James142 Posted September 29, 2011 Report Posted September 29, 2011 After about 30 minutes (no exaggeration) of trying to fix this error, I am still coming up empty handed. Hopefully someone here can help me... When I use this code: <?php $getid = $_GET['user'] $rs = mysql_query("select 'name','age','country' from users where id='$getid' LIMIT 1"); <--- THIS IS LINE 9 list($name, $age, country) = mysql_fetch_row($rs); ?> I get the following message: Parse error: syntax error, unexpected T_VARIABLE in "bla bla bla" on line 9. (line 9 is the second line in the code above) I do know that the error means that I am missing one of these characters: ' ; ' " ) ( [ ] ...But I dont know which one(s) I am missing and where they belong.. Perhaps someone could point out what I have done wrong? Kindest Regards, James Quote
Moderators mark1million Posted September 29, 2011 Moderators Report Posted September 29, 2011 I am no expert but have you tried `1` so, LIMIT `1`" Also shouldn't the select be SELECT and also where be WHERE 1 Quote
James142 Posted September 29, 2011 Author Report Posted September 29, 2011 I am no expert but have you tried `1` so, LIMIT `1`" Also shouldn't the select be SELECT and also where be WHERE Thanks Mark but I'm still getting the same error Quote
Moderators mark1million Posted September 29, 2011 Moderators Report Posted September 29, 2011 Have you tried in phpmyadmin? then creating the php code? Quote
James142 Posted September 29, 2011 Author Report Posted September 29, 2011 Have you tried in phpmyadmin? then creating the php code? Do you mean create the code using phpmyadmin? Quote
Strider Posted September 29, 2011 Report Posted September 29, 2011 If I am not mistaken in the last line, shouldn't country have the dollar sign in front too? Also the first line is not ended you forgot to put the ';' at the end of $_GET['user']. 1 Quote
James142 Posted September 30, 2011 Author Report Posted September 30, 2011 Would you look at that, it works! Thanks guys! <?php $getid = $_GET['user']; $rs = mysql_query("SELECT 'name','age','country' FROM users WHERE id='$getid' LIMIT 1"); list($name, $age, $country) = mysql_fetch_row($rs); ?> Kindest Regards, James Quote
Administrators Nabeel Posted October 5, 2011 Administrators Report Posted October 5, 2011 BTW you should do $getid = mysql_real_escape_string($_GET['user']); $rs = mysql_query("SELECT 'name','age','country' FROM users WHERE id='$getid' LIMIT 1"); list($name, $age, $country) = mysql_fetch_row($rs); Otherwise, you're ripe for SQL injection attack. Quote
James142 Posted October 5, 2011 Author Report Posted October 5, 2011 BTW you should do $getid = mysql_real_escape_string($_GET['user']); $rs = mysql_query("SELECT 'name','age','country' FROM users WHERE id='$getid' LIMIT 1"); list($name, $age, $country) = mysql_fetch_row($rs); Otherwise, you're ripe for SQL injection attack. Thanks Nabeel! Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.