[RESOLVED] Parse error: syntax error, unexpected $end in

pnarendran

Hi:

i'm new to php and I tried this htm form and php code to insert some data into mysql:

  <HTML>
<Head>

  <title>Contact form</title>

  <style type="text/css"> 

              table{

              border:1;

              border-collapse:collapse;

              font: normal 12px 'Lucida Grande',Verdana,sans-serif;

              }

              td{

              color:#663333;font-family:verdana;

              border-bottom: 1px solid #666;

              padding-left:10px;

              background-color:#F0F8FF;

              }

              #sub{ text-align:center;}

  </style>

</Head>

<body>

  <h2> FeedBack/Contact Form</h2>

  <form action="contact_insert.php" method="POST" id="insert">

              <table>

                          <tr>
                                      <td> First Name*</td>
                                      <td><input type="text" size=40 name="fname"></td>
                          </tr>


		      <tr>
                                      <td> Last Name*</td>
                                      <td><input type="text" size=40 name="lname"></td>
                          </tr>


                          <tr>
                                      <td>Email</td>
                                      <td><input type="text" size=40 name="email"></td>
                          </tr>


		       <tr>
                                      <td>Gender</td>
                                      <td><input type="text" size=40 name="gender"></td>
                          </tr>


	 	       <tr>
                                      <td>Birth</td>
                                      <td><input type="text" size=40 name="birth"></td>
                          </tr>


		       <tr>
                                      <td>Age</td>
                                      <td><input type="text" size=40 name="age"></td>
                          </tr>


		       <tr>
                                      <td>Password</td>
                                      <td><input type="text" size=40 name="password"></td>
                          </tr>


		       <tr>
                                      <td>Phone</td>
                                      <td><input type="text" size=40 name="phone1"></td>
                          </tr>


		       <tr>
                                      <td>Mobile</td>

                                      <td><input type="text" size=40 name="mobile"></td>
                          </tr>


		       <tr>
                                      <td>Fax</td>
                                      <td><input type="text" size=40 name="fax"></td>
                          </tr>



                          <tr>
                                      <td>Description*</td>

                                      <td><textarea  name="description" cols=40 rows=7></textarea> </td>
                          </tr>


                          <tr>
                                      <td colspan=2 id="sub"><input type="submit" name="submit" value="submit" ></td>
                          </tr>

              </Table>

  </form>

</BODY>

</Html>

<?php
$username="user";
$password="pass";
$database="cpmsripple";

$fname=$_POST['Value1'];
$lname=$_POST['Value2'];
$email=$_POST['Value3'];
$gender=$_POST['Value4'];
$birth=$_POST['Value5'];
$age=$_POST['Value6'];
$password=$_POST['Value7'];
$phone1=$_POST['Value8'];
$mobile=$_POST['Value9'];
$fax=$_POST['Value10'];
$description=$_POST['Value11'];

mysql_connect(localhost,$cpmsripple,$D*amond2);
@mysql_select_db($cpmsripple) or die( "Unable to select database");

$query = "INSERT INTO cprofile VALUES
('','$fname','$lname','$email','$gender','$birth','$age','$password','$phone1','$mobile','$fax','$description');

mysql_query($query);

mysql_close();
?>

and this is the error I get when i hit the submit button:

Parse error: syntax error, unexpected $end in D:\Hosting\8148384\html\contact_insert.php on line 27

Can someone please help me with this.

Thanks

NogDog

Welcome to the forums. In the future, please use this forum's [noparse]

...

[/noparse] tags around your code samples. I added them to your post above. 🙂

First problem I see is that you do not have a closing double quote near the end where you define your $query string, so the parser thinks everything that follows is still part of that string literal.

bradgrafelman

Here are some more issues with the PHP code:

You might want to obfuscate your login credentials before posting them on a public forum .
For things like DB credentials, I prefer to use [man]constants[/man] over variables. After all, your credentials probably aren't going to vary during the execution of the script but instead remain constant.

