JPpereira

Olá, amigos. Estou perdido, sem saber como resolver este problema. Ao clicar em deletar, para deletar a notícia, a página deletar.php não abre. Retorna o seguinte erro: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '@yahoo.com.br' at line 1 Não sei mais a quem recorrer, pois ninguém consegue me ajudar. Estou certo de que há um erro em uma parte do código SQL da página deletar.php, mas não consigo idenficar onde. Vou colar, paraver se os amigos podem me ajudar. abraços DELETAR.PHP: <?php require_once('../Connections/Curso_d.php'); ?> <?php if (!isset($_SESSION)) { //1 session_start(); } // 0 $MM_authorizedUsers = ""; $MM_donotCheckaccess = "true"; // *** Restrict Access To Page: Grant or deny access to this page function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { //1 // For security, start by assuming the visitor is NOT authorized. $isValid = False; // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. // Therefore, we know that a user is NOT logged in if that Session variable is blank. if (!empty($UserName)) { //2 // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. // Parse the strings into arrays. $arrUsers = Explode(",", $strUsers); $arrGroups = Explode(",", $strGroups); if (in_array($UserName, $arrUsers)) { //3 $isValid = true; } //2 // Or, you may restrict access to only certain users based on their username. if (in_array($UserGroup, $arrGroups)) { //3 $isValid = true; } //2 if (($strUsers == "") && true) { //3 $isValid = true; } //2 } //1 return $isValid; }//0 $MM_restrictGoTo = "../admin/login.php"; if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) { //1 $MM_qsChar = "?"; $MM_referrer = $_SERVER['PHP_SELF']; if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&"; if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0) $MM_referrer .= "?" . $QUERY_STRING; $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck= . urlencode($MM_referrer); header("Location: ". $MM_restrictGoTo); exit; }//0 ?> <?php function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") {//1 $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue; switch ($theType) {//2 case "text": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "long": case "int": $theValue = ($theValue != "") ? intval($theValue) : "NULL"; break; case "double": $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL"; break; case "date": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "defined": $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue; break; }//1 return $theValue; }//0 if ((isset($_POST['cn_id])) && ($_POST['cn_id'] != "") && (isset($_GET['cn_id']))) {//1 $deleteSQL = sprintf("DELETE FROM curso_noticias WHERE cn_id=%s", GetSQLValueString($_POST['cn_id'], "int")); mysql_select_db($database_Curso_d, $Curso_d); $Result1 = mysql_query($deleteSQL, $Curso_d) or die(mysql_error()); $deleteGoTo = "deletar.php?delete=sucesso"; if (isset($_SERVER['QUERY_STRING'])) { $deleteGoTo .= (strpos($deleteGoTo, '?')) ? "&" : "?"; $deleteGoTo .= $_SERVER['QUERY_STRING']; }//1 header(sprintf("Location: %s", $deleteGoTo)); }//0 $noticia_RSDeleteNoticias = "-1"; if (isset($_GET['cn_id'])) { $noticia_RSDeleteNoticias = (get_magic_quotes_gpc()) ? $_GET['cn_id'] : addslashes($_GET['cn_id']); } $usuario_RSDeleteNoticias = "-1"; if (isset($_SESSION['MM_Username'])) { $usuario_RSDeleteNoticias = (get_magic_quotes_gpc()) ? $_SESSION['MM_Username'] : addslashes($_SESSION['MM_Username']); } mysql_select_db($database_Curso_d, $Curso_d); $query_RSDeleteNoticias = sprintf("SELECT * FROM curso_noticias INNER JOIN curso_usuarios ON curso_usuarios.usu_id = curso_noticias.cn_uso_id WHERE cn_id = %s AND usu_name = %s", $noticia_RSDeleteNoticias,$usuario_RSDeleteNoticias); $RSDeleteNoticias = mysql_query($query_RSDeleteNoticias, $Curso_d) or die(mysql_error()); $row_RSDeleteNoticias = mysql_fetch_assoc($RSDeleteNoticias); $totalRows_RSDeleteNoticias = mysql_num_rows($RSDeleteNoticias); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns=http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/index.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <!-- InstanceBeginEditable name="doctitle" --> <title>Untitled Document</title> <!-- InstanceEndEditable --> <!-- InstanceBeginEditable name="head" --> <link href="../Templates/247shock_blue/css/template_css.css" rel="stylesheet" type="text/css" /> <!-- InstanceEndEditable --> <link href="../Templates/247shock_blue/css/template_css.css" rel="stylesheet" type="text/css" /> </head> <body> <table width="785" align="center" bgcolor="#CC0000"> <tr> <td><table width="780" align="center" bgcolor="#FFFFFF"> <tr> <td height="120"><img src="../imagens/layout_mcg_final.jpg" width="779" height="137" /></td> </tr> <tr> <td bgcolor="#CCE3FD">Home Page | Servi&ccedil;os | Empresa | Not&iacute;cias | Sobre N&oacute;s </td> </tr> <tr> <td><!-- InstanceBeginEditable name="conteudo" --> <table width="100%" height="300"> <tr> <td height="20"><a href="index.php">Pagina Admin de Not&iacute;cias</a> | Olá,<?php echo $row_RSDeleteNoticias['usu_name]; ?>, você está prestes a deletar a notícia <?php echo $row_RSDeleteNoticias['cn_titulo']; ?></td> </tr> <tr> <td> <?php if($_GET['delete'] == sucesso) { ?> <p align=center">A notícia foi deletada com sucesso! Dentro de cinco segundos você será levado para a página inicial de notícias </p> <meta http-equiv="refresh" content=5;URL=index.php /> <?php } ?> </td> </tr> <tr> <td> <?php if(@$_GET['cn_id] == @$row_RSDeleteNoticias['cn_id']) { ?> <table align=center"> <tr> <td colspan="2">Tem certeza que deseja excluir esta not&iacute;cia? </td> </tr> <tr> <td><form id="form1" name="form1" method="post" action="deletar.php?cn_id=<?php echo $row_RSDeleteNoticias['cn_id]; ?>"> <div align="right"> <input name="cn_id" type="hidden" id="cn_id" value="<?php echo $row_RSDeleteNoticias['cn_id']; ?>" /> <input type="submit" name="Submit" value="Deletar" /> </div> </form> </td> <td><form id="form2" name="form2" method="post" action="index.php"> <div align="left"> <input type="submit" name="Submit2" value="Cancelar" /> </div> </form> </td> </tr> </table> <div align="center"> <?php }else{ ?> A notícia não existe! <?php } ?> </td> </tr> </table> <!-- InstanceEndEditable --></td> </tr> <tr> <td bgcolor="#CCE3FD"><div align="center">&copy; Curso Avan&ccedil;ado de Dreamweaver 8 </div></td> </tr> </table></td> </tr> </table> </body><!-- InstanceEnd --></html> <?php mysql_free_result($RSDeleteNoticias); ?>