The error reads as follows:
" You have an error in your SQL syntax near 'WHERE catid="3"' at line 1 "
Here is the block of code.
<?
$sql = " SELECT * FROM categories WHERE catid=\"$catid\" ";
$result = mysql_db_query($tablename, $sql);
if(mysql_error()!=""){
echo mysql_error();
}
if(!$row = mysql_fetch_array($result)){
echo "Required information has been deleted." ;
} else {
$sql = "UPDATE categories SET ";
$sql = $sql." name=\"".trim(addslashes(stripslashes$name)))."\", "; $sql = $sql." description=\"".trim(addslashes(stripslashes($description)))."\", ";
$sql = $sql." WHERE catid=\"$catid\"";
$result = mysql_db_query($tablename, $sql); if(mysql_error()!="")
{
echo mysql_error();
}
echo "<TABLE cellspacing=0 cellpadding=0 Align=center width='650' border=0> <tr><td align=center height=25><b>Thanks</b></td></tr><tr ><td align=center height=25><b>Your Information have been Successfully added.</b></td></tr></table> ";
}
?>
Thank you for your time,
Matt Urban
SQL SYNTAX ERROR, Please Help
Moderator: General Moderators
- mydimension
- Moderator
- Posts: 531
- Joined: Tue Apr 23, 2002 6:00 pm
- Location: Lowell, MA USA
- Contact:
I think your code above is missing a left-parenthesis at:
it should be:
If that's not the problem, try replacing your call to MY_SQL_DB_QUERY with just an "echo $sql" so you can see what the SQL statement is built as. That should make it easier to notice any malformed SQL statements.
Code: Select all
trim(addslashes(stripslashes$name)))Code: Select all
trim(addslashes(stripslashes($name)))- twigletmac
- Her Royal Site Adminness
- Posts: 5371
- Joined: Tue Apr 23, 2002 2:21 am
- Location: Essex, UK
First of all (although it isn't related to the problem) mysql_db_query() is deprecated and shouldn't be used, mysql_select_db() and mysql_query() should be used instead.
Try the following code, which will not only give you the error but will print out the associated SQL statement if it does not work which will give you the opportunity to check that it is alright.
Mac
Try the following code, which will not only give you the error but will print out the associated SQL statement if it does not work which will give you the opportunity to check that it is alright.
Code: Select all
<?php
$sql = "SELECT catid FROM categories WHERE catid = $catid";
@mysql_select_db($tablename) or die(mysql_error());
@$result = mysql_query($sql) or die(mysql_error().'<p>'.$sql.'</p>');
if (mysql_num_rows($result) < 1) {
echo 'Required information has been deleted.';
} else {
$sql = "UPDATE categories ";
$sql .= "SET name = '".addslashes(trim($name))."', description = '".addslashes(trim($description))."' ";
$sql .= "WHERE catid = $catid";
@mysql_query($sql) or die(mysql_error().'<p>'.$sql.'</p>');
}
?>
<table cellspacing="0" cellpadding="0" align="center" width="650" border="0">
<tr>
<td align="center"><b>Thanks</b></td>
</tr>
<tr>
<td align="center"><b>Your Information have been Successfully added.</b></td>
</tr>
</table>