Current location: Hot Scripts Forums » Programming Languages » ASP » Syntax error (missing operator) in query expression 'MESSAGES.CAT_ID ='.

Syntax error (missing operator) in query expression 'MESSAGES.CAT_ID ='.

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 10-10-09, 02:53 PM
justin.g justin.g is offline
New Member
  
Join Date: Oct 2009
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Exclamation Syntax error (missing operator) in query expression 'MESSAGES.CAT_ID ='.
This is the error I am getting. Can somebody please help me out. Its probably something stupid I did wrong.

Syntax error (missing operator) in query expression 'MESSAGES.CAT_ID ='.
/forum/CAForum/admin/inc_forums.asp, line 38

here is the asp code:
asp Code:
  1. <%
  2. connSTR = "DRIVER={Microsoft Access Driver (*.mdb)};DBQ=" & Server.MapPath("CAForum.mdb") 
  3. %>
  4.  
  5.  
  6. <table width="100%" cellspacing="0" cellpadding="1" align="center" border="1" ID="Table1">
  7.  
  8.  
  9. <tr>
  10. <td>
  11. <a href="post.asp">>>Post new message</a>
  12. </td> </tr></table> 
  13.  
  14.  
  15. <%
  16. Dim intPage,intCat_Id
  17. intPage = Request.QueryString("page")
  18. intCat_Id=Request.QueryString("iCat_id")
  19.  
  20. If intPage <> "" Then
  21.    If IsNumeric(intPage) Then
  22.       If intPage < 1 Then
  23.          intPage = 1
  24.       End If
  25.    Else
  26.       intPage = 1
  27.    End If
  28. Else
  29.    intPage = 1
  30. End If
  31.  
  32. set rsForums = Server.CreateObject("ADODB.Recordset")
  33. rsForums.ActiveConnection = connSTR
  34. rsForums.Source = " SELECT * FROM (SELECT *, (SELECT COUNT (*) FROM REPLIES WHERE REPLIES.MSG_ID = MESSAGES.MSG_ID) AS REP_COUNT FROM MESSAGES, CATEGORIES WHERE CATEGORIES.CAT_ID = MESSAGES.CAT_ID) WHERE MESSAGES.CAT_ID = " & intCat_Id & " ORDER BY MSG_LAST_POST DESC"
  35. rsForums.CursorType = 3
  36. rsForums.CursorLocation = 2
  37. rsForums.LockType = 3
  38. rsForums.CacheSize = 10
  39. rsForums.PageSize = 10
  40.  
  41. rsForums.Open() %>
  42.  
  43.  
  44.  
  45.  
  46.  
  47.  
  48. <table width="100%" cellspacing="0" cellpadding="1" align="center" border="1">
  49. <TR class="Header"> 
  50.           <TD  width=70% height="16" align="left" valign="middle">TOPIC</TD>
  51.           <TD width=10% height="16" align="center" valign="middle">POSTED</TD>
  52.           <TD width=10% height="16" align="center" valign="middle">REPLIES</TD>
  53.           <TD width=10% height="16" align="right" valign="middle">LAST POST</TD>
  54. </TR>
  55.  
  56.  
  57.  
  58.    
  59. <%
  60.  
  61. If Not rsForums.EOF Then
  62.      If CInt(intPage) > CInt(rsForums.PageCount) Then
  63.           intPage = Int(rsForums.PageCount)
  64.      End If
  65.  
  66.      rsForums.AbsolutePage = CInt(intPage)
  67.      for i=1 to rsForums.PageSize 
  68.      if not rsForums.EOF then
  69. %>
  70.  
  71.  
  72. <TR> 
  73.           <TD height="16" align="left" valign="middle"> 
  74.             <a href="messages.asp?iMsg_id=<%=(rsForums.Fields.Item("MSG_ID").Value)%>&iCat_id=<%=(rsForums.Fields.Item("CAT_ID").Value)%>"><%=(rsForums.Fields.Item("MSG_SUBJECT").Value)%></a></TD>
  75.           <TD height="16" align="left" valign="middle"><%=(rsForums.Fields.Item("DATE_POSTED").Value)%></TD>
  76.           <TD height="16" align="center" valign="middle"><%=(rsForums.Fields.Item("REP_COUNT").Value)%></TD>
  77.           <TD height="16" align="right" valign="middle"><%=(rsForums.Fields.Item("MSG_LAST_POST").Value)%></TD>
  78. </TR>
  79.  
  80. <% 
  81.  rsForums.MoveNext
  82.      end if
  83.      next 
  84.  
  85.      Dim strPage
  86.      strPage = Request.ServerVariables("SCRIPT_NAME")
  87.  
  88.  
  89.           %>
  90.           <tr>
  91.           <td colspan="9">
  92.            <%
  93.           For i = 1 To rsForums.PageCount
  94.           if cint(i)=1 then
  95.           Response.Write("Page: ")
  96.           end if
  97.           If cint(i) <> cint(intPage) Then  
  98.           Response.Write("<a href=""" & strPage & _
  99.                "?page=" & i & "&iCat_id=" & intCat_Id & """>" & i & "</a> ")
  100.           Else
  101.           Response.Write("[" & i & "] ")
  102.           End if
  103.      Next%>
  104.      
  105.          </td> 
  106.           </tr>
  107. <%Else%>
  108.  
  109.  
  110.   <tr>
  111.           <td colspan="9">
  112.       There is no records in database !!! 
  113.       </td> 
  114.           </tr>
  115.      <%
  116. End If
  117.  
  118. rsForums.Close
  119. SET rsForums=NOTHING
  120.  
  121. %>
  122.  
  123. </table>
  124.  
  125.  
  126. <tr> 
  127.    
  128.          <td  colspan="4" align=right>
  129.          Powered by
  130.          <a href="#"><img src="CAForum/images/calogo.gif" border=0 ></a>
  131.          </td>
  132.          </tr>
  133. </table>
------------------------------------------------------------------------------------------------------------------------
please help me out.
Last edited by Nico; 10-17-09 at 05:18 AM.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Share on FacebookShare on Stumble UponShare on Twitter
Reply With Quote
  #2 (permalink)  
Old 10-12-09, 05:19 AM
urstop urstop is offline
Newbie Coder
  
