kickstart Posted October 16, 2009 Share Posted October 16, 2009 Hi That suggests that somewhere you have copied that tag from on here (it is a tag to close displaying some php code on this forum). Not sure which version of php you are using but noticed that in one place you have <? rather than <?php. All the best Keith Quote Link to comment Share on other sites More sharing options...
Leveecius Posted October 17, 2009 Author Share Posted October 17, 2009 I'm using php v 5.2.5. If that makes any difference. Quote Link to comment Share on other sites More sharing options...
cags Posted October 17, 2009 Share Posted October 17, 2009 If the server your testing on doesn't have short_open_tag = On set in the php.ini then using <? will not work for PHP code, the php code within it will instead be sent to the users browsers just like the rest of the HTML. Quote Link to comment Share on other sites More sharing options...
Leveecius Posted October 17, 2009 Author Share Posted October 17, 2009 well, I made sure all the tags weren't short tags, and the same thing Quote Link to comment Share on other sites More sharing options...
Leveecius Posted October 19, 2009 Author Share Posted October 19, 2009 Can someone look at my coding and tell me what is wrong with them? Or can someone just write a simple in-game forum. It's a single page forum, where if the topic goes off page, it's gone for good. No multiple pages or anything like that. If you need to, you can take some of the info out of my original code to mesh it with the game coding already. Please, will someone help me with this? Quote Link to comment Share on other sites More sharing options...
Leveecius Posted October 20, 2009 Author Share Posted October 20, 2009 bump Quote Link to comment Share on other sites More sharing options...
kickstart Posted October 20, 2009 Share Posted October 20, 2009 Hi You code appears to be 90% there. You just need to play and get it debugged. Takes time but gets easier with practice. All the best Keith Quote Link to comment Share on other sites More sharing options...
Leveecius Posted October 20, 2009 Author Share Posted October 20, 2009 ok, I think I figured it out. My host is PHP 5 and these scripts are for 4. Any clue on how to change them to have 5 support? Quote Link to comment Share on other sites More sharing options...
kickstart Posted October 20, 2009 Share Posted October 20, 2009 Hi There are minor changes, but most things should be OK. Biggest change is the default value for register globals (as mentioned on the first page of this thread). With this you can either override the default value (not recommended, too easy to open security holes) or go through the code and make sure that form fields are manually turned into variables. All the best Keith Quote Link to comment Share on other sites More sharing options...
Leveecius Posted October 21, 2009 Author Share Posted October 21, 2009 umm, what do you mean by that? Quote Link to comment Share on other sites More sharing options...
Gayner Posted October 21, 2009 Share Posted October 21, 2009 umm, what do you mean by that? Just u will be fine, start debugging the script and post here soon! Quote Link to comment Share on other sites More sharing options...
kickstart Posted October 21, 2009 Share Posted October 21, 2009 umm, what do you mean by that? With register globals set on, if you have a form field called (for example) fred then a variable called $fred will automatically be created in the script that receives the form with the value of the form field called fred. With register globals set off then this will not happen. You will need to access them from either the $_GET, $_POST or $_REQUEST arrays. So modify your code to assign $fred = $_REQUEST['fred']; This was all mentioned at the start of this thread. All the best Keith Quote Link to comment Share on other sites More sharing options...
Leveecius Posted October 21, 2009 Author Share Posted October 21, 2009 So basically I should go from this: if ($info->title == "$_POST['title']") to this: if ($info->$_POST['title']) ?? Quote Link to comment Share on other sites More sharing options...
kickstart Posted October 21, 2009 Share Posted October 21, 2009 Hi No. That code is checking that one thing ($info->title) is equal to another thing ("$_POST['title']"). $_POST['title'] is a form field, and that is the correct way to use it. With register globals on you could have used $title so:- if ($info->title == $title) would have worked (but been insecure). There is a problem with that line anyway. The double quotes in $info->title == "$_POST['title']" are not required. That is trying to check against a string which contains the value of the variable $_POST['title'], but you cannot just use associative array variables within a string like that. All the best Keith Quote Link to comment Share on other sites More sharing options...
Leveecius Posted October 24, 2009 Author Share Posted October 24, 2009 Ok guys, still not working. Here is my code: <?php session_start(); if (!(isset($_SESSION["real_name"]))) { //echo "I'm not logged in"; header('Location: index.php'); } ?> <html> <head> <title>Mafia Syndicate BETA</title> <style type="text/css"> <!-- .style4 {color: #FF0000} .style5 {color: #0000FF} --> </style> </head> <link REL="stylesheet" TYPE="text/css" HREF="main.css"> <script language=javascript src=Menus.js></script> <body background="wallpaper.jpg"> <center> <table border="0" cellspacing="0" cellpadding="0" align="center" width="95%" class="cat"> <TR> <TD width="150" background="tdbg3.jpg" bgcolor="#222222" valign="top"> <?php include("leftmenu.php");?> </TD> <td width="100%" valign="top"> <br> <?php include "includes/db_connect.php"; include "bb.php"; $delete = strip_tags($_GET['delete']); if($delete && $userlevel>=5) { mysql_query("DELETE FROM forum_question WHERE id='$delete'") or die(mysql_error()); } $sticky = strip_tags($_GET['sticky']); if($sticky && $userlevel>=5) { mysql_query("UPDATE forum_question SET sticky = '1', important = '0' WHERE id='$sticky'") or die(mysql_error()); } $unsticky = strip_tags($_GET['unsticky']); if($unsticky && $userlevel>=5) { mysql_query("UPDATE forum_question SET sticky = '0', important = '0' WHERE id='$unsticky'") or die(mysql_error()); } $important = strip_tags($_GET['important']); if($important && $userlevel>=5) { mysql_query("UPDATE forum_question SET sticky = '0', important = '1' WHERE id='$important'") or die(mysql_error()); } $unimportant = strip_tags($_GET['unimportant']); if($unimportant && $userlevel>=5) { mysql_query("UPDATE forum_question SET sticky = '0', important = '0' WHERE id='$unimportant'") or die(mysql_error()); } $lock = strip_tags($_GET['lock']); if($lock && $userlevel>=5) { mysql_query("UPDATE forum_question SET locked='1' WHERE id='$lock'") or die(mysql_error()); } $userlock = strip_tags($_GET['userlock']); if($userlock) { mysql_query("UPDATE forum_question SET locked='1' WHERE id='$lock' AND username='$username'") or die(mysql_error()); } $unlock = strip_tags($_GET['unlock']); if($unlock && $userlevel>=5) { mysql_query("UPDATE forum_question SET locked='0' WHERE id='$unlock'") or die(mysql_error()); } if ($_POST['Submit'] && strip_tags($_POST['title']) && strip_tags($_POST['content'])) { $topic = $_POST['title']; $detail = $_POST['content']; $topic = strip_tags($topic); $detail = strip_tags($detail); $ownusername=$_SESSION["real_name"]; $time=time(); if ($mute == 1) { echo "<font color=red><b>You have been muted!</b></font><br><br>"; } else { $query=mysql_query("SELECT * FROM forum_question ORDER by id DESC LIMIT 40"); $result=mysql_query($sql) or die(mysql_error()); $info = mysql_fetch_object($query); if ($info->title == $topic) { echo "There is already a topic with this title!"; } else { $fetch=mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$ownusername'")); $result=mysql_query($sql) or die(mysql_error()); $datetime=date("d/m/y h:i:s"); //create date time if ($topic == "") { echo "You must add a title!"; } else { mysql_query("UPDATE forum_question SET new='0' WHERE new='1'"); $result=mysql_query($sql) or die(mysql_error()); if ($topic !="" && $content !="") { $sql="INSERT INTO forum_question(id, title, content, datetime, username, place, lastreply)VALUES('', 'title', '$content','$datetime', '$username', 'main', '$time')"; $result=mysql_query($sql); } } } } } mysql_query("DELETE FROM forum_question WHERE title=''"); $sql="SELECT * FROM forum_question WHERE sticky='1' AND place='main' ORDER BY lastreply DESC, reply DESC"; $result=mysql_query($sql) or die(mysql_error()); $username=$_SESSION['username']; ?> <table border="1" cellspacing="0" cellpadding="0" bordercolor="black" align="center" width="75%" class="sub2"> <tr> <td class="header" colspan="2" align="center">Main Forum </td> </tr> <?php include "includes/db_connect.php"; $sql3="SELECT * FROM forum_question WHERE important='1' AND place='main' ORDER BY lastreply DESC, reply DESC"; $result3=mysql_query($sql3) or die(mysql_error()); while($rows3=mysql_fetch_array($result3)) { $locked = $rows3['locked']; echo '<tr><td width="92%" border="0" ><font color=red>IMPORTANT:</font><a href="view_topic.php?id='.$rows3['id'].'">'.forumbb($rows3['title']).'</a>'; if ($locked == 1) { echo '<span class="style4">(Locked)</span>'; } echo '</td><td width="8%" align="right">'.$rows3['reply'].'</td></tr>'; } while($rows=mysql_fetch_array($result)) { $locked = $rows['locked']; echo '<tr><td width="92%" border="0" ><span class="style5">STICKY:</span><a href="view_topic.php?id='.$rows['id'].'">'.forumbb($rows['title']).'</a>'; if ($locked == 1) { echo '<span class="style4">(Locked)</span>'; } echo '</td><td width="8%" align="right">'. $rows['reply'].'