php - Error in SQL syntax, check the manual that corresponds to your MySQL server version for the right syntax to use near 'ORDER BY category ASC' at line 1 -

-

site has been working fine years , of sudden getting error. experts appreciated.

you have error in sql syntax; check manual corresponds mysql server version right syntax use near 'order category asc' @ line 1

here code in question:

// sql injection attack prevention function $unit_recordset1 = ""; if (isset($_get['unit'])) {   $unit_recordset1 = getsqlvaluestring($_get['unit'], "text"); } $category_recordset1 = ""; if (isset($_get['category'])) {   $category_recordset1 = getsqlvaluestring($_get['category'], "text"); } else $_get['category'] = "";  // query builder create single or multiple , query $sql = "select * documents "; if(!empty($unit_recordset1)) {$sql .= " unit = $unit_recordset1 , ";} if(!empty($category_recordset1)) {$sql .= " category = $category_recordset1 , ";} // remove last , $sql = substr($sql, 0, -4); if(!empty($category_recordset1)) $sql .= " order title asc"; else $sql .= " order category, title asc";   // query left nav distinct category values $sqlnav = "select distinct category documents unit = $unit_recordset1 order category asc";   mysql_select_db($database_local, $local);  $recordset1 = mysql_query($sql, $local) or die(mysql_error()); $row_recordset1 = mysql_fetch_assoc($recordset1); $totalrows_recordset1 = mysql_num_rows($recordset1);  $recordset2 = mysql_query($sqlnav, $local) or die(mysql_error()); $row_recordset2 = mysql_fetch_assoc($recordset2); $totalrows_recordset2 = mysql_num_rows($recordset2);

there flows $unit_recordset1 may empty. in case, following statement:

$sqlnav = "select distinct category documents unit = $unit_recordset1 order category asc";

will evaluate to:

select distinct category documents unit = order category asc

which, of course, isn't valid sql. need add check against case too, down lines of:

$unitclause = ""; if(!empty($unit_recordset1) {     $unitclause = "where unit = $unit_recordset1 "; } $sqlnav = "select distinct category documents $unitclause order category asc";

Comments

Post a Comment

Popular posts from this blog

java - Plugin org.apache.maven.plugins:maven-install-plugin:2.4 or one of its dependencies could not be resolved -

-
i getting error message , further 1 here: failed read artifact descriptor org.apache.maven.plugins:maven-install-plugin:jar:2.4: even though when go .m2 repository path c:\users\a591024.m2\repository\org\apache\maven\plugins\maven-resources-plugin\2.4 the maven-resources-plugin-2.4.jar file there , maven-resources-plugin-2.4.pom there. have tried delete .m2 repository no luck. far maven not build project desperately need to. any ideas? it seems proxy issue please aad following in setting.xml grabbing lan setting , proxy information. <proxies> <proxy> <id>proxy</id> <active>true</active> <protocol>http</protocol> <host>hostname</host> <port>port</port> </proxy> </proxies> this frequent issue, please see below link well. plugin org.apache.maven.plugins:maven-clean-plugin:2.5 or 1 of dependencies not resolved maven: failed ret...
Read more

Round ImageView Android -

-
Image
i working on android application in doing rounded image view. working fine images, images 160x120 resolution shows oval shaped. code custom imageview given below, please me out here: public class roundimage extends drawable { private final bitmap mbitmap; private final paint mpaint; private final rectf mrectf; private final int mbitmapwidth; private final int mbitmapheight; public roundimage(bitmap bitmap) { mbitmap = bitmap; mrectf = new rectf(); mpaint = new paint(); mpaint.setantialias(true); mpaint.setdither(true); final bitmapshader shader = new bitmapshader(bitmap, shader.tilemode.clamp, shader.tilemode.clamp); mpaint.setshader(shader); mbitmapwidth = mbitmap.getwidth(); mbitmapheight = mbitmap.getheight(); } @override public void draw(canvas canvas) { canvas.drawoval(mrectf, mpaint); } @override protected void onboundschange(rect bound...
Read more

How can I utilize Yahoo Weather API in android -

-
Image
i want develop app using yahoo weather api android. want current , forecast weather details. i have tried different sources (e.g.: https://github.com/survivingwithandroid/weatherlib , getting error weatherlib api android , unable execute activity in android weatherlib ) , getting different errors m unable resplve. there can proper tutorial or guide! error: -17 08:50:48.961 3168-3168/com.survivingwithandroid.weather e/androidruntime﹕ fatal exception: main process: com.survivingwithandroid.weather, pid: 3168 java.lang.runtimeexception: unable start activity componentinfo{com.survivingwithandroid.weather/com.survivingwithandroid.weather.mainactivity}: java.lang.nullpointerexception: attempt invoke interface method 'boolean java.util.list.isempty()' on null object reference @ android.app.activitythread.performlaunchactivity(activitythread.java:2298) @ android.app.activitythread.handlelaunchactivity(activitythread.java:2360) @ android.app.activi...
Read more