Could someone please help me out here?
I've been using the code below in some of my WordPress pages, but I've looked at it so long ago that I honestly can't remember how to debug it - go figure... The only thing that changed was the database.
It works like this:
URL has parameter called id in this form: http://example.com/post?id=... Code checks if param is present, otherwise it redirects home. If the param is present, code gets the ID and compares it to the records in the MySQL database hosted by my ISP. Match gets used in an echo statement. A div on the page is activated.
Database Layout:
+-------+------------+------------+------------+------------+---------------+
| id | Naam | Metgesel | Kind1 | Kind2 | Email |
+-------+------------+------------+------------+------------+---------------+
| abc12 | Bobby | Caily | * | * | b@example.com |
| ... | ... | ... | ... | ... | ... |
+-------+------------+------------+------------+------------+---------------+
ERROR ENCOUNTERED:
Warning: mysql_real_escape_string() expects parameter 1 to be string, array given in /home/.../public_html/wp-content/plugins/insert-php-code-snippet/shortcode-handler.php(32) : eval()'d code on line 4 Invalid or no security key!
Code:
<script>
function invite(){
document.getElementById('invite').style.display=(document.getElementById('invite').style.display=='block')?'none':'block';
}
</script>
<script>
function returnHome(){
setTimeout(function () {window.location.href = 'http://example.com';},2000);
}
</script>
$part = $_REQUEST['id'];
if(isset($_GET["id"])){
$query = sprintf("SELECT * FROM `DATABASE`.`TABLE`
WHERE idquack='$part'",
mysql_real_escape_string($query));
$result = mysql_query($query);
if (!$result) {
$message = 'Invalid or no security key!';
die($message);
} else {
while ($row = mysql_fetch_assoc($result)) {
if ($row['Metgesel'] != "*"){
if ($row['Metgesel'] == "#"){
if ($row['Kind1'] != "*"){
if ($row['Kind2'] != "*"){
echo '<h1>' . $row['Naam'] . ", " . "Metgesel" . ", " . $row['Kind1'] . " en " . $row['Kind2'] . "</h1>";
} else {
echo '<h1>' . $row['Naam'] . ", " . "Metgesel" . " en " . $row['Kind1'] . "</h1>";
}
} else {
echo '<h1>' . $row['Naam'] . " en " . "Metgesel" . "</h1>";
}
} else{
if ($row['Kind1'] != "*"){
if ($row['Kind2'] != "*"){
echo '<h1>' . $row['Naam'] . ", " . $row['Metgesel'] . ", " . $row['Kind1'] . " en " . $row['Kind2'] . "</h1>";
} else {
echo '<h1>' . $row['Naam'] . ", " . $row['Metgesel'] . " en " . $row['Kind1'] . "</h1>";
}
} else {
echo '<h1>' . $row['Naam'] . " en " . $row['Metgesel'] . "</h1>";
}
}
} else {
echo '<h1>' . $row['Naam'] . "</h1>";
}
echo '<script>invite();</script>';
}
}
mysql_free_result($result);
} else{
echo 'Hold on tight - we're taking you to safety!';
echo '<script>returnHome();</script>';
}