-1

i've got this code 

{ <?php
include 'koneksi.php';

$idAgent = $_GET["rqid"];
$ipAgent = $_SERVER['REMOTE_ADDR'];

$app = $_GET["app"];
$action = $_GET["action"];

$org = $_GET["org"];
$des = $_GET["des"];

$trainNo = $_GET["train_no"];
$depDate = $_GET["dep_date"];

$query = "SELECT cekRQID('$idAgent','$ipAgent') as jml;";
//echo($query);
$hasil = mysql_query($query);
$data  = mysql_fetch_array($hasil);
$channelOK = $data['jml'];  

if ($channelOK == "1") {
    if ($app == "information" && $action == "get_seat_map") {

        $query="SELECT 0 as err_code, '$org' as org, '$des' as des, '$trainNo' as train_no, $depDate as dep_date ";
        $hasil1 = mysql_query($query);

        $rows1 = array();
        while ($r1 = mysql_fetch_assoc($hasil1)){
            $rows1 = $r1;
        }

        $tglnya = date('Ymd',$depDate); //STR_TO_DATE('$depDate','%Y%m%d')

        $query = mysql_query("CALL GET_SEAT_MAP('$org','$des','$trainNo',STR_TO_DATE('$depDate','%Y%m%d'),@TEST);") or die mysql_error();
        $query = mysql_query("SELECT @TEST;") or die mysql_error();
        //echo($query);
        while($row = mysql_fetch_row($query))
        {           
            $query = $row[0];
        }

        $hasil = mysql_query($query);
        //echo($query);


        $rows = array();
        $index= 0;
        $bufk0 = "";
        $body = 0;

        while ($r = mysql_fetch_row($hasil)){
            $curfk0 = $r[0].$r[1];
            if( $bufk0 != $curfk0 ){
                $head[$curfk0] = array ( $r[0],$r[1]);  
                $out2[$curfk0][] =  array( $r[2],$r[3],$r[4],$r[5],$r[6],$r[7] );
            } else {                    
                $out2[$curfk0][] =  array( $r[2],$r[3],$r[4],$r[5],$r[6],$r[7] );                   
            }               
            $bufk0 = $r[0].$r[1];
            $bufindex = $index;
            $headindex = $head ;
            $index++;
        }

    }

if (is_array($values)){
    foreach ($head as $key => $val ){
        $final['seat_map'][] = array( $val[0],$val[1], $out2[$key] );       
    }   
}


header('Content-type: application/json');
echo json_encode($rows1+$final);
}

?>

}

when i'm run this code, i've got some error message : Parse error: syntax error, unexpected T_STRING in /var/www/html/sgetseatmap.php on line 37

which is in code :

$query = mysql_query("CALL GET_SEAT_MAP('$org','$des','$trainNo',STR_TO_DATE('$depDate','%Y%m%d'),@TEST);") or die mysql_error();

I just can't figure out why its happening here, any help is greatly appreciated.

Improve this question
13
  • From looking at your source through "edit", you have { <?php and ?>} so I'm not sure about your code and where exactly line 37 is. Commented Sep 19, 2013 at 0:25
  • 1
    warning your code is vulnerable to sql injection attacks! Commented Sep 19, 2013 at 0:26
  • @prix, i've add your code above '$query = mysql_query("CALL GET_SEAT_MAP....', and i've got blank screen Commented Sep 19, 2013 at 0:35
  • @daniel, thanks, would you tell me which code and how to solve it ? Commented Sep 19, 2013 at 0:36
  • Look at @Barmar answer that's very likely the issue however you should move into MySQLi or PDO ASAP as you are completely vulnerable to SQL injections with your current code and mysql_* library is deprecated. Commented Sep 19, 2013 at 0:37

1 Answer 1

Reset to default
3

You have the following on two lines:

or die mysql_error();

While you should be applauded for checking for errors (it's pretty rare in the questions we see), that syntax is wrong. die is a function, so the argument must be in parenthese:

or die(mysql_error());

On the other hand, you also should stop using the mysql_xxx functions, as they're deprecated. You should use PDO or mysqli, and preferably use prepared statements with parameters instead of interpolated strings.

Improve this answer
Sign up to request clarification or add additional context in comments.

6 Comments

thanks for your answer basmar, actually i've add 'or die mysql_error();' to catch error in the '$query = mysql_query("CALL GET_SEAT....' if I delete, the 'or die mysql_error()', the error code become : <br /> <b>Warning</b>: mysql_fetch_row(): supplied argument is not a valid MySQL result resource in <b>/var/www/html/sgetseatmap.php</b> on line <b>42</b><br /> <br /> <b>Warning</b>: mysql_fetch_row(): supplied argument is not a valid MySQL result resource in <b>/var/www/html/sgetseatmap.php</b> on line <b>79</b><br /> <br />
<b>Notice</b>: Undefined variable: values in <b>/var/www/html/sgetseatmap.php</b> on line <b>95</b><br /> <br /> <b>Notice</b>: Undefined variable: final in <b>/var/www/html/sgetseatmap.php</b> on line <b>103</b><br /> <br /> <b>Fatal error</b>: Unsupported operand types in <b>/var/www/html/sgetseatmap.php</b> on line <b>103</b><br /> the line 42 is point to : 'while($row = mysql_fetch_row($query))'
Why are you deleting the or die mysql_error()? You need to fix it to the correct syntax, as I showed.
i've fix with your syntax, but its still error : <br /> <b>Warning</b>: mysql_fetch_row(): supplied argument is not a valid MySQL result resource in <b>/var/www/html/sgetseatmap.php</b> on line <b>42</b><br /> <br /> ; the line 42 is point to : 'while($row = mysql_fetch_row($query))'
It's very confusing that you keep reusing the variable $query for different things. Please try to make your code understandable if you want other people to help you with it.
|

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.