PDA

View Full Version : Error in SQL SYNTAX!! Need help please..



zain1992
07-09-2007, 05:42 AM
Hello, My name is zain and well i am kind of new to PHP. Anyways i was using this PHP Code generator thingy and generated my PHP Table editor. Now i wanted this editing file to edit any table in my MySQL Database. so i changed the Table name in the code to a Variable and declared $vara = $_COOKIE["vararec"]; and used the $vara in the places of the Table's names. So i use actually POST method to make the cookie. Here is the particular part of the code which i am having problem with:



function sql_update()
{
global $cityp;
global $conn;
global $_POST;

$sql = 'UPDATE $cityp SET AirLine = .sqlvalue(@$_POST["AirLine"], true) ., Class = .sqlvalue(@$_POST["Class"], true) ., AdtPrice = .sqlvalue(@$_POST["AdtPrice"], false) ., chdPrice = .sqlvalue(@$_POST["chdPrice"], false) ., InfPrice = .sqlvalue(@$_POST["InfPrice"], false) ., MaxStay = .sqlvalue(@$_POST["MaxStay"], true) ., MinStay = .sqlvalue(@$_POST["MinStay"], true) ., Rules = .sqlvalue(@$_POST["Rules"], true) ., TktBy = .sqlvalue(@$_POST["TktBy"], true) ., Chg = .sqlvalue(@$_POST["Chg"], false) ., Can = .sqlvalue(@$_POST["Can"], false) ., TrvlBetweena = .sqlvalue(@$_POST["TrvlBetweena"], true) ., TrvlBetweenb = .sqlvalue(@$_POST["TrvlBetweenb"], true) . WHERE .(AirLine = .sqlvalue(@$_POST["xAirLine"], true) .) and (Class = .sqlvalue(@$_POST["xClass"], true) .) and (AdtPrice = .sqlvalue(@$_POST["xAdtPrice"], false) .) and (chdPrice = .sqlvalue(@$_POST["xchdPrice"], false) .) and (InfPrice = .sqlvalue(@$_POST["xInfPrice"], false) .) and (MaxStay = .sqlvalue(@$_POST["xMaxStay"], true) .) and
(MinStay = .sqlvalue(@$_POST["xMinStay"], true) .) and (Rules = .sqlvalue(@$_POST["xRules"], true) .) and (TktBy = .sqlvalue(@$_POST["xTktBy"], true) .) and (Chg = .sqlvalue(@$_POST["xChg"], false) .) and (Can = .sqlvalue(@$_POST["xCan"], false) .) and (TrvlBetweena = .sqlvalue(@$_POST["xTrvlBetweena"], true) .) and (TrvlBetweenb = .sqlvalue(@$_POST["xTrvlBetweenb"], true) .)';
mysql_query($sql, $conn) or die(mysql_error());
}


when ever i try to update it says You have an error in your SQL Syntax please check the manual that corresponds to your MySQL server. so i dont know what to do. i tried everything that i could think of.

Now here is the whole code:




<? session_start();
$citypreq = $_POST["cityp"];
setcookie("citypc", $citypreq, time()+3600);
$cityp = $_COOKIE["citypc"];
?>
<html>
<head>
<title>qfq -- <? $cityp = $_COOKIE["citypc"]; echo $cityp; ?></title>
<meta name="generator" content="text/html">
</head>
<body>
<table class="bd" width="100%"><tr><td class="hr"><h2>PHP Generator</h2></td></tr></table>
<?
$cityp = $_COOKIE["citypc"];
$conn = connect();
$showrecs = 20;
$pagerange = 10;

$a = @$_GET["a"];
$recid = @$_GET["recid"];
if (isset($_GET["order"])) $order = @$_GET["order"];
if (isset($_GET["type"])) $ordtype = @$_GET["type"];

if (isset($_POST["filter"])) $filter = @$_POST["filter"];
if (isset($_POST["filter_field"])) $filterfield = @$_POST["filter_field"];
$wholeonly = false;
if (isset($_POST["wholeonly"])) $wholeonly = @$_POST["wholeonly"];

if (!isset($order) && isset($_SESSION["order"])) $order = $_SESSION["order"];
if (!isset($ordtype) && isset($_SESSION["type"])) $ordtype = $_SESSION["type"];
if (!isset($filter) && isset($_SESSION["filter"])) $filter = $_SESSION["filter"];
if (!isset($filterfield) && isset($_SESSION["filter_field"])) $filterfield = $_SESSION["filter_field"];

