Page 1 of 1

Completely stuffed, can someone see an obvious error?

Posted: Tue May 27, 2008 5:43 am
by jamesiw
Hi, I am developing a bak end for a client, I have used this template of my own on a few sites and never had a problem, all of a sudden when i go to edit something i get an syntax error saying i cant use projects_id=(id in here...) at line 1,
attached is the source of the offending page, i have been over and over and cant find what's wrong... Thanks in advance

Code: Select all

 
<?php
session_start();
if (!isset($_SESSION['user'])) {
    header ("Location: http://" . $_SERVER['HTTP_HOST'] .dirname($_SERVER['PHP_SELF']) . "/index.php");
    exit();
}
?>
<?php require_once('../Connections/connect.php'); ?>
<?php
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;
 
  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
 
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
 
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "projects_edit")) {
  
  $projects_name = $HTTP_POST_VARS['projects_name'];
  $projects_description = $HTTP_POST_VARS['projects_description'];
  $projects_content = $HTTP_POST_VARS['projects_content'];
  $projects_id = $HTTP_POST_VARS['projects_id_edit'];
  
  if($_FILES['projects_image']['name'] > '') {
    $filename_graph = str_replace(' ', '', $_FILES['projects_image']['name']); 
    $filename_graph = "hamper/$filename_graph"; 
    
    $uploadDir_graph = '../hamper/';
    $uploadFile_graph = $uploadDir_graph . $_FILES['projects_image']['name'];
  
    move_uploaded_file($_FILES['projects_image']['tmp_name'], $uploadFile_graph);
  } else {
    $filename_graph = $HTTP_POST_VARS['previous_img'];
  }
  
  if($HTTP_GET_VARS['action'] == 'new') {
    $insertSQL = sprintf("INSERT INTO projects (projects_name, projects_description, projects_content, projects_image) VALUES ('" . $projects_name . "', '" . $projects_description . "', '" . $projects_content . "', '" . $filename_graph . "')");
    
    mysql_select_db($database_islandsurveys, $islandsurveys);
    $Result1 = mysql_query($insertSQL, $islandsurveys) or die(mysql_error());
  
    $insertGoTo = "projects.php";
    if (isset($_SERVER['QUERY_STRING'])) {
      $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
      $insertGoTo .= $_SERVER['QUERY_STRING'];
    }
    header(sprintf("Location: %s", $insertGoTo));
  } else {
    $insertSQL = sprintf("UPDATE projects set projects_name='" . $projects_name . "', projects_description = '" . $projects_description . "', projects_content = '" . $projects_content . "' projects_id = '" . $projects_id . "'");
    
    mysql_select_db($database_islandsurveys, $islandsurveys);
    $Result1 = mysql_query($insertSQL, $islandsurveys) or die(mysql_error());
  
    $insertGoTo = "projects.php?projects_id=" . $projects_id . "";
    if (isset($_SERVER['QUERY_STRING'])) {
      $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
      $insertGoTo .= $_SERVER['QUERY_STRING'];
    }
    header(sprintf("Location: %s", $insertGoTo));
  }
}
 
$delete = 0;
$delete = $_GET['delete'];
 
if($delete == 1){
  $projects_id = $_GET['projects_id'];
  
  $deleteSQL = sprintf("DELETE FROM projects WHERE projects_id = '$projects_id'");
 
  mysql_select_db($database_islandsurveys, $islandsurveys);
  $Result1 = mysql_query($deleteSQL, $islandsurveys) or die(mysql_error());
  
  $delete = 0;
 
  $deleteGoTo = "projects.php";
  
  header(sprintf("Location: %s", $deleteGoTo));
 
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>IslandSurveys.co.uk CMS Panel - Centerfold Design</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="main.css" rel="stylesheet" type="text/css">
<style type="text/css">
<!--
body {
    margin-left: 0px;
    margin-top: 0px;
    margin-right: 0px;
    margin-bottom: 0px;
}
-->
</style>
</head>
 
