Chacpter 11 MOD

2old2play · August 23rd, 2004, 06:19 PM

Hello, I modified the code add content to my own DB but I get an error that says "You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 4"

Here is how I modified it. I did not change anything in Line 4

<?php
session_start();
include "auth_user.inc.php";
include "conn.inc.php";
?>
<html>
<head>
     <title>Update Account</title>
</head>
<body>
<h1>Update Account Information</h1>
Here you can update your account information for viewing in your profile.<br><br>
<?php
if ($_POST['submit'] == "Update")
{
     $query_update = "UPDATE user_info SET email = '" . $_POST['email'] . "', City
          = '" . $_POST['City'] . "', State = '" . $_POST['State'] . "', Zip =
          '" . $_POST['Zip'] . "'
           WHERE username = '" .
          $_SESSION['user_logged']. "' AND password = (password('" .
          $_SESSION['user_password'] . "';";
     $result_update = mysql_query($query_update) or die(mysql_error());

     $query = "SELECT * FROM user_info WHERE username = '" .
          $_SESSION['user_logged']. "' AND password = (password('" .
          $_SESSION['user_password'] . "'));";
     $result = mysql_query($query) or die(mysql_error());

     $row = mysql_fetch_array($result);
     $hobbies = explode(", ", $row['hobbies'])
?>

czambran · August 24th, 2004, 10:47 AM

I think the error is refering to a line on the include files, could you please post them as well?

Thanks
Christian

2old2play · August 24th, 2004, 10:54 AM

conn.inc.php =

<?php
$conn = mysql_connect("localhost", "lires_qee", "Nestip") or die(mysql_error());
$db = mysql_select_db("lires_clientetd") or die(mysql_error());
?>

auth_user.inc.php =

<?
session_start();
if ($_SESSION['user_logged'] == "" || $_SESSION['user_password'] == "")
{
     $redirect = $_SERVER['PHP_SELF'];
     header("Refresh: 5; URL=user_login.php?redirect=$redirect");
     echo "You are currently not logged in, we are redirecting you, be
          patient!<br>";
     echo "(If your browser doesn't support this, <a
          href=\"user_login.php?redirect=$redirect\">click here</a>)";
     die();
}
else {}
?>

---------------------------------------------------------------------

I dont think its them, becuase they were writen word for word but thanks for the help

cwroblew · August 24th, 2004, 02:05 PM

Quote:

quote:Originally posted by 2old2play
$_SESSION['user_password'] . "';";

This line should read:

$_SESSION['user_password'] . "'));";

There's an error in the book.

I just ran into this myself this morning and fixed it.

2old2play · August 24th, 2004, 02:09 PM

THANKS SO MUCH!!!!

I can't believe I didn't see that! You rock!