Wat is wrong with this get?

Question

cristi08 0 Junior Poster

14 Years Ago

Hellow programmers, today I stuk on a new one,This time is a $_Get sintax that
give me error like so :"invalid query 4: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''36''' at line 2"

$query="SELECT * FROM total_proiect
            WHERE id_proiect ='" . $_GET['id_proiect']. "'";

while ($row = mysql_fetch_array($result)){
                    $id_proiect=$row['id_oferta'];
                    $id_ofertant=$row['id_ofertant'];

echo  "<tr>
                    <td><a href='detaliioferta.php?id_oferta=$id_proiect'
                title=$id_proiect>$id_proiect</td>
                                
                     <td>". $row['total_proiect']."</td>
                    <td><a href='detaliiofertant.php?id_ofertant=$id_ofertant'
                    title=$id_ofertant>$id_ofertant</td>
                    
                    </tr>";

AFTER THIS LINES OF COMMAND

$query="SELECT * FROM ofertant
   WHERE id_ofertant='".$_GET['id_ofertant']."'
            ";
            if (isset($query) && !empty($query)) {  
                echo"<!--" . $query. "-->";
                 $result = mysql_query($query)
                 or die ("invalid query 4: " . mysql_error ());}
                echo $titlu="<h2>Detalii proiect<h2>";
                echo "<table>                               
                                                          
                                
                                <th>Nume
                                </th>
                                <th>Oras<br />
                                    <br /></th>
                                    
                                ";
               
                while ($row = mysql_fetch_array($result)){
                    $Nume=$row['Nume'];
                    
                    echo  "<tr>
                    <td>
                $Nume</td>
                                
                    <td>". $row['Oras']."</td>
                    </tr>";
                }
                "</table>"; echo "<br />";
    ?>

AND HERE I GET STUK...

php

2 Contributors
2 Replies
100 Views
6 Hours Discussion Span
Latest Post 14 Years Ago Latest Post by cristi08

FlashCreations 20 Posting Whiz

14 Years Ago

*Cringe* Please, please, please mysql__real_escape_string() any user given value before using it in a query. Without doing so you are putting yourself at high risk of SQL Injection!

Now on to your problem. I would check the query (it seems you've outputted it out as a comment) on the second line and verify that there isn't anything wrong with it.
It would be a tremendous help if you could provide us with the value of $_GET['id_proiect'] or the final query that produces this error.

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

cristi08 0 Junior Poster · Answer 1 · 2010-08-22T21:58:10+00:00

Thank you it problem solved I was sleepy and forgot to save befor refresh