You have an error in your SQL syntax; check the manual that corresponds to your MySQL

Please please, anyone, help me to resolve this sql syntax error! I checked similar topics before on quotes usage but nothing that

i changed, helped me fix my issue. Thank you in advanced!

-----------------------------------------------------------------------------------


<?php
session_start();

$toplinks = "";


$id = $_SESSION['id'];
$firstname=$_SESSION['firstname'];
$toplinks='<a href="profile.php?id=' . $id . '">' . $firstname . '</a> &bull;
<a href="edit_profile.php">Account</a> &bull;
<a href="logout.php">Log Out</a>';

if (!isset($_SESSION['id'])) {


// Put stored session variables into local php variable

include_once "login.php";
exit();
}



?>
<?php




$comment="";
$name="";
$msg="";
include_once "scripts/connect_to_mysql.php";


if ($_POST['comment']){
$mem_id=$_SESSION['id'];
$name= $_SESSION['firstname'];
$comment= $_POST['$comment'];
$comment= stripslashes($comment);
$comment= mysql_real_escape_string($comment);
$comment = eregi_replace("'", "&#39;", $comment);


$sql_post = mysql_query( "INSERT INTO comments(mem_id, comment_body,comment_date,comment_name) VALUES($mem_id,'$comment',now(),'$name'") or die (mysql_error());
$id = mysql_insert_id();
if($sql_post){
$msg="Your comment was added successfuly!";
} else{
print "ERROR,something went wrong";
exit();

}

$comment="";
$name="";

}
?>


<?php
$com_id="";
$com_name="";
$user_id="";
$com_body="";
$com_date="";


$sql_blabs = mysql_query("SELECT id, mem_id,comment_body, comment_name, comment_date FROM comments WHERE id='$id' AND mem_id > 0 ORDER BY comment_date DESC LIMIT 20");

$commentlist="";
while($row = mysql_fetch_array($sql_blabs)){

$comid=$row["id"];
$userid=$row["mem_id"];
$com_name=$row["comment_name"];
$com_body=$row["comment_body"];
$com_date=$row["comment_date"];
$com_date=strftime("%b %d, %Y, %Y %I:%M:%S %p", strtotime($com_date));
}
if($sql_blabs !==0){
$commentlist='
<table width="100%" align="center" cellpadding="4" bgcolor="#CCCCCC">
<tr>
<td width="93%" bgcolor="#CCCCCC"><span style="font-size:10px; font-weight:bold; color:#000000;"></br>' . $com_date . '</span>
' . $com_name . '</span><br />'. $com_body. '</td>
</tr>
</table>';
}

else {

$commentlist="";
}






?>

 

"id" is a numeric field, but you're SELECTing WHERE it equals '$id', which says it's a char field. This would throw an error.

 

Thank you for advice , i made that correction WHERE id=$id and, unfortunately, still getting the error.
"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1"

 

Well, what are you actually doing when the error occurs? Just opening the page, posting a comment, or?

You posted that page, but you have a "connect_to_mysql.php" file, too, which you didn't paste. Have you checked it for errors in your code?


Anyway, this looks wrong to me? Or maybe it can be done that way (I've never tried).

$sql_post = mysql_query( "INSERT INTO comments(mem_id, comment_body,comment_date,comment_name) VALUES($mem_id,'$comment',now(),'$name'") or die (mysql_error());

PHP:

I would personally have formatted it as:

$sql_post = mysql_query("INSERT INTO comments(mem_id, comment_body,comment_date,comment_name) VALUES($mem_id,'$comment',now(),'$name')") OR die(mysql_error());

PHP:

Completely untested as I have nothing to test it with right now. Might get you going in the right direction, though.

 

Can't believe I missed that Ryan.

 

I might have missed something, too. I don't know how fussy mySQL gets and if there will need to be a space between comments (the table name) and (. (I have always formatted with a space after the table name, although I know it doesn't matter with VALUES.)

 

Thanks for reply, ryan_uk , after getting error, i was checking all the syntax in code, i checked my connect_to_mysql.php file too, all the data in it was ok and other pages related to it, work just fine. Then i checked my db table data and all the syntax there and, once again, all looked fine. I tried your OR die option and it didn't help to get rid of error. I have no clue how to fix it. I am in front end web design department, not a pro in codding at all.))

 

It would be much easier to look at the actual code rather than guess work. Just looking at what you originally posted, I have a feeling that there's probably still a typo left behind somewhere (a " in the wrong place, some white spaces where they shouldn't be, etc). You could always place the contents into .txt files and PM me the link (remove any passwords or other sensitive details, of course). (It might be with what you pasted above or the connect file).

 

Ryan,i sent all the related info and source files. Many thanks for help!