Hi,

I'm trying to write a script to retrieve search results from my database but it's not working. Every time I enter a search term, I get this parse error: parse
error, expecting `']'' in /Users/... on line 10. Changing the line to match the what it expected does nothing and I get the same parse error. Taking the line out also gave me the same parse error, still line 10. Here's the code, with line 10 in bold and italics:

<html>
<head>
	<title>Search Results</title>
</head>
<body>
<h1>Search Results</h1>
<?php
 	// create short variable names
	$searchtype=$_POST['searchtype'];
	$searchterm=trim($_POST['searchterm']);

if (!$searchtype || !$searchterm) {
	echo 'You have not entered search details. Please go back and try again.';
	exit;
}

if (!get_magic_quotes_gpc()){
	$searchtype = addslashes($searchtype);
	$searchterm = addslashes($searchterm);
}

@ $db = new mysqli('localhost', 'root', 'yourpasswordhere', 'Enviroindex');

if (msqi_connect_errno()) {
	echo 'Error: Could not connect to database. Please Try again later.';
	exit;
}

$query = "select * from Enviroindex where ".$searchtype." like '%".$searchterm."%'";
$result = $db->($query);

$num_results = $result->num_rows;

echo "<p>Number of results found: ".$num_results."</p>";
for ($i=0; $i <$num_results; $i++) {
	$row = $result->fetch_assoc();
	echo "<p><strong>".($i+1).". Organization Name: ";
	echo htmlspecialchars(stripslashes($row['organizationname']));
	echo "</>strong><br />Username: ";
	echo stripslahes($row['username']);
	echo "<br />Organization Type: ";
	echo stripslashes($row['organizationtype']);
	echo "</p>";
}

$result->free();
$db->close();

?>
</body>
</html>

Any help would be appreciated.

(Added [noparse]

[/noparse] tags around code ~ NogDog)[/i]

    I don't get any parse error there, though I do later on around line 30. First thing I'd check is that you are saving the file as plain ASCII text (and if UTF-8 then without a BOM), and make sure all quotes for array indexes and around string literals are "straight" quotes and not directional quotes (such as a word processor might insert -- so make sure you're using a code editor and not a word processor).

      So, this is weird.. When I look at the code on phpbuilder.com all looks well but when I past into my editor I get these weird template engine looking things on line ten:

        // create short variable names 
    $searchtype=$_POST['searchtype']; 
    [B][I]$searchterm=trim($_POST['searchterm']);[/I][/B]

      Are those and some type of hidden character or something? I'm guessing that's your problem right there. So, NogDog's solution should fix it!

        jeepin81;11011725 wrote:

        So, this is weird.. When I look at the code on phpbuilder.com all looks well but when I past into my editor I get these weird template engine looking things on line ten:

          // create short variable names 
    $searchtype=$_POST['searchtype']; 
    [B][I]$searchterm=trim($_POST['searchterm']);[/I][/B]

        Are those and some type of hidden character or something? I'm guessing that's your problem right there. So, NogDog's solution should fix it!



        Those were from the original posting trying to highlight that line, before I edited it to use [noparse]

        [/noparse] tags around the code, making them "visible" here.

          Thanks NogDog for your quick response. I am using a code editor so I'm presuming that they are straight quotes. It encodes in UTF-8 though it doesn't say anything about ASCII or BOM. How can I check this? Sorry, I'm really new at this.

            That's going to depend on the editor. Probably should look for something like "document properties", possibly available simply by right-clicking within the document itself. If in UTF-8, the presence of a BOM (byte order mark) probably wouldn't cause this error, but it can cause problems with PHP functions that send HTTP headers (e.g. session_start()).

              There are no BOMs in the script, and I'm using TextMate. Any other ideas?

              Thanks so much!

                Next step would be verify with absolute certainty that the code you showed us is the code producing the error. I say this because the code you showed has no parse errors in the first 15 lines, yet the message you showed us referenced line 10. If this is from your local and the problem is on your server, verify they are the same.

                  Can you rename the file to have a .txt file extension and attach it to your next post (after carefully obfuscating sensitive information, of course)? That would let us see the true contents of the file and (hopefully) reproduce the error.

                    I'm sure that this is the code that's causing this error because the error specifies this script. Here's the .txt version of the file [ATTACH]4639[/ATTACH]

                    Thanks!

                    results.txt

                      I'm getting the same error NogDog alluded to above:

                      Parse error: syntax error, unexpected '(', expecting identifier (T_STRING) or variable (T_VARIABLE) or '{' or '$' in results.txt on line 30

                      Line 30 is:

                      $result = $db->($query);

                      and the '(' is unexpected because you left out the name of the method you're trying to invoke.

                      EDIT: While you're at it, get rid of [man]addslashes/man - that function should never be used to prepare data for use in a SQL query. Instead, you should be using a DBMS-specific escaping mechanism (e.g. the OOP form of [man]mysqli_real_escape_string/man) or using prepared queries.

                        Sorry, that was the wrong file, here's the right one [ATTACH]4641[/ATTACH]

                        results.txt
                          LaurelS;11011795 wrote:

                          Sorry, that was the wrong file, here's the right one [ATTACH]4641[/ATTACH]

                          There is no change in the syntax between either files. The error message remains exactly the same (as does my additional comment).

                            Thank you so much, I fixed that line and now the script runs but it's not accepting the search term that I inputed and is now coming up with the error message that I told it to give when no search term is entered. Is this because of the addslashes function do you think?

                              LaurelS;11011801 wrote:

                              is now coming up with the error message that I told it to give when no search term is entered.

                              Can you show us the markup for the HTML form you're submitting that is processed by the code you've shown us?

                              EDIT: Also note you could do a [man]print_r/man on the entire $_POST array to examine its contents for debugging purposes.

                              LaurelS;11011801 wrote:

                              Is this because of the addslashes function do you think?

                              No, and one of the reasons should be quite obvious: Your uses of addslashes() come after the error message you referenced, so how could they possibly have any affect?

                                I fixed that problem (I accidentally had an extra space) and now it is working down to the msqli_connect_errno() function and I now get the error: "Fatal error: Call to undefined function msqli_connect_errno() in /Users/laurel/Sites/results.php on line 24". I removed it temporarily to see if the rest of the script worked. It worked down to where it should show the results but there weren't any and there was no error explaining why, it just showed "Number of results found: ". Below that was the error: "Fatal error: Call to a member function free() on a non-object in /Users/laurel/Sites/results.php on line 42" which is referencing the line below the lines to do with the results. I don't know what I'm doing wrong.

                                  Write a Reply...