#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    May 2012
    Posts
    11
    Rep Power
    0

    Parse error: syntax error, unexpected T_STRING, expecting ',' or ';' in


    hi
    can anyone help me with this error im getting?
    Parse error: syntax error, unexpected T_STRING, expecting ',' or ';' in
    Code:
    echo "<td align="center"  bgcolor="#f8f8f8" width="50"><a href="edit.php?id='.$row['id'].'"><img src='images/edit.png' /></a><a href="#" onclick="testKConfirm( {$id} );"><img src='images/delete.png' /></a></td>";
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Oct 2009
    Location
    Nebraska, USA
    Posts
    876
    Rep Power
    276
    the problem is in your quotes usage ..you can see it when using the [ php ] tags instead of [ code ] tags.
    PHP Code:
    echo "<td align="center"  bgcolor="#f8f8f8" width="50"><a href="edit.php?id='.$row['id'].'"><img src='images/edit.png' /></a><a href="#" onclick="testKConfirm( {$id} );"><img src='images/delete.png' /></a></td>"; 
  4. #3
  5. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2011
    Location
    Sydney Australia
    Posts
    189
    Rep Power
    84
    Originally Posted by mrbrin
    hi
    can anyone help me with this error I'm getting?
    You need to escape the quotes contained within the quoted string.

    PHP Code:
    echo "<td align=\"center\"  bgcolor=\"#f8f8f8\" width=\"50\"><a href=\"edit.php?id={$row['id']}\"><img src=\"images/edit.png\" /></a><a href=\"#\" onclick=\"testKConfirm( {$id} );\"><img src=\"images/delete.png\" /></a></td>"
  6. #4
  7. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,959
    Rep Power
    1014
    Hi,

    the actual problem is that you have three(!) different languages nested in each other: You have JavaScript nested in HTML nested in PHP. And there's no separation whatsoever, you just write it down in one go, hoping the various interpreters will figure out what goes where -- which obviously doesn't work very well.

    While this is a good way to get interesting bugs and attacks, it's pretty much the last thing you want when developing a robust and secure application. Your parse error is just a harmless symptom of this. What if an attacker takes advantage of the fact that your PHP variables leak into the JavaScript code which in turn leaks into the HTML? What if you have even more complicated expressions?

    So you should seriously reconsider your programming style. In modern programming, you usually avoid PHPHTMLJavaScriptCSS spaghetti code. Instead of stuffing the HTML into PHP strings, consider using a dedicated template engine like Twig or Smarty. Instead of stuffing the JavaScript into HTML attributes, put it into external scripts. Instead of styling your page with tables and those outdated layout attributes (bgcolor etc.), use external CSS files.

    Sure, this will be quite some work at first, and you'll have to relearn many things. But in the long run, I think it'll greatly improve your code with regard to security, robustness, readability and maintainability.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  8. #5
  9. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2013
    Posts
    1
    Rep Power
    0

    use


    echo '<td align="center" bgcolor="#f8f8f8" width="50"><a href="edit.php?id='.$row['id'].'"><img src="images/edit.png" /></a><a href="#" onclick="testKConfirm( {$id});"><img src="images/delete.png" /></a></td>';

IMN logo majestic logo threadwatch logo seochat tools logo