Plus, this would remove confusion around variables named like $password which you later overwrite with user-supplied data (meaning your DB credentials have been lost before you ever call mysql_connect() above).
Assignments like this:
```
$fname=$_POST['Value1']; 
```
will cause E_NOTICE level errors if the external data wasn't passed to the script. Instead, I prefer to write such assignment statements like so:
```
$fname = isset($_POST['Value1']) ? $_POST['Value1'] : NULL;
```
That way you can define some default value to the variable $fname if the external 'Value1' value wasn't provided (all while eliminating the possibility of generating any error messages).
Speaking of $_POST['Value1'], where did all of those ValueXX names come from? None of your form elements are named like that, so your PHP script will never access any of the data submitted (and instead just generate a bunch of E_NOTICE level errors about an 'undefined index' being used).
This:
```
mysql_connect(localhost,$cpmsripple,$D*amond2); 
```
line has a few problems:
1. Where do you define the constant localhost? I'm guessing the answer is that you haven't and that you instead meant to use the string "localhost" there. As such, you're missing quotes (since all strings must be delimited in some way, most often by quotes on either side).
2. Where do you define the variable $cpmsripple? I'm guessing the answer is that you haven't and that you instead meant to use the variable named $database.
3. The third parameter says this: "Take the variable $D and multiply it by the constant named amond2." Perhaps you meant to use the variable named $password instead?
4. You should be checking to see if [man]mysql_connect/man succeeded or not and, if not, take whatever action is appropriate.
Couple of problems with this:
```
@mysql_select_db($cpmsripple) or die( "Unable to select database"); 
```
1. Don't use the '@' error suppressor. Ever. It does nothing but hinder development by hiding error messages that otherwise could have helped the developer (i.e. you) fix the underlying problems that caused them. Don't use it. Ever.
2. Where do you define the variable $cpmsripple? I'm guessing the answer is that you haven't and that you instead meant to use the variable named $database.
Finally, some issues with the SQL query itself:
1. Always include column names in INSERT queries (e.g. "INSERT INTO myTable (col1, col2) VALUES ...") to remove ambiguity. Otherwise, you have to go lookup the table schema in the DB (which could change!) to understand how the query works.
  
  After you do that, you can simply omit the first column altogether from the query (which I'm guessing is an AUTO_INCREMENT column?).
2. User-supplied data should never be placed directly into a SQL query, else your code will be vulnerable to SQL injection attacks and/or just plain SQL errors. Instead, you must first sanitize the data with a function such as [man]mysql_real_escape_string/man (for string data).
3. Always check to see if [man]mysql_query/man indicates that the query was executed successfully. If not, you should output or log (depending whether you're in the development or production environments, respectively) helpful debugging information such as the query string that was executed as well as the error message returned by MySQL (see [man]mysql_error/man).

wajidaktherabba

bradgrafelman;10987461 wrote:
Here are some more issues with the PHP code:
You might want to obfuscate your login credentials before posting them on a public forum .

For things like DB credentials, I prefer to use [man]constants[/man] over variables. After all, your credentials probably aren't going to vary during the execution of the script but instead remain constant.

Plus, this would remove confusion around variables named like $password which you later overwrite with user-supplied data (meaning your DB credentials have been lost before you ever call mysql_connect() above).
Assignments like this:
$fname=$_POST['Value1']; 
will cause E_NOTICE level errors if the external data wasn't passed to the script. Instead, I prefer to write such assignment statements like so:
$fname = isset($_POST['Value1']) ? $_POST['Value1'] : NULL;
That way you can define some default value to the variable $fname if the external 'Value1' value wasn't provided (all while eliminating the possibility of generating any error messages).
Speaking of $_POST['Value1'], where did all of those ValueXX names come from? None of your form elements are named like that, so your PHP script will never access any of the data submitted (and instead just generate a bunch of E_NOTICE level errors about an 'undefined index' being used).
This:
mysql_connect(localhost,$cpmsripple,$D*amond2); 
line has a few problems:

Where do you define the constant localhost? I'm guessing the answer is that you haven't and that you instead meant to use the string "localhost" there. As such, you're missing quotes (since all strings must be delimited in some way, most often by quotes on either side).

Where do you define the variable $cpmsripple? I'm guessing the answer is that you haven't and that you instead meant to use the variable named $database.

The third parameter says this: "Take the variable $D and multiply it by the constant named amond2." Perhaps you meant to use the variable named $password instead?

You should be checking to see if [man]mysql_connect/man succeeded or not and, if not, take whatever action is appropriate.
Couple of problems with this:
@mysql_select_db($cpmsripple) or die( "Unable to select database"); 
Don't use the '@' error suppressor. Ever. It does nothing but hinder development by hiding error messages that otherwise could have helped the developer (i.e. you) fix the underlying problems that caused them. Don't use it. Ever.

Where do you define the variable $cpmsripple? I'm guessing the answer is that you haven't and that you instead meant to use the variable named $database.
Finally, some issues with the SQL query itself:

Always include column names in INSERT queries (e.g. "INSERT INTO myTable (col1, col2) VALUES ...") to remove ambiguity. Otherwise, you have to go lookup the table schema in the DB (which could change!) to understand how the query works.

After you do that, you can simply omit the first column altogether from the query (which I'm guessing is an AUTO_INCREMENT column?).

User-supplied data should never be placed directly into a SQL query, else your code will be vulnerable to SQL injection attacks and/or just plain SQL errors. Instead, you must first sanitize the data with a function such as [man]mysql_real_escape_string/man (for string data).

