its the && and bits around that i need syntax checking is it looking good or have i made an obvious mistake i have tryed all kinds but can you not see what i am attemption by how it looks?
[RESOLVED] sql error maybe syntax issue maybe
Why are you asking us? Your DBMS should be perfectly capable of telling you whether a SQL query contains a syntax error. It should even tell you where it determined there was a syntax error.
jamied_uk;10999669 wrote:its the && and bits around that i need syntax checking is it looking good or have i made an obvious mistake i have tryed all kinds but can you not see what i am attemption by how it looks?
Are you serious? Did you even read what I wrote?
i asked if my syntax is right as im gettin error Unknown column 'blablabla' in 'where clause'
error instead of it selecting a table called reminder so im confused and need simple help how can i achive selecting this correct?
For starters, you can read my post again 
i tried with quotes aswel yes and even with brackets
jamied_uk;10999678 wrote:i asked if my syntax is right as im gettin error Unknown column 'blablabla' in 'where clause'
error instead of it selecting a table called reminder so im confused and need simple help how can i achive selecting this correct?
Unknown column means you have your column names wrong. This has nothing to do with syntax but rather you are attempting to refer to columns that don't exist.
its strange because it asumes the value is the colum name instead of value inside the colum called reminder
Here, let me highlight the important bits:
sneakyimp;10999665 wrote:when you run a query, you should check to see if it resulted in an error and then use the error retrieval function to tell you what went wrong. the error message usually tells you if you have a syntax error.
I would tell you which error-checking function to use if you would actually show us some of your code, which you haven't.
sneakyimp;10999665 wrote:also, we haven't seen the actual query that gets run -- just the PHP statement that is defining the query.
Correction: we've only seen a fragment of the PHP that defines your query. This is not enough information to determine what query is actually getting run.
And perhaps most importantly:
sneakyimp;10999665 wrote:lastly, your post hardly gives any info about what's happening and you don't use the code formatting tags. you'll get answers faster if you learn to provide all the information needed to solve your problem.
jamied_uk;10999682 wrote:its strange because it asumes the value is the colum name instead of value inside the colum called reminder
MySQL doesn't assume anything. If it's treating the value as a column name, then it's because you told it to do so (such as by not surrounding string values with quotes).
here is the full code maybe it will be more helpfull to supply it all and i hope the error becomes obvious, sorry for not showing this sooner but was trying to start out simple
<?php
include 'dbc.php';
/******************* ACTIVATION BY FORM**************************/
if ($_POST['doReset']=='Reset')
{
$err = array();
$msg = array();
foreach($_POST as $key => $value) {
$data[$key] = filter($value);
}
if(!isEmail($data['user_email'])) {
$err[] = "ERROR - Please Enter A Valid Email";
// }
}
$user_email = $data['user_email'];
$user_reminder = $data['reminder'];
// $reminder = $data['user_reminder'];
//check if active code and user is valid as precaution
$rs_check = mysql_query("select id from `users` where (user_email = '$user_email' && reminder = $user_reminder)") or die (mysql_error());
$num = mysql_num_rows($rs_check);
// Match row found with more than 1 results - the user is authenticated.
if ( $num <= 0 ) {
$err[] = "Error - Sorry no such account exists or registered.";
//header("Location: forgot.php?msg=$msg");
//exit();
}
if(empty($err)) {
$new_pwd = GenPwd();
$pwd_reset = PwdHash($new_pwd);
//$sha1_new = sha1($new);
//set update sha1 of new password + salt
$rs_activ = mysql_query("update users set pwd='$pwd_reset' WHERE
user_email='$user_email'") or die(mysql_error());
$host = $_SERVER['HTTP_HOST'];
$host_upper = strtoupper($host);
//send email
$message =
"Here are your new password details ...\n
User Email: $user_email \n
Passwd: $new_pwd \n
Thank You
Administrator
$host_upper
______________________________________________________
THIS IS AN AUTOMATED RESPONSE.
***DO NOT RESPOND TO THIS EMAIL****
";
mail($user_email, "Reset Password", $message,
"From: \"Member Registration\" <auto-reply@$host>\r\n" .
