Jump to content

Recommended Posts

Hello guys,

 

what is wrong with this code? it wouldn't install ::  :-[

 

<?php

$msg="Please fill the following fields completely:";
$tabform=true;
$tabend=false;
$tabend2=false;
$red="#eeeeee";
$black="#000000";
$fontc=$black;
$chmodmsg_error="config.php is not writeable , set config.php to chmod 666 ";
$log="<a href='../admin/main.php'>login</a>";

$filename="config.php";
if($setup){

if(empty($namedb)){
$msg="Error:DB Name is missing.";
$fontc=$red;
}

if(empty($hostdb)){
$msg=" Error:DB Host is missing.";
$fontc=$red;
}

if(empty($userdb)){
$msg="Error: DB user is missing.";
$fontc=$red;
}

if(empty($passdb)){
$msg="Error: DB password is missing.";
$fontc=$red;
}

if(empty($namesite)){
$msg="Error: Site Name is missing.";
$fontc=$red;
}

if(empty($sitepath)){
$msg="Error: The Path is missing.";
$fontc=$red;
}

if(empty($nameuser)){
$msg="Error: Admin name is missing.";
$fontc=$red;
}
if(empty($passwd)){
$msg="Error: Admin password is missing.";
$fontc=$red;
}

if(empty($aemail)){
$msg="Error: Admin Email s missing.";
$fontc=$red;
}
else if(($userdb) AND ($namedb) AND ($passdb) AND($hostdb) AND($sitepath) AND($namesite) AND($passwd) AND($aemail) AND($nameuser)){
$t_user="\$dbuser = \"$userdb\";";
$t_name= "\$dbname = \"$namedb\";";
   $t_pass="\$dbpass = \"$passdb\";";
     $t_host="\$dbhost = \"$hostdb\";"; 
       $s_host="\$host = \"$sitepath\";";
         $a_site="\$mysite = \"$namesite\";";
          $a_email="\$adminmail = \"$aemail\";";
    $a_name=$nameuser;
$a_pass=$passwd;
    $begin="<?php";
    $end="?>";
if(!(is_writeable($filename))){

$msg=$chmodmsg_error;


$fontc=$red;
}else{
$datei=fopen($filename,"w");
}

}
if($datei){
$save=fputs($datei,"$begin\n$t_user\n$t_name\n$t_pass\n$t_host\n$s_host\n$a_site\n$a_email\n$end\n");
}

if($save){
fclose($datei);
$tabform=false;
$tabend=true;
$SuccMsg="the variables were saved to the File config.php, now click". " Create tables "."to install the tables";
}
}



if($create){
include("connect.php");
# Table structure for table 'afso_admin'.
$create_table_admin="CREATE TABLE afso_admin("
  ."adminid int(32) NOT NULL auto_increment,"
  ."passwd  varchar(20) NOT NULL,"
  ."aname varchar(40) NOT NULL,"
  ."uemail varchar(150) NOT NULL,"
  ."PRIMARY KEY  (adminid))";
$admin_result=mysql_query($create_table_admin);

$create_table_register_account = "CREATE TABLE register_account("
."id int(32) NOT NULL auto_increment,"
."surname  varchar(200) NOT NULL,"
."account_key  varchar(200) NOT NULL,"
."email  varchar(200) NOT NULL,"
."firstname  varchar(200) NOT NULL,"
."initials  varchar(200) NOT NULL,"
."gender  varchar(200) NOT NULL,"
."date_of_birth  varchar(200) NOT NULL,"
."address1  varchar(200) NOT NULL,"
."address2  varchar(200) NOT NULL,"
."city  varchar(200) NOT NULL,"
."zip  varchar(200) NOT NULL,"
."state  varchar(200) NOT NULL,"
."country  varchar(200) NOT NULL,"
."job_title  varchar(200) NOT NULL,"
."telephone  varchar(200) NOT NULL,"
."work  varchar(200) NOT NULL,"
."fax  varchar(200) NOT NULL,"
."account_type  varchar(200) NOT NULL,"
."currency_type  varchar(200) NOT NULL,"
."afso_member  varchar(200) NOT NULL,"
."account_id  varchar(200) NOT NULL,"
."adddate date NOT NULL,"
."status int(6) NOT NULL,"
."PRIMARY KEY  (id))";
$register_account_result=mysql_query($create_table_register_account);
  
if( ($register_account_result) && ($admin_result) ){

  $sql_admin=mysql_query("INSERT INTO afso_admin VALUES ('', password('$passwd'),'$nameuser','$aemail' )"); 
    
$tabform=false;  							 
$tabend=false;
$tabend2=true;
$SuccMsg="CONGRATULATION Online was installed on your database successfuly\nNow you can"."$log"." into the Admin panel.";
}
else
{
  $tabform=false;
  $tabend=false;
  $tabend2=true;
  $SuccMsg="Error : The command could not be sent to the database server. Please contact the developer .";
  }
}


?>
<html>
<head>
<title><?php print "$title_page"; ?></title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="files/css/showform_css.css" rel="stylesheet" type="text/css">
<body background="imgs/bg.gif" leftmargin="0" topMargin=0 MARGINHEIGHT="0" MARGINWIDTH="0">

<table width="500" cellspacing="0" cellpadding="0" align="center">
  <tr>
    <td width="600" height="90" align="center" valign="top"  scope="col"> </td>
  </tr>
  <tr>
    <td scope="col">
<?php if($tabform){ ?>
<table width="500" border="1" cellpadding="0" cellspacing="0" bordercolor="#FFFFFF">
      <tr>
        <td scope="col">
   
	<form action="<?php print "$PHP_SELF"; ?>" method="post"> <table width="500">
          <tr bgcolor="#0072BC">
            <td colspan="2" align="center" scope="col"><font color="<?php print "$fontc" ?>"><?php print"$msg"; ?></font></td>
          </tr>
          <tr bgcolor="#0072BC">
            <td colspan="2" scope="col"><div align="center"><strong>Data Base 
                      setting</strong> </div></td>
          </tr>
          <tr>
            <td width="150" align="right" valign="top"><strong>DB Name<span class="Stil1">*</span> : </strong></td>
            <td width="350" align="left" valign="top"><input name="namedb" type="text" size="32" value="<?php print"$namedb";?>" ></td>
          </tr>
          <tr>
            <td width="150" align="right" valign="top"><strong>DB Host<span class="Stil1">*</span>:</strong></td>
            <td width="350" align="left" valign="top"><input name="hostdb" type="text" value="localhost" size="32"></td>
          </tr>
          <tr>
            <td width="150" align="right" valign="top"><strong>DB User<span class="Stil1">*</span> :</strong></td>
            <td width="350" align="left" valign="top"><input name="userdb" type="text" size="32" value="<?php print"$userdb";?>"></td>
          </tr>
          <tr>
            <td width="150" align="right" valign="top"><strong>DB Password<span class="Stil1">*</span> :</strong></td>
            <td width="350" align="left" valign="top"><input name="passdb" type="text" size="32" value="<?php print"$passdb";?>" ></td>
          </tr>
          <tr>
            <td colspan="2"> </td>
          </tr>
          <tr align="center" bgcolor="#0072BC">
            <td colspan="2"><strong> Site setting </strong></td>
          </tr>
          <tr>
            <td width="150" align="right" valign="top"><strong>Site Name<span class="Stil1">*</span> :</strong></td>
            <td width="350" align="left" valign="top"><input name="namesite" type="text" value="capitalexchangetrust.com" size="32"></td>
          </tr>
          <tr>
                  <td width="150" align="right" valign="top"><strong>Online 
                    Directory <span class="Stil1">*</span> :</strong></td>
            <td width="350" align="left" valign="top"><input name="sitepath" type="text" value="http://www.capitalexchangetrust.com" size="32">            </td>
          </tr>
          <tr>
            <td colspan="2"></td>
          </tr>
          <tr align="center" bgcolor="#0072BC">
            <td colspan="2"><strong>Admin setting </strong></td>
          </tr>
          <tr>
            <td width="150" align="right" valign="top"><strong>username<span class="Stil1">*</span> :</strong></td>
            <td width="350" align="left" valign="top"><input name="nameuser" type="text" size="32" value="<?php print"$nameuser"?>"></td>
          </tr>
          <tr>
            <td width="150" align="right" valign="top"><strong>password</strong><strong><span class="Stil1">*</span></strong>:</td>
            <td width="350" align="left" valign="top"><input name="passwd" type="password" size="32" value="<?php print"$passwd"?>"></td>
          </tr>
          <tr>
            <td width="150" align="right" valign="top"><strong>Email<span class="Stil1">*</span>:</strong></td>
            <td width="350" align="left" valign="top"><input name="aemail" type="text" value="support@capitalexchangetrust.com" size="32"></td>
          </tr>
          <tr align="center">
            <td colspan="2"><input name="setup" type="submit" value="install">
            </td>
          </tr>
        </table>
	</form>
	</th>
      </tr>
    </table>	</td>
  </tr>
  <tr>
    <td scope="col">
<?php } ?>
<?php if($tabend){ ?>
<table width="500" border="1" cellpadding="0" cellspacing="0" bordercolor="#FFFFFF">
      <tr>
        <td scope="col">
	<form action="<?php print "$PHP_SELF"; ?>" method="post">
	<input name="passwd_admin" type="hidden" value="<?php  print"$a_pass "; ?>">
	<input name="name_admin" type="hidden" value="<?php  print"$a_name"; ?>">
	<table width="500">
          <tr>
            <th align="center" scope="col"><?php print "$SuccMsg"; ?></td>
          </tr>
          
	  <tr>
            <td align="center"><input name="create"  type="submit" value="Create Tables"></td>
          </tr>

        </table>
	</form>
	 </td>
      </tr>
    </table>
<?php } ?></td>
  </tr>
  <tr>
    <td scope="col"><table width="500" border="1" cellpadding="0" cellspacing="0" bordercolor="#FFFFFF">
      <tr>
        <th scope="col"> 
	<?php if($tabend2){ ?>
              <table width="500">
              <tr>
                <td align="center" scope="col"><?php print "$SuccMsg"; ?></td>
              </tr>
            </table>
		<?php } ?>      
    </table></td>
  </tr>
</table>
</body>
</html>

Link to comment
https://forums.phpfreaks.com/topic/110780-it-wouldnt-install/
Share on other sites

Where the variables $setup, $namdb, $userdb, $passdb, $nameuser, $passwrd, $aemail coming from? Looks like your code relies on register_globals being enabled in order for function correctly.

 

You should take the time to update your code so it doesn't reply on this setting. It is disabled by default when PHP is installed, there are reasons for this - the main one being security.

Link to comment
https://forums.phpfreaks.com/topic/110780-it-wouldnt-install/#findComment-568359
Share on other sites

Thanks wildteen,

 

But what do i do in this regard, because i have tried turning register_globals off in my code

<?php @extract($_GET); @extract($_POST); @extract($_SESSION); ?>

. But it doesn't seem working. Can you give me the right syntax to use?

 

Thank you in advance.

Link to comment
https://forums.phpfreaks.com/topic/110780-it-wouldnt-install/#findComment-568364
Share on other sites

That is the lazy way to fix your script, you may as well enable register_globals again if you're going to do that.

 

I presume the variables $setup, $namdb, $userdb, $passdb, $nameuser, $passwrd, $aemail are coming from your form. You should use $_POST['setup'], $_POST['namedb'] etc instead

 

Also turn display_errors on

Link to comment
https://forums.phpfreaks.com/topic/110780-it-wouldnt-install/#findComment-568458
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.