Join Date: Dec 2007
Location: London
Posts: 21
Thanks: 0
Thanked 0 Times in 0 Posts
Could be the intCat_Id variable is not getting populated correctly. Please print out the SQL statement on to the browser and see if it is well formed. You can run it directly on Access database to make sure there are no errors in your SQL.
__________________

.NET Software Freelancer UK
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Share on FacebookShare on Stumble UponShare on Twitter
Reply With Quote
  #3 (permalink)  
Old 10-20-09, 01:31 PM
Dwagar's Avatar
Dwagar Dwagar is offline
Newbie Coder
  
Join Date: Sep 2008
Location: Ohio
Posts: 35
Thanks: 0
Thanked 0 Times in 0 Posts
Syntax Error
Your code can be attacked using a SQL Injection.

I would change this code

rsForums.Source = " SELECT * FROM (SELECT *, (SELECT COUNT (*) FROM REPLIES WHERE REPLIES.MSG_ID = MESSAGES.MSG_ID) AS REP_COUNT FROM MESSAGES, CATEGORIES WHERE CATEGORIES.CAT_ID = MESSAGES.CAT_ID) WHERE MESSAGES.CAT_ID = '" & fixword(intCat_Id) & "' ORDER BY MSG_LAST_POST DESC"

Then add a function

function fixword(stext)
fixword = replace(stext,"'","''")
end function

Maybeyour querystring is passing a ' and that can cause an error too.
__________________
SepCity Portal Solutions
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Share on FacebookShare on Stumble UponShare on Twitter
Reply With Quote
Reply

Bookmarks

« MSXML2.ServerXMLHTTP -- can't call self | Is there a way to include files from other sites? »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Syntax error (missing operator) in query expression 'Site_Info.Location_ID='. minime ASP 5 03-11-09 02:51 AM
Syntax Error Nikas Database 4 05-15-08 10:48 AM
Declared Functions skipper23 PHP 4 12-17-03 10:06 AM
index page not showing up skipper23 PHP 3 12-15-03 01:10 PM
Syntax error (missing operator) in query expression crobinson ASP 4 11-23-03 08:49 PM


All times are GMT -5. The time now is 01:33 AM.
vBulletin® Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.
CakePHP: the rapid development php framework