Asked  7 Months ago    Answers:  3   Viewed   39 times

I have been staring at this code for hours now and I cannot figure out where my mistake is. I know this syntax error usually comes up because of some missing or out of place curly brace or some issue with single/double quotes and I'm not sure there is one anywhere in my code. I am only trying to fix my syntax right now so I can get the code to completely compile. Any help would be much appreciated. Here is my code:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> 
<head> 
<title>Add to and Read from the Database</title>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
</head> 
<body>

<?php
function print_form() {
echo <<<END
         <form action="$_SERVER[PHP_SELF]" method="post">

    <h3>Please put your comments below.</h3>

<input type="hidden" name="stage" value="process" >
<p>Name:</p>
<input type="text" size="30" name="WholeName" />
<p>Comment:</p>
<input type="text" size="200" name="Comment" />

<input type ="submit"  value ="Submit" >
</form>
END;    

    }
function process_form() {

print "<p>adding comment...</p>";

$Name = $_POST['WholeName'];
$Comment = $_POST['Comment'];

    if( preg_match("^[a-zA-Z]+$", $Name)) {
        if( preg_match("^[a-zA-Z0-9]_-'[.?!]+$", $Comment)) {
            $sql = "insert into comments1 values ( 
           '$Name', 
           '$Comment')";
           $result = mysql_query($sql) or die("Mysql query failed");
      } else {
        print "invalid name";
        }
  } else {
print "invalid characters";
 }

}

$db = mysql_connect("", "", "");
if (!$db) {
   print "Error - Could not connect to mysql";
   exit;
}  

$er = mysql_select_db("");
if (!$er) {
  print "Error - Could not connect to comments1 database";
  exit;
}

if (isset($_POST['stage']) && ('process' == $_POST['stage'])) {
   process_form();
} else {
    print_form();
}

?>

</body>
</html>

 Answers

89

Your problem is that you're not closing your HEREDOC correctly. The line containing END; must not contain any whitespace afterwards.

Wednesday, March 31, 2021
 
viper
answered 7 Months ago
42

Wrap it with curly braces:

echo "<input type ="submit" name="naam" value="{$row['naam']}">";

Sidenote: If your string contains characters like " double quotes this will prematurely terminate it and break the markup, add htmlspecialchars to make sure before echoing:

$row['naam'] = htmlspecialchars($row['naam']);
Saturday, May 29, 2021
 
Dunc
answered 5 Months ago
58

replace line 43 with

$sql = "INSERT INTO `orders` (`OrderNo`, `BookName`, `Quantity`, `TotalPrice`, `ISBN`, `StudentID`) VALUES (NULL, '{$obj->Title}', '{$cart_itm['quantity']}', '{$total}', '{$ISBN}', '{$_SESSION['login_user']}');";

And remember to sanitize your variables!

Saturday, May 29, 2021
 
steros
answered 5 Months ago
Only authorized users can answer the question. Please sign in first, or register a free account.
Not the answer you're looking for? Browse other questions tagged :