November 26th, 2012, 12:22 PM
by changing the code as per your instructions another error is coming
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''' at line 1
November 26th, 2012, 12:38 PM
No - it is how it should be formatted for it to work (I have been doing this a long time)
November 26th, 2012, 12:39 PM
So is the id actually being passed to the page? Have you used the isset function to check? Have you echo'd out your query and run it in PHPMyAdmin to make sure it is correct and works?
You have several queries so how are we supposed to know which one isn't working?
November 26th, 2012, 02:51 PM
Why do insist on the quotes? SQL -- like pretty much any other language -- uses plain digit sequenes as integer literals. So
is valid SQL. No need to use any quotes.
And as long as he doesn't manage to escape the values, the quotes also don't increase security in any way.
So what's with the query code I gave you? Are you not interested? Will you "add security later"? (famous last words)
As long as the general query logic is broken, it makes little sense to dive into an endless debugging session, because you'll have to rewrite the code, anyway.
I'd also ask you to use a bit of common sense and do some thinking on your own. When you see the URL
in your browser and get a strange error message about "$movie_id", did it never occur to you that maybe your link isn't quite right?
You forgot to actually echo the variable:
OK, when you still have SQL error, then output your queries and paste them here in the forum (like simplypixie said). If you don't see the error, then probably we will.
<a href="movie_details.php?movie_id=<?php echo urlencode($movie_id) ?>">
I mean, I don't know about you, but I think it might be time to actually fix the problem and stop that game of us making a guess and you telling us that it still doesn't work.
November 26th, 2012, 03:18 PM
What I am saying is that the quotes won't cause an error if the data is numeric. As it is, it appears to me that they want to send through the table column name so it will not be numeric anyway!!
November 27th, 2012, 07:35 AM
removed the codes
the error which is being displayed now is
Unknown column '$movie_id' in 'where clause'
November 27th, 2012, 08:22 AM
It is no good just posting your errors, we need to see your current code as well.
What this is telling me though is that for some reason you have
in your query now which will produce an error as you don't have a column in your table called $movie_id.
November 27th, 2012, 08:23 AM
I give up. Have fun, simplypixie.
November 27th, 2012, 08:27 AM
To be honest, so do I but thought I would try once more
Originally Posted by Jacques1
Comments on this post
November 28th, 2012, 04:29 AM
The problem is solved thanzx alll for replying and contributing your precious time
November 28th, 2012, 04:58 AM
If you're still using your old query code, it will only "work" until somebody with bad intentions and basic SQL knowledge finds your site.
Comments on this post