Ik krijg deze error:
MySql error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1
Wat doe ik verkeerd en wat moet het dan wel worden?
Post alleen relevante code en geen honderden regels.
Compleet script verwijderd.
SanThe.
<b>« Menu</b><br \>
<br \>
<a href="?Logout=1">Uitloggen</a><br \>
<br \>
<a href="?p=AddNews">Nieuw bericht.</a><br \>
<a href="?p=ChangeNews">Verander bericht.</a><br \>
<a href="?p=DeleteNews">Verwijder bericht.</a><br \>
<?
if(isset($_GET['p'])){
if($_GET['p'] == "AddNews"){
if($_SERVER['REQUEST_METHOD'] == "POST"){
unset($_SESSION['Message']);
unset($_SESSION['Title']);
unset($_SESSION['plaatje']);
$_SESSION['Message'] = $_POST['Message'];
$_SESSION['Title'] = $_POST['Title'];
$_SESSION['plaatje'] = $_POST['plaatje'];
if(isset($_POST['AddFile'])){
if(!empty($_FILES['Picture']['tmp_name'])){
//Filename
$FileName = time() ."-".$_FILES['Picture']['name'];
// Toegestaande extensies opvragen
$ext = strtolower($ext);
$ext = explode(" ", $ext);
//Toegestaande types opvragen
$type = strtolower($type);
$type = explode(" ",$type);
$Pos = strrpos(strtolower($_FILES['Picture']['name']),'.');
$FileExt = substr (strtolower($_FILES['Picture']['name']), $Pos+1);
foreach($ext as $Value){
if($FileExt == $Value){
$ContrExt = TRUE;
}
}
foreach($type as $Value){
if(strtolower($_FILES['Picture']['type']) == $Value){
$ContrType = TRUE;
}
}
if($ContrType == TRUE && $ContrExt == TRUE){
if(move_uploaded_file($_FILES['Picture']['tmp_name'],"./".$ImgMap."/". $FileName)){
chmod("./".$ImgMap."/".$FileName,0644);
if(!empty($_POST['Thumb'])){
thumb($FileName,$_POST['Thumb'],$ImgMap,$ThumbMap,$_FILES['Picture']['type']);
$Cut = strrpos($FileName,'.');
$File = substr($FileName,0,$Cut);
$File.='.jpg';
if(mysql_query("INSERT INTO ".$SqlPrefix."pic (news_id,name,original,thumb) VALUES('". session_id() ."','". $FileName ."','".$_FILES['Picture']['name']."','".$File."')")){
$Disp = $_FILES['Picture']['name']." succesvol toegevoegd, en thumb succesvol gemaakt met een maximale grootte van ". $_POST['Thumb']."px";
}else{
$Disp = "MySql error:<br \>".mysql_error();
}
}else{
if(mysql_query("INSERT INTO ".$SqlPrefix."pic (news_id,name,original) VALUES('". session_id() ."','". $FileName ."','".$_FILES['Picture']['name']."')")){
$Disp = $_FILES['Picture']['name']." succesvol toegevoegd.";
}else{
$Disp = "MySql error:<br \>".mysql_error();
}
}
}else{
$Disp="Foto kon niet geupload worden, mogelijk bestaat de map img/ niet of heeft u te weinig rechten.";
}
}else{
$Disp="Bestand met incorrecte bestandsnaam of inhoud,".$FileExt."<br \>".$_FILES['Picture']['type'];
}
}else{
$Disp="Geen foto geselecteerd.";
}
}else{
if(!empty($_POST['Message']) && !empty($_POST['Title']) && !empty($_POST['plaatje'])){
if(mysql_query("INSERT INTO ".$SqlPrefix."news (title,message,plaatje) VALUES ('".$_POST['Title']."', '".$_POST['Message']."', '".$_POST['plaatje']."'")){
if(mysql_query("UPDATE ".$SqlPrefix."pic SET news_id='". mysql_insert_id() ."' WHERE news_id = '". session_id() ."'")){
echo"Het nieuws bericht is succesvol toegevoegd aan de database.<br \>";
unset($_SESSION['Title']);
unset($_SESSION['Message']);
unset($_SESSION['plaatje']);
$Succes=TRUE;
}else{
$Disp="MySql error:<br \>".mysql_error();
}
}else{
$Disp="MySql error:<br \>".mysql_error();
}
}
}
}elseif(isset($_GET['DelPic'])){
unset($_SESSION['Message']);
unset($_SESSION['Title']);
unset($_SESSION['plaatje']);
$_SESSION['Message'] = $_POST['Message'];
$_SESSION['Title'] = $_POST['Title'];
