Javascript Uncaught SyntaxError: Unexpected token

Question

I am having issues calling my javascript function which loops through an array calling an external PHP page for each value. I get the following error in my developer console in Chrome:

Uncaught SyntaxError: Unexpected token . CSV.php?reg=1:3

When inspecting my values passing to the script everything is there as it should be:

<script type="text/javascript">
function.csvgen(){
var area = "["22","23","24"]";
var start =""2017-01-30"";     
var end = ""2017-02-06"";
var len = area.length;
for (i = 0; i < len; i++) { 
$.getScript("CSVGEN.php?area="+area[i]+"&start="+start+"&end="+end);
}
}
</script>

I'm not exactly a good programmer and have used very little Javascript (which required assistance from this wonderful forum as well...). Here is my code for the page. The point of the code is to let the user select a number of areas based on their region as well as a start date and an end date and then generate a CSV from my MS SQL database for each, the code for which is in the called CSVGEN.PHP file. I've tested the CSVGen file with a manually generated link and it works, it does not if I put the static link inside the for loop.

<script type="text/javascript">
function.csvgen(){
    var area = "<?php echo json_encode(array_values($_POST['arealist'])); ?>";
    var start ="<?php echo json_encode($_POST['start']); ?>";     
    var end = "<?php echo json_encode($_POST['end']); ?>";
    var len = area.length;
    for (i = 0; i < len; i++) { 
        $.getScript("CSVGEN.php?area="+area[i]+"&start="+start+"&end="+end);
    }
}
</script>

<?php
$page_title="CSV Generator";
include("\Include\header.inc");
include("\Include\connect-db.php");
include("\Include\CSVGen.php");

$error="";

$start_date=date("Y-m-d");
$end_date=date("Y-m-d", strtotime("+7 days"));


if(isset($_GET['reg'])) 
{
    $reg=$_GET['reg'];
}

else{
    $reg='1';
}


if($start_date>$end_date){
    $error = 'ERROR: End Date cannot be before Start Date!';
}

if ($error != '')
{

    echo '<div class="container">
        <div class="row">
        <div class="alert alert-danger col-md-12">'.$error.'
        </div>
        </div>
        </div>';

}
$sqlareas="SELECT Area_Name, Region_ID, Area_ID FROM Listings_Areas WHERE region = '$reg'";
$arearesult= sqlsrv_query($conn, $sqlareas, array(), array("Scrollable"=>"buffered"));
$areacount = sqlsrv_num_rows($arearesult);


function renderForm($arearesult, $areacount, $start_date, $end_date){
?>

<html>

<head>

</head>

<body>


<div class="container">

    <div class="row">
        <form id="CSV" name="form1" method="post">
            <div class="col-md-2 col-md-offset-1">

                <p><select name="arealist[]" size="<?php echo $areacount ;?>" multiple="multiple" tabindex="1">

                <?php

                while($areas=sqlsrv_fetch_array($arearesult)){
                    echo'<option value="' . $areas['Area_ID'] . '">' . $areas['Area_Name'] . '</option>';
                }
                ?>
                </select>
            </div>

            <div class="col-md-3">   
                <strong>Start Date: </strong> <input type="date" name="start" value="<?php echo $start_date; ?>" />
            </div>
            <div class="col-md-3">  
                <strong> End Date: </strong> <input type="date" name="end" value="<?php echo $end_date; ?>" />
            </div>
            <div class="col-md-2">  
                <input type="submit" onclick="csvgen()" name="submit" value="Get CSVs">
            </div>
        </form>
    </div>
</div>

<?php
}
if($_SERVER['REQUEST_METHOD'] === 'POST'){
print_r(array_values($_POST['arealist']));
echo $_POST['start'];
echo $_POST['end'];
}
else{    
renderForm($arearesult, $areacount, $start_date, $end_date);
}
?>

I've tried removing all tabbing/spacing and clearing any potential illegal characters that might have snuck in, but it's showing a period, which I can only guess is referring to either my area.length which as far as I can tell from the manual is right and I still get the error if I remove it or $.getscript, but I've used that elsewhere in similar functions with no issue so I don't know why that would be wrong, or how to replace it.

You've got string syntax problems. You don't need double-quotes around the php calls to `json_encode()` - the encoding will give you double-quotes when necessary. — Pointy, Jan 30 '17 at 15:31
For example, to illustrate that (I was seeing the same thing, @Pointy): var area = "["22","23","24"]"; will give you some funky errors, as you're setting area to "[" and everything else becomes an error. — Snowmonkey, Jan 30 '17 at 15:32
Your script is at risk of [SQL Injection Attack](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) Have a look at what happened to [Little Bobby Tables](http://bobby-tables.com/) Even [if you are escaping inputs, its not safe!](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) Use [prepared parameterized statements](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) — RiggsFolly, Jan 30 '17 at 15:32
Ok, so making the change that @Satpal suggested cleared the error, the script doesn't seem to do anything currently but it cleared the error. I've also pulled the " from the outsides of my php script, I'd seen the extra qoutes earlier but the examples I found had used them so I wasn't sure if it was wrong. As for SQL injection, I'm not particularly concerned as the page is internal use only, but I do plan on adding some cleaning like I have on my other pages once it actually works. — Sarah Hartt, Jan 30 '17 at 15:47
I think you should learn a language before start coding with it. That will clear the usual errors. — ibrahim mahrir, Jan 30 '17 at 15:57
Unfortunately @ibrahimmahrir, that is not always an option. I'm not a programmer by trade but this project was necessary and I was the only person willing to take it on. I've gotten pretty far with minimal outside help on a less then simple web application where I have had to learn PHP and SQL from scratch, unfortunately in the 2 places I have had to use Javascript for my application to function as desired I have had to look for help because Java simply does not make sense to me from a coding perspective and the tutorials I have found have not been particularly great. — Sarah Hartt, Jan 30 '17 at 16:08

score 0 · Answer 1 · answered Jan 30 '17 at 15:43

At the very begining of the script you have:

<script type="text/javascript">
function.csvgen(){
    //...

which should be:

<script type="text/javascript">
function csvgen(){
    //...

with a space instead . between function and csvgen.

NOTE: this area = "["22","23","24"]"; is also wrong. Use diferent quotes (like area = '["22","23","24"]';) or escape the inner quotes (like area = "[\"22\",\"23\",\"24\"]";)

Find a good javascript tutorial and learn more about how to declare function in javascript.

Javascript Uncaught SyntaxError: Unexpected token

1 Answers1