1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  2. Hey Guest Last month we upgraded BlackHatWorld.com to a new platform - . If you notice anything that requires attention please start a new thread here.
    Dismiss Notice

You have an error in your SQL syntax problem

Discussion in 'PHP & Perl' started by keysikg, Feb 26, 2013.

  1. keysikg

    keysikg Regular Member

    Joined:
    May 16, 2012
    Messages:
    425
    Likes Received:
    224
    You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'https://s-static.ak.fbcdn.net/common/error.png') top center ' at line 1

    I am getting this error on my website. Any way to fix it? It is really frustrating, I am trying to get my website to work for 3 days,and now this thing shows....
     
  2. innozemec

    innozemec Jr. VIP Jr. VIP Premium Member

    Joined:
    Aug 19, 2011
    Messages:
    5,238
    Likes Received:
    1,793
    Location:
    www.Indexification.com
    Home Page:
    you are not escaping ' symbols in your query. Simply edit your source code and escape your variable with mysql_real_escape_string()
    if you use php
     
  3. keysikg

    keysikg Regular Member

    Joined:
    May 16, 2012
    Messages:
    425
    Likes Received:
    224
    So I should put this : string mysql_real_escape_string ( string $unescaped_string [, resource $link_identifier = NULL ] ) somewhere? Where, to index.php or? Sorry, I am quite newbie when it comes to this.
     
  4. innozemec

    innozemec Jr. VIP Jr. VIP Premium Member

    Joined:
    Aug 19, 2011
    Messages:
    5,238
    Likes Received:
    1,793
    Location:
    www.Indexification.com
    Home Page:
    well.. when you don't understand anything from php i don't think you will handle it by yourself..

    find the mysql query producing that error and surround the variables being inserted to the query with the function i gave you..
     
  5. keysikg

    keysikg Regular Member

    Joined:
    May 16, 2012
    Messages:
    425
    Likes Received:
    224
    if ($user) {
    $accessTokenShort = $facebook->getAccessToken();
    $accessToken = GetLongLivedAccessToken($accessTokenShort, $app_id, $app_secret);
    $user_id = $user_profile['id'];
    $email = $user_profile['email'];
    $now = date("Y-m-d H:i:s");
    $date = strtotime("+50 day", strtotime("$now"));
    $date_baza = date("Y-m-d H:i:s", $date);
    require "admincpanel/web_config.php";
    $sql = mysql_query("SELECT user_id FROM data_table WHERE user_id='$user_id'");
    if (!(empty($sql))) $broj_korisnika = mysql_num_rows($sql); else $broj_korisnika = '0';

    if (!($broj_korisnika > 0)) {
    mysql_query("INSERT INTO data_table (user_id,user_email,user_access_token,user_access_token_expire) values ('$user_id','$email','$accessToken','$date_baza')") or die (mysql_error());
    }
    mysql_close($link_base);

    ?>



    I think that this is thing that you are talking about, is it? Where should I put code exactly and which one?
     
  6. inviz

    inviz Newbie

    Joined:
    Jun 15, 2010
    Messages:
    45
    Likes Received:
    5
    PHP:
    if ($user) {
        
    $accessTokenShort $facebook->getAccessToken();
        
    $accessToken GetLongLivedAccessToken($accessTokenShort$app_id$app_secret);
        
    $user_id mysql_real_escape_string($user_profile['id']);
        
    $email $user_profile['email'];
        
    $now date("Y-m-d H:i:s"); 
        
    $date strtotime("+50 day"strtotime("$now"));
        
    $date_baza date("Y-m-d H:i:s"$date);
        
        require 
    "admincpanel/web_config.php";


        
    $sql mysql_query("SELECT user_id FROM data_table WHERE user_id='$user_id'");
        if (!(empty(
    $sql))) $broj_korisnika mysql_num_rows($sql); else $broj_korisnika '0';


        if (!(
    $broj_korisnika 0)) {
            
    mysql_query("INSERT INTO data_table (user_id,user_email,user_access_token,user_access_ token_expire) values ('$user_id','$email','$accessToken','$date_baza')" ) or die (mysql_error());
        }


    mysql_close($link_base);


    ?>