$_SESSION['plaatje'] = $_POST['plaatje'];
$Sql="SELECT name,thumb FROM ".$SqlPrefix."pic WHERE id=".$_GET['DelPic'];
if($Result = mysql_query($Sql)){
while($Row = mysql_fetch_assoc($Result)){
if($Row['thumb'] > 0){
unlink($ImgMap.'/'.$ThumbMap.'/'.$Row['thumb']);
}
unlink($ImgMap.'/'.$Row['name']);
if(mysql_query("DELETE FROM ".$SqlPrefix."pic WHERE id=".$_GET['DelPic'])){
$Disp="Plaatje verwijderd.<br \>\n";
}else{
$Disp="MySql error:<br \>\n".mysql_error();
}
}
}else{
$Disp="MySql error:<br \>\n".mysql_error();
}
}
if(!isset($Succes)){
if(isset($Disp)){
echo$Disp."<br \>";
}
?>
<form method="POST" name="Form_AddNews" action="<?echo$_SERVER['PHP_SELF'];?>?p=AddNews" enctype="multipart/form-data">
Titel:<br \>
<input type="text" name="Title" value="<?if(isset($_SESSION['Title'])) echo$_SESSION['Title'];?>"><br \>
<br \>
<input type="button" value="b" style="font-weight: bold;" onClick="javascript: bold()" onMouseOver="helpline('Vetgedrukte tekst: [b]tekst[/b]','aan')" onMouseOut="helpline('','uit')">
<input type="button" value="i" style="font-style: italic;" onClick="javascript: italic()" onMouseOver="helpline('Schuingedrukte tekst: [i]tekst[/i]','aan')" onMouseOut="helpline('','uit')">
<input type="button" value="u" style="text-decoration: underline;" onClick="javascript: underline()" onMouseOver="helpline('Onderstreepte tekst: [u]tekst[/u]','aan')" onMouseOut="helpline('','uit')">
<input type="button" value="url" onClick="javascript: link()" onMouseOver="helpline('Url: [url=http://www.myimages.nl/]Myimages[/url]','aan')" onMouseOut="helpline('','uit')"><br>
<input type="text" name="helpbox" size="80" style="width=100%; border:0px solid;" readonly><br>
<SCRIPT language="JavaScript">document.Form_AddNews.helpbox.value = standaard; </SCRIPT>
<br \>
Nieuws bericht:<br \>
<textarea name="Message" rows="9" cols="80"><? if(isset($_SESSION['Message'])) echo $_SESSION['Message'];?></textarea><br \>
plaatje
<input type="text" name="plaatje" value="<? if(isset($_SESSION['plaatje'])) echo $_SESSION['plaatje'];?>">
<br \>
<?
$Sql = "SELECT id,name,original,thumb FROM ".$SqlPrefix."pic WHERE news_id='". session_id() ."' ORDER BY original ASC";
if(!$Result = mysql_query($Sql)){
echo"MySql query error:<br \>".mysql_error()."<br \>";
}elseif(mysql_num_rows($Result) > 0){
$i=0;
?>
<table class="NoBorder">
<tr>
<td colspan="3" class="NoBorder">
Toegevoegde foto's:
</td>
</tr>
<?
while($Row = mysql_fetch_assoc($Result)){
$i++;
echo"<tr><td class=\"NoBorder\">".$i."</td><td class=\"NoBorder\"><a href=\"./img/".$Row['name']."\" target=\"_BLANK\">".$Row['original']."</a></td><td class=\"NoBorder\">
<a href=\"javascript: AddPic('".$Row['name'] ."','".$Row['thumb']."');\">Voeg toe aan bericht.</a></td>
<td class=\"NoBorder\"> <a href=\"javascript:janee('Weet u zeker dat u ". addslashes($Row['original']) ." wilt verwijderen?','?p=AddNews&DelPic=".$Row['id']."');\">Verwijder foto.</a></td></tr>";
}
?>
</table>
<br \>
<?
}
?>
Voeg foto toe:<br \>
<input type="file" name="Picture"><br \>
Thumb genereren:<br \>
<SELECT name="Thumb">
<OPTION value="0">Geen thumb</OPTION>
<OPTION value="90">Max 90px</OPTION>
<OPTION value="120">Max 120px</OPTION>
<OPTION value="160">Max 160px</OPTION>
<OPTION value="180">Max 180px</OPTION>
<OPTION value="240">Max 240px</OPTION>
</SELECT><br \>
<input type="submit" name="AddFile" value="Voeg foto toe"><br \>
<br \>
<input type="button" onClick="javascript:document.Form_AddNews.submit();" value="Voeg nieuws bericht toe.">
</form>
<?
