Completely stuffed, can someone see an obvious error?
Posted: Tue May 27, 2008 5:43 am
Hi, I am developing a bak end for a client, I have used this template of my own on a few sites and never had a problem, all of a sudden when i go to edit something i get an syntax error saying i cant use projects_id=(id in here...) at line 1,
attached is the source of the offending page, i have been over and over and cant find what's wrong... Thanks in advance
attached is the source of the offending page, i have been over and over and cant find what's wrong... Thanks in advance
Code: Select all
<?php
session_start();
if (!isset($_SESSION['user'])) {
header ("Location: http://" . $_SERVER['HTTP_HOST'] .dirname($_SERVER['PHP_SELF']) . "/index.php");
exit();
}
?>
<?php require_once('../Connections/connect.php'); ?>
<?php
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "projects_edit")) {
$projects_name = $HTTP_POST_VARS['projects_name'];
$projects_description = $HTTP_POST_VARS['projects_description'];
$projects_content = $HTTP_POST_VARS['projects_content'];
$projects_id = $HTTP_POST_VARS['projects_id_edit'];
if($_FILES['projects_image']['name'] > '') {
$filename_graph = str_replace(' ', '', $_FILES['projects_image']['name']);
$filename_graph = "hamper/$filename_graph";
$uploadDir_graph = '../hamper/';
$uploadFile_graph = $uploadDir_graph . $_FILES['projects_image']['name'];
move_uploaded_file($_FILES['projects_image']['tmp_name'], $uploadFile_graph);
} else {
$filename_graph = $HTTP_POST_VARS['previous_img'];
}
if($HTTP_GET_VARS['action'] == 'new') {
$insertSQL = sprintf("INSERT INTO projects (projects_name, projects_description, projects_content, projects_image) VALUES ('" . $projects_name . "', '" . $projects_description . "', '" . $projects_content . "', '" . $filename_graph . "')");
mysql_select_db($database_islandsurveys, $islandsurveys);
$Result1 = mysql_query($insertSQL, $islandsurveys) or die(mysql_error());
$insertGoTo = "projects.php";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));
} else {
$insertSQL = sprintf("UPDATE projects set projects_name='" . $projects_name . "', projects_description = '" . $projects_description . "', projects_content = '" . $projects_content . "' projects_id = '" . $projects_id . "'");
mysql_select_db($database_islandsurveys, $islandsurveys);
$Result1 = mysql_query($insertSQL, $islandsurveys) or die(mysql_error());
$insertGoTo = "projects.php?projects_id=" . $projects_id . "";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));
}
}
$delete = 0;
$delete = $_GET['delete'];
if($delete == 1){
$projects_id = $_GET['projects_id'];
$deleteSQL = sprintf("DELETE FROM projects WHERE projects_id = '$projects_id'");
mysql_select_db($database_islandsurveys, $islandsurveys);
$Result1 = mysql_query($deleteSQL, $islandsurveys) or die(mysql_error());
$delete = 0;
$deleteGoTo = "projects.php";
header(sprintf("Location: %s", $deleteGoTo));
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>IslandSurveys.co.uk CMS Panel - Centerfold Design</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="main.css" rel="stylesheet" type="text/css">
<style type="text/css">
<!--
body {
margin-left: 0px;
margin-top: 0px;
margin-right: 0px;
margin-bottom: 0px;
}
-->
</style>
</head>
<body>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td colspan="2"><img src="img/logo.jpg" width="118" height="50"></td>
</tr>
<tr>
<td width="14%" height="3" bgcolor="#00add0"></td>
<td width="86%" bgcolor="#00add0"></td>
</tr>
<tr>
<td colspan="2"> </td>
</tr>
<tr>
<td colspan="2" class="main_text" style=" padding-left:10px;"><span class="main_text" style=" padding-left:10px;"><a href="projects.php">New Projects Item<span class="main_text" style=" padding-left:10px;">| <a href="admin.php">Back to Admin Homepage</a> | <a href="../">Back to website </a></span></td>
</tr>
<tr>
<td colspan="2" class="main_text"> </td>
</tr>
<tr bgcolor="#CCCCCC">
<td colspan="2" class="main_text" style="padding:5px; font-weight: bold;"><span class="main_text" style="padding:5px; font-weight: bold;">Edit/Add/Delete Projects items. </span></td>
</tr>
<tr>
<td colspan="2" class="main_text" style="padding:5px ">
<p>
<?php
if($HTTP_GET_VARS['action'] == "edit") {
$projects_id_edit = $_GET['projects_id'];
$query_projects = "SELECT * FROM projects WHERE projects_id = '$projects_id_edit'";
$projects = mysql_query($query_projects, $islandsurveys) or die(mysql_error());
$totalRows_projects = mysql_num_rows($projects);
$listing = mysql_fetch_array($projects);
$method = "edit";
} else {
$method = "new";
}
?>
please note, Projects will be displayed with the newest post at the top!</p>
<p> </p>
<form name="new_projects" method="POST" action="projects.php?action=<?php echo $method; ?>" enctype="multipart/form-data">
<table width="762" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="152">projects title : </td>
<td width="610"><input name="projects_name" type="text" id="name3" value="<?php echo $listing['projects_name'] ?>" size="50"></td>
</tr>
<tr>
<td valign="top">projects text </td>
<td><textarea name="projects_description" cols="50" rows="5" id="projects_description"><?php echo $listing['projects_description'] ?></textarea></td>
</tr>
<tr>
<td>Summary for front page </td>
<td><textarea name="projects_content" cols="50" rows="5" id="projects_content"><?php echo $listing['projects_content'] ?></textarea></td>
</tr>
<tr>
<td> </td>
<td> </td>
</tr>
<tr>
<td><input type="submit" name="Submit" value="Submit"></td>
<td> </td>
</tr>
</table>
<input type="hidden" name="time" value="<?php echo time() ?>">
<input type="hidden" name="MM_insert" value="projects_edit">
<input type="hidden" name="projects_id_edit" value="<?php echo $projects_id_edit ?>">
</form>
</td>
</tr>
<tr bgcolor="#CCCCCC">
<td colspan="2" class="main_text" style="padding:5px; font-weight: bold;">Delete projects items </td>
</tr>
<tr>
<td colspan="2" class="main_text" style="padding:5px;">
<table width="783" border="0" cellspacing="0" cellpadding="0">
<tr>
<td>
<table width="760" border="0" cellspacing="0" cellpadding="0">
<?php
$query_projects = "SELECT * FROM projects ORDER BY projects_id DESC";
$projects = mysql_query($query_projects, $islandsurveys) or die(mysql_error());
$totalRows_projects = mysql_num_rows($projects);
$cur2=1;
while($totalRows_projects >= $cur2){
$row2 = mysql_fetch_array($projects);
$projects_id = $row2["projects_id"];
$projects_name = $row2["projects_name"];
?>
<tr>
<td><?php echo "<a href='projects.php?action=edit&projects_id=$projects_id'>$projects_name</a>" ?> - <?php echo "<a href='projects.php?delete=1&projects_id=$projects_id'>Delete</a>" ?></td>
</tr>
<?php
$cur2++;
}
?>
</table></td>
</tr>
<tr>
<td> </td>
</tr>
</table>
</td>
</tr>
</table>
</body>
</html>