"X-Mailer: PHP/" . phpversion());
$msg[] = "Your account password has been reset and a new password has been sent to your email address.";
//$msg = urlencode();
//header("Location: forgot.php?msg=$msg");
//exit();
}
}
?>
<html>
<head>
<title>Forgot Password</title>
<body style="background:#000000">
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<script language="JavaScript" type="text/javascript" src="js/jquery-1.3.2.min.js"></script>
<script language="JavaScript" type="text/javascript" src="js/jquery.validate.js"></script>
<script>
$(document).ready(function(){
$("#actForm").validate();
});
</script>
<link href="styles.css" rel="stylesheet" type="text/css">
</head>
<body>
<table width="100%" border="0" cellspacing="0" cellpadding="5" class="main">
<tr>
<td colspan="3"> </td>
</tr>
<tr>
<td width="160" valign="top"><p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p></td>
<td width="732" valign="top">
<h3 class="titlehdr"><font color="#FFFF00">Forgot Password</h3>
<p>
<?php
/******************** ERROR MESSAGES*************************************************
This code is to show error messages
**************************************************************************/
if(!empty($err)) {
echo "<div class=\"msg\">";
foreach ($err as $e) {
echo "* $e <br>";
}
echo "</div>";
}
if(!empty($msg)) {
echo "$new_pwd";
}
/******************************* END ********************************/
?>
</p>
<p>If you have forgot your J~Net Account Password, you can <strong>Reset Password</strong>
and the new password will appear.</p>
<form action="forgot1.php" method="post" name="actForm" id="actForm" >
<table width="65%" border="0" cellpadding="4" cellspacing="4" class="loginform">
<tr>
<td colspan="2"> </td>
</tr>
<tr>
<td width="36%"><font color="#FFFF00">Your Email</td>
<td width="64%"><input name="user_email" type="text" class="required email" id="txtboxn" size="25"></td>
</tr>
<tr>
<td width="36%"><font color="#FFFF00">Your Reminder</td>
<td width="64%"><input name="user_reminder" type="text" class="required reminder" id="txtboxn" size="25"></td>
</tr>
<tr>
<td colspan="2"> <div align="center">
<p>
<input name="doReset" type="submit" id="doLogin3" value="Reset">
</p>
</div></td>
</tr>
</table>
<div align="center"></div>
<p align="center"> </p>
</form>
<p> </p>
<p align="left"> </p></td>
<td width="196" valign="top"> </td>
</tr>
<tr>
<td colspan="3"> </td>
</tr>
</table>
</body>
</html>i have changed $reminder with $user_reminder etc and to no avail
OK the error message is very helpful. "unknown column" means you are querying a table and in the WHERE part of your query, you refer to a field that doesn't exist in your database.
Also, in that code you posted, if $user_reminder is an empty string, you'll get a syntax error. Not sure if that will ever happen in practice, but it might.
sneakyimp has already pointed out the issue:
sneakyimp;10999665 wrote:if $reminder is non-numeric then you'll get a syntax error. you might want to put quotes around $reminder.
Stated in another way: All string data in SQL queries must be surrounded (or "delimited") by single quotes.
Check your database table called users. Make sure it has all these fields. If it doesn't, there's your problem:
id
user_email
* reminder
The names have to match exactly. I.e., reminder is not the same thing as user_reminder.
im testing it on a database with colume that does have a value and is not blank also testing the form with entered values aswel and the real value is getting printed correctly in the error output
the feild exists with correct data inside and that correct data is displayed correcly within the error output so its defenetly human error here on my part
Hello? Is this thing on?
Maybe you'll actually read my reply if I post it several times...
sneakyimp;10999665 wrote:if $reminder is non-numeric then you'll get a syntax error. you might want to put quotes around $reminder.
bradgrafelman;10999688 wrote:Stated in another way: All string data in SQL queries must be surrounded (or "delimited") by single quotes.
sneakyimp;10999665 wrote:if $reminder is non-numeric then you'll get a syntax error. you might want to put quotes around $reminder.
bradgrafelman;10999688 wrote:Stated in another way: All string data in SQL queries must be surrounded (or "delimited") by single quotes.
sneakyimp;10999665 wrote:if $reminder is non-numeric then you'll get a syntax error. you might want to put quotes around $reminder.
bradgrafelman;10999688 wrote:Stated in another way: All string data in SQL queries must be surrounded (or "delimited") by single quotes.
sneakyimp;10999665 wrote:if $reminder is non-numeric then you'll get a syntax error. you might want to put quotes around $reminder.
bradgrafelman;10999688 wrote:Stated in another way: All string data in SQL queries must be surrounded (or "delimited") by single quotes.
i have tried this aswell
select id from users where (user_email = '$user_email' && reminder = `$user_reminder
still same error!
Two problems with that:
You've got a single backtick before the $user_reminder value that isn't closed.
Backticks are not single quotes, and single quotes are not backticks.