Error in SQL Syntax HELP!!!


Posted on 16th Feb 2014 07:03 pm by admin

I have this page:

Code: <?php

session_start();

//connect to server and select database
$conn = mysql_connect("localhost", "root", "")
or die(mysql_error());
$db = mysql_select_db("smrpg", $conn) or die(mysql_error());

//show scouts characters
$get_scouts = "select * from scouts where username = '".$_SESSION['userName']."'";
$get_scouts_res = mysql_query($get_scouts, $conn) or die(mysql_error());
while ($list_scouts = mysql_fetch_array($get_scouts_res)) {
$identity = ucwords($list_scouts['identity']);
$topic_id = $list_scouts['id'];
echo "<ul class="character_list"><li><a href="fight.php?identity=$identity">$identity</li></ul> ";
}
?>

And it goes to this page:

Code: <?php

session_start();

//connect to server and select database
$conn = mysql_connect("localhost", "root", "")
or die(mysql_error());
$db = mysql_select_db("smrpg", $conn) or die(mysql_error());

//check for required info from the query string
if (!$_GET['identity']) {
header("Location: train_fight.php");
exit;
}

//get derived values

$derived = "select * from derived_values where identity = $_GET[identity]";
$derived_res = mysql_query($derived, $conn) or die(mysql_error());

$display_block = "<ul>";

while ($derived_info = mysql_fetch_array($derived_res)) {
$derived_id = $derived_info['id'];
$derived_identity = $derived_info['identity'];
$derived_health = $derived_info['health'];
$derived_energy = $derived_info['energy'];
$derived_acv1 = $derived_info['acv1'];
$derived_acv2 = $derived_info['acv2'];
$derived_dcv1 = $derived_info['dcv1'];
$derived_dcv2 = $derived_info['dcv2'];
$derived_total_cp = $derived_info['total_cp'];

$display_block .= "<li>$derived_identity</li>";

}

$display_block .= "</ul>";

?>

But I am getting this error:

You have an error in your SQL syntax; check the manual that correspondsto your MySQL server version for the right syntax to use atline 1

What am I doing wrong here? If I change my where statement or take it out, it is displaying the information, but I can't figure out what's wrong with my where statement or where I'm getting my "identity" from. Something's wrong but I can't find it. Can anyone help?

No comments posted yet

Your Answer:

Login to answer
136 Like 33 Dislike
Previous forums Next forums
Other forums

Will this protect from mysql injection?
I do not want anything like DROP TABLE to work or any type of coding..

Heres my code.. is it

A little help in c#
i am doing a simple paint program using c# i want to draw with the mouse so i wrote the code of the

Request.UrlReferrer
I need to make it so that a page can only be loaded when a button is clicked on a specific page. I d

Parse Error with doctype
I'm getting a parse error with this simple code. I don't get it. It worked one time then when I relo

retrieving policy name inside the function called by this particular policy
Hi there,

I've playing around with dbms_rls package, trying to set up some security repo

php call servlet
I have done a php backup application .
So there is a form that user pick some files to zip and d

xml element exists
Code: [Select]<?xml version="1.0"?>
<Addresses>
<

session checking in page load
hai all I have a web site is www.Mryas.com in this my login page is Page1.aspx its co

Adding to the next element in a multidimensional array
Hi, I'm trying to add a value to $node->field_spaces['nid'] where x is the next available spo

mysql VARCHAR acting like INT
Hi, All.

I have a table that contains a varchar(10) column named weird_field. In this column

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash