mistake in dreamweaver's update record script?

keyboard · 02-09-2005, 12:34 AM

I get this message:
You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

This is the script DW generates:

function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) {
$updateSQL = sprintf("UPDATE cd SET cd_name=%s WHERE cd_pk=%s",
GetSQLValueString($_POST['cd_name'], "text"),
GetSQLValueString($_POST['cd_pk'], "int"));

mysql_select_db($database_Apress_pdav, $Apress_pdav);
$Result1 = mysql_query($updateSQL, $Apress_pdav) or die(mysql_error());

$updateGoTo = "artist.php?artist=".$_POST['artist']."";
if (isset($_SERVER['QUERY_STRING'])) {
$updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
$updateGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $updateGoTo));
}

if ((isset($_POST['cd_pk'])) && ($_POST['cd_pk'] != "")) {
$deleteSQL = sprintf("DELETE FROM cd WHERE cd_pk=%s",
GetSQLValueString($_POST['cd_pk'], "int"));

mysql_select_db($database_Apress_pdav, $Apress_pdav);
$Result1 = mysql_query($deleteSQL, $Apress_pdav) or die(mysql_error());

$deleteGoTo = "artist.php?artist=".$_POST['artist']."";
if (isset($_SERVER['QUERY_STRING'])) {
$deleteGoTo .= (strpos($deleteGoTo, '?')) ? "&" : "?";
$deleteGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $deleteGoTo));
}

$colname_rstCD = "1";
if (isset($_GET['cd'])) {
$colname_rstCD = (get_magic_quotes_gpc()) ? $_GET['cd'] : addslashes($_GET['cd']);
}
mysql_select_db($database_Apress_pdav, $Apress_pdav);
$query_rstCD = sprintf("SELECT artist.artist_pk, artist.artist_name, cd.cd_pk, cd.cd_name FROM cd, artist WHERE cd_pk = %s AND cd.cd_artist = artist.artist_pk ", $colname_rstCD);
$rstCD = mysql_query($query_rstCD, $Apress_pdav) or die(mysql_error());
$row_rstCD = mysql_fetch_assoc($rstCD);
$totalRows_rstCD = mysql_num_rows($rstCD);

02-09-2005, 12:34 AM	PM User \| #1
keyboard New to the CF scene Join Date: Dec 2004 Posts: 4 Thanks: 0 Thanked 0 Times in 0 Posts	mistake in dreamweaver's update record script? I get this message: You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 This is the script DW generates: function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") { $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue; switch ($theType) { case "text": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "long": case "int": $theValue = ($theValue != "") ? intval($theValue) : "NULL"; break; case "double": $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL"; break; case "date": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "defined": $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue; break; } return $theValue; } $editFormAction = $_SERVER['PHP_SELF']; if (isset($_SERVER['QUERY_STRING'])) { $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']); } if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) { $updateSQL = sprintf("UPDATE cd SET cd_name=%s WHERE cd_pk=%s", GetSQLValueString($_POST['cd_name'], "text"), GetSQLValueString($_POST['cd_pk'], "int")); mysql_select_db($database_Apress_pdav, $Apress_pdav); $Result1 = mysql_query($updateSQL, $Apress_pdav) or die(mysql_error()); $updateGoTo = "artist.php?artist=".$_POST['artist'].""; if (isset($_SERVER['QUERY_STRING'])) { $updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?"; $updateGoTo .= $_SERVER['QUERY_STRING']; } header(sprintf("Location: %s", $updateGoTo)); } if ((isset($_POST['cd_pk'])) && ($_POST['cd_pk'] != "")) { $deleteSQL = sprintf("DELETE FROM cd WHERE cd_pk=%s", GetSQLValueString($_POST['cd_pk'], "int")); mysql_select_db($database_Apress_pdav, $Apress_pdav); $Result1 = mysql_query($deleteSQL, $Apress_pdav) or die(mysql_error()); $deleteGoTo = "artist.php?artist=".$_POST['artist'].""; if (isset($_SERVER['QUERY_STRING'])) { $deleteGoTo .= (strpos($deleteGoTo, '?')) ? "&" : "?"; $deleteGoTo .= $_SERVER['QUERY_STRING']; } header(sprintf("Location: %s", $deleteGoTo)); } $colname_rstCD = "1"; if (isset($_GET['cd'])) { $colname_rstCD = (get_magic_quotes_gpc()) ? $_GET['cd'] : addslashes($_GET['cd']); } mysql_select_db($database_Apress_pdav, $Apress_pdav); $query_rstCD = sprintf("SELECT artist.artist_pk, artist.artist_name, cd.cd_pk, cd.cd_name FROM cd, artist WHERE cd_pk = %s AND cd.cd_artist = artist.artist_pk ", $colname_rstCD); $rstCD = mysql_query($query_rstCD, $Apress_pdav) or die(mysql_error()); $row_rstCD = mysql_fetch_assoc($rstCD); $totalRows_rstCD = mysql_num_rows($rstCD);

Thread Tools
Show Printable Version Email this Page
Rate This Thread
Rate This Thread: