SitePoint Sponsor

User Tag List

Results 1 to 6 of 6

Thread: Please help

  1. #1
    SitePoint Enthusiast
    Join Date
    Oct 2012
    Location
    India
    Posts
    73
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)

    Please help

    please tell me the error..it says parse error

    Code:
    <?php
    
    include('connection.php');
    include('security.php');
    
    
    $name=$_POST['name'];
    
    if($name=="")
    {
    
    echo"<script type='text/javascript'>alert('Name or Category Cannot be NULL')</script>";
    
    header('location:admin_insert_category_html.php');
    
    }
    
    
    
    else{
    $n=mysql_query("insert into category(name) values('$name')");
    
    $c=mysql_affected_rows($connect);
    
    if($c>0)
    {
    echo "<script type='text/javascript'>".$t=."alert('Done')</script>";
    if($t)
    {
    header('location:adminhome.php?act=1');
    }
    }
    else{
    echo"<h3>Error Occured!</h3>";
    }
    }
    
    ?>
    Thankyou

  2. #2
    SitePoint Wizard silver trophybronze trophy Cups's Avatar
    Join Date
    Oct 2006
    Location
    France, deep rural.
    Posts
    6,869
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    echo "<script type='text/javascript'>".$t=."alert('Done')</script>";

    I'd guess that above, which is emboldened.

    It would have helped a lot if you had indicated which line was causing the parse error.

    Also, unless there is something magical going on in one of the include files, you have a omitted to protect yourself from an SQL injection attack in that code sample.

  3. #3
    SitePoint Enthusiast
    Join Date
    Oct 2012
    Location
    India
    Posts
    73
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Cups View Post
    echo "<script type='text/javascript'>".$t=."alert('Done')</script>";

    I'd guess that above, which is emboldened.

    It would have helped a lot if you had indicated which line was causing the parse error.

    Also, unless there is something magical going on in one of the include files, you have a omitted to protect yourself from an SQL injection attack in that code sample.
    it was saying that line 27 is causing error.

    there was no problem in those include files.

    i didn't understand,i had protected myself or i am prone to sql injection?please elaborate

  4. #4
    SitePoint Enthusiast
    Join Date
    Oct 2012
    Location
    India
    Posts
    73
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    i had deleted all the code(each and everything) and then also it says line 27 has problem.don't know why..

    if you wanna this as a live page then visit

    www.moneyzzproject.netii.net

  5. #5
    SitePoint Wizard silver trophybronze trophy Cups's Avatar
    Join Date
    Oct 2006
    Location
    France, deep rural.
    Posts
    6,869
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    Sorry, I cannot elaborate on it any better than the link I carefully found and posted for you.

    If you still don't see the threat after reading that page a few times, then maybe this old classic will help illustrate the problem: Little Bobby Tables.

  6. #6
    SitePoint Member
    Join Date
    Jul 2011
    Location
    Mumbai,India
    Posts
    13
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Code:
    if($name=="")
    {
    
    echo"<script type='text/javascript'>alert('Name or Category Cannot be NULL')</script>";
    
    header('location:admin_insert_category_html.php');
    
    }
    Is it proper?? i mean, echo before passing headers??
    One could pass on header and then, on that target page have a javascript alert or something else..


Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •