted: Thu Aug 23, 2007 11:19 pm
by lafflin
Thanks man, I appreciate that very much. I think I've just been looking at code for way too long.
I'm a bit confused though, any idea why this code didn't need to be escaped?

Code: Select all

$query = "SELECT * FROM student_info WHERE first_name LIKE '%".trim($_POST['fn'])."%' AND last_name LIKE '%".trim($_POST['ln'])."%'" ;

Posted: Thu Aug 23, 2007 11:41 pm
by nhan
try escaping the characters first before sending it to the query... that is what i usually do and it works...

Code: Select all

$data1 = trim ($_POST['fn']);
$data2 = trim ($_POST['ln']);

$query = "SELECT * FROM student_info WHERE first_name LIKE '%$data1%' AND last_name LIKE '%$data2%' ;

syntax error -forgot to escape quotes in my query- -solved-

Posted: Fri Aug 24, 2007 7:48 am
by lafflin
Um.....Huh?

Yeah it was the not escaping the quotes that was killing me. Thanks.

Posted: Fri Aug 24, 2007 8:20 am
by Zoxive

Posted: Fri Aug 24, 2007 9:31 am
by John Cartwright
nhan wrote:try escaping the characters first before sending it to the query... that is what i usually do and it works...

Code: Select all

$data1 = trim ($_POST['fn']);
$data2 = trim ($_POST['ln']);

$query = "SELECT * FROM student_info WHERE first_name LIKE '%$data1%' AND last_name LIKE '%$data2%' ;
That makes no difference.

Posted: Fri Aug 24, 2007 12:05 pm
by lafflin
wow, now I'm really confused.
I'm going to go ahead and try to trim my data before creating the query and see what happens. After escaping the apostropies, the query ran, but I can not pull any matching results even if I click back on the browser and resubmitt the same exact values (i'm using sticky forms).

simple sytax error (solved, I think)

Posted: Fri Aug 24, 2007 12:36 pm
by lafflin
To any other newbie reading this, Nhan was confusing the proccess of escaping (meaning escaping a special character with a backslash (\) with a built in fuction similar to trim (but specific to Mysql) that is called mysql_real_escape.

Or so that what I think is what just happened, but I'm a newb too and I might be mistaking.
Anyway, the issue was that I did not escape my query string.
the working query:

Code: Select all

$query0 = "SELECT sid FROM student_info WHERE first_name = '\"$fn\"' AND last_name = '\"$ln\"' AND dob = '\"$dob\"' " ;
this query does not yield any syntax errors, but it also does not return the results I was expecting.
I will need to create a seperate post for this issue to better describe it and show the whole script,
thank for all who assisted.

Posted: Fri Aug 24, 2007 4:10 pm
by feyd
You don't need a separate post/thread for your remaining problem.. it's the double quotes in the string.. they're making it fail to match anything.

Posted: Fri Aug 24, 2007 8:52 pm
by lafflin
I wish that I would have read your reply earlier Feyd. I've been trying to figure this out forever. Thanks anyway, I don't even know where I got those stupid double quotes from in the first place. I think I just need to stop for a few hours and take a nap. Thanks though.