Hallo bplaced Gemeinde 
ich teste ein Auktionshaus und hab nun folgendes Problem beim abgeben eines Gebots erscheint folgende Fehlermeldung.
Datenbankzugriff fehlgeschlagen. Bitte den Webmaster informieren.
update auctions set current_bid=22.99,starts=2008-08-09 13:13:00,ends=2008-08-23 13:13:00 where id=„6837“
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‚13:13:00,ends=2008-08-23 13:13:00 where id=„6837“‘ at line 1
ich gehe davon aus das irgendwo ein anführungsstrich zu viel oder zu wenig ist jedoch sind meine Fähigkeiten dahingehend begrenzt wäre nett wenn mir hier jemand weiterhelfen kann
hier mal die bid.php fals die den fehler verursacht:
<?php include("./includes/config.inc.php"); include("./includes/messages.inc.php"); include("./includes/auction_types.inc.php"); /* first check if valid auction ID passed */ $result = mysql_query("SELECT * FROM auctions WHERE id='$id'"); // SQL error if (!$result) { include("header.php"); $TPL_errmsg = $ERR_001; include("templates/template_bid_php.html"); include("footer.php"); exit; } $n = mysql_num_rows($result); // such auction does not exist if ($n==0) { include("header.php"); $TPL_errmsg = $ERR_606; include("templates/template_bid_php.html"); include("footer.php"); exit; } // extract info about this auction into an hash $Data = mysql_fetch_array($result); $auctiondate = $Data[starts]; $auctionends = $Data[ends]; $item_title = $Data["title"]; $item_description = $Data["description"]; // check if auction isn't closed $AuctionIsClosed = false; $closed = intval($Data["closed"]); $c = $Data["ends"]; if ( mktime( substr($c,11,2), substr($c,14,2), substr($c,17,2), substr($c,5,2), substr($c,8,2), substr($c,0,4) )<=time() ) $AuctionIsClosed = true; if ( ($closed==1) || ($AuctionIsClosed) ) { include("header.php"); $TPL_errmsg = $ERR_614; include("templates/template_bid_php.html"); include("footer.php"); exit; } // fetch info about seller $result = mysql_query("SELECT * FROM users WHERE id='".$Data["user"]."'"); $n = 0; if ($result) $n = mysql_num_rows($result); if ($n>0) $Seller = mysql_fetch_array($result); else $Seller = array(); $atype = intval($Data[auction_type]); // calculate: increment and mimimum bid value // determine max bid for this auction // höchstes momentanes Gebot für diese Auktion holen $result = mysql_query("SELECT MAX(bid) AS maxbid FROM bids WHERE auction='$id' GROUP BY auction"); $high_bid = 0; if ($result) if (mysql_num_rows($result)>0) $high_bid = mysql_result($result,0,"maxbid"); // Erhöhungsschritt aus der Datenbank holen $query = "SELECT increment FROM increments WHERE". "((low<=$high_bid AND high>=$high_bid) OR". "(low<$high_bid AND high<$high_bid)) ORDER BY increment DESC"; $result_incr = mysql_query ( $query ); if(mysql_num_rows($result_incr) != 0) { $increment = mysql_result ( $result_incr, 0, "increment" ); } $minimum_bid = $Data["minimum_bid"]; // wenn noch kein Gebot vorliegt, dann das erste Gebot setzen, ... if ($high_bid==0) $next_bid = $minimum_bid; // wenn doch, dann Gebot _PLUS_ Erhöhungsschritt else $next_bid = $high_bid + $increment; /* else: such auction does exist. if called from item.php - then transfer passed data if called - check data/username/password and then execute autobid */ unset($display_bid_form); if (empty($action) ) { // no "action" specified $display_bid_form = true; } else { // an action specified: check for data and perform corresponding actions unset($ERR); /* 31.10.2005 1. In $high_bid steht jetzt der höchste Wert aus dem Feld "bid" der Tabelle "bids" 2. In $minimum_bid steht jetzt der Wert des Feldes "minimum_bid" der Tabelle "auctions" (Startpreis) 3. In $next_bid steht jetzt der Betrag des aktuellen Mindesgebotes */ // Kommas gegen Punkt austauschen $bid = str_replace(",",".",$bid); if ($bid<$next_bid) { $ERR = "607"; } // check if number of items is OK if ( ($atype==2) && (!isset($ERR)) ) { if ( (intval($qty)==0) || (intval($qty)>intval($Data["quantity"])) ) { $ERR = "608"; } } // check if nickname and password entered if ( !isset($ERR) ) { if ( strlen($nick)==0 || strlen($password)==0 ) $ERR = "610"; } // Schwarze Liste des Verkäufers prüfen if ( !isset($ERR) ) { $query = "SELECT * FROM blacklist WHERE user='".