Intermediate PHP Configuration is not working properly

barun · Dec 11, 2007

Intermediate PHP Configuration is not working properly.

The following script is not working in this server but properly working with freehostia.com server. Please help me. My site is here : http://miworld.uni.cc and this file is here with password protection : http://miworld.uni.cc/admin :

<html>
<head>
<title>
WELCOME ADMIN!
</title>
</head>
<body>
<?php
$dbname = "dbname"; // I have changed the original dbname here
$dbhost = "localhost";
$dbuser = "dbuser"; // I have changed the original dbuser here
$dbpass = "dbpass"; // I have changed the original dbpass here
function connectdb()
{
global $dbname, $dbuser, $dbhost, $dbpass;
$conms = @mysql_connect($dbhost,$dbuser,$dbpass); //connect mysql
if(!$conms) return false;
$condb = @mysql_select_db($dbname);
if(!$condb) return false;
return true;
}
$db = connectdb();
?>
<center>
<h1><u>WELCOME ADMIN!</u></h1><br><br><br>
<?php
$id = "1";
if(!$db)
{
echo "Unable To Connect To Database!";
}
else
{
if($action=="")
{

$message = mysql_fetch_array(mysql_query("SELECT msg, value FROM admin WHERE id='".$id."'"));

echo "<TABLE WIDTH=\"300\" BORDER=\"1\" BORDERCOLOR=\"#00FF00\"><TR><TH>ADMIN MESSAGE</TH></TR><TR><TD align=\"center\">$message[0]</TD></TR></TABLE><br><br><br>";
echo "<b>MESSAGE :</b><br><FORM action=\"index.php\" method=\"get\">";
echo "<input type=\"hidden\" name=\"action\" value=\"save\">";
if($message[1]=="0")
{
$val="Yes";
echo "<small><input type=\"text\" name=\"msg\" title=\"MESSAGE :\" value=\"$message[0]\"></small><br>";
}
elseif($message[1]=="1")
{
$val="No";
echo "<small><input type=\"text\" name=\"msg\" title=\"MESSAGE :\"></small><br>";
}
echo "<input type=\"submit\" value=\"SAVE\">";
echo "</FORM>";
echo "<br><br>";
echo "<b>Show Value : $val</b><br><FORM action=\"index.php\" method=\"get\">";
echo "<input type=\"hidden\" name=\"action\" value=\"value\">";
echo "<select name=\"value\" title=\"Show Value\"><option value=\"0\">Yes</option><option checked=\"checked\" value=\"1\">No</option></select>";
echo "<br><br><input type=\"submit\" value=\"CHANGE\">";
echo "</FORM>";
}
elseif($action=="save")
{
$saved = mysql_query("UPDATE admin SET msg='".$msg."' WHERE id='".$id."'");
if($saved)
{
echo "Your Message Has Been Saved Successfully!";
echo "<br><br><a href=\"index.php\">ADMIN</a>";
}
else
{
echo "Error! Unable To Save";
echo "<br><br><a href=\"index.php\">ADMIN</a>";
}
}
elseif($action=="value")
{
if(($value=="0")||($value=="1"))
{
$changed = mysql_query("UPDATE admin SET value='".$value."' WHERE id='".$id."'");
if($changed)
{
echo "Your Change Has Been Saved Successfully!";
echo "<br><br><a href=\"index.php\">ADMIN</a>";
}
else
{
echo "Error! Unable To Save";
echo "<br><br><a href=\"index.php\">ADMIN</a>";
}
}
else
{
echo "Error! Unable To Save";
echo "<br><br><a href=\"index.php\">ADMIN</a>";
}
}
}
?>
</center>
</body>
</html>

mitamata · Dec 11, 2007

You should include what the error is. Is the page not loading? Can't connect to the database? Do you get a script error? What is it?
It's really hard to help if you just go "here's the script, it's not working". You should let people know what about it is not working so they know where to look

barun · Dec 13, 2007

Hi,

When I am clicking on SUBMIT button or CHANGE button in action=="" section, it is not going to action=="save" section or action=="value" section, When I am clicking on them it is loading action=="" section every time. This is the only script fault. How can I resolve it? It can be resolved by making different php files and putting there action=="value" section and action=="save" section individually. But all this section is not working in one php file. This is the problem. I have tried with get and post both method of FORM tag. But same problem occuring..