$page = @$_GET["page"];
if (!isset($page)) $page = 1;

$sql = @$_POST["sql"];

switch ($sql) {
case "insert":
sql_insert();
break;
case "update":
sql_update();
break;
case "delete":
sql_delete();
break;
}

switch ($a) {
case "add":
addrec();
break;
case "view":
viewrec($recid);
break;
case "edit":
editrec($recid);
break;
case "del":
deleterec($recid);
break;
default:
select();
break;
}

if (isset($order)) $_SESSION["order"] = $order;
if (isset($ordtype)) $_SESSION["type"] = $ordtype;
if (isset($filter)) $_SESSION["filter"] = $filter;
if (isset($filterfield)) $_SESSION["filter_field"] = $filterfield;
if (isset($wholeonly)) $_SESSION["wholeonly"] = $wholeonly;

mysql_close($conn);
?>
<table class="bd" width="100%"><tr><td class="hr">http://www.sqlmaestro.com/products/mysql/phpgenerator/</td></tr></table>
</body>
</html>

<?

$cityp = $_COOKIE["citypc"];
function select()
{
global $cityp;
global $a;
global $showrecs;
global $page;
global $filter;
global $filterfield;
global $wholeonly;
global $order;
global $ordtype;


if ($a == "reset") {
$filter = "";
$filterfield = "";
$wholeonly = "";
$order = "";
$ordtype = "";
}

$checkstr = "";
if ($wholeonly) $checkstr = " checked";
if ($ordtype == "asc") { $ordtypestr = "desc"; } else { $ordtypestr = "asc"; }
$res = sql_select();
$count = sql_getrecordcount();
if ($count % $showrecs != 0) {
$pagecount = intval($count / $showrecs) + 1;
}
else {
$pagecount = intval($count / $showrecs);
}
$startrec = $showrecs * ($page - 1);
if ($startrec < $count) {mysql_data_seek($res, $startrec);}
$reccount = min($showrecs * $page, $count);
$fields = array(
"AirLine" => "AirLine",
"Class" => "Class",
"AdtPrice" => "AdtPrice",
"chdPrice" => "chdPrice",
"InfPrice" => "InfPrice",
"MaxStay" => "MaxStay",
"MinStay" => "MinStay",
"Rules" => "Rules",
"TktBy" => "TktBy",
"Chg" => "Chg",
"Can" => "Can",
"TrvlBetweena" => "TrvlBetweena",
"TrvlBetweenb" => "TrvlBetweenb");
?>
<table class="bd" border="0" cellspacing="1" cellpadding="4">
<tr><td>CityPair: <? $cityp = $_COOKIE["citypc"]; echo $cityp; ?></td></tr>
<tr><td>Records shown <? $cityp = $_COOKIE["citypc"]; echo $startrec + 1; ?> - <? $cityp = $_COOKIE["citypc"]; echo $reccount; ?> of <? $cityp = $_COOKIE["citypc"]; echo $count; ?></td></tr>
</table>
<hr size="1" noshade>
<form action="edit.php" method="post">
<table class="bd" border="0" cellspacing="1" cellpadding="4">
<tr>
<td><b>Custom Filter</b>&nbsp;</td>
<td><input type="text" name="filter" value="<? $cityp = $_COOKIE["citypc"]; echo $filter; ?>"></td>
<td><select name="filter_field">
<option value="">All Fields</option>
<?
$cityp = $_COOKIE["citypc"];
reset($fields);
foreach($fields as $val => $caption) {
if ($val == $filterfield) {$selstr = " selected"; } else {$selstr = ""; }
?>
<option value="<? $cityp = $_COOKIE["citypc"]; echo $val; ?>"<? $cityp = $_COOKIE["citypc"]; echo $selstr; ?>><? $cityp = $_COOKIE["citypc"]; echo htmlspecialchars($caption); ?></option>
<? } ?>
</select></td>
<td><input type="checkbox" name="wholeonly"<? $cityp = $_COOKIE["citypc"]; echo $checkstr; ?>>Whole words only</td>
</td></tr>
<tr>
<td>&nbsp;</td>
<td><input type="submit" name="action" value="Apply Filter"></td>
<td><a href="edit.php?a=reset">Reset Filter</a></td>
</tr>
</table>
</form>
<hr size="1" noshade>
<? $cityp = $_COOKIE["citypc"]; showpagenav($page, $pagecount); ?>
<br>
<table class="tbl" border="0" cellspacing="1" cellpadding="5"width="100%">
<tr>
<?
$cityp = $_COOKIE["citypc"];
reset($fields);
foreach($fields as $val => $caption) {
?>
<td class="hr"><a class="hr" href="edit.php?order=<? echo $val ?>&type=<? echo $ordtypestr ?>"><? echo htmlspecialchars($caption) ?></a></td>
<? } ?>
<td class="hr">&nbsp;</td>
<td class="hr">&nbsp;</td>
<td class="hr">&nbsp;</td>
</tr>
<?
$cityp = $_COOKIE["citypc"];
for ($i = $startrec; $i < $reccount; $i++)
{
$row = mysql_fetch_assoc($res);
$style = "dr";
if ($i % 2 != 0) {
$style = "sr";
}
?>
<tr>
<?
$cityp = $_COOKIE["citypc"];
reset($fields);
foreach($fields as $val => $caption) {
?>
<td class="<? echo $style ?>"><? echo htmlspecialchars($row[$val]) ?></td>
<? } ?>
<td class="<? echo $style ?>"><a href="edit.php?a=view&recid=<? echo $i ?>">View</a></td>
<td class="<? echo $style ?>"><a href="edit.php?a=edit&recid=<? echo $i ?>">Edit</a></td>
<td class="<? echo $style ?>"><a href="edit.php?a=del&recid=<? echo $i ?>">Delete</a></td>
</tr>
<?
}
mysql_free_result($res);
?>
</table>
<br>
<? $cityp = $_COOKIE["citypc"]; showpagenav($page, $pagecount); ?>
<? } ?>

<?
$cityp = $_COOKIE["citypc"];
function showrow($row)
{
?>
<table class="tbl" border="0" cellspacing="1" cellpadding="5"width="50%">
<tr>
<td class="hr"><? echo htmlspecialchars("AirLine")."&nbsp;" ?></td>
<td class="dr"><? echo htmlspecialchars($row["AirLine"]) ?></td>
</tr>
<tr>
<td class="hr"><? echo htmlspecialchars("Class")."&nbsp;" ?></td>
<td class="dr"><? echo htmlspecialchars($row["Class"]) ?></td>
</tr>
<tr>
<td class="hr"><? echo htmlspecialchars("AdtPrice")."&nbsp;" ?></td>
<td class="dr"><? echo htmlspecialchars($row["AdtPrice"]) ?></td>
</tr>
<tr>
<td class="hr"><? echo htmlspecialchars("chdPrice")."&nbsp;" ?></td>
<td class="dr"><? echo htmlspecialchars($row["chdPrice"]) ?></td>
</tr>
<tr>
<td class="hr"><? echo htmlspecialchars("InfPrice")."&nbsp;" ?></td>
<td class="dr"><? echo htmlspecialchars($row["InfPrice"]) ?></td>
</tr>
<tr>
<td class="hr"><? echo htmlspecialchars("MaxStay")."&nbsp;" ?></td>
<td class="dr"><? echo htmlspecialchars($row["MaxStay"]) ?></td>
</tr>
<tr>
<td class="hr"><? echo htmlspecialchars("MinStay")."&nbsp;" ?></td>
<td class="dr"><? echo htmlspecialchars($row["MinStay"]) ?></td>
</tr>
<tr>
<td class="hr"><? echo htmlspecialchars("Rules")."&nbsp;" ?></td>
<td class="dr"><? echo htmlspecialchars($row["Rules"]) ?></td>
</tr>
<tr>
<td class="hr"><? echo htmlspecialchars("TktBy")."&nbsp;" ?></td>
<td class="dr"><? echo htmlspecialchars($row["TktBy"]) ?></td>
</tr>
<tr>
<td class="hr"><? echo htmlspecialchars("Chg")."&nbsp;" ?></td>
<td class="dr"><? echo htmlspecialchars($row["Chg"]) ?></td>
</tr>
<tr>
<td class="hr"><? echo htmlspecialchars("Can")."&nbsp;" ?></td>
<td class="dr"><? echo htmlspecialchars($row["Can"]) ?></td>
</tr>
<tr>
<td class="hr"><? echo htmlspecialchars("TrvlBetweena")."&nbsp;" ?></td>
<td class="dr"><? echo htmlspecialchars($row["TrvlBetweena"]) ?></td>
</tr>
<tr>
<td class="hr"><? echo htmlspecialchars("TrvlBetweenb")."&nbsp;" ?></td>
<td class="dr"><? echo htmlspecialchars($row["TrvlBetweenb"]) ?></td>
</tr>
</table>
<? } ?>

