You have an error in your SQL syntax; check the manual that correspond

Olá, gente!

Criei uma tabela para a área administrativa de notícias do meu site (index.php), e dentre os tópicos da tabela está o item "Atualizar", que atualiza as notícias inseridas. O problema é que quando eu clico em atualizar, o browser retorna a seguinte mensagem: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1.

Eu vou postar abaixo o código referente ao index.php e ao arquivo atualizar.php. Presumo que em um dos dois deve estar o erro de sintaxe. Muito obrigado pela ajuda!

index.php:

<?php require_once('../Connections/Curso_d.php'); ?>
<?php
mysql_select_db($database_Curso_d, $Curso_d);
$query_RsNoticias = "SELECT curso_noticias.cn_id, curso_noticias.cn_titulo, curso_noticias.cn_status, curso_noticias.cn_data, curso_usuarios.usu_email FROM curso_noticias INNER JOIN curso_usuarios ON curso_usuarios.usu_id = curso_noticias.cn_uso_id";
$RsNoticias = mysql_query($query_RsNoticias, $Curso_d) or die(mysql_error());
$row_RsNoticias = mysql_fetch_assoc($RsNoticias);
$totalRows_RsNoticias = mysql_num_rows($RsNoticias);
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="[http://www.w3.org/1999/xhtml">http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <!-- InstanceBeginEditable name="doctitle" --> <title>Untitled Document</title> <!-- InstanceEndEditable --> <!-- InstanceBeginEditable name="head" --><!-- InstanceEndEditable -->

<link href="../Templates/247shock_blue/css/template_css.css" rel="stylesheet" type="text/css" />
</head>

<body>
<table width="785" align="center" bgcolor="#CC0000">
 <tr>
 <td><table width="780" align="center" bgcolor="#FFFFFF">
 <tr>
 <td height="120"><img src="../imagens/layout_mcg_final.jpg" width="779" height="137" /></td>
 </tr>
 <tr>
 <td bgcolor="#CCE3FD">Home Page | Serviços | Empresa | Notícias | Sobre Nós </td>
 </tr>
 <tr>
 <td><!-- InstanceBeginEditable name="conteudo" -->
<table width="100%">
 <tr>
 <td> </td>
 </tr>
 <tr>
 <td><table>
 <tr>
 <td><div align="center"><strong>Descrição da notícia </strong></div></td>
 <td colspan="4"><div align="center"><strong>Opções</strong></div> </td>
 <td><div align="center"><strong>Status</strong></div></td>
 <td><div align="center"><strong>Data</strong></div></td>
 <td><div align="center"><strong>Responsável pela notícia </strong></div></td>
 </tr>
 <tr>
 <td><div align="center"><?php echo $row_RsNoticias['cn_titulo']; ?></div></td>
 <td><div align="center"><a href="inserir.php">Inserir</a></div></td>
 <td><div align="center"><a href="atualizar.php?cn_id=<?php echo $row_RsNoticias['cn_id']; ?>">atualizar</a></div></td>
 <td><div align="center"></div></td>
 <td><div align="center">Deletar</div></td>
 <td> <div align="center">
 <?php if(@$row_RsNoticias['cn_status'] == 1) { ?>
 ON
 <?php } else { ?>
 OFF
 <?php } ?>
 </div></td>
 <td><div align="center"><?php echo $row_RsNoticias['cn_data']; ?></div></td>
 <td><div align="center"><?php echo $row_RsNoticias['usu_email']; ?></div></td>
 </tr>
 </table></td>
 </tr>
</table>
<!-- InstanceEndEditable --></td>
 </tr>
 <tr>
 <td bgcolor="#CCE3FD"><div align="center">© Curso Avançado de Dreamweaver 8 </div></td>
 </tr>
 </table></td>
 </tr>
</table>
</body><!-- InstanceEnd --></html>
<?php
mysql_free_result($RsNoticias);

atualizar.php:

<?php require_once('../Connections/Curso_d.php'); ?>
<?php
if (!isset($_SESSION)) {
 session_start();
}
$MM_authorizedUsers = "";
$MM_donotCheckaccess = "true";

// *** Restrict Access To Page: Grant or deny access to this page

function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
 // For security, start by assuming the visitor is NOT authorized.
 $isValid = False;