Always check to see if [man]mysql_query/man indicates that the query was executed successfully. If not, you should output or log (depending whether you're in the development or production environments, respectively) helpful debugging information such as the query string that was executed as well as the error message returned by MySQL (see [man]mysql_error/man).

Hi,
I have just joined this forum yesterday but when I looked at this post the problem i saw was the very basic one even though I did not copy and tried to run the code the problem is here

$query = "INSERT INTO cprofile VALUES
('','$fname','$lname','$email','$gender','$birth','$age','$password','$phone1','$mobile','$fax','$description');

My friend you have missed thedouble quotes in the query as well.

it must be

$query = "INSERT INTO cprofile VALUES
('','$fname','$lname','$email','$gender','$birth','$age','$password','$phone1','$mobile','$fax','$description')";

and always try to replace the variable values with '".$name."' and so on.

Hope that it will help.

Regards

pnarendran

Hi:

I appreciate all the help. When I fixed some issues as guided by you all the original error is gone, but here is the new error.

Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'therippleffect'@'97.74.24.84' (using password: YES) in D:\Hosting\8148384\html\contact_insert.php on line 18
Unable to select database.

here is the altered code which is giving the new error.


<?php
$username="cpmsripple";
$password="p!sword1";
$database="cpmsripple";

$fname=isset($_POST['Value1']) ? $_POST['Value1'] : NULL;
$lname=isset($_POST['Value2']) ? $_POST['Value2'] : NULL;
$email=isset($_POST['Value3']) ? $_POST['Value3'] : NULL;
$gender=isset($_POST['Value4']) ? $_POST['Value4'] : NULL;
$birth=isset($_POST['Value5']) ? $_POST['Value5'] : NULL;
$age=isset($_POST['Value6']) ? $_POST['Value6'] : NULL;
$password=isset($_POST['Value7']) ? $_POST['Value7'] : NULL;
$phone1=isset($_POST['Value8']) ? $_POST['Value8'] : NULL;
$mobile=isset($_POST['Value9']) ? $_POST['Value9'] : NULL;
$fax=isset($_POST['Value10']) ? $_POST['Value10'] : NULL;
$description=isset($_POST['Value11']) ? $_POST['Value6'] : NULL;

mysql_connect("cpmsripple.db.8148384.hostedresource.com","therippleffect","p!sword1");
@mysql_select_db("$database") or die( "Unable to select database");

$query = "INSERT INTO cprofile VALUES
('','$fname','$lname','$email','$gender','$birth','$age','$password','$phone1','$mobile','$fax','$description');

mysql_query($query)";

mysql_close();
?>

bradgrafelman

As the error message states, the MySQL server rejected the credentials you attempted to use. The solution is to use the correct credentials.

pnarendran

Guys thanks again for your help. I found out that there was something called the read only password in the database that needed to match with what was in the code so i changed it. Now, there is no error message, only a blank page, so I added a print message " hello world" - please see new code (really same with print message) and it printed fine. But when I checked the database no record has been added. - Can you help please?

Thanks

pnarendran

sorry here is the new code I meant to add above:

<?php
$username="cpmsripple";
$password="Therambil1";
$database="cpmsripple";

$fname=isset($_POST['Value1']) ? $_POST['Value1'] : NULL;
$lname=isset($_POST['Value2']) ? $_POST['Value2'] : NULL;
$email=isset($_POST['Value3']) ? $_POST['Value3'] : NULL;
$gender=isset($_POST['Value4']) ? $_POST['Value4'] : NULL;
$birth=isset($_POST['Value5']) ? $_POST['Value5'] : NULL;
$age=isset($_POST['Value6']) ? $_POST['Value6'] : NULL;
$password=isset($_POST['Value7']) ? $_POST['Value7'] : NULL;
$phone1=isset($_POST['Value8']) ? $_POST['Value8'] : NULL;
$mobile=isset($_POST['Value9']) ? $_POST['Value9'] : NULL;
$fax=isset($_POST['Value10']) ? $_POST['Value10'] : NULL;
$description=isset($_POST['Value11']) ? $_POST['Value6'] : NULL;

mysql_connect("cpmsripple.db.8148384.hostedresource.com","cpmsripple","Therambil1");
mysql_select_db("cpmsripple") or die("Unable to select database");

$query = "INSERT INTO cprofile VALUES
('','$fname','$lname','$email','$gender','$birth','$age','$password','$phone1','$mobile','$fax','$description');

mysql_query($query)";

mysql_close();
Print "Hello, World!";

?>

Derokorian

Read only means that user can only perform select queries. In order to insert data you need write privileges.

