Always getting this error

Anon

Hi, I directly give you the source code I'm using. The error message I always get is on the very same line. I've marked it below:

if ( $submit == "submit" )
{
	// check for subject and message
	if ( trim($author)=="" or trim($rating)=="" )
	{
		echo '"Please fill out the form completely and try again.<p><center><a href="review.php3">Back</a></center>"';
		exit();
	}
	else
	{
		$sql = mysql_query( "INSERT INTO reviews ( id, pid, author, date, rating, review ) VALUES ( '', $pid, $author, CURDATE(), $rating, $review );

		if (mysql_query($sql))
		{
  // here's the error (parse error), only this line
  // if I delete this whole if-statement, the parse error
  // appears at the very end of the document,
  // where nothing is written there, really strange...
  echo( "Your review has been added. Thank you for your contribution.<p>You can now close this window..." );
		}
		else
		{
			echo( "Ooops! An error occured while trying to add your review: " . mysql_error() );
		}
	}
}
else
{
	echo ( "Unknown command!" );
}

Thanks for any help!

Anon

Very easy: you have forgotten " on the end of you mysql query

Anon

You have multiple problems here. You never closed off the query string with a double quote.

Fix that and you'll discover that you are passing a query result handle to a query (in the "if" statement).

Anon

let me explain...

the right code would be
$sql = mysql_query( "INSERT INTO reviews ( id, pid, author, date, rating, review ) VALUES ( '', $pid, $author, CURDATE(), $rating, $review )";

-- see after $review

you might also have to include ' ' around the values, depending on your var-types

like '$pid', '$review' etc.

NightOwl
www.de-bruyne.org

Anon

Thanks. This problem is solved now. But here comes another... mySQL says, when inserting a row: Query was empty.

$sql = mysql_query( \"INSERT INTO reviews ( id, pid, author, date, rating, review ) VALUES ( \'\', $pid, $author, CURDATE(), $rating, $review )\" );

If I add \' \' just as you said, then mySQL says: You have an error in your SQL syntax near \'1\' at line 1

Any ideas?

BTW, does it really pass on the content of the form fields, just by using the same var\'s name as in the name of the HTML fields? Maybe I have to declare the vars first... if yes, how?

Anon

Yes it really passes them on, but you don't need to escape the double quotes on the outside of the INSERT statement
$sql = mysql_query( \"INSERT INTO reviews ( id, pid, author, date, rating, review ) VALUES ( \'\', $pid, $author, CURDATE(), $rating, $review )\" );
Should be this, also if id is autoincrementing you can omit that field like so:
$sql = mysql_query( "INSERT INTO reviews ( pid, author, date, rating, review ) VALUES ('$pid', '$author', CURDATE(), '$rating', '$review' )" );

Anon

Oh yeah also I noticed in your if statement you include
if (mysql_query($sql)) {

and $sql already holds the mysql_query part so you should probably change $sql to just hold the actual query and not the mysql_query

Anon

change the line to...

$sql = "INSERT INTO reviews ( id, pid, author, date, rating, review) VALUES (' ', $pid, $author, CURDATE(), $rating, $review)";

Anon

Thanks to you all! It works perfectly now.

Anon

These are the kind of errors that phps (color coded display) shows up real fast.

If your server is set up for it, you just make a copy or link of the source file and end it in .phps and view that. You should see your run on strings as huge chunks of red code for default colors.