weaksauce1 Posted June 11, 2008 Share Posted June 11, 2008 This post goes along with another post I made : http://www.phpfreaks.com/forums/index.php/topic,201321.0.html I have created my form and everything seems to working though i had to put in error_reporting(E_ALL & ~E_NOTICE); to stop receiving notices when my form submitted something not in the index. Here is my form page. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /> <title>Search Off Campus Housing</title> </head> <body> <form method="post" action="search_test.php"> <input name="submitted" value="true" type="hidden"> <input name="search_type" value="" type="hidden"> <table align=center> <tr><td>Type:<br><select name="type"> <option value="" selected>Any</option> <option value="Apartment">Apartment</option> <option value="House">House</option> <option value="Duplex">Duplex</option> <option value="Rooming House">Rooming House</option> </select></td></tr> <tr><td>City:<br><select name="city"> <option value="" selected>Any</option> <option value="California">California</option> <option value="Brownsville">Brownsville</option> <option value="Chaleroi">Chaleroi</option> <option value="Coal Center">Coal Center</option> <option value="Daisy Town">Daisytown</option> <option value="Dunlevy Bourgh">Dunlevy Bourgh</option> <option value="Perryopolis">Perryopolis</option> <option value="Smock">Smock</option> </select></td></tr> <tr><td>Bedrooms:<br><select name="bedrooms"> <option value="" selected>Any Amount</option> <option value="1">1</option> <option value="2">2</option> <option value="3">3</option> <option value="4">4</option> <option value="5">5</option> <option value="6">6</option> <option value="7">7</option> <option value="8">8</option> <option value="9">9</option> </select></td></tr> <tr><td>Electricity:<br><select name="electricity"> <option value="" selected>No Preference</option> <option value="Yes" selected>Included</option> </td></tr> <tr><td>Water:<br><select name="water"> <option value="" selected>No Preference</option> <option value="Yes" selected>Included</option> </td></tr> <tr><td>Gas:<br><select name="gas"> <option value="" selected>No Preference</option> <option value="Yes" selected>Included</option> </td></tr> <tr><td>Lease Terms:<br><select name="lease"> <option value="" selected>Any</option> <option value="Semester">Semester</option> <option value="Year">Year</option> <option value="1 Month">1 Month</option> <option value="9 Month">9 Month</option> <option value="10 Month">10 Month</option> <option value="Call">Call</option> </select></td></tr> <tr><td>Handicapped Available:<br><select name="handicapped"> <option value="" selected>No Preference</option> <option value="Yes" selected>Yes</option> </td></tr> <tr><td>Smoking Allowed:<br><select name="smoking"> <option value="" selected>No Preference</option> <option value="Either">Either</option> <option value="Yes">Yes</option> <option value="No">No</option> <option value="Call">Call</option> </select></td></tr> <tr><td colspan=2 align=center><input type=submit name="send" value="Submit"></td></tr> </table> </form> </body> </html> And here is my php: <?php error_reporting(E_ALL & ~E_NOTICE); include 'scripts.php'; //Include common scripts $db = dbConnect(); //Connect to database $handicapped = mysql_real_escape_string($_REQUEST['handicapped']); $city = mysql_real_escape_string($_REQUEST['city']); $type_of_rental = mysql_real_escape_string($_REQUEST['type']); $parking = ''; $laundry = ''; $appliances = ''; $furnishings = ''; $garbage = ''; $gas = mysql_real_escape_string($_REQUEST['gas']); $water = mysql_real_escape_string($_REQUEST['water']); $sewage = ''; $electricity = mysql_real_escape_string($_REQUEST['electricity']); $smoking = mysql_real_escape_string($_REQUEST['smoking']); $num_bedrooms = mysql_real_escape_string($_REQUEST['bedrooms']); $num_bathrooms = ''; $wated_sublease = ''; $lease_term = ''; if(!isset($_GET['sort_by'])) { $sort_by = 'type_of_rental'; } else { $sort_by = mysql_real_escape_string($_GET['sort_by']); } //Get all listings matching criteria if ( empty($handicapped) && empty($city) && empty($type_of_rental) && empty($parking) && empty($laundry) && empty ($appliances) && empty($furnishings) && empty($garbage) && empty($gas) && empty($water) && empty($sewage)&& empty ($electricity)&& empty($smoking) && empty($num_bedrooms) && empty($num_bathrooms) && empty($wated_sublease) && empty($lease_term)) $query = "SELECT * From Listings ORDER BY $sort_by DESC"; else { $where = array(); if ( !empty ( $handicapped ) ) $where[] = "`handicapped`='" . $handicapped . "'"; if ( !empty ( $city ) ) $where[] = "`city`='" . $city . "'"; if ( !empty ( $type_of_rental ) ) $where[] = "`type_of_rental`='" . $type_of_rental . "'"; if ( !empty ( $parking ) ) $where[] = "`parking`='" . $parking . "'"; if ( !empty ( $laundry ) ) $where[] = "`laundry`='" . $laundry . "'"; if ( !empty ( $appliances ) ) $where[] = "`applicances`='" . $appliances . "'"; if ( !empty ( $furnishings ) ) $where[] = "`furnishings`='" . $furnishings . "'"; if ( !empty ( $garbage ) ) $where[] = "`garbage`='" . $garbage . "'"; if ( !empty ( $gas ) ) $where[] = "`gas`='" . $gas . "'"; if ( !empty ( $water ) ) $where[] = "`water`='" . $water . "'"; if ( !empty ( $sewage ) ) $where[] = "`sewage`='" . $sewage . "'"; if ( !empty ( $electricity ) ) $where[] = "`electricity`='" . $electricity . "'"; if ( !empty ( $smoking ) ) $where[] = "`smoking`='" . $smoking . "'"; if ( !empty ( $num_bedrooms ) ) $where[] = "`num_bedrooms`='" . $num_bedrooms . "'"; if ( !empty ( $num_bathrooms ) ) $where[] = "`num_bathrooms`='" . $num_bathrooms . "'"; if ( !empty ( $wanted_sublease ) ) $where[] = "`wanted_sublease`='" . $wanted_sublease . "'"; if ( !empty ( $lease_term ) ) $where[] = "`lease_term`='" . $lease_term . "'"; $where = implode(' AND ', $where); $query = "SELECT * FROM Listings WHERE " . $where . " ORDER BY $sort_by DESC"; } $result = mysql_query($query) or die($query . '<br />' . mysql_error()); ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Off Campus Housing - For Rent</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <link href="styles.css" rel="stylesheet" type="text/css"> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0" link="#bbbbbb" vlink="#888888" alink="black"> <div align="center"> <table border="0" cellpadding="0" cellspacing="0" width="800"> <tr> <td align="left" valign="top" colspan="2"> <table align="left" cellspacing="0" cellpadding="3" width="100%" valign="top"> <tr> <td valign="top" width="606"> <br /><br /><br /> <div align="center"> <span class="head">Key</span> <br /> <table width="70%" border="1" cellpadding="0" cellspacing="0"> <tr> <td width="15"> <img src="images/apartment.gif"> </td> <td class="reg"> <b>Apartment</b> </td> <td width="15"> <img src="images/house.gif"> </td> <td class="reg"> <b>House</b> </td> <td width="15"> <img src="images/duplex.gif"> </td> <td class="reg"> <b>Duplex</b> </td> <td width="15"> <img src="images/roominghouse.gif"> </td> <td class="reg"> <b>Rooming House</b> </td> </tr> </table> <table border="1" cellpadding="0" cellspacing="0" width="204"> <tr> <td> <div align="center">E</div> </td> <td> <div align="center">Electricity</div> </td> <td> <div align="center">W</div> </td> <td> <div align="center">Water</div> </td> <td> <div align="center">G</div> </td> <td> <div align="center">Gas</div> </td> </tr> </table> <span class="regbold">Disclaimer: ALL LISTINGS ARE SUBJECT TO CHANGE!</span><span class="reg"> </span><br> <span class="reg">Download the full file:</span> <span class="reg"><a href="xlsgen.php?sql=SELECT%20*%20FROM%20Listings" class="lynx">(XLS)</a> | <a href="txtgen.php?sql=SELECT%20*%20FROM%20Listings" class="lynx">(TXT)</a></span> <br> <br> <table width="100%" border="1" cellpadding="0" cellspacing="0"> <tr height="20px"> <td width="75px"> <div align="center" class="regbold"> <a href="?sort_by=type_of_rental"><span class="lynx">Type</a> <?php if($sort_by=='`type_of_rental`')?> </div> </td> <td width="325px"> <div align="center" class="regbold"> <a href="?sort_by=address"><span class="lynx">Address</span></a> <?php if($sort_by=='`address`')?> </div> </td> <td width="100px"> <div align="center" class="regbold"> <a href="?sort_by=city"><span class="lynx">City</span></a> <?php if($sort_by=='`city`')?> </div> </td> <td width="50px"> <div align="center" class="regbold"> <a href="?sort_by=num_bedrooms"><span class="lynx">Bedrooms</span></a> <?php if($sort_by=='`num_bedrooms`')?> </div> </td> <td width="100px"> <div align="center" class="regbold"> <a href="search_test.php?sort_by=rent"><span class="lynx">Rent</span></a> <?php if($sort_by=='`rent`')?> </div> </td> <td width="10px"> <div align="center" class="regbold"> <a href="?sort_by=electricity"><span class="lynx">E</span></a> <?php if($sort_by=='`electricity`')?> </div> </td> <td width="10px"> <div align="center" class="regbold"> <a href="?sort_by=water"><span class="lynx">W</span></a> <?php if($sort_by=='`water`')?> </div> </td> <td width="10px"> <div align="center" class="regbold"> <a href="?sort_by=gas"><span class="lynx">G</span></a> <?php if($sort_by=='`gas`')?> </div> </td> <td width="50px"> <div align="center" class="regbold"> <a href="?sort_by=lease_term"><span class="lynx">Lease</span></a> <?php if($sort_by=='`lease_term`')?> </div> </td> <td width="50px"> <div align="center" class="regbold"> <a href="?sort_by=available_date"><span class="lynx">Available</span></a> <?php if($sort_by=='`available_date`')?> </div> </td> <td width="25px"> <div align="center" class="regbold"> <a href="?sort_by=handicapped"><span class="lynx">Handicapped</span></a> <?php if($sort_by=='`handicapped`')?> </div> </td> <td width="25px"> <div align="center" class="regbold"> <a href="?sort_by=smoking"><span class="lynx">Smoking</span></a> <?php if($sort_by=='`smoking`')?> </div> </td> </tr> <?php while($row=mysql_fetch_row($result)) { ?> <tr height="14" class="reg" valign="top"> <?php if($row[1] == "Apartment") { $cellColor = "#CC0000";} else if($row[1] == "House") { $cellColor = "#000000";} else if($row[1] == "Duplex") { $cellColor = "#006600";} else if($row[1] == "Rooming House") { $cellColor = "#0000CC";} else { $cellColor = "#FFFFFF";} ?> <td width="50" align="center" bgcolor="<?php print($cellColor);?>"> <?php if($row[1] == "Apartment") { print("<img src = \"images/apartment.gif\">");} else if($row[1] == "House") { print("<img src = \"images/house.gif\">");} else if($row[1] == "Duplex") { print("<img src = \"images/duplex.gif\">");} else if($row[1] == "Rooming House") { print("<img src = \"images/roominghouse.gif\">");} else { print(" ");} ?> </td> <td width="180" height="14"> <?php if($row[3] != "") { print("<a href=\"details.php?id=$row[0]\" class=\"alynx\">$row[3]</a>");} else { print(" ");} ?> </td> <td width="75"> <?php if($row[4] != "") { print($row[4]);} else { print(" ");} ?> </td> <td width="75" height="14" align="center"> <?php if($row[18] != "") { print($row[18]);} else { print(" ");} ?> </td> <td width="175" height="14"> <?php if($row[7] != "") { print($row[7]);} else { print(" ");} ?> </td> <td width="25" height="14" align="center"> <?php if($row[16] == "Yes") { print("<img src = \"images/check.gif\">");} else { print("<img src = \"images/uncheck.gif\">");} ?> </td> <td width="25" height="14" align="center"> <?php if($row[14] == "Yes") { print("<img src = \"images/check.gif\">");} else { print("<img src = \"images/uncheck.gif\">");} ?> </td> <td width="25" height="14" align="center"> <?php if($row[13] == "Yes") { print("<img src = \"images/check.gif\">");} else { print("<img src = \"images/uncheck.gif\">");} ?> </td> <td width="75" height="14"> <?php if($row[6] != "") { print($row[6]);} else { print(" ");} ?> </td> <td width="75" height="14"> <?php if($row[24] != "") { print($row[24]);} else { print(" ");} ?> </td> <td width="100" height="14"> <?php if($row[2] != "") { print($row[2]);} else { print(" ");} ?> </td> <td width="100" height="14"> <?php if($row[17] != "") { print($row[17]);} else { print(" ");} ?> </tr> <?php } ?> </table> </div> </div> <br /><br /> </td> </tr> </table> </td> <td align="left" valign="top"> </td> </tr> </table> </body> </html> I have two questions, first is someone previously on this site before for our college, its for students to search for off campus housing. The site got injected before so they shut it down for awhile, then gave the project to me (might not have been the best choice since I'm not that familiar with sql queries). First, does this seem to a secure site to sql injections? And second? After searching through the db and pulling the query that I want. If i use my sort order function in php, it takes me back to the entire query. For example, if i search for all the apartments with handicap accessibility it works showing on my desired results but then if I try to sort the results by rent or city. It takes me back to the main query wit Quote Link to comment Share on other sites More sharing options...
fenway Posted June 12, 2008 Share Posted June 12, 2008 Stop posting all the code, it doesn't help us figure out what you want. I assume that you have more than one page on your "site", so answering an SQL injection issue is impossible... but don't you have logs? As for your second question, you can sort server-side or client-side. And you should have continued your previous post if it's still related... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.