Syntax error when executing bank query [closed]

0
<?php
class train{
    var $units;
    var $Units;
    var $cl_units;
    var $db;
    var $recruited = array();

    function train(){
        global $cl_units, $db, $arr_farm;

        $this->cl_units = $cl_units;
        $this->db = $db;
        $this->units = $cl_units->get_array("dbname");      
        $this->Units = $cl_units->get_array("name");
        $this->arr_farm = $arr_farm;
    }
    function do_action($cur_village,$mode="mass"){
        $i = 0;
        foreach($this->Units as $key=>$value){
            ++$i;
            $posted = ($mode == "mass") ? $_POST['units'][$cur_village][$key] : $_POST[$key];
            if(!empty($posted)){
                $cur_vil_info = "SELECT * FROM 'villages' WHERE 'id'='".$cur_village."'";
                $cur_vil_info = $this->db->fetch($this->db->query($cur_vil_info));
                $cur_vil_info['farmLimits'] = $this->arr_farm[$cur_vil_info['farm']]; 
                $this->cl_units->check_needed($key,$cur_vil_info);
                if(in_array("no_investigate",$this->cl_units->get_specials($key)))
                    $check = "no_investigate";
                $input = (int)$posted;

                $wood = $this->cl_units->get_woodprice($key)*$input;
                $stone = $this->cl_units->get_stoneprice($key)*$input;
                $iron = $this->cl_units->get_ironprice($key)*$input;
                $bh = $this->cl_units->get_bhprice($key)*$input;
                if($wood > $cur_vil_info['r_wood'] || $stone > $cur_vil_info['r_stone'] || $iron > $cur_vil_info['r_iron']){
                    $check = "to_many_units";
                }
                if(($cur_vil_info['farmLimits']-$cur_vil_info['r_bh']-$bh < 0) && empty($check)){
                    $check = "to_many_bh";
                }
                if(empty($check) && is_numeric($this->cl_units->last_error) && $input > 0){
                    $this->db->query("UPDATE villages SET r_wood=r_wood-'$wood',r_stone=r_stone-'$stone',r_iron=r_iron-'$iron',r_bh=r_bh+'$bh' where id='".$cur_vil_info['id']."'");
                    $cur_vil_info['r_wood'] -= $wood;
                    $cur_vil_info['r_stone'] -= $stone;
                    $cur_vil_info['r_iron'] -= $iron;
                    $cur_vil_info['r_bh'] += $bh;

                    $buildname = $this->cl_units->recruit_in[$key];
                    $this->cl_units->recruit_units($key,$input,$buildname,$cur_vil_info[$buildname],$cur_vil_info['id']);

                    $this->recruited[$cur_village][$key] = $input;
                    if($_GET['mode'] != "mass")
                        $reload = true;
                }
            }
        }
        if($reload)
            header("LOCATION: game.php?village=".$cur_vil_info['id']."&screen=".$_GET['screen']."");
        if(empty($check))
            $check = $cl_units->last_error;
        switch($check){
            case "not_tec" :    $error = "Desculpe, más está unidade não foi pesquisada!";  break;
            case "not_needed" : $error = "Desculpe, más não há os requerimentos necessários!";  break;
            case "not_enough_ress" :    $error = "Desculpe, más não há recursos suficientes!";  break;
            case "not_enough_bh" :  $error = "Desculpe, más a fazenda não pode sustentar mais habitantes!"; break;
            case "to_many_units" :  $error = "Desculpe, más não há recursos suficientes!";  break;
            case "to_many_bh" : $error = "Desculpe, más a fazenda não pode sustentar mais habitantes!"; break;
        }
        if($error) $GLOBALS['tpl']->assign("error",$error);
        return $recruited;
    }
    function get_units_in_village($village){
        $sql = "SELECT ";
        $i = 0;
        foreach($this->Units as $key=>$value){
            ++$i;
            $sql .= (count($this->Units) == $i) ? $key : $key.",";
        }
        $sql .= " from unit_place where villages_from_id='".$village['id']."' AND villages_to_id='".$village['id']."'";
        $result = $this->db->query($sql);
        return $this->db->Fetch($result);
    }
    function get_all_units($village){
        $sql = "SELECT ";
        $i = 0;
        foreach($this->Units as $key=>$value){
            if(in_array("no_investigate", $this->cl_units->get_specials($key))){
                unset($this->units[$value]);
                unset($this->Units[$key]);
                if(count($this->Units) == $i)
                    $sql = substr($sql,0,strlen($sql)-1);
            }else
                $sql .= (count($this->Units) == $i) ? "all_$key,".$key."_tec_level" : "all_$key,".$key."_tec_level,";
            ++$i;
        }
        @$sql .= " FROM villages WHERE id= '".$village['id']."'";
        $result = $this->db->query($sql);

        return $this->db->Fetch($result);
    }
    function get_recruit($village){
        $recruit_units = array();
        $i = 0;
        $result = $this->db->query("SELECT id,unit,num_unit,num_finished,time_finished,time_start from recruit where villageid='".$village['id']."' order by time_start");
        while($row = $this->db->Fetch($result)){
            ++$i;
            $recruit_units[$row['id']]['lit'] = ($i == "1") ? true : false;
            $recruit_units[$row['id']]['unit'] = $row['unit'];
            $recruit_units[$row['id']]['num_unit'] = $row['num_unit']-$row['num_finished'];
            $recruit_units[$row['id']]['unit'] = $row['unit'];
            $recruit_units[$row['id']]['time_finished'] = $row['time_finished'];
            $recruit_units[$row['id']]['countdown']=($i=="1")?($row['time_finished']-time()):($row['time_finished']-$row['time_start']);
        }
        return $recruit_units;
    }
}
?>

I get the following error:

  

SQL Query: SELECT all_unit_spear, unit_spear_tec_level, all_unit_sword, unit_sword_tec_level, all_unit_axe, unit_axe_tec_level, all_unit_spy, unit_spy_tec_level, all_unit_light, unit_light_tec_level, all_unit_heavy, unit_heavy_tec_level, all_unit_ram, unit_ram_tec_level, all_unit_catapult, unit_catapult_tec_level, FROM villages WHERE id = '494'       Error: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use 'FROM villages WHERE id =' 494 '' at line 1

    
asked by anonymous 13.10.2016 / 03:21

1 answer

2

There is a comma left over after unit_catapult_tec_level, and this happens because of the poorly designed foreach (which adds a comma after all elements unconditionally).

A workaround would be in place of this line:

@$sql .= " FROM villages WHERE id= '".$village['id']."'";

Switch to this:

$sql = rtrim( $sql,',')." FROM villages WHERE id= '".$village['id']."'";

It would be best to refactor the loop (and the rest of the code, very confusing for the intended result).

    
13.10.2016 / 03:50