nitation Posted June 18, 2008 Share Posted June 18, 2008 Hello guys, what is wrong with this code? it wouldn't install :: <?php $msg="Please fill the following fields completely:"; $tabform=true; $tabend=false; $tabend2=false; $red="#eeeeee"; $black="#000000"; $fontc=$black; $chmodmsg_error="config.php is not writeable , set config.php to chmod 666 "; $log="<a href='../admin/main.php'>login</a>"; $filename="config.php"; if($setup){ if(empty($namedb)){ $msg="Error:DB Name is missing."; $fontc=$red; } if(empty($hostdb)){ $msg=" Error:DB Host is missing."; $fontc=$red; } if(empty($userdb)){ $msg="Error: DB user is missing."; $fontc=$red; } if(empty($passdb)){ $msg="Error: DB password is missing."; $fontc=$red; } if(empty($namesite)){ $msg="Error: Site Name is missing."; $fontc=$red; } if(empty($sitepath)){ $msg="Error: The Path is missing."; $fontc=$red; } if(empty($nameuser)){ $msg="Error: Admin name is missing."; $fontc=$red; } if(empty($passwd)){ $msg="Error: Admin password is missing."; $fontc=$red; } if(empty($aemail)){ $msg="Error: Admin Email s missing."; $fontc=$red; } else if(($userdb) AND ($namedb) AND ($passdb) AND($hostdb) AND($sitepath) AND($namesite) AND($passwd) AND($aemail) AND($nameuser)){ $t_user="\$dbuser = \"$userdb\";"; $t_name= "\$dbname = \"$namedb\";"; $t_pass="\$dbpass = \"$passdb\";"; $t_host="\$dbhost = \"$hostdb\";"; $s_host="\$host = \"$sitepath\";"; $a_site="\$mysite = \"$namesite\";"; $a_email="\$adminmail = \"$aemail\";"; $a_name=$nameuser; $a_pass=$passwd; $begin="<?php"; $end="?>"; if(!(is_writeable($filename))){ $msg=$chmodmsg_error; $fontc=$red; }else{ $datei=fopen($filename,"w"); } } if($datei){ $save=fputs($datei,"$begin\n$t_user\n$t_name\n$t_pass\n$t_host\n$s_host\n$a_site\n$a_email\n$end\n"); } if($save){ fclose($datei); $tabform=false; $tabend=true; $SuccMsg="the variables were saved to the File config.php, now click". " Create tables "."to install the tables"; } } if($create){ include("connect.php"); # Table structure for table 'afso_admin'. $create_table_admin="CREATE TABLE afso_admin(" ."adminid int(32) NOT NULL auto_increment," ."passwd varchar(20) NOT NULL," ."aname varchar(40) NOT NULL," ."uemail varchar(150) NOT NULL," ."PRIMARY KEY (adminid))"; $admin_result=mysql_query($create_table_admin); $create_table_register_account = "CREATE TABLE register_account(" ."id int(32) NOT NULL auto_increment," ."surname varchar(200) NOT NULL," ."account_key varchar(200) NOT NULL," ."email varchar(200) NOT NULL," ."firstname varchar(200) NOT NULL," ."initials varchar(200) NOT NULL," ."gender varchar(200) NOT NULL," ."date_of_birth varchar(200) NOT NULL," ."address1 varchar(200) NOT NULL," ."address2 varchar(200) NOT NULL," ."city varchar(200) NOT NULL," ."zip varchar(200) NOT NULL," ."state varchar(200) NOT NULL," ."country varchar(200) NOT NULL," ."job_title varchar(200) NOT NULL," ."telephone varchar(200) NOT NULL," ."work varchar(200) NOT NULL," ."fax varchar(200) NOT NULL," ."account_type varchar(200) NOT NULL," ."currency_type varchar(200) NOT NULL," ."afso_member varchar(200) NOT NULL," ."account_id varchar(200) NOT NULL," ."adddate date NOT NULL," ."status int(6) NOT NULL," ."PRIMARY KEY (id))"; $register_account_result=mysql_query($create_table_register_account); if( ($register_account_result) && ($admin_result) ){ $sql_admin=mysql_query("INSERT INTO afso_admin VALUES ('', password('$passwd'),'$nameuser','$aemail' )"); $tabform=false; $tabend=false; $tabend2=true; $SuccMsg="CONGRATULATION Online was installed on your database successfuly\nNow you can"."$log"." into the Admin panel."; } else { $tabform=false; $tabend=false; $tabend2=true; $SuccMsg="Error : The command could not be sent to the database server. Please contact the developer ."; } } ?> <html> <head> <title><?php print "$title_page"; ?></title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <link href="files/css/showform_css.css" rel="stylesheet" type="text/css"> <body background="imgs/bg.gif" leftmargin="0" topMargin=0 MARGINHEIGHT="0" MARGINWIDTH="0"> <table width="500" cellspacing="0" cellpadding="0" align="center"> <tr> <td width="600" height="90" align="center" valign="top" scope="col"> </td> </tr> <tr> <td scope="col"> <?php if($tabform){ ?> <table width="500" border="1" cellpadding="0" cellspacing="0" bordercolor="#FFFFFF"> <tr> <td scope="col"> <form action="<?php print "$PHP_SELF"; ?>" method="post"> <table width="500"> <tr bgcolor="#0072BC"> <td colspan="2" align="center" scope="col"><font color="<?php print "$fontc" ?>"><?php print"$msg"; ?></font></td> </tr> <tr bgcolor="#0072BC"> <td colspan="2" scope="col"><div align="center"><strong>Data Base setting</strong> </div></td> </tr> <tr> <td width="150" align="right" valign="top"><strong>DB Name<span class="Stil1">*</span> : </strong></td> <td width="350" align="left" valign="top"><input name="namedb" type="text" size="32" value="<?php print"$namedb";?