 // When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
 // Therefore, we know that a user is NOT logged in if that Session variable is blank.
 if (!empty($UserName)) {
 // Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
 // Parse the strings into arrays.
 $arrUsers = Explode(",", $strUsers);
 $arrGroups = Explode(",", $strGroups);
 if (in_array($UserName, $arrUsers)) {
 $isValid = true;
 }
 // Or, you may restrict access to only certain users based on their username.
 if (in_array($UserGroup, $arrGroups)) {
 $isValid = true;
 }
 if (($strUsers == "") && true) {
 $isValid = true;
 }
 }
 return $isValid;
}

$MM_restrictGoTo = "../admin/login.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {
 $MM_qsChar = "?";
 $MM_referrer = $_SERVER['PHP_SELF'];
 if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
 if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0)
 $MM_referrer .= "?" . $QUERY_STRING;
 $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
 header("Location: ". $MM_restrictGoTo);
 exit;
}
?>
<?php
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")

{

 $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

 switch ($theType) {
 case "text":
 $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
 break;
 case "long":
 case "int":
 $theValue = ($theValue != "") ? intval($theValue) : "NULL";
 break;
 case "double":
 $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
 break;
 case "date":
 $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
 break;
 case "defined":
 $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
 break;
 }
 return $theValue;
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
 $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) {
 $updateSQL = sprintf("UPDATE curso_noticias SET cn_uso_id=%s, cn_titulo=%s, cn_data=%s, cn_fonte=%s, cn_status=%s, cn_body=%s WHERE cn_id=%s",
 GetSQLValueString($_POST['cn_uso_id'], "int"),
 GetSQLValueString($_POST['cn_titulo'], "text"),
 GetSQLValueString($_POST['cn_data'], "date"),
 GetSQLValueString($_POST['cn_fonte'], "text"),
 GetSQLValueString(isset($_POST['cn_status']) ? "true" : "", "defined","1","0"),
 GetSQLValueString($_POST['cn_body'], "text"),
 GetSQLValueString($_POST['cn_id'], "int"));

 mysql_select_db($database_Curso_d, $Curso_d);
 $Result1 = mysql_query($updateSQL, $Curso_d) or die(mysql_error());

 $updateGoTo = "index.php";
 if (isset($_SERVER['QUERY_STRING'])) {
 $updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
 $updateGoTo .= $_SERVER['QUERY_STRING'];
 }
 header(sprintf("Location: %s", $updateGoTo));
}

if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) {
 $updateSQL = sprintf("UPDATE curso_noticias SET cn_uso_id=%s, cn_titulo=%s, cn_data=%s, cn_fonte=%s, cn_status=%s, cn_body=%s WHERE cn_id=%s",
 GetSQLValueString($_POST['cn_uso_id'], "int"),
 GetSQLValueString($_POST['cn_titulo'], "text"),
 GetSQLValueString($_POST['cn_data'], "date"),
 GetSQLValueString($_POST['cn_fonte'], "text"),
 GetSQLValueString(isset($_POST['cn_status']) ? "true" : "", "defined","1","0"),
 GetSQLValueString($_POST['cn_body'], "text"),
 GetSQLValueString($_POST['cn_id'], "int"));

 mysql_select_db($database_Curso_d, $Curso_d);
 $Result1 = mysql_query($updateSQL, $Curso_d) or die(mysql_error());

 $updateGoTo = "index.php";
 if (isset($_SERVER['QUERY_STRING'])) {
 $updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
 $updateGoTo .= $_SERVER['QUERY_STRING'];
 }
 header(sprintf("Location: %s", $updateGoTo));
}

$colname_RsAtualizaNoticias = "-1";
if (isset($_GET['cn_id'])) {
 $colname_RsAtualizaNoticias = (get_magic_quotes_gpc()) ? $_GET['cn_id'] : addslashes($_GET['cn_id']);
}
mysql_select_db($database_Curso_d, $Curso_d);
$query_RsAtualizaNoticias = sprintf("SELECT * FROM curso_noticias WHERE cn_id = %s", $colname_RsAtualizaNoticias);
$RsAtualizaNoticias = mysql_query($query_RsAtualizaNoticias, $Curso_d) or die(mysql_error());
$row_RsAtualizaNoticias = mysql_fetch_assoc($RsAtualizaNoticias);
$totalRows_RsAtualizaNoticias = mysql_num_rows($RsAtualizaNoticias);

