user663049
Reputation: 1178
How do i fix a unexpected T string? - PHP
My script comes on with an unexpected t string on line five how do i fix this?
<?php
include_once("../scripts/config.php");
$url = mysql_real_escape_string('$_POST['url']'); // LINE 5!
preg_match("/id=(\\d+)/", $url, $matches);
$like = $matches[1];
$current_pop = mysql_query("SELECT pop FROM likes WHERE id=$like") or die ("Query failed: " . mysql_error());
$pop = $current_pop + 1;
$update = mysql_query("UPDATE likes SET pop = ".$pop." WHERE id = ".$like."") or die ("Query failed: " . mysql_error());
?>
Upvotes: 1
Views: 5857
Answers (2)
Alex Weinstein
Reputation: 9891
Your code has SQL injection vulnerabilities. Please review this before someone steals all your customer's info off of your site: http://en.wikipedia.org/wiki/SQL_injection
Upvotes: 2
Sebastian Paaske Tørholm
Reputation: 50858
It should be:
$url = mysql_real_escape_string($_POST['url']);
Otherwise PHP sees '$_POST['url']', and thinks of it as consisting of 3 parts:
'$_POST['- a string,url- a token of some sort']'- another string
This confuses the interpreter, as it doesn't know what to do when a string is followed by an url-token.
Upvotes: 6
Related Questions
- unexpected T_STRING, expecting T_VARIABLE
- unexpected T_STRING on first line of code
- unexpected T-string in line 8
- Unexpected T_Variable parse error in PHP
- Unexpected T_STRING error (PHP)
- Unexpected T String
- "Unexpected T_STRING" error in my PHP?
- Why the T in PHPs unexpected T_VARIABLE
- T STRING Error causing me nighamres
- Help Fix a bug - Unexpected T_STRING