<? function showroweditor($row)
{
global $cityp;
global $conn;
?>
<table class="tbl" border="0" cellspacing="1" cellpadding="5"width="50%">
<tr>
<td class="hr"><? echo htmlspecialchars("AirLine")."&nbsp;" ?></td>
<td class="dr"><input type="text" name="AirLine" maxlength="15" value="<? echo str_replace('"', '&quot;', trim($row["AirLine"])) ?>"></td>
</tr>
<tr>
<td class="hr"><? echo htmlspecialchars("Class")."&nbsp;" ?></td>
<td class="dr"><input type="text" name="Class" maxlength="15" value="<? echo str_replace('"', '&quot;', trim($row["Class"])) ?>"></td>
</tr>
<tr>
<td class="hr"><? echo htmlspecialchars("AdtPrice")."&nbsp;" ?></td>
<td class="dr"><input type="text" name="AdtPrice" value="<? echo str_replace('"', '&quot;', trim($row["AdtPrice"])) ?>"></td>
</tr>
<tr>
<td class="hr"><? echo htmlspecialchars("chdPrice")."&nbsp;" ?></td>
<td class="dr"><input type="text" name="chdPrice" value="<? echo str_replace('"', '&quot;', trim($row["chdPrice"])) ?>"></td>
</tr>
<tr>
<td class="hr"><? echo htmlspecialchars("InfPrice")."&nbsp;" ?></td>
<td class="dr"><input type="text" name="InfPrice" value="<? echo str_replace('"', '&quot;', trim($row["InfPrice"])) ?>"></td>
</tr>
<tr>
<td class="hr"><? echo htmlspecialchars("MaxStay")."&nbsp;" ?></td>
<td class="dr"><input type="text" name="MaxStay" maxlength="3" value="<? echo str_replace('"', '&quot;', trim($row["MaxStay"])) ?>"></td>
</tr>
<tr>
<td class="hr"><? echo htmlspecialchars("MinStay")."&nbsp;" ?></td>
<td class="dr"><input type="text" name="MinStay" maxlength="3" value="<? echo str_replace('"', '&quot;', trim($row["MinStay"])) ?>"></td>
</tr>
<tr>
<td class="hr"><? echo htmlspecialchars("Rules")."&nbsp;" ?></td>
<td class="dr"><textarea cols="35" rows="4" name="Rules" maxlength="100"><? echo str_replace('"', '&quot;', trim($row["Rules"])) ?></textarea></td>
</tr>
<tr>
<td class="hr"><? echo htmlspecialchars("TktBy")."&nbsp;" ?></td>
<td class="dr"><input type="text" name="TktBy" maxlength="10" value="<? echo str_replace('"', '&quot;', trim($row["TktBy"])) ?>"></td>
</tr>
<tr>
<td class="hr"><? echo htmlspecialchars("Chg")."&nbsp;" ?></td>
<td class="dr"><input type="text" name="Chg" value="<? echo str_replace('"', '&quot;', trim($row["Chg"])) ?>"></td>
</tr>
<tr>
<td class="hr"><? echo htmlspecialchars("Can")."&nbsp;" ?></td>
<td class="dr"><input type="text" name="Can" value="<? echo str_replace('"', '&quot;', trim($row["Can"])) ?>"></td>
</tr>
<tr>
<td class="hr"><? echo htmlspecialchars("TrvlBetweena")."&nbsp;" ?></td>
<td class="dr"><input type="text" name="TrvlBetweena" maxlength="11" value="<? echo str_replace('"', '&quot;', trim($row["TrvlBetweena"])) ?>"></td>
</tr>
<tr>
<td class="hr"><? echo htmlspecialchars("TrvlBetweenb")."&nbsp;" ?></td>
<td class="dr"><input type="text" name="TrvlBetweenb" maxlength="11" value="<? echo str_replace('"', '&quot;', trim($row["TrvlBetweenb"])) ?>"></td>
</tr>
</table>
<? } ?>

