autoinsert

General PHP Help
#1

I’ve been using this program for a couple of years but In editing I screwed it up.
I get the selection box just fine but upon entering the paidamt it does nothing
and when i click the button I get the below error:

Update query failed: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE acctno=''' at line 10

The following is the .js file:

function $_(IDS) { return document.getElementById(IDS); } function calculate_paid() { var pd = document.getElementById("pd"); var dayslate = document.getElementById("dayslate"); var paidamt = document.getElementById("paidamt"); var amtdue = document.getElementById("amtdue"); var prevbal = document.getElementById("prevbal); var shipamt = document.getElementById("shipamt"); var datepaid = document.getElementById("datepaid"); var baldue = document.getElementById("baldue"); var dateNow = new Date(); var dayNow = dateNow.getDate(); var datePaid = (dateNow.getMonth()+1)+"/"+dateNow.getDate()+"/"+dateNow.getFullYear(); datepaid.value = datePaid; var totOwed = parseInt(amtdue.value) + parseInt(prevbal.value) +parseInt(shipamt.value); baldue.value = totOwed - paidamt.value); prevbal = totOwed - paidamt.value; if (status !="y") {amtdue = 0;} baldue.value = parseInt(baldue.value) - parseInt(amtpaid.value); baldue.value = parseInt(baldue.value) + parseInt(amtpaid.value); if(baldue > 0.00) {pd.value = "p"; }

<html><head>
<!--when the paidamt is keyed in, the current date,& baldue are autoinserted-->
<script type="text/javascript" src="payment.js"></script>
<script type="text/javascript">
window.google_analytics_uacct = "UA-256751-2";
</script>
<script type="text/javascript">
window.google_analytics_uacct = "UA-256751-2";
</script>
</head><body>[/code]
[php]<?php
// error_reporting(0);
error_reporting(E_ALL ^ E_NOTICE);
mysql_connect('localhost','root','');
mysql_select_db('oodb') or die( "Unable to select database");
if(!empty($_POST["submit"]))
{
$acctno = $_POST['acctno'];

$query="SELECT * FROM oocust Where acctno = '$acctno'";
$result=mysql_query($query);
if(mysql_num_rows($result))
{
echo "<form action='#' method='post'>Invoice Payment :<br /><br />
<table cellspacing=0 cellpadding=0 border=1>		
   <tr>		  
<th>acctno</th>
<th>Name</th>		  
<th>Description</th>
<th>Paid</th>
<th>Due</th>
<th>Prevbal</th>
<th>Date Paid</th>
   </tr>";	
while($row = mysql_fetch_assoc($result))
   {
echo "<tr>
<td><input type='text' size=25 value='" . $row['acctno'] . "'></td>
<td><input type='text' size=25 value='" . $row['bname'] . "'></td>
<td><input type='text' size=25 value='" . $row['descr'] . "'></td>   
<td><input type='text' size=7 id='paidamamt' value='" . $row['paidamt'] . "' 
onblur='calculate_paid(this)'></td>
<td><input type='text' size=7 id='amtdue' name='amtdue' value='" . $row['amtdue'] . "'></td>
<td><input type='text' size=7 id='prevbal' name='prevbal' value='" . $row['prevbal'] ."'
onBlur='calculate_paid(this)'></td>
<td><input type='text' size=10 id='datepaid' name='datepaid' value='" . $row['datepaid'] . "'></td>
<td><input type='text' size=7 id='baldue' name='baldue' value='" . $row['baldue'] . "'></td>                   </tr>";
}
echo "</table>
<input type='submit' name='update' value='make payment' />
</form>";
}  
 else{echo "No listing for account# $acctno.<br />Please select another.<br />";}
}
if(!empty($_POST["update"]))
{
$sql = "UPDATE oocust SET
acctno = '" . mysql_real_escape_string($_POST['acctno']) . "',
 bname = '" . mysql_real_escape_string($_POST['bname']) . "',     
 descr = '" . mysql_real_escape_string($_POST['descr']) . "', 
 paidamt = '" . mysql_real_escape_string($_POST['paidamt']) . "',
 amtdue = '" . mysql_real_escape_string($_POST['amtdue']) . "', 
 prevbal = '" . mysql_real_escape_string($_POST['prevbal']) . "', 
 datepaid = '" . mysql_real_escape_string($_POST['datepaid']) . "', 
 baldue = '" . mysql_real_escape_string($_POST['baldue']) . "',      
      [b]WHERE acctno='".$_POST["acctno"]."'";[/b]
mysql_query($sql) or die("Update query failed: " . mysql_error());
echo "Record for acct# ".$_POST["acctno"]." has been updated";
}
?>[/php]
[code]<form method="post" action="#">
<br />
<input type="text" name="acctno"/> <p>
<input type="submit" name="submit" value="select acct#."/>
</form>
<script type="text/javascript"><!--
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
//-->
</script>
<script type="text/javascript"><!--
try {
var pageTracker = _gat._getTracker("UA-256751-2");
pageTracker._trackPageview();
} catch(err) {}
//-->
</script>
<script type="text/javascript"><!--
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
//-->
</script>
<script type="text/javascript"><!--
try {
var pageTracker = _gat._getTracker("UA-256751-2");
pageTracker._trackPageview();
} catch(err) {}
//-->
</script>
</body></html>
#2

There ya go :smiley:

[php]$sql = “UPDATE oocust SET
acctno = '” . mysql_real_escape_string($_POST[‘acctno’]) . “’,
bname = '” . mysql_real_escape_string($_POST[‘bname’]) . “’,
descr = '” . mysql_real_escape_string($_POST[‘descr’]) . “’,
paidamt = '” . mysql_real_escape_string($_POST[‘paidamt’]) . “’,
amtdue = '” . mysql_real_escape_string($_POST[‘amtdue’]) . “’,
prevbal = '” . mysql_real_escape_string($_POST[‘prevbal’]) . “’,
datepaid = '” . mysql_real_escape_string($_POST[‘datepaid’]) . “’,
baldue = '” . mysql_real_escape_string($_POST[‘baldue’]) . “’,
WHERE acctno=’”.$_POST[“acctno”]."’"; // <<-- the error was here in your original. :wink:
mysql_query($sql) or die("Update query failed: " . mysql_error());
echo “Record for acct# “.$_POST[“acctno”].” has been updated”;[/php]

See my comment in the script to see where the error was.
Red :wink:

Sponsor our Newsletter | Privacy Policy | Terms of Service