grasperstail Posted May 29, 2008 Share Posted May 29, 2008 switch($which_logic) {case "radio":if ($radio_value == "project"){$query_string = "SELECT * FROM source WHERE description LIKE \"%$keyword_str%\"";}else{$query_string = "SELECT * FROM source WHERE " . $radio_value . "=" . $keyword_str;}var_dump($query_string);echo "<br/>";break;case "link":$query_string = $link_sql_string;var_dump($query_string);echo "<br/>";break;default://Build query with all words in the keyword search value wrapped in % wildcard signs//$query_string = "SELECT * FROM source WHERE description LIKE '%";foreach($trimmed_array as $append_value){$query_string .= "$append_value%";}$query_string .= "'";var_dump($query_string);echo "<br/>";break;}echo "<td><a class='link' href='#' id='page_next' onclick= \"page_setter($next,$query_string)\">>NEXT</a></td>"; keep getting an error "missing ) after arguments" in javascript after building the string in PHP. Can't figure out why.thanks Link to comment Share on other sites More sharing options...
justsomeguy Posted May 29, 2008 Share Posted May 29, 2008 There's probably an unclosed quote in one of the arguments. You probably want to quote both of those arguments in the first place. View the HTML source to see what the Javascript code looks like after it's generated.Also, for the sake of security, it's a terrible idea to send raw SQL queries using something like a form or Javascript, it's too easy for someone to hack the database. Link to comment Share on other sites More sharing options...
grasperstail Posted May 29, 2008 Author Share Posted May 29, 2008 any suggestions on where I can find a better way?BTW, the HTML on the javascript looked legit to me. exampleonclick="page_setter(2,SELECT * FROM source WHERE description LIKE '%msri%')">2</a></td><td><a class='link' href='#' id='page_link' Link to comment Share on other sites More sharing options...
Ingolme Posted May 29, 2008 Share Posted May 29, 2008 You have a string that's not enclosed within quotes.page_setter(2,SELECT * FROM source WHERE description LIKE '%msri%')To fix it do this:echo "<td><a class='link' href='#' id='page_next'onclick= \"page_setter($next,\\\"$query_string\\\")\">>NEXT</a></td>"; Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.