<? function showpagenav($page, $pagecount)
{
?>
<table class="bd" border="0" cellspacing="1" cellpadding="4">
<tr>
<td><a href="edit.php?a=add">Add Record</a>&nbsp;</td>
<? if ($page > 1) { ?>
<td><a href="edit.php?page=<? echo $page - 1 ?>">&lt;&lt;&nbsp;Prev</a>&nbsp;</td>
<? } ?>
<?
global $cityp;
global $pagerange;

if ($pagecount > 1) {

if ($pagecount % $pagerange != 0) {
$rangecount = intval($pagecount / $pagerange) + 1;
}
else {
$rangecount = intval($pagecount / $pagerange);
}
for ($i = 1; $i < $rangecount + 1; $i++) {
$startpage = (($i - 1) * $pagerange) + 1;
$count = min($i * $pagerange, $pagecount);

if ((($page >= $startpage) && ($page <= ($i * $pagerange)))) {
for ($j = $startpage; $j < $count + 1; $j++) {
if ($j == $page) {
?>
<td><b><? echo $j ?></b></td>
<? } else { ?>
<td><a href="edit.php?page=<? echo $j ?>"><? echo $j ?></a></td>
<? } } } else { ?>
<td><a href="edit.php?page=<? echo $startpage ?>"><? echo $startpage ."..." .$count ?></a></td>
<? } } } ?>
<? if ($page < $pagecount) { ?>
<td>&nbsp;<a href="edit.php?page=<? echo $page + 1 ?>">Next&nbsp;&gt;&gt;</a>&nbsp;</td>
<? } ?>
</tr>
</table>
<? } ?>

<?
$cityp = $_COOKIE["citypc"];

function showrecnav($a, $recid, $count)
{
?>
<table class="bd" border="0" cellspacing="1" cellpadding="4">
<tr>
<td><a href="edit.php">Index Page</a></td>
<? if ($recid > 0) { ?>
<td><a href="edit.php?a=<? echo $a ?>&recid=<? echo $recid - 1 ?>">Prior Record</a></td>
<? } if ($recid < $count) { ?>
<td><a href="edit.php?a=<? echo $a ?>&recid=<? echo $recid + 1 ?>">Next Record</a></td>
<? } ?>
</tr>
</table>
<hr size="1" noshade>
<? } ?>

<? function addrec()
{
?>
<table class="bd" border="0" cellspacing="1" cellpadding="4">
<tr>
<td><a href="edit.php">Index Page</a></td>
</tr>
</table>
<hr size="1" noshade>
<form action="edit.php" method="post">
<p><input type="hidden" name="sql" value="insert"></p>
<?
$row = array(
"AirLine" => "",
"Class" => "",
"AdtPrice" => "",
"chdPrice" => "",
"InfPrice" => "",
"MaxStay" => "",
"MinStay" => "",
"Rules" => "",
"TktBy" => "",
"Chg" => "",
"Can" => "",
"TrvlBetweena" => "",
"TrvlBetweenb" => "");
showroweditor($row)
?>


CONTINUED ON NEXT REPLY

zain1992
07-09-2007, 05:43 AM
<p><input type="submit" name="action" value="Post"></p>
</form>
<? } ?>

<?
$cityp = $_COOKIE["citypc"];
function viewrec($recid)
{
$res = sql_select();
$count = sql_getrecordcount();
mysql_data_seek($res, $recid);
$row = mysql_fetch_assoc($res);
showrecnav("view", $recid, $count);
?>
<br>
<? showrow($row) ?>
<br>
<hr size="1" noshade>
<table class="bd" border="0" cellspacing="1" cellpadding="4">
<tr>
<td><a href="edit.php?a=add">Add Record</a></td>
<td><a href="edit.php?a=edit&recid=<? echo $recid ?>">Edit Record</a></td>
<td><a href="edit.php?a=del&recid=<? echo $recid ?>">Delete Record</a></td>
</tr>
</table>
<?
mysql_free_result($res);
} ?>

<?

