1

I get this error: 

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 4 SQL=SELECT company.contactname AS name, company.contactemail AS email, job.title, job.sendemail FROM `kecobo_js_job_companies` AS company JOIN `kecobo_js_job_jobs` AS job ON job.companyid = company.id WHERE job.id =

with this query:

$jobquery = "SELECT company.contactname AS name, company.contactemail AS email, job.title, job.sendemail 
            FROM `#__js_job_companies` AS company
            JOIN `#__js_job_jobs` AS job ON job.companyid = company.id  
            WHERE job.id = ".$jobid;

Does anybody has a suggestion what could be wrong?

marzapower
  • 5,531
  • 7
  • 38
  • 76
N8troRunner
  • 17
  • 4
  • 1
    That's a SQL error, not a PHP error. What's the generated SQL code? – Álvaro González Feb 10 '14 at 13:19
  • As @nes rightly points out below, `$jobid` has no value causing a syntax error (your query ends at the `=` sign). As he also points out, using PDO or MySQLi would have made the error much more obvious, [find out more about that here](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php/60496#60496) and why [you shouldn't be using mysql_* functions here](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php). – OGHaza Feb 10 '14 at 13:51

2 Answers2

1
$jobquery = "SELECT company.contactname AS name, company.contactemail AS email, job.title, job.sendemail 
            FROM `#__js_job_companies` AS company
            JOIN `#__js_job_jobs` AS job ON job.companyid = company.id  
            WHERE job.id = '".$jobid."'";

Consider injection issuses

apomene
  • 14,282
  • 9
  • 46
  • 72
  • Isn't this just assuming jobid is a string? which is probably an incorrect assumption. This will get rid of the error simply because `= ''` is a syntactically valid ending for the query, but it won't actually help anything. – OGHaza Feb 10 '14 at 13:36
  • it can also be uniqieintetifier, but if it isa an int it also correct syntax..this syntax is correct for every datatype of jobid.. – apomene Feb 10 '14 at 13:42
  • Only because it'll cause a needless implicit cast of `job.id` to be a string as well. You can feed it every value as a string because mysql is clever enough to cast the column to the same datatype but it is wrong to do so. The real problem is what @nes points out - there is no value in `$jobid` – OGHaza Feb 10 '14 at 13:43
  • ok, I assuming that you are right and that the syntax error isn't in the above spot, can you point OP with the correct statement instead of correcting mine? – apomene Feb 10 '14 at 13:46
1

Consider using MySQLi or PDO. As for your question $jobid is empty you can see it in you query ending in equal sign.

nes
  • 1,046
  • 1
  • 7
  • 10