$colname_RsUserSession = "-1";
if (isset($_SESSION['MM_username'])) {
 $colname_RsUserSession = (get_magic_quotes_gpc()) ? $_SESSION['MM_username'] : addslashes($_SESSION['MM_username']);
}
mysql_select_db($database_Curso_d, $Curso_d);
$query_RsUserSession = sprintf("SELECT * FROM curso_usuarios WHERE usu_email = '%s'", $colname_RsUserSession);
$RsUserSession = mysql_query($query_RsUserSession, $Curso_d) or die(mysql_error());
$row_RsUserSession = mysql_fetch_assoc($RsUserSession);
$totalRows_RsUserSession = mysql_num_rows($RsUserSession);
?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "[http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">](http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd)
<html xmlns="[http://www.w3.org/1999/xhtml">http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<!-- InstanceBeginEditable name="doctitle" -->

<title>Untitled Document</title>
<script src="../includes/tiny_mce/tiny_mce/tiny_mce.js" type="text/javascript"></script>
 <script language="javascript" type="text/javascript">
	tinyMCE.init({
 mode : "textareas",
 theme : "advanced",
 plugins : "table,save,advhr,advimage,advlink,emotions,iespell,insertdatetime,preview,zoom,flash,searchreplace,print,contextmenu,paste,directionality,fullscreen",
 theme_advanced_buttons1_add_before : "save,newdocument,separator",
 theme_advanced_buttons1_add : "fontselect,fontsizeselect",
 theme_advanced_buttons2_add : "separator,insertdate,inserttime,preview,zoom,separator,forecolor,backcolor",
 theme_advanced_buttons2_add_before: "cut,copy,paste,pastetext,pasteword,separator,search,replace,separator",
 theme_advanced_buttons3_add_before : "tablecontrols,separator",
 theme_advanced_buttons3_add : "emotions,iespell,flash,advhr,separator,print,separator,ltr,rtl,separator,fullscreen",
 theme_advanced_toolbar_location : "top",
 theme_advanced_toolbar_align : "left",
 theme_advanced_statusbar_location : "bottom",
 content_css : "example_word.css",
 content_css : "[http://localhost/mgctpw/templates/mambo_admin_blue/css/template_css.css",](http://localhost/mgctpw/templates/mambo_admin_blue/css/template_css.css)
 plugi2n_insertdate_dateFormat : "%Y-%m-%d",
 plugi2n_insertdate_timeFormat : "%H:%M:%S",
 external_link_list_url : "example_link_list.js",
 external_image_list_url : "example_image_list.js",
 flash_external_list_url : "example_flash_list.js",
 file_browser_callback : "fileBrowserCallBack",
 paste_use_dialog : false,
 theme_advanced_resizing : true,
 theme_advanced_resize_horizontal : false,
 theme_advanced_link_targets : "_something=My somthing;_something2=My somthing2;_something3=My somthing3;",
 paste_auto_cleanup_on_paste : true,
 paste_convert_headers_to_strong : false,
 paste_strip_class_attributes : "all",
 paste_remove_spans : false,
 paste_remove_styles : false
	});

	function fileBrowserCallBack(field_name, url, type, win) {
 // This is where you insert your custom filebrowser logic
 alert("Filebrowser callback: field_name: " + field_name + ", url: " + url + ", type: " + type);

 // Insert new URL, this would normaly be done in a popup
 win.document.forms[0].elements[field_name].value = "someurl.htm";
	}
</script>

<!-- InstanceEndEditable -->
<!-- InstanceBeginEditable name="head" -->
<style type="text/css">
<!--
.style1 {color: #FF0000}
-->

</style>
<style type="text/css">

<!--
.style2 {color: #FFFFFF}
-->
</style>
<!-- InstanceEndEditable -->

<link href="../Templates/247shock_blue/css/template_css.css" rel="stylesheet" type="text/css" />
</head>