$cityp = $_COOKIE["citypc"];
function editrec($recid)
{
$res = sql_select();
$count = sql_getrecordcount();
mysql_data_seek($res, $recid);
$row = mysql_fetch_assoc($res);
showrecnav("edit", $recid, $count);
?>
<br>
<form action="edit.php" method="post">
<input type="hidden" name="sql" value="update">
<input type="hidden" name="xAirLine" value="<? echo $row["AirLine"] ?>">
<input type="hidden" name="xClass" value="<? echo $row["Class"] ?>">
<input type="hidden" name="xAdtPrice" value="<? echo $row["AdtPrice"] ?>">
<input type="hidden" name="xchdPrice" value="<? echo $row["chdPrice"] ?>">
<input type="hidden" name="xInfPrice" value="<? echo $row["InfPrice"] ?>">
<input type="hidden" name="xMaxStay" value="<? echo $row["MaxStay"] ?>">
<input type="hidden" name="xMinStay" value="<? echo $row["MinStay"] ?>">
<input type="hidden" name="xRules" value="<? echo $row["Rules"] ?>">
<input type="hidden" name="xTktBy" value="<? echo $row["TktBy"] ?>">
<input type="hidden" name="xChg" value="<? echo $row["Chg"] ?>">
<input type="hidden" name="xCan" value="<? echo $row["Can"] ?>">
<input type="hidden" name="xTrvlBetweena" value="<? echo $row["TrvlBetweena"] ?>">
<input type="hidden" name="xTrvlBetweenb" value="<? echo $row["TrvlBetweenb"] ?>">
<? showroweditor($row) ?>
<p><input type="submit" name="action" value="Post"></p>
</form>
<?
mysql_free_result($res);
} ?>

<?
$cityp = $_COOKIE["citypc"];
function deleterec($recid)
{
$res = sql_select();
$count = sql_getrecordcount();
mysql_data_seek($res, $recid);
$row = mysql_fetch_assoc($res);
showrecnav("del", $recid, $count);
?>
<br>
<form action="edit.php" method="post">
<input type="hidden" name="sql" value="delete">
<input type="hidden" name="xAirLine" value="<? echo $row["AirLine"] ?>">
<input type="hidden" name="xClass" value="<? echo $row["Class"] ?>">
<input type="hidden" name="xAdtPrice" value="<? echo $row["AdtPrice"] ?>">
<input type="hidden" name="xchdPrice" value="<? echo $row["chdPrice"] ?>">
<input type="hidden" name="xInfPrice" value="<? echo $row["InfPrice"] ?>">
<input type="hidden" name="xMaxStay" value="<? echo $row["MaxStay"] ?>">
<input type="hidden" name="xMinStay" value="<? echo $row["MinStay"] ?>">
<input type="hidden" name="xRules" value="<? echo $row["Rules"] ?>">
<input type="hidden" name="xTktBy" value="<? echo $row["TktBy"] ?>">
<input type="hidden" name="xChg" value="<? echo $row["Chg"] ?>">
<input type="hidden" name="xCan" value="<? echo $row["Can"] ?>">
<input type="hidden" name="xTrvlBetweena" value="<? echo $row["TrvlBetweena"] ?>">
<input type="hidden" name="xTrvlBetweenb" value="<? echo $row["TrvlBetweenb"] ?>">
<? showrow($row) ?>
<p><input type="submit" name="action" value="Confirm"></p>
</form>
<?
mysql_free_result($res);
} ?>

<?
$cityp = $_COOKIE["citypc"];
function connect()
{
$conn = mysql_connect("localhost", "USER(Secret)", "PASSWORD(Secret)");
mysql_select_db("qfq");
return $conn;
}

function sqlvalue($val, $quote)
{
if ($quote)
$tmp = sqlstr($val);
else
$tmp = $val;
if ($tmp == "")
$tmp = "NULL";
elseif ($quote)
$tmp = "'".$tmp."'";
return $tmp;
}

function sqlstr($val)
{
return str_replace("'", "''", $val);
}

function sql_select()
{
global $cityp;
global $conn;
global $order;
global $ordtype;
global $filter;
global $filterfield;
global $wholeonly;

