0

I have a database called test. In it there is a table called people. People has 4 fields: fname, lname, age, city. I have a page with a form where people can enter in data. 

<?php
include('header.php');
?>

<body>
<form action="getinformation.php" method="post" id="getinformation">
<div id="header">
<h1><strong>Search For Data</h1></strong>
</div>
<div id="main">
<table border="0" width="75%">
        <tr>
            <td align="right" width="10%">First Name: </td>
            <td><input type="text" name="fname" id="fname" size="20" /></td>
        </tr>
        <tr>
        <td align="right" width="10%">Last Name: </td>
            <td><input type="text" name="lname" id="lname" size="20" /></td>
        </tr>
        <tr>
        <td align="right" width="10%">Age: </td>
            <td><input type="text" name="age" id="age" size="3" /></td>
        </tr>
        <tr>
        <td align="right" width="10%">City: </td>
            <td><input type="text" name="city" id="city" size="20" /></td>
        </tr>
</table>
<input type="submit" />
</div>
</body>

<?php
include('footer.php');
?>

When the submit button is clicked it will send the data to another page named getinformation.php.

<?php
require_once('model.php');

$query = "SELECT * FROM people WHERE";

if (isset ($POST_fname) {
$fname = $_POST['fname'];
$query = $query . " fname = " . $fname . " AND" }
if (isset ($POST_lname) {
$lname = $_POST['lname']; 
$query = $query . " lname = " . $lname . " AND" }
if (isset ($POST_age) {
$age = $_POST['age']; 
$query = $query . " age = " . $age . " AND" }
if (isset ($POST_city) {
$city = $_POST['city']; 
$query = $query . " city = " . $city . " AND" }

$query = rtrim($query, " AND");
?>
<div id=/"header/">
<h1><strong>This is the information you requested</h1></strong>
</div>
<div id=/"main/">
<?php
$statement = $db->prepare($query);
$statement->execute();
$products = $statement->fethAll();
$statement->closeCursor();
foreach ($products as $product) {
    echo $product['fname'] . " " . $product['lname'] . " | " . $product['age'] . " | " . $product['city'] . '<br />';
?>
</div>
<?php
include('footer.php');
?>

I get an error 

Parse error: syntax error, unexpected '{' in C:\Program Files\wamp\www\testwebpage\Model\getinformation.php on line 6

I have had this problem before with my isset function but aside from that working I'm wondering if the rest of the code looks fine (assuming isset worked perfectly)

Improve this question
3
  • Missing a heck of a lot of ;'s Commented Jul 18, 2013 at 20:14
  • huh many syntax error, just one: change isset ($POST_fname) to isset ($_POST['fname']) Commented Jul 18, 2013 at 20:14
  • wondering if the rest of the code looks fine - It's vulnerable to SQL Injection, so that's an issue. Check out "bound parameters". Commented Jul 18, 2013 at 20:17

4 Answers 4

Reset to default
2

You have a syntax error - missing closing parenthesis:

if (isset ($POST_fname) {

Should be

if (isset ( ..... ) ) {
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

You forgot to close the ) everywhere after isset and didn't put semicolons after "AND". Here is the fixed file:

<?php
require_once('model.php');

$query = "SELECT * FROM people WHERE";

if (isset ($POST_fname)) {
    $fname = $_POST['fname'];
    $query = $query . " fname = '" . $fname . "' AND";
}
if (isset ($POST_lname)) {
    $lname = $_POST['lname'];
    $query = $query . " lname = '" . $lname . "' AND";
}

if (isset ($POST_age)) {
        $age = $_POST['age'];
        $query = $query . " age = '" . $age . "' AND";
}

if (isset ($POST_city)) {
    $city = $_POST['city'];
    $query = $query . " city = '" . $city . "' AND";
}

$query = rtrim($query, " AND");
?>
<div id=/"header/">
<h1><strong>This is the information you requested</h1></strong>
</div>
<div id=/"main/">
<?php
$statement = $db->prepare($query);
$statement->execute();
$products = $statement->fethAll();
$statement->closeCursor();
foreach ($products as $product) {
    echo $product['fname'] . " " . $product['lname'] . " | " . $product['age'] . " | " . $product['city'] . '<br />';
}
?>
</div>
<?php
include('footer.php');
?>
Improve this answer

14 Comments

New error 'Parse error: syntax error, unexpected $end in C:\Program Files\wamp\www\testwebpage\Model\getinformation.php on line 36' Which is the last line of the file
I found one of the problems, I didnt end the foreach loop, so I put a closing bracket, but now I get the error Fatal error: Call to a member function execute() on a non-object in C:\Program Files\wamp\www\testwebpage\Model\getinformation.php on line 27
@jordankoal seems, that something is wrong with the query and $db->prepare returns false instead of an object
@jordankoal Probably, you don't enclose your string query parameters into quotes. Try my updated answer, I fixed the foreach '}' as well and added the quotes for every param. If it doesn't work, print $query before prepare and show me, what it gives
@jordankoal It would be even better, if you quote the query params after you get them from $_POST
|
0

Forgot the ( at end of the if. look at the line 6 as said in the error output.

Improve this answer

Comments

0

(isset ($POST_fname) be carfull isset() is a expression that have 2 parenteses"(" ")" you opened, but din't close.

on every 'if' do this

if(isset(anything))

any other problem, come here !

Improve this answer

1 Comment

New error 'Parse error: syntax error, unexpected $end in C:\Program Files\wamp\www\testwebpage\Model\getinformation.php on line 36' Which is the last line of the file

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.