HomeBuilding Your WebsiteWeb Database Development

Syntax Error

airoid3000 posted this at 22:47 — 3rd May 2004.

They have: 71 posts

Joined: Mar 2004

I keep getting a syntax error on the following code:
$sql = "select sum(updates) from update_track where (username=$username)";

It wants me to do this:
$sql = "select sum(updates) from update_track where (username='$username')";

but if I do that, it gives an incorrect value for $username. Any idea what else I can do?

Suzanne posted this at 00:04 — 4th May 2004.

Suzanne's picture

She has: 5,507 posts

Joined: Feb 2000

what language? what is the error?

s0da posted this at 00:16 — 4th May 2004.

s0da's picture

He has: 157 posts

Joined: Mar 2004

what are you using for the $username variable?
can you give the full error message so we can see?

airoid3000 posted this at 00:28 — 4th May 2004.

They have: 71 posts

Joined: Mar 2004

The error:
You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 1

I would like the update number for only the specific username that submitted the form to display. So the username must print the results for the $username.

s0da posted this at 00:32 — 4th May 2004.

s0da's picture

He has: 157 posts

Joined: Mar 2004

what does the variable $username contain?

$username = "something";

airoid3000 posted this at 00:46 — 4th May 2004.

They have: 71 posts

Joined: Mar 2004

Whatever the username that is logged in is. Could be anything.

Suzanne posted this at 01:23 — 4th May 2004.

Suzanne's picture

She has: 5,507 posts

Joined: Feb 2000

Well, lol, that's no good.

You don't want to allow just anything in! At the very least, restrict it to letters and numbers only, no other characters. Any other character will allow malicious scripting, break things, et cetera.

s0da posted this at 01:29 — 4th May 2004.

s0da's picture

He has: 157 posts

Joined: Mar 2004

yeah cause i was thinking maybe it was the username that was causing the syntax error. possibly.

airoid3000 posted this at 01:35 — 4th May 2004.

They have: 71 posts

Joined: Mar 2004

I actually make the usernames for my clients. Therefore, they are all letters.

airoid3000 posted this at 02:18 — 4th May 2004.

They have: 71 posts

Joined: Mar 2004

FYI, it is submitting the sql statement with username being blank.

Suzanne posted this at 11:33 — 4th May 2004.

Suzanne's picture

She has: 5,507 posts

Joined: Feb 2000

Okay, then how is it getting the variable? Perhaps you have an issue elsewhere?

druagord posted this at 14:04 — 4th May 2004.

druagord's picture

He has: 335 posts

Joined: May 2003

did you try

<?php
echo $username;
?>

just before the sql statement remember
<?php
$sql = \"select sum(updates) from update_track where (username=$username)\";
$username = \"toto\";
mysql_query($sql);
?>

that won't work you have to set $username before you set it in sql

IF , ELSE , WHILE isn't that what life is all about

airoid3000 posted this at 02:51 — 5th May 2004.

They have: 71 posts

Joined: Mar 2004

I totally messed up the variable name. Sorry to waste your time, my error!

s0da posted this at 03:13 — 5th May 2004.

s0da's picture

He has: 157 posts

Joined: Mar 2004

lol no problem. that was a good laugh.

Want to join the discussion? Create an account or log in if you already have one. Joining is fast, free and painless! We’ll even whisk you back here when you’ve finished.