$filterstr = sqlstr($filter);
if (!$wholeonly && isset($wholeonly) && $filterstr!='') $filterstr = "%" .$filterstr ."%";
$sql = "select `AirLine`, `Class`, `AdtPrice`, `chdPrice`, `InfPrice`, `MaxStay`, `MinStay`, `Rules`, `TktBy`, `Chg`, `Can`, `TrvlBetweena`, `TrvlBetweenb` from $cityp";
if (isset($filterstr) && $filterstr!='' && isset($filterfield) && $filterfield!='') {
$sql .= " where " .sqlstr($filterfield) ." like '" .$filterstr ."'";
} elseif (isset($filterstr) && $filterstr!='') {
$sql .= " where (`AirLine` like '" .$filterstr ."') or (`Class` like '" .$filterstr ."') or (`AdtPrice` like '" .$filterstr ."') or (`chdPrice` like '" .$filterstr ."') or (`InfPrice` like '" .$filterstr ."') or (`MaxStay` like '" .$filterstr ."') or (`MinStay` like '" .$filterstr ."') or (`Rules` like '" .$filterstr ."') or (`TktBy` like '" .$filterstr ."') or (`Chg` like '" .$filterstr ."') or (`Can` like '" .$filterstr ."') or (`TrvlBetweena` like '" .$filterstr ."') or (`TrvlBetweenb` like '" .$filterstr ."')";
}
if (isset($order) && $order!='') $sql .= " order by \"" .sqlstr($order) ."\"";
if (isset($ordtype) && $ordtype!='') $sql .= " " .sqlstr($ordtype);
$res = mysql_query($sql, $conn) or die(mysql_error());
return $res;
}

function sql_getrecordcount()
{
global $cityp;
global $conn;
global $order;
global $ordtype;
global $filter;
global $filterfield;
global $wholeonly;

$filterstr = sqlstr($filter);
if (!$wholeonly && isset($wholeonly) && $filterstr!='') $filterstr = "%" .$filterstr ."%";
$sql = "select count(*) from $cityp";
if (isset($filterstr) && $filterstr!='' && isset($filterfield) && $filterfield!='') {
$sql .= " where " .sqlstr($filterfield) ." like '" .$filterstr ."'";
} elseif (isset($filterstr) && $filterstr!='') {
$sql .= " where (`AirLine` like '" .$filterstr ."') or (`Class` like '" .$filterstr ."') or (`AdtPrice` like '" .$filterstr ."') or (`chdPrice` like '" .$filterstr ."') or (`InfPrice` like '" .$filterstr ."') or (`MaxStay` like '" .$filterstr ."') or (`MinStay` like '" .$filterstr ."') or (`Rules` like '" .$filterstr ."') or (`TktBy` like '" .$filterstr ."') or (`Chg` like '" .$filterstr ."') or (`Can` like '" .$filterstr ."') or (`TrvlBetweena` like '" .$filterstr ."') or (`TrvlBetweenb` like '" .$filterstr ."')";
}
$res = mysql_query($sql, $conn) or die(mysql_error());
$row = mysql_fetch_assoc($res);
reset($row);
return current($row);
}

function sql_insert()
{
global $cityp;
global $conn;
global $_POST;

$sql = "insert into $cityp (`AirLine`, `Class`, `AdtPrice`, `chdPrice`, `InfPrice`, `MaxStay`, `MinStay`, `Rules`, `TktBy`, `Chg`, `Can`, `TrvlBetweena`, `TrvlBetweenb`) values (" .sqlvalue(@$_POST["AirLine"], true) .", " .sqlvalue(@$_POST["Class"], true) .", " .sqlvalue(@$_POST["AdtPrice"], false) .", " .sqlvalue(@$_POST["chdPrice"], false) .", " .sqlvalue(@$_POST["InfPrice"], false) .", " .sqlvalue(@$_POST["MaxStay"], true) .", " .sqlvalue(@$_POST["MinStay"], true) .", " .sqlvalue(@$_POST["Rules"], true) .", " .sqlvalue(@$_POST["TktBy"], true) .", " .sqlvalue(@$_POST["Chg"], false) .", " .sqlvalue(@$_POST["Can"], false) .", " .sqlvalue(@$_POST["TrvlBetweena"], true) .", " .sqlvalue(@$_POST["TrvlBetweenb"], true) .")";
mysql_query($sql, $conn) or die(mysql_error());
}

function sql_update()
{
global $cityp;
global $conn;
global $_POST;