How can it be resolved??????????????

Help please!!!!!!!!!!!!!!!!

mitamata · Dec 13, 2007

Oh ok ok. See, that helps a lot, it took but a moment to figure out the problem

The configuration on this server is different than on the server you were previously on. Here, register_globals is set to off. Look it up on google for more info, but basically what this means for you is that the value of the input field saves in a variable with a different name.

If you're using POST as the action on the form, then instead of looking at the value of $action, you need to look at the value of $_POST['action']. Every input field in your form will save into the $_POST array.

Here, I'll give you an example:

HTML:

<form name="test_form" method="post" action="index.php">
<input type="text" name="username">
<input type="submit" name="Submit">
</form>

Say you have that form. After the user presses submit, $_POST['submit'] will equal 'Submit' ($_POST['submit'] == "Submit"). Anything that the user types in the username box will be saved in $_POST['username'].

In other words... just change all the variables you get from the form from $variable to $_POST['variable'] and things should work fine

If you're using GET as the form method, use $_GET instead of $_POST.

barun · Dec 13, 2007

I did not understand fully. Will you give me an example using php?
Edit:
So you mean to say that in that script I have to use if($_POST['action']=="save") for POST method and if($_GET['action']=="save") for GET method in place of if($action=="save") . Am I right? If not then please give me an php example for it. Thanks!
Edit:
So you mean to say that in that script I have to use if($_POST['action']=="save") for POST method and if($_GET['action']=="save") for GET method in place of if($action=="save") . Am I right? If not then please give me an php example for it. Thanks!

Catzwolf · Dec 14, 2007

It means that any form values must be explicitly set after submit and just not passed in the manner that you have at the moment.

example

<input type=\"text\" name=\"msg\" title=\"MESSAGE :\" value=\"$message[0]\">

To get this Variable on a non register global server you must to the following:

$msg = (isset($_POST['msg']) && !empty($_POST['msg']) ) ? strval($_POST['msg']) : '';

What the above line mean if 'msg' actually exists and is not empty then use the $_POST var if not then make it '' (ie empty)

For the sake of security, you now have to treat your post vars correctly or you will open yourself up to all different manner of security issues. If it is a number treat is as a numerical value or if it is a string (as the above example) then treat it as a string.

Also I noticed that your script in incomplete, I cannot see a <form> tag so i could'nt tell if you were using a POST or GET. I always believe that scripts should use POST for security reason and properly sanitize all variables before they are used and saves to the database.

mitamata · Dec 17, 2007

I don't think there's much of a difference between how safe GET and POST are. Just as anyone can edit the link, anyone can edit the form. The only difference is that using POST it looks a bit more secure, since one has to go and edit the html to cause trouble, not just change the link.

barun said:
So you mean to say that in that script I have to use if($_POST['action']=="save") for POST method and if($_GET['action']=="save") for GET method in place of if($action=="save") . Am I right? If not then please give me an php example for it. Thanks!

That's right

barun · Dec 17, 2007

I have done this. But same problem is happening!!!!!!!!!!! What can I do? Any other solution???????????????

Synkc · Dec 17, 2007

I noticed your script is using "localhost" as the address of the server the MySQL database is hosted on; it needs to be changed to "mysql.x10hosting.com" as it has recently moved to a new server.

barun · Dec 17, 2007

Hi Dear,

I am not facing MYSQL problem. I have PHP problem. HELP PLEASE!!!!!!!!!!!!!!

But thanks for the information!

Micro · Dec 17, 2007

register_globals is off on x10Hosting.

You need to replace all $action and other vars that you use get/post with with $_GET/POST['action']

mitamata · Dec 17, 2007

Isn't that what we told him already?

barun said:
I have done this. But same problem is happening!!!!!!!!!!! What can I do? Any other solution???????????????

If you did things right, it should work. Did you do with other submitted variables as you did with 'action'? For example, instead of $msg use $_POST['msg'] or $_GET['msg'], depending on the method you use in the form.