Derokorian

Also, this:

$query = "INSERT INTO cprofile VALUES 
('','$fname','$lname','$email','$gender','$birth','$age','$password','$phone1','$mobile','$fax','$description'); 

mysql_query($query)";

Should be this:

$query = "INSERT INTO cprofile VALUES 
('','$fname','$lname','$email','$gender','$birth','$age','$password','$phone1','$mobile','$fax','$description')"; 

mysql_query($query);

pnarendran

Actually, I have read and write privileges, its just that I was told that I should change the read only password also for the database to match the code and when i did that all errors disappeared., and as far as the () it must be a copy error but I checked the code and it is as you suggest - please see below. Thanks again for your help.

<?php
$username="user";
$password="pass";
$database="cpmsripple";

$fname=isset($_POST['Value1']) ? $_POST['Value1'] : NULL;
$lname=isset($_POST['Value2']) ? $_POST['Value2'] : NULL;
$email=isset($_POST['Value3']) ? $_POST['Value3'] : NULL;
$gender=isset($_POST['Value4']) ? $_POST['Value4'] : NULL;
$birth=isset($_POST['Value5']) ? $_POST['Value5'] : NULL;
$age=isset($_POST['Value6']) ? $_POST['Value6'] : NULL;
$password=isset($_POST['Value7']) ? $_POST['Value7'] : NULL;
$phone1=isset($_POST['Value8']) ? $_POST['Value8'] : NULL;
$mobile=isset($_POST['Value9']) ? $_POST['Value9'] : NULL;
$fax=isset($_POST['Value10']) ? $_POST['Value10'] : NULL;
$description=isset($_POST['Value11']) ? $_POST['Value6'] : NULL;

mysql_connect("host","user","pass");
mysql_select_db("cpmsripple") or die("Unable to select database");


$query = "INSERT INTO cprofile VALUES
('','$fname','$lname','$email','$gender','$birth','$age','$password','$phone1','$mobile','$fax','$description');

mysql_query($query)";

mysql_close();
Print "Hello, World!";

?>

bradgrafelman

The error in your code is a missing double quote to end the string that you set $query equal to. Notice how the next line of actual PHP code is still in red (meaning it's still a part of the string)?

Also, you might want to obfuscate your login details before posting them on a public forum next time!

pnarendran

ok sorry missed the " - fixed it. But here is what is happening now. New record is being created in the database but Empty records

bradgrafelman

Echo the query out and see what is being sent to the SQL server.

Also, try doing a [man]print_r/man on the $_POST array to see all of the POST'ed data that the PHP script received.

pnarendran

Sorry. I Don't seem to understand what you are asking me to do here.

pnarendran

Ok. Basically I altered the code like this and it is printing the numeral 1

<?php
$username="cpmsripple";
$password="BlahBlah2";
$database="cpmsripple";

$fname=isset($POST['Value1']) ? $POST['Value1'] : NULL;
$lname=isset($POST['Value2']) ? $POST['Value2'] : NULL;
$email=isset($POST['Value3']) ? $POST['Value3'] : NULL;
$gender=isset($POST['Value4']) ? $POST['Value4'] : NULL;
$birth=isset($POST['Value5']) ? $POST['Value5'] : NULL;
$age=isset($POST['Value6']) ? $POST['Value6'] : NULL;
$password=isset($POST['Value7']) ? $POST['Value7'] : NULL;
$phone1=isset($POST['Value8']) ? $POST['Value8'] : NULL;
$mobile=isset($POST['Value9']) ? $POST['Value9'] : NULL;
$fax=isset($POST['Value10']) ? $POST['Value10'] : NULL;
$description=isset($POST['Value11']) ? $POST['Value11'] : NULL;

mysql_connect("cpmsripple.db.8148384.hostedresource.com","cpmsripple","BlahBlah2");
mysql_select_db("cpmsripple") or die("Unable to select database");

$query = "INSERT INTO cprofile VALUES
('','$fname','$lname','$email','$gender','$birth','$age','$password','$phone1','$mobile','$fax','$description')";

mysql_query($query);

Echo mysql_query($query);

mysql_close();

pnarendran

Hi, Thanks again all of you,
I did the Echo like this

mysql_query($query);

Echo mysql_query($query);

and it prints out the numeral 1 but it still only appends rows with empty fields.
Please help.

Derokorian

echo $query

not
echo mysql_query($query);

pnarendran

ohh Ok. When I did that it prints out

INSERT INTO cprofile VALUES ('','','','','','','','','','','','')

and appends a row ith empty fields in the database table.

bradgrafelman

What is the HTML code for the form that you're submitting to POST data to this script? The problem is obvious - the variables you're adding in the query string are all empty. Are you sure you're looking for the correct field names in the $_POST array?