Jump to content

Help with some code please

richarro1234

By richarro1234
in PHP Coding Help

 Share

Recommended Posts

richarro1234 Member

richarro1234

Posted
Posted

Hey,

 

I'm having some issues with this piece of script...

 

<?php
$dbhost = "localhost";
$dbuser = "user";
$dbpass = "pass";
$dbname = "dbname";

//Connect to MySQL Server
mysql_connect($dbhost, $dbuser, $dbpass);

//Select Database
mysql_select_db($dbname) or die(mysql_error());
$query1 = mysql_query("SELECT * from users where username = '".$_COOKIE["twusername"]."'") or exit( mysql_error() );
$r = mysql_fetch_array($query1);

if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ClientIP = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ClientIP = $_SERVER['REMOTE_ADDR'];
}
//$ClientHost = gethostbyaddr($ClientIP);
$ClientAgent = $_SERVER['HTTP_USER_AGENT'];
$MyTimeStamp = time();


// Retrieve data from Query String
$status = $_GET['status'];
$id = $r['id'];
$query10 = mysql_query("SELECT * from friends WHERE myid = $id");
while ($fre = mysql_fetch_array($query10)) {

$friend = $fre['friendsid']; 

if ($sex = 'Male'){
$sex = 'his';
}else{
if ($sex = 'Female')
$sex = 'her';
}
// Escape User Input to help prevent SQL Injection
$status = mysql_real_escape_string($status);


//build query
$query = "UPDATE users SET mystatus = '$status' WHERE username = '".$_COOKIE["twusername"]."'";

$a = array($friend); 
foreach ($a as $b) 
{ 
$query1 = "INSERT INTO `richspri_social`.`feed` (`id`, `userid`, `friendid`, `action`, `did`, `when`, `groupname`) VALUES ('', '$id', '$b', 'status', 'Updated $sex', '$MyTimeStamp', '$status')";
}
//Execute query
}
// Exit if calling directly the script file!
if ($status != "")
{
$qry_result = mysql_query($query) or die(mysql_error());
$qry_result = mysql_query($query1) or die(mysql_error());
echo "<b><font color='#FF0000'>Status Updated Successfully</font></b>";
}
else
{
echo '<b>Hacking Attempt!!</b><br><br>';
}
?>

 

Now, i have tried this so many different ways.

i added the foreach loops in after trying it another way, but it still doenst work.

 

It will echo $b fine and will show what's it meant to, but when it adds it to the database, it adds everything, but doesn't add "$b" (which is the list of friends ID's).

 

What its coded to do is get a list of ID's from a database, and for each of the ID's (say for example there's 4 ID's) then it will add it 4 times into the database with each of the ID's (1,5,11,32), but instead all it does is adds it once to the database and doesn't insert the ID, it just adds a blank space.

 

Can someone have a look at it and find out whys it not doing what its meant to.

 

thanks

Rich

Link to comment
Share on other sites
Goldeneye Regular Member

Goldeneye

Posted
Posted

This little snippet of code you posted has a few security-holes and is not well written/formatted (just so you know). Aside from that, your INSERT-query is only making one insert because the array you assigned as $a only has one element.

 

Instead of this:

<?php
$friend = $fre['friendsid'];
?>

 

Try this:

<?php
$friend = array();
$friend[] = $fre['friendsid']; 
?>

 

Explanation: What's happening with the code you have now is that you're just assigning the variable $friend a new value each time. What you want to do is append a new element onto it. That's why you need to use $friend[] - to indicate that you're appending a new element into the array. Also, you're running a FOREACH-loop before you've even completed your WHILE-loop. It is for this reason that, even with the solution I just gave you, your $friend-array will only have one element. I suggest completing the WHILE-loop first, and then cycling through the $friend-array with a FOREACH-loop. The bottom line is that you should rewrite/re-organize the code you just posted with indenting (to make differentiating between curly-braces considerably easier). If you need help, just ask.

Link to comment
Share on other sites
richarro1234 Member

richarro1234

Posted
  • Author
Posted

Hey goldeneye, thanks for the help.

 

i have changed what you told me to, and just to test it i: "echo $friend ;" but all it outputs is "ArrayArrayArrayArrayArrayArrayArray" (which is the amount of friendids there are for the selected user)

 

i have also moved the curly-brace so it finishs the WHILE-loop before it runs the foreach, but it still doesnt add to the database.

 

Also i would like help with the rewrite/re-organising of the above code please.

 

thanks

Rich

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.