WHERE ID= error

Questions about the MySQL, PostgreSQL, and most other databases, as well as using it with PHP can be asked here.

Moderator: General Moderators

Post Reply
MonkeyManx
Forum Newbie
Posts: 4
Joined: Tue Jul 09, 2002 9:02 pm
Location: Phoenix, Arizona
Contact:

WHERE ID= error

Post by MonkeyManx »

I am having trouble with this code. all it is supposed to do is act as a counter and a score keeper, for a rating script.
I always get this error: You have an error in your SQL syntax near 'WHERE ID=''' at line 1Error: 1
someone please help me or show me what i am doing wrong.

here is the code:

Code: Select all

<?
if ($SCORE > 10) &#123;
echo "NO GOOD CHEATER!";
exit;
&#125; else &#123;

$PASS = "*****";

// DB connection information 
$connection = mysql_connect("localhost", "cekkent", $PASS);
$db = mysql_select_db("cekkent", $connection); 

// SQL Query 

$result=mysql_query ("select * from rate where ID='$ID'") or die (mysql_error()); 
while($row=mysql_fetch_array($result))&#123; 

// Make that Mofo do something

$VOTES = $row&#1111;"VOTES"];
$VOTES=$VOTES+1;

&#125;
$result = mysql_query("UPDATE rate SET VOTES=$VOTES WHERE ID='$ID'"); 
if(!$result) &#123; 
   die("<b>Error:</b> " . print mysql_error()); 
   exit; 
&#125; elseif($result) &#123; 

    print "Continue1"; 
&#125; 

$result=mysql_query ("select * from rate where ID='$ID'") or die (mysql_error()); 
while($row=mysql_fetch_array($result))&#123; 

// Make that Mofo do something

$SCORE1 = $row&#1111;"SCORE"];
$SCORE=$SCORE1+$SCORE;
&#125;
$result = mysql_query("UPDATE rate SET SCORE=$SCORE where ID='$ID'"); 
if(!$result) &#123; 
   die("<b>Error:</b> " . print mysql_error()); 
   exit; 
&#125; elseif($result) &#123; 
mysql_close ($connection);
    print " Continue2"; 
&#125; 
&#125;
?>
User avatar
twigletmac
Her Royal Site Adminness
Posts: 5371
Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK

Post by twigletmac »

It may help if you echo out your SQL statements so that you can check there's nothing wrong with the data going in, so:

Code: Select all

$sql = "SELECT * FROM rate WHERE ID='$ID'";
echo $sql;
$result=mysql_query ($sql) or die (mysql_error());
Where does the $ID variable come from?

Mac
User avatar
PaTTeR
Forum Commoner
Posts: 56
Joined: Wed Jul 10, 2002 7:39 am
Location: Bulgaria
Contact:

Post by PaTTeR »

$ID may be unset or epmty. If $ID comes from GET or POST request try with $_GET[ID] ($_POST[ID]), or $_COOKIE[ID] .



If your PHP version is earlier than 4.1.0 use $HTTP_*_VARS


Try something like this:

Code: Select all

$result=mysql_query ("select * from rate where ID='$_GET&#1111;ID]'") or die (mysql_error());
User avatar
mikeq
Forum Regular
Posts: 512
Joined: Fri May 03, 2002 3:33 am
Location: Edinburgh, Scotland

Post by mikeq »

Strange one this because doing a query like this

select * from rate where ID='';

would just return an empty result set and not an error, so surely if the variable is empty the query would still run, just not return anything.

Are you sure ID is a valid column name in your table?

Mike
Post Reply