}
}elseif($_GET['p'] == "ChangeNews"){
if(!isset($_GET['Changeid'])){
$Sql = "SELECT * FROM ".$SqlPrefix."news ORDER BY _time DESC";
if($Result = mysql_query($Sql)){
while($Row = mysql_fetch_assoc($Result)){
echo"» <a href=\"?p=ChangeNews&Changeid=".$Row['id']."\">".$Row['title']."</a><br \>\n";
}
}else{
$Disp="MySql error:<br \>\n".mysql_error();
}
}else{
if($_SERVER['REQUEST_METHOD'] == "POST"){
unset($_SESSION['Message']);
unset($_SESSION['Title']);
unset($_SESSION['plaatje']);
$_SESSION['Message'] = $_POST['Message'];
$_SESSION['Title'] = $_POST['Title'];
$_SESSION['plaatje'] = $_POST['plaatje'];
if(isset($_POST['AddFile'])){
if(!empty($_FILES['Picture']['tmp_name'])){
$FileName = time() ."-".$_FILES['Picture']['name'];
// Toegestaande extensies opvragen
$ext = strtolower($ext);
$ext = explode(" ", $ext);
//Toegestaande types opvragen
$type = strtolower($type);
$type = explode(" ",$type);
$Pos = strrpos(strtolower($_FILES['Picture']['name']),'.');
$FileExt = substr (strtolower($_FILES['Picture']['name']), $Pos+1);
foreach($ext as $Value){
if($FileExt == $Value){
$ContrExt = TRUE;
}
}
foreach($type as $Value){
if(strtolower($_FILES['Picture']['type']) == $Value){
$ContrType = TRUE;
}
}
if($ContrType == TRUE && $ContrExt == TRUE){
if(move_uploaded_file($_FILES['Picture']['tmp_name'],"./".$ImgMap."/". $FileName)){
chmod("./".$ImgMap."/".$FileName,0644);
if(!empty($_POST['Thumb'])){
thumb(time() .'-'.$_FILES['Picture']['name'],$_POST['Thumb'],$ImgMap,$ThumbMap,$_FILES['Picture']['type']);
$File = $FileName;
$Cut = strrpos($File,'.');
$File = substr($File,0,$Cut);
$File.='.jpg';
if(mysql_query("INSERT INTO ".$SqlPrefix."pic (news_id,name,original,thumb) VALUES('". $_GET['Changeid'] ."','". $FileName ."','".$_FILES['Picture']['name']."','".$File."')")){
$Disp = $_FILES['Picture']['name']." succesvol toegevoegd, en thumb succesvol gemaakt met een maximale grootte van ". $_POST['Thumb']."px";
}else{
$Disp = "MySql error:<br \>".mysql_error();
}
}else{
if(mysql_query("INSERT INTO ".$SqlPrefix."pic (news_id,name,original) VALUES('". $_GET['Changeid'] ."','". time()."-". $_FILES['Picture']['name'] ."','".$_FILES['Picture']['name']."')")){
$Disp = $_FILES['Picture']['name']." succesvol toegevoegd.";
}else{
$Disp = "MySql error:<br \>".mysql_error();
}
}
}else{
$Disp="Foto kon niet geupload worden, mogelijk bestaat de map img/ niet of heeft u te weinig rechten.";
}
}else{
$Disp="Bestand met incorrecte bestandsnaam of inhoud,".$FileExt."<br \>".$_FILES['Picture']['type'];
}
}else{
$Disp="Geen foto geselecteerd.";
}
}else{
if(!empty($_POST['Message']) && !empty($_POST['Title'])){
if(mysql_query("UPDATE ".$SqlPrefix."news SET plaatje='".$_POST['plaatje']."', title='".$_POST['Title']."', message='".$_POST['Message']."' WHERE id='".$_GET['Changeid']."'")){
echo"Het nieuws bericht is succesvol opgeslagen.<br \>";
unset($_SESSION['Title']);
unset($_SESSION['Message']);
unset($_SESSION['plaatje']);
$Succes=TRUE;
}else{
$Disp="MySql error:<br \>".mysql_error();
}
}
}
}elseif(isset($_GET['DelPic'])){
unset($_SESSION['Message']);
unset($_SESSION['Title']);
unset($_SESSION['plaatje']);
$_SESSION['Message'] = $_POST['Message'];
$_SESSION['Title'] = $_POST['Title'];
$_SESSION['plaatje'] = $_POST['plaatje'];
$Sql="SELECT name,thumb FROM ".$SqlPrefix."pic WHERE id=".$_GET['DelPic'];
if($Result = mysql_query($Sql)){
while($Row = mysql_fetch_assoc($Result)){
if($Row['thumb'] > 0){
unlink($ImgMap.'/'.$ThumbMap.'/'.$Row['thumb']);
}
unlink($ImgMap.'/'.$Row['name']);
if(mysql_query("DELETE FROM ".$SqlPrefix."pic WHERE id=".$_GET['DelPic'])){
$Disp="Plaatje verwijderd.<br \>\n";
}else{
$Disp="MySql error:<br \>\n".mysql_error();
}
}
}else{
$Disp="MySql error:<br \>\n".mysql_error();
}
}
if(!isset($Succes)){
if(isset($Disp)){
echo$Disp."<br \>";
}
$Sql="SELECT * FROM ".$SqlPrefix."news WHERE id='".$_GET['Changeid']."'";
if($Result = mysql_query($Sql)){
while($Row = mysql_fetch_assoc($Result)){
Kleiner kan niet.
knop om je tekst aan te passen.