<body>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
  <tr>
    <td colspan="2"><img src="img/logo.jpg" width="118" height="50"></td>
  </tr>
  <tr>
    <td width="14%"  height="3" bgcolor="#00add0"></td>
    <td width="86%" bgcolor="#00add0"></td>
  </tr>
  <tr>
    <td colspan="2">&nbsp;</td>
  </tr>
  <tr>
    <td colspan="2" class="main_text" style=" padding-left:10px;"><span class="main_text" style=" padding-left:10px;"><a href="projects.php">New Projects Item<span class="main_text" style=" padding-left:10px;">| <a href="admin.php">Back to Admin Homepage</a> | <a href="../">Back to website </a></span></td>
  </tr>
  <tr>
    <td colspan="2" class="main_text">&nbsp;</td>
  </tr>
  <tr bgcolor="#CCCCCC">
    <td colspan="2" class="main_text" style="padding:5px; font-weight: bold;"><span class="main_text" style="padding:5px; font-weight: bold;">Edit/Add/Delete Projects items. </span></td>
  </tr>
  <tr>
    <td colspan="2" class="main_text" style="padding:5px ">
      <p>
        <?php 
    if($HTTP_GET_VARS['action'] == "edit") { 
    
      $projects_id_edit = $_GET['projects_id']; 
    
      $query_projects = "SELECT * FROM projects WHERE projects_id = '$projects_id_edit'";
      $projects = mysql_query($query_projects, $islandsurveys) or die(mysql_error());
      $totalRows_projects = mysql_num_rows($projects);
    
      $listing = mysql_fetch_array($projects);
      
      $method = "edit";
    } else {
      $method = "new";
    }
    ?>
        please note, Projects will be displayed with the newest post at the top!</p>
      <p>&nbsp; </p>
      <form name="new_projects" method="POST" action="projects.php?action=<?php echo $method; ?>" enctype="multipart/form-data">
        <table width="762" border="0" cellspacing="0" cellpadding="0">
        <tr>
          <td width="152">projects title : </td>
          <td width="610"><input name="projects_name" type="text" id="name3" value="<?php echo $listing['projects_name'] ?>" size="50"></td>
        </tr>
        <tr>
          <td valign="top">projects text  </td>
          <td><textarea name="projects_description" cols="50" rows="5" id="projects_description"><?php echo $listing['projects_description'] ?></textarea></td>
        </tr>
          <tr>
            <td>Summary for front page </td>
            <td><textarea name="projects_content" cols="50" rows="5" id="projects_content"><?php echo $listing['projects_content'] ?></textarea></td>
          </tr>
          <tr>
            <td>&nbsp;</td>
            <td>&nbsp;</td>
          </tr>
          <tr>
            <td><input type="submit" name="Submit" value="Submit"></td>
            <td>&nbsp;</td>
          </tr>
        </table>
        <input type="hidden" name="time" value="<?php echo time() ?>">
              <input type="hidden" name="MM_insert" value="projects_edit">
              <input type="hidden" name="projects_id_edit" value="<?php echo $projects_id_edit ?>">
      </form>
    </td>
  </tr>
  <tr bgcolor="#CCCCCC">
    <td colspan="2" class="main_text" style="padding:5px; font-weight: bold;">Delete projects items </td>
  </tr>
  <tr>
    <td colspan="2" class="main_text" style="padding:5px;">
      <table width="783" border="0" cellspacing="0" cellpadding="0">
        <tr>
          <td>
            <table width="760" border="0" cellspacing="0" cellpadding="0">
              <?php
          $query_projects = "SELECT * FROM projects ORDER BY projects_id DESC";
          $projects = mysql_query($query_projects, $islandsurveys) or die(mysql_error());
          $totalRows_projects = mysql_num_rows($projects);
        
          $cur2=1;
                      
          while($totalRows_projects >= $cur2){ 
            $row2 = mysql_fetch_array($projects);
        
            $projects_id = $row2["projects_id"];
            $projects_name = $row2["projects_name"];
    
          ?>
              <tr>
                <td><?php echo "<a href='projects.php?action=edit&projects_id=$projects_id'>$projects_name</a>" ?> - <?php echo "<a href='projects.php?delete=1&projects_id=$projects_id'>Delete</a>" ?></td>
              </tr>
          <?php 
            $cur2++; 
          } 
          ?>
          </table></td>
        </tr>
        <tr>
          <td>&nbsp;</td>
        </tr>
      </table>
    </td>
  </tr>
</table>
</body>
</html>
 

Re: Completely stuffed, can someone see an obvious error?

Posted: Sat May 31, 2008 5:52 pm
by Weirdan
you missed a comma before projects_id in sql query on line 73

Re: Completely stuffed, can someone see an obvious error?

Posted: Mon Jun 02, 2008 3:05 am
by jamesiw
Thanks, Sometimes you don't see these on your own....