If you're still having issues, please post either the code of your page or the error you get (or preferably both, if an error is present).

barun · Dec 18, 2007

No, I was wrong. It is working.

This script is working properly. Thanks a lot to all of you for helping. Thanks!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

<html>
<head>
<title>
WELCOME ADMIN!
</title>
</head>
<body>
<?php
$dbname = "dbname"; // I have changed the original dbname here
$dbhost = "localhost";
$dbuser = "dbuser"; // I have changed the original dbuser here
$dbpass = "dbpass"; // I have changed the original dbpass here
function connectdb()
{
global $dbname, $dbuser, $dbhost, $dbpass;
$conms = @mysql_connect($dbhost,$dbuser,$dbpass); //connect mysql
if(!$conms) return false;
$condb = @mysql_select_db($dbname);
if(!$condb) return false;
return true;
}
$db = connectdb();
?>
<center>
<h1><u>WELCOME ADMIN!</u></h1><br><br><br>
<?php
$id = "1";
if(!$db)
{
echo "Unable To Connect To Database!";
}
else
{
if($_POST['action']=="")
{

$message = mysql_fetch_array(mysql_query("SELECT msg, value FROM admin WHERE id='".$id."'"));

echo "<TABLE WIDTH=\"300\" BORDER=\"1\" BORDERCOLOR=\"#00FF00\"><TR><TH>ADMIN MESSAGE</TH></TR><TR><TD align=\"center\">$message[0]</TD></TR></TABLE><br><br><br>";
echo "<b>MESSAGE :</b><br><FORM action=\"my.php\" method=\"post\">";
echo "<input type=\"hidden\" name=\"action\" value=\"save\">";
if($message[1]=="0")
{
$val="Yes";
echo "<small><input type=\"text\" name=\"msg\" title=\"MESSAGE :\" value=\"$message[0]\"></small><br>";
}
elseif($message[1]=="1")
{
$val="No";
echo "<small><input type=\"text\" name=\"msg\" title=\"MESSAGE :\"></small><br>";
}
echo "<input type=\"submit\" value=\"SAVE\">";
echo "</FORM>";
echo "<br><br>";
echo "<b>Show Value : $val</b><br><FORM action=\"my.php\" method=\"post\">";
echo "<input type=\"hidden\" name=\"action\" value=\"value\">";
echo "<select name=\"value\" title=\"Show Value\"><option value=\"0\">Yes</option><option checked=\"checked\" value=\"1\">No</option></select>";
echo "<br><br><input type=\"submit\" value=\"CHANGE\">";
echo "</FORM>";
}
elseif($_POST['action']=="save")
{
$msg = $_POST['msg'];
$saved = mysql_query("UPDATE admin SET msg='".$msg."' WHERE id='".$id."'");
if($saved)
{
echo "Your Message Has Been Saved Successfully!";
echo "<br><br><a href=\"my.php\">ADMIN</a>";
}
else
{
echo "Error! Unable To Save";
echo "<br><br><a href=\"my.php\">ADMIN</a>";
}
}
elseif($_POST['action']=="value")
{
$value = $_POST['value'];
if(($value=="0")||($value=="1"))
{
$changed = mysql_query("UPDATE admin SET value='".$value."' WHERE id='".$id."'");
if($changed)
{
echo "Your Change Has Been Saved Successfully!";
echo "<br><br><a href=\"my.php\">ADMIN</a>";
}
else
{
echo "Error! Unable To Save";
echo "<br><br><a href=\"my.php\">ADMIN</a>";
}
}
else
{
echo "Error! Unable To Save";
echo "<br><br><a href=\"my.php\">ADMIN</a>";
}
}
}
?>
</center>
</body>
</html>

Intermediate PHP Configuration is not working properly

barun

New Member

mitamata

New Member

barun

New Member

mitamata

New Member

barun

New Member

Catzwolf

New Member

mitamata

New Member

barun

New Member

Synkc

Active Member

barun

New Member

Micro

Retired staff <i> (11-12-2008)</I>

mitamata

New Member

barun

New Member

Free Web Hosting

Our Community

Legal