conker87

Submit_X and Submit_Y are the x and y coords of which part of the image button you clicked.

Alright. After hours of trudging through the code, I discover that it's my login functions being recursively called without a return. Thanks for the help everyone though!

Right. It seems the host is having problems with it's migration of the MySQL server. Hilarious as it is, when the query is CORRECT and everything is in order: it makes the pages output null, while if something is wrong with a query (i.e. no table, query syntax incorrect, etc) then the page outputs just fine.

Now this is happening on the top level domain... Has mysql_connect been known to break like this?

The If statement checks to see if gameid variable exists in the url (the review?gameid= part) AND that the value is a number if (isset($_GET['gameid']) && is_numeric($_GET['gameid'])) { Then it's added into another variable, mainly for ease of use and then escaped for added security, mysql_real_escape_string escapes all bad and potentially malicious characters or code. $gameid = mysql_real_escape_string($_GET['gameid'])); We then build the query, pretty much the same as your query before, but instead of getting all data, we just pick the row in the DB that has the gameid of the value that we choose. $sql = "SELECT * FROM Games WHERE gameid = $gameid"; We execute the query. $res = mysql_query($sql); Put the data gathered into an array. $data = mysql_fetch_assoc($res); // However you'd like to format the html to output // I'm assuming that the file you have put here is called review.php } else {

<?php //get results from db if (isset($_GET['gameid']) && is_numeric($_GET['gameid'])) { // check to see is the gameis is both set and a number (Assuming gameid is an int in your DB $gameid = mysql_real_escape_string($_GET['gameid'])); // added security $sql = "SELECT * FROM Games WHERE gameid = $gameid"; // making the query, setting the where clause to only fetch the row with gameid of the selected int $res = mysql_query($sql); $data = mysql_fetch_assoc($res); // However you'd like to format the html to output // I'm assuming that the file you have put here is called review.php } else { $sql = "SELECT * FROM Games ORDER BY gametitle"; $res = mysql_query($sql) or die(mysql_error()); if(mysql_num_rows($res) == 0) die("No records found"); // loop through the results returned by your query while($data = mysql_fetch_assoc($res)) { $title=$data['gametitle']; $cover=$data['cover']; $gameid=$data['gameid']; // directory for images $dir="coverart"; ?> <div id="cardcontainer"> <div id="coverart"> <?php echo "<img src='$dir/{$cover}' width='100' height='140'><br>"; ?> </div> <div id="gametitle"> <a href="Reviews.php?gameid=<?php echo $gameid ?>"><?php echo $title ?></a> </div> <div id="friendrating"></div> <div id="globalrating"></div> </div> <?php } } ?>

This is weird: mysql_connect('', '', '') or die(mysql_error()); mysql_select_db('') or die(mysql_error()); Also outputs nothing... I literally do not know what's going on.

Nope. That didn't work. If I comment out the above code then my page outputs correctly, anything other than incorrect data or commenting it out causes lack of outputting.

My username has an underscore and my password has a '#' as it was randomly generated.

Doesn't ereg_replace() replace the matched text in pattern with the replacement? Thus removing all the correct values?

if (!mysql_connect("CORRECT_DATA", "CORRECT_DATA", "CORRECT_DATA")) { $error[] = "Unable to connect to the Database Server."; } if (!mysql_select_db("CORRECT_DATA")) { $error[] = "Unable to connect to the Database."; } Will cause the file to output nothing and show a blank page. Replacing the data with an incorrect host, username or password will cause the file to output correctly.

Edit: It used to, I placed a 'echo "hello?";' at the bottom, it was cut off when I c/p into here. - Ok. I went through the require file and copy and pasted all bits from top to bottom and found that it was my ConnectToDB() function, then I found out that it was the mysql_connect() function. I'm running this off a subdomain, a testing area if you will. The part that breaks it is if I put in all the details into mysql_connect() then the file wont output, if I put in incorrect data it will output, but will error (rather ironically). I was running the SAME code for the last month or so through this subdomain, the ConnectToDB() function worked fine, up until when it broke not 2 hours ago. Would this be a hosting issue? Or is mysql_connect somehow become sentient and not willing to do my bidding?

That's the entire file, there is a ?> at the end, I just forgot to take out the top <?php because I was already using the forum's php tags.

<?php // Error reporting, since it doesn't seem to work in the sub domain error_reporting(E_ALL ^ E_NOTICE); ini_set("display_errors", '1'); // Start of the script $TIME_START_SCRIPT = time(); session_start(); date_default_timezone_set("Europe/London"); ini_set('session.gc_maxlifetime', 86400); // Requires // Database require("__functions_mysql.php"); ConnectToDB(); require("__functions_exploits.php"); require("__functions_db.php"); require("__functions_login.php"); require("__functions_misc.php"); require("__functions_social.php"); // Sanitise // GET and POST arrays. No need to sanitise SESSION and REQUEST, as SESSION values will have been sanitised before and REQUEST is not used. $_GET = filterParameters($_GET); $_POST = filterParameters($_POST); // Variables // Site options $options = mysql_fetch_array(mysql_query("SELECT * FROM options WHERE options.id = 1")); define(ENABLE_LOGIN, $options['ENABLE_LOGIN']); define(SHOW_TWITTER_FEED, $options['SHOW_TWITTER_FEED']); define(HITS_TIMEOUT, $options['HITS_TIMEOUT']); // URL $admin = (!empty($_GET['admin'])) ? $_GET['admin'] : null; $section = (!empty($_GET['section'])) ? $_GET['section'] : null; $search = (!empty($_GET['search'])) ? $_GET['search'] : null; $title = (!empty($_GET['title'])) ? $_GET['title'] : null; $id = (!empty($_GET['id'])) ? (int) $_GET['id'] : null; $er = (!empty($_GET['error'])) ? $_GET['error'] : null;