<body>
<table width="785" align="center" bgcolor="#CC0000">
 <tr>
 <td><table width="780" align="center" bgcolor="#FFFFFF">
 <tr>
 <td height="120"><img src="../imagens/layout_mcg_final.jpg" width="779" height="137" /></td>
 </tr>
 <tr>
 <td bgcolor="#CCE3FD">Home Page | Serviços | Empresa | Notícias | Sobre Nós </td>
 </tr>
 <tr>
 <td><!-- InstanceBeginEditable name="conteudo" -->
<table width="100%">
 <tr>
 <td bgcolor="#8C8CFF"><span class="style2"><strong><a href="../admin/index.php">Página Inicial Admin</a> | <a href="index.php">Página Inicial Admin Notícias</a> |</strong></span> <strong><?php echo $_SESSION['MM_Username']; ?></strong></td>
 </tr>
 <tr>
 <td>
 <form method="post" name="form1" action="<?php echo $editFormAction; ?>">
 <table align="center">
 <tr valign="baseline">
 <td align="right" nowrap bgcolor="#F0F8FF"><strong>Titulo:</strong></td>
 <td bgcolor="#F0F8FF"><input name="cn_titulo" type="text" value="<?php echo $row_RsAtualizaNoticias['cn_titulo']; ?>" size="60" maxlength="80"></td>
 </tr>
 <tr valign="baseline">
 <td align="right" nowrap bgcolor="#F0F8FF"><strong>Data:</strong></td>
 <td bgcolor="#F0F8FF"><input name="cn_data" type="text" readonly="true" value= "<?php echo $row_RsAtualizaNoticias['cn_data']; ?>" size="10" maxlength="10" /></td>
 </tr>
 <tr valign="baseline">
 <td align="right" nowrap bgcolor="#F0F8FF"><strong>Fonte:</strong></td>
 <td bgcolor="#F0F8FF"><input name="cn_fonte" type="text" value="<?php echo $row_RsAtualizaNoticias['cn_fonte']; ?>" size="60" maxlength="80"></td>
 </tr>
 <tr valign="baseline">
 <td align="right" nowrap bgcolor="#F0F8FF"><strong>Status:</strong></td>
 <td bgcolor="#F0F8FF"><input type="checkbox" name="cn_status" value="" <?php if (!(strcmp($row_RsAtualizaNoticias['cn_status'],""))) {echo "@@checked@@";} ?>>
 <span class="style1">
 Selecione para ativar a notícia</span></td>
 </tr>
 <tr valign="baseline" bgcolor="#CCE3FD">
 <td colspan="2" align="left" nowrap><strong>Conteúdo</strong></td>
 </tr>
 <tr valign="baseline">
 <td colspan="2" align="right" valign="top" nowrap><textarea name="cn_body" cols="90" rows="5"><?php echo $row_RsAtualizaNoticias['cn_body']; ?></textarea> </td>
 </tr>
 <tr valign="baseline" bgcolor="#CCE3FD">
 <td colspan="2" align="left" nowrap><input type="submit" value="Atualizar Notícia"></td>
 </tr>
 </table>
 <input type="hidden" name="cn_uso_id" value="<?php echo $row_RsUserSession['usu_id']; ?>">
 <input type="hidden" name="MM_update" value="form1">
 <input type="hidden" name="cn_id" value="<?php echo $row_RsAtualizaNoticias['cn_id']; ?>">
 </form>
 <p></p></td>
 </tr>
</table>
<!-- InstanceEndEditable --></td>
 </tr>
 <tr>
 <td bgcolor="#CCE3FD"><div align="center">© Curso Avançado de Dreamweaver 8 </div></td>
 </tr>
 </table></td>
 </tr>
</table>
</body><!-- InstanceEnd -->
<form method="post" name="form1" action="<?php echo $editFormAction; ?>">

 <input type="hidden" name="cn_uso_id" value="<?php echo $row_RsAtualizaNoticias['cn_uso_id']; ?>">
 <input type="hidden" name="MM_update" value="form1">
 <input type="hidden" name="cn_id" value="<?php echo $row_RsAtualizaNoticias['cn_id']; ?>">
</form>
<p> </p>
</html>
<?php
mysql_free_result($RsAtualizaNoticias);

mysql_free_result($RsUserSession);
?>