>" ></td> </tr> <tr> <td width="150" align="right" valign="top"><strong>DB Host<span class="Stil1">*</span>:</strong></td> <td width="350" align="left" valign="top"><input name="hostdb" type="text" value="localhost" size="32"></td> </tr> <tr> <td width="150" align="right" valign="top"><strong>DB User<span class="Stil1">*</span> :</strong></td> <td width="350" align="left" valign="top"><input name="userdb" type="text" size="32" value="<?php print"$userdb";?>"></td> </tr> <tr> <td width="150" align="right" valign="top"><strong>DB Password<span class="Stil1">*</span> :</strong></td> <td width="350" align="left" valign="top"><input name="passdb" type="text" size="32" value="<?php print"$passdb";?>" ></td> </tr> <tr> <td colspan="2"> </td> </tr> <tr align="center" bgcolor="#0072BC"> <td colspan="2"><strong> Site setting </strong></td> </tr> <tr> <td width="150" align="right" valign="top"><strong>Site Name<span class="Stil1">*</span> :</strong></td> <td width="350" align="left" valign="top"><input name="namesite" type="text" value="capitalexchangetrust.com" size="32"></td> </tr> <tr> <td width="150" align="right" valign="top"><strong>Online Directory <span class="Stil1">*</span> :</strong></td> <td width="350" align="left" valign="top"><input name="sitepath" type="text" value="http://www.capitalexchangetrust.com" size="32"> </td> </tr> <tr> <td colspan="2"></td> </tr> <tr align="center" bgcolor="#0072BC"> <td colspan="2"><strong>Admin setting </strong></td> </tr> <tr> <td width="150" align="right" valign="top"><strong>username<span class="Stil1">*</span> :</strong></td> <td width="350" align="left" valign="top"><input name="nameuser" type="text" size="32" value="<?php print"$nameuser"?>"></td> </tr> <tr> <td width="150" align="right" valign="top"><strong>password</strong><strong><span class="Stil1">*</span></strong>:</td> <td width="350" align="left" valign="top"><input name="passwd" type="password" size="32" value="<?php print"$passwd"?>"></td> </tr> <tr> <td width="150" align="right" valign="top"><strong>Email<span class="Stil1">*</span>:</strong></td> <td width="350" align="left" valign="top"><input name="aemail" type="text" value="support@capitalexchangetrust.com" size="32"></td> </tr> <tr align="center"> <td colspan="2"><input name="setup" type="submit" value="install"> </td> </tr> </table> </form> </th> </tr> </table> </td> </tr> <tr> <td scope="col"> <?php } ?> <?php if($tabend){ ?> <table width="500" border="1" cellpadding="0" cellspacing="0" bordercolor="#FFFFFF"> <tr> <td scope="col"> <form action="<?php print "$PHP_SELF"; ?>" method="post"> <input name="passwd_admin" type="hidden" value="<?php print"$a_pass "; ?>"> <input name="name_admin" type="hidden" value="<?php print"$a_name"; ?>"> <table width="500"> <tr> <th align="center" scope="col"><?php print "$SuccMsg"; ?></td> </tr> <tr> <td align="center"><input name="create" type="submit" value="Create Tables"></td> </tr> </table> </form> </td> </tr> </table> <?php } ?></td> </tr> <tr> <td scope="col"><table width="500" border="1" cellpadding="0" cellspacing="0" bordercolor="#FFFFFF"> <tr> <th scope="col"> <?php if($tabend2){ ?> <table width="500"> <tr> <td align="center" scope="col"><?php print "$SuccMsg"; ?></td> </tr> </table> <?php } ?> </table></td> </tr> </table> </body> </html> Quote Link to comment Share on other sites More sharing options...
wildteen88 Posted June 18, 2008 Share Posted June 18, 2008 Where the variables $setup, $namdb, $userdb, $passdb, $nameuser, $passwrd, $aemail coming from? Looks like your code relies on register_globals being enabled in order for function correctly. You should take the time to update your code so it doesn't reply on this setting. It is disabled by default when PHP is installed, there are reasons for this - the main one being security. Quote Link to comment Share on other sites More sharing options...
.josh Posted June 18, 2008 Share Posted June 18, 2008 Would be helpful if you mentioned what script it is, and something more specific than "it won't install." On that note...moving to 3rd party forum. Quote Link to comment Share on other sites More sharing options...
nitation Posted June 18, 2008 Author Share Posted June 18, 2008 Thanks wildteen, But what do i do in this regard, because i have tried turning register_globals off in my code <?php @extract($_GET); @extract($_POST); @extract($_SESSION); ?> . But it doesn't seem working. Can you give me the right syntax to use? Thank you in advance. Quote Link to comment Share on other sites More sharing options...
wildteen88 Posted June 18, 2008 Share Posted June 18, 2008 That is the lazy way to fix your script, you may as well enable register_globals again if you're going to do that. I presume the variables $setup, $namdb, $userdb, $passdb, $nameuser, $passwrd, $aemail are coming from your form. You should use $_POST['setup'], $_POST['namedb'] etc instead Also turn display_errors on Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.