$Seller["id"]."' AND dis_user='".$nick."'"; $result = mysql_query($query); if ($result) { $n = mysql_num_rows($result); if ($n > 0) $ERR = "621"; } else $ERR = "001"; } // check if nick is valid if ( !isset($ERR) ) { $query = "SELECT * FROM users WHERE nick='".addslashes($nick)."'"; $result = mysql_query($query); $n = 0; if ($result) $n = mysql_num_rows($result); else $ERR = "001"; if ( !isset($ERR) ) { if ($n==0) $ERR = "609"; } if($n > 0) $bidder_id = mysql_result($result,0,"id"); } // check if password is correct if ( !isset($ERR) ) { $pwd = mysql_result($result,0,"password"); if ($pwd != md5($MD5_PREFIX.$password)) { $ERR = "611"; } else { if(mysql_result($result,0,"suspended") > 0) { $ERR = "618"; } } } // Check if Auction is suspended if ( !isset($ERR) ) { $query2 = "SELECT suspended FROM auctions WHERE id='$id'"; $result2 = mysql_query($query2); if (mysql_result($result2, 0, "suspended") > 0) { $ERR = "619"; } } // check if bidder is not the seller if ( !isset($ERR) ) { $bidderID = mysql_result($result,0,"id"); if ( $bidderID == $Seller["id"] ) $ERR = "612"; } // check if this user isn't winning now if ( !isset($ERR) ) { $result = mysql_query("SELECT * FROM bids WHERE auction='$id' ORDER BY bid DESC"); $auctionBIDS = $result; $n = 0; if ($result) { $n = mysql_num_rows($result); if ($n>0) { $bidder = mysql_result($result,0,"bidder"); $moment_bid = mysql_result($result,0,"bid"); if (($bidder == $bidderID) AND ($next_bid <= $moment_bid)) $ERR = "613"; if (($bidder == $bidderID) AND ($next_bid > $moment_bid)) { // Kommas gegen Punkt austauschen $bid = str_replace(",",".",$bid); $moment_bid = str_replace(",",".",$moment_bid); $nachlegen = mysql_query("insert into bids values(\"$id\",\"$bidderID\",$moment_bid,$bid,NULL,".intval($qty).")"); // $nachlegen = mysql_query("INSERT INTO bids VALUES maxbid='$bid' WHERE auction='$id' AND bidder='$bidderID'"); Header("location:item.php?id=$id"); exit; } } } else $ERR = "001"; } // perform final actions if ( isset($ERR) ) { $display_bid_form = true; $TPL_errmsg = ${"ERR_".$ERR}; } else { unset($ERR); $send_email = 0; // Send e-mail to the old winner if necessary // Check if there's a previous winner and get his/her data $query = "select bidder,bid,maxbid from bids where auction=\"$id\" order by maxbid desc"; $result = mysql_query($query); if(!$query) { print $ERR_001."$query
".mysql_error(); exit; } if(mysql_num_rows($result) > 0) { $send_email = 1; $OldWinner_id = mysql_result($result,0,"bidder"); $OldWinner_bid = mysql_result($result,0,"bid"); // 31.10.2005 $OldWinner_maxbid = mysql_result($result,0,"maxbid"); // 31.10.2005 $query = "select * from users where id=\"$OldWinner_id\""; $result_old_winner = mysql_query($query); if(!$result_old_winner){ print $ERR_001."
$query
".mysql_error(); exit; } $OldWinner_nick = mysql_result($result_old_winner,0,"nick"); $OldWinner_name = mysql_result($result_old_winner,0,"name"); $OldWinner_email = mysql_result($result_old_winner,0,"email"); } // 31.10.2005 // schauen, ob ein Agentgebot höher ist als das eigene Gebot... if ($bid <= $OldWinner_maxbid) { $send_email = 0; // Tabellen updaten... if ($bid < $OldWinner_maxbid) { // Das eigene Gebot $bid = doubleval($bid); $maxbid = $bid; $query = "update auctions set current_bid=$bid,starts=$auctiondate,ends=$auctionends where id=\"$id\""; if(!mysql_query($query)){ print $ERR_001."
$query
".mysql_error(); exit; } // Kommas gegen Punkt austauschen $maxbid = str_replace(",",".",$maxbid); $bid = str_replace(",",".",$bid); $query = "insert into bids values(\"$id\",\"$bidder_id\",$bid,$maxbid,NULL,".intval($qty).")"; if(!mysql_query($query)){ print $ERR_001."
