Syntax error

vRory · Apr 11, 2013

PHP:

<?php $pagerank = 4; include "templates/header.php"; ?>
 
    <div id="site_content">
    <?php include "templates/sidebar.php"; ?>
        <div id="content_container">
 
            <div id="content">
                <h1>{hotelName} Hotel ASE :: Give VIP!</h1><hr/>
                <?php
                if(isset($_POST['give']) && $_SESSION['user']['rank'] >= $pagerank)
                {   
                    if(mysql_num_rows(mysql_query("SELECT * FROM users WHERE username = '".filter($_POST['username'])."'")))
                    {
                        mysql_query("INSERT INTO `cms_housekeeping_logs` (userid,ip_address,page,time,extra_data) VALUES ('".$_SESSION['user']['id']."', '".$_SERVER['REMOTE_ADDR']."', 'admin_vip.php', '".date("D, d F Y H:i", time())."'), '".filter($_POST['username'])."' ")or die(mysql_error());
                       
                        $getInfo = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE username = '".filter($_POST['username'])."'"))or die(mysql_error());
                        if ($getInfo['rank'] == 1)
                        {
                            mysql_query("UPDATE users SET rank = '2' WHERE username = '".filter($_POST['username'])."'")or die(mysql_error());
                           
 
                        }
                        @Mus("updatevip"." ".$getInfo['id']);
                        echo '<div class="alert alert-success">'.$_POST['username'].' is now VIP!</div>';
                       
                       
                    }
                   
                    else
                    {
                        echo '<div class="alert alert-error">User does not exist.</div>';
                    }
                   
                }
               
               
                ?>
               
                <form method="post">
                    <table class="table table-bordered table-condensed">
                        <tr>
                            <td>Username</td>
                            <td><input type="text" name="username" /></td>
                        </tr>
                        <tr>
                            <td></td>
                            <td><input type="submit" value="VIP User" name="give"/></td>
                        </tr>
                    </table>
                </form>
            </div>
        </div>
    </div>
    
<?php include "templates/footer.php"; ?>

This is the page i use for giving a user vip, this makes a record of whom is given vip i tried adding the users name to the record and i get this error

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''ReflectionOfficial'' at line 1

The query is this as shown above:

PHP:

mysql_query("INSERT INTO `cms_housekeeping_logs` (userid,ip_address,page,time,extra_data) VALUES ('".$_SESSION['user']['id']."', '".$_SERVER['REMOTE_ADDR']."', 'admin_vip.php', '".date("D, d F Y H:i", time())."'), '".filter($_POST['username'])."' ")or die(mysql_error());

Quackster · Apr 11, 2013

try

PHP:

mysql_query("INSERT INTO `cms_housekeeping_logs` (userid,ip_address,page,time,extra_data) VALUES ('".$_SESSION['user']['id']."', '".$_SERVER['REMOTE_ADDR']."', 'admin_vip.php', '".date("D, d F Y H:i", time())."', '".filter($_POST['username'])."')")or die(mysql_error());

vRory · Apr 11, 2013

Quackster said:

try

PHP:

mysql_query("INSERT INTO `cms_housekeeping_logs` (userid,ip_address,page,time,extra_data) VALUES ('".$_SESSION['user']['id']."', '".$_SERVER['REMOTE_ADDR']."', 'admin_vip.php', '".date("D, d F Y H:i", time())."', '".filter($_POST['username'])."')")or die(mysql_error());

Thank you

Syntax error

vRory

Unemployed.

Quackster

a devbest user says what

vRory

Unemployed.

Users who are viewing this thread

Latest posts

Connect with us

Newest members