Hi all
getting this error
"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1"

if($_POST['paypalsubmit']) {
$upsql = "UPDATE orders SET status =2, payment_type =1 WHERE id =" . $_SESSION['SESS_ORDERNUM'];
$upres = mysql_query($upsql)or die(mysql_error());

$itemssql = "SELECT total FROM orders WHERE id =" . $_SESSION['SESS_ORDERNUM'];

$itemsres = mysql_query($itemssql);
$row = mysql_fetch_assoc($itemsres);

if($_SESSION['SESS_LOGGEDIN']) { unset($_SESSION['SESS_ORDERNUM']);
} else
	{ session_register("SESS_CHANGEID");
	  $_SESSION['SESS_CHANGEID'] = 1; }
	header("Location: https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=you%40youraddress.com&item_name=".urlencode($config_sitename) . "+Order&item_number=PROD" . $row['id'] ."&amount= " . urlencode(sprintf('%.2f', $row['total'])) . "&no_note=1&currency_code=GBP&lc=GB&submit.x=41&submit.y=15");
	}

else if ($_POST['chequesubmit']) { $upsql = "UPDATE orders SET status =2, payment_type =2 WHERE id =" . $_SESSION['SESS_ORDERNUM'];
$upres = mysql_query($upsql);

if($_SESSION['SESS_LOGGEDIN']) { unset($_SESSION['SESS_ORDERNUM']);
} else
{ session_register("SESS_CHANGEID"); $_SESSION['SESS_CHANGEID'] = 1; }

Tried changing all quote around and read every forum post i can find, still no luck. Please help.

Are you sure that your $_SESSION is set correctly? Try echo'ing your sql statement before you send it to mysql_query and see...

Thanks darkagn
The solution was much simpler and came from another coder.

if($_POST['paypalsubmit']) {
$upsql = "UPDATE orders SET status ='2', payment_type ='1' WHERE id ='" . $_SESSION['SESS_ORDERNUM'] . "'";
$upres = mysql_query($upsql)or die(mysql_error());

$itemssql = "SELECT total FROM orders WHERE id = '" . $_SESSION['SESS_ORDERNUM'] . "'";

as you can see its all in the quotes.

Ah ok, so are all of your fields of type VARCHAR? Might be worthwhile changing to NUMERICs if you are going to be joining tables a bit, that is if that doesn't mess everything else up!

No those fields are all int(11) I try to minimize use of Varchars. But thanks for the help.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.