$query
".mysql_error(); exit; } } // Das des Bietagenten des OldWinners if (($bid + $increment) <= $OldWinner_maxbid) { $newbid = doubleval($bid + $increment); // einen Erhöhungsschritt weiter } else { $newbid = doubleval($OldWinner_maxbid); } $maxbid = $OldWinner_maxbid; $query = "update auctions set current_bid=$newbid,starts=$auctiondate,ends=$auctionends where id=\"$id\""; if(!mysql_query($query)){ print $ERR_001."
$query
".mysql_error(); exit; } // Kommas entfernen $newbid = str_replace(",",".",$newbid); $maxbid = str_replace(",",".",$maxbid); $query = "insert into bids values(\"$id\",\"$OldWinner_id\",$newbid,$maxbid,NULL,".intval($qty).")"; if(!mysql_query($query)){ print $ERR_001."
$query
".mysql_error(); exit; } include "header.php"; print "
";
print "
"; // Erhöhungsschritt aus der Datenbank holen $query2 = "SELECT increment FROM increments WHERE". "((low<=$newbid AND high>=$newbid) OR". "(low<$newbid AND high<$newbid)) ORDER BY increment DESC"; $result_incr2 = mysql_query ( $query2 ); if(mysql_num_rows($result_incr2) != 0) { $increment2 = mysql_result ( $result_incr2, 0, "increment" ); } $new_minbid = $newbid + $increment2; $TPL_next_bid = print_money($new_minbid); // $bidH = str_replace(".",",",$new_minbid); $bidH = number_format($new_minbid,2,",",""); $TPL_title = $Data["title"]; include "templates/template_bid_php.html"; if ($bid >= $OldWinner_maxbid) { $send_email = 1; // Das eigene Gebot if ($bid > $OldWinner_maxbid && ($OldWinner_maxbid + $increment) <= $bid) $bid = $OldWinner_maxbid + $increment; //$bid = doubleval($bid); $maxbid = $bid; $query = "update auctions set current_bid=$bid,starts=$auctiondate,ends=$auctionends where id=\"$id\""; if(!mysql_query($query)){ print $ERR_001."
$query
".mysql_error(); exit; } // Kommas entfernen $bid = str_replace(",",".",$bid); $maxbid = str_replace(",",".",$maxbid); $query = "insert into bids values(\"$id\",\"$bidder_id\",$bid,$maxbid,NULL,".intval($qty).")"; if(!mysql_query($query)){ print $ERR_001."
$query
".mysql_error(); exit; } } include "footer.php"; exit; } else { $maxbid = $bid; // 9.3.2005 - Bug beim autom. Überbieten behoben if ($next_bid < $OldWinner_maxbid) $bid = $OldWinner_maxbid + $increment; else $bid = $next_bid; } // 31.10.2005 // Update auctions table with the new bid $bid = doubleval($bid); $query = "update auctions set current_bid=$bid,starts=$auctiondate,ends=$auctionends where id=\"$id\""; //$query = "update auctions set current_bid=$bid where id=\"$id\""; if(!mysql_query($query)){ print $ERR_001."
$query
".mysql_error(); exit; } // Kommas entfernen $bid = str_replace(",",".",$bid); $maxbid = str_replace(",",".",$maxbid); // Update bids table with the new bid $query = "insert into bids values(\"$id\",\"$bidder_id\",$bid,$maxbid,NULL,".intval($qty).")"; if(!mysql_query($query)){ print $ERR_001."
$query
".mysql_error(); exit; } if($send_email){ //Print "Email wird gesendet an: ".$OldWinner_email; $year = substr($auctionends,0,4); $month = substr($auctionends,5,2); $day = substr($auctionends,8,2); $hours = substr($auctionends,11,2); $minutes = substr($auctionends,14,2); $ends_string = $day . "." . $month . "." . $year . " " . $hours . ":" . $minutes; $new_bid = print_money($bid); //-- Send e-mail message include('./includes/no_longer_winner.inc.php'); } // 3) perform output if ( isset($ERR) ) { $ERR = ${"ERR_".$ERR}; include "header.php"; print " $std_font $ERR "; print mysql_error(); include "footer.php"; exit; } else { $TPL_id = $id; include "header.php"; include "templates/template_bid_result_php.html"; include "footer.php"; exit; } } } if($display_bid_form) { // prepare some data for displaying in the form $nickH = htmlspecialchars($nick); $bidH = htmlspecialchars($bid); $qtyH = htmlspecialchars($qty); $TPL_title = htmlspecialchars($Data[title]); $TPL_next_bid = print_money($next_bid); $TPL_proposed_bid = print_money($bid); $TPL_cancel_bid_link = '' . $MSG_332 . ''; // output the form include("header.php"); // Kommas gegen Punkt austauschen //$newbid = $bidH; //$bidH = str_replace(",",".",$newbid); include("templates/template_bid_php.html"); include("footer.php"); exit; } Gruß Daniel
Das Gebot eines anderen Bieters war höher als Ihres!
"; // Erhöhungsschritt aus der Datenbank holen $query2 = "SELECT increment FROM increments WHERE". "((low<=$newbid AND high>=$newbid) OR". "(low<$newbid AND high<$newbid)) ORDER BY increment DESC"; $result_incr2 = mysql_query ( $query2 ); if(mysql_num_rows($result_incr2) != 0) { $increment2 = mysql_result ( $result_incr2, 0, "increment" ); } $new_minbid = $newbid + $increment2; $TPL_next_bid = print_money($new_minbid); // $bidH = str_replace(".",",",$new_minbid); $bidH = number_format($new_minbid,2,",",""); $TPL_title = $Data["title"]; include "templates/template_bid_php.html"; if ($bid >= $OldWinner_maxbid) { $send_email = 1; // Das eigene Gebot if ($bid > $OldWinner_maxbid && ($OldWinner_maxbid + $increment) <= $bid) $bid = $OldWinner_maxbid + $increment; //$bid = doubleval($bid); $maxbid = $bid; $query = "update auctions set current_bid=$bid,starts=$auctiondate,ends=$auctionends where id=\"$id\""; if(!mysql_query($query)){ print $ERR_001."
$query
".mysql_error(); exit; } // Kommas entfernen $bid = str_replace(",",".",$bid); $maxbid = str_replace(",",".",$maxbid); $query = "insert into bids values(\"$id\",\"$bidder_id\",$bid,$maxbid,NULL,".intval($qty).")"; if(!mysql_query($query)){ print $ERR_001."
$query
".mysql_error(); exit; } } include "footer.php"; exit; } else { $maxbid = $bid; // 9.3.2005 - Bug beim autom. Überbieten behoben if ($next_bid < $OldWinner_maxbid) $bid = $OldWinner_maxbid + $increment; else $bid = $next_bid; } // 31.10.2005 // Update auctions table with the new bid $bid = doubleval($bid); $query = "update auctions set current_bid=$bid,starts=$auctiondate,ends=$auctionends where id=\"$id\""; //$query = "update auctions set current_bid=$bid where id=\"$id\""; if(!mysql_query($query)){ print $ERR_001."
$query
".mysql_error(); exit; } // Kommas entfernen $bid = str_replace(",",".",$bid); $maxbid = str_replace(",",".",$maxbid); // Update bids table with the new bid $query = "insert into bids values(\"$id\",\"$bidder_id\",$bid,$maxbid,NULL,".intval($qty).")"; if(!mysql_query($query)){ print $ERR_001."
$query
".mysql_error(); exit; } if($send_email){ //Print "Email wird gesendet an: ".$OldWinner_email; $year = substr($auctionends,0,4); $month = substr($auctionends,5,2); $day = substr($auctionends,8,2); $hours = substr($auctionends,11,2); $minutes = substr($auctionends,14,2); $ends_string = $day . "." . $month . "." . $year . " " . $hours . ":" . $minutes; $new_bid = print_money($bid); //-- Send e-mail message include('./includes/no_longer_winner.inc.php'); } // 3) perform output if ( isset($ERR) ) { $ERR = ${"ERR_".$ERR}; include "header.php"; print " $std_font $ERR "; print mysql_error(); include "footer.php"; exit; } else { $TPL_id = $id; include "header.php"; include "templates/template_bid_result_php.html"; include "footer.php"; exit; } } } if($display_bid_form) { // prepare some data for displaying in the form $nickH = htmlspecialchars($nick); $bidH = htmlspecialchars($bid); $qtyH = htmlspecialchars($qty); $TPL_title = htmlspecialchars($Data[title]); $TPL_next_bid = print_money($next_bid); $TPL_proposed_bid = print_money($bid); $TPL_cancel_bid_link = '' . $MSG_332 . ''; // output the form include("header.php"); // Kommas gegen Punkt austauschen //$newbid = $bidH; //$bidH = str_replace(",",".",$newbid); include("templates/template_bid_php.html"); include("footer.php"); exit; } Gruß Daniel