$sql = 'UPDATE $cityp SET AirLine = .sqlvalue(@$_POST["AirLine"], true) ., Class = .sqlvalue(@$_POST["Class"], true) ., AdtPrice = .sqlvalue(@$_POST["AdtPrice"], false) ., chdPrice = .sqlvalue(@$_POST["chdPrice"], false) ., InfPrice = .sqlvalue(@$_POST["InfPrice"], false) ., MaxStay = .sqlvalue(@$_POST["MaxStay"], true) ., MinStay = .sqlvalue(@$_POST["MinStay"], true) ., Rules = .sqlvalue(@$_POST["Rules"], true) ., TktBy = .sqlvalue(@$_POST["TktBy"], true) ., Chg = .sqlvalue(@$_POST["Chg"], false) ., Can = .sqlvalue(@$_POST["Can"], false) ., TrvlBetweena = .sqlvalue(@$_POST["TrvlBetweena"], true) ., TrvlBetweenb = .sqlvalue(@$_POST["TrvlBetweenb"], true) . WHERE .(AirLine = .sqlvalue(@$_POST["xAirLine"], true) .) and (Class = .sqlvalue(@$_POST["xClass"], true) .) and (AdtPrice = .sqlvalue(@$_POST["xAdtPrice"], false) .) and (chdPrice = .sqlvalue(@$_POST["xchdPrice"], false) .) and (InfPrice = .sqlvalue(@$_POST["xInfPrice"], false) .) and (MaxStay = .sqlvalue(@$_POST["xMaxStay"], true) .) and
(MinStay = .sqlvalue(@$_POST["xMinStay"], true) .) and (Rules = .sqlvalue(@$_POST["xRules"], true) .) and (TktBy = .sqlvalue(@$_POST["xTktBy"], true) .) and (Chg = .sqlvalue(@$_POST["xChg"], false) .) and (Can = .sqlvalue(@$_POST["xCan"], false) .) and (TrvlBetweena = .sqlvalue(@$_POST["xTrvlBetweena"], true) .) and (TrvlBetweenb = .sqlvalue(@$_POST["xTrvlBetweenb"], true) .)';
mysql_query($sql, $conn) or die(mysql_error());
}

function sql_delete()
{
global $cityp;
global $conn;
global $_POST;

$sql = "delete from $cityp where " ."(`AirLine`=" .sqlvalue(@$_POST["xAirLine"], true) .") and (`Class`=" .sqlvalue(@$_POST["xClass"], true) .") and (`AdtPrice`=" .sqlvalue(@$_POST["xAdtPrice"], false) .") and (`chdPrice`=" .sqlvalue(@$_POST["xchdPrice"], false) .") and (`InfPrice`=" .sqlvalue(@$_POST["xInfPrice"], false) .") and (`MaxStay`=" .sqlvalue(@$_POST["xMaxStay"], true) .") and (`MinStay`=" .sqlvalue(@$_POST["xMinStay"], true) .") and (`Rules`=" .sqlvalue(@$_POST["xRules"], true) .") and (`TktBy`=" .sqlvalue(@$_POST["xTktBy"], true) .") and (`Chg`=" .sqlvalue(@$_POST["xChg"], false) .") and (`Can`=" .sqlvalue(@$_POST["xCan"], false) .") and (`TrvlBetweena`=" .sqlvalue(@$_POST["xTrvlBetweena"], true) .") and (`TrvlBetweenb`=" .sqlvalue(@$_POST["xTrvlBetweenb"], true) .")";
mysql_query($sql, $conn) or die(mysql_error());
} ?>



This is you average Add, Edit, Update, and Delete web app for MySQL. so please if some one can help me with this problem that would be very helpful.