</td></tr>'; } $sql2="SELECT * FROM forum_question WHERE sticky='0' AND important='0' AND place='main' ORDER BY lastreply DESC, reply DESC LIMIT 30"; $result2=mysql_query($sql2) or die(mysql_error()); while($rows2=mysql_fetch_array($result2)) { $locked = $rows2['locked']; echo '<tr><td width="92%" border="0" ><a href="view_topic.php?id='.$rows2['id'].'">'.htmlentities($rows2['title']).'</a>'; if ($locked == 1) { echo '<span class="style4">(Locked)</span>'; } echo '</td><td width="8%" align="right">'.$rows2['reply'].'</td></tr>'; } ?> </table> <center><form action="Forum.php" method="post"> Title:<br> <input name="title" style="border:1px solid black;" class="tbox" type="text"><br> Content:<br> <textarea name="content" style="border:1px solid black;" class="tbox" cols="50" rows="8"></textarea><br><br> <center><input name="Submit" type="submit" class="tbox" value="Post topic!"></center> </form></center> <br><br> <?php if ($userlevel >= 10) { echo '<center><a href="wipeforum.php"><font color="#FF0000">*<b>Clear Forum</b></font></a></center>'; } ?> <br><br> </td> <TD width="150" valign="top"> <?php include("rightmenu.php");?> </TD> </TR> </table> </center> </body> </html> ?> What is wrong with it? Quote Link to comment Share on other sites More sharing options...
kickstart Posted October 25, 2009 Share Posted October 25, 2009 Hi Cannot see where the variables $userlevel or $mute come from (they might be set up in one of the includes). You have this code:- $query=mysql_query("SELECT * FROM forum_question ORDER by id DESC LIMIT 40"); $result=mysql_query($sql) or die(mysql_error()); $info = mysql_fetch_object($query); The middle line appears to be totally redundant. Similarly with $fetch=mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$ownusername'")); $result=mysql_query($sql) or die(mysql_error()); you haven't set up $sql to contain anything to execute, and also you do not use $fetch haveing executed that sql. Another unnecessary line here executing $sql without setting anything up:- mysql_query("UPDATE forum_question SET new='0' WHERE new='1'"); $result=mysql_query($sql) or die(mysql_error()); Also $content doesn't appear to be initialised. Possibly should be $detail (as you have set $detail = $_POST['content'];). All the best Keith Quote Link to comment Share on other sites More sharing options...
Leveecius Posted October 25, 2009 Author Share Posted October 25, 2009 ok, so my $detail == ($_Post['content']) is right then? You lost me on that one. As far as the middle line being redundant, how so? if it can't get the query, should it not die? I'll fix the $fetch, and I don't see the other unecessary line that didn't set anything up. :S Quote Link to comment Share on other sites More sharing options...
kickstart Posted October 25, 2009 Share Posted October 25, 2009 ok, so my $detail == ($_Post['content']) is right then? You lost me on that one. You are referring to a variable called $content which is never set up. However you put the form field content into the variable $detail. I suspect you either want to put the form field content into a field called $content, or change the lines that refer to $content to refer to $detail. As far as the middle line being redundant, how so? if it can't get the query, should it not die? I'll fix the $fetch, and I don't see the other unecessary line that didn't set anything up. :S OK, lets go through it:- $query=mysql_query("SELECT * FROM forum_question ORDER by id DESC LIMIT 40"); This executes a query, with the SQL that is in the brackets. The result is put into $query. $result=mysql_query($sql) or die(mysql_error()); This is trying to execute a query that is in the brackets (ie, the SQL stored in the variable $sql but which you haven't set up) and put the result into $result. If the query fails it will die and put out the error (and it will fail as you haven't passed it any SQL). It has nothing to do with the previous line. $info = mysql_fetch_object($query); This fetches the next line (in this case the next line is the first one as you hadn't previously retrieved a line) from $query. I suspect what you wanted was:- $query=mysql_query("SELECT * FROM forum_question ORDER by id DESC LIMIT 40") or die(mysql_error()); $info = mysql_fetch_object($query); All the best Keith Quote Link to comment Share on other sites More sharing options...
Leveecius Posted October 25, 2009 Author Share Posted October 25, 2009 ok, I understand the mysql lines, that makes sense completely. now I'm still trying to figure out the content. Right now I have: $topic = $_POST['title']; $detail = $_POST['content']; $topic = strip_tags($topic); $detail = strip_tags($detail); $ownusername=$_SESSION["real_name"]; $time=time(); You're saying I need to have it as: $topic = $_POST['title']; $content = $_POST['content']; $topic = strip_tags($topic); $detail = strip_tags($detail); $ownusername=$_SESSION["real_name"]; $time=time(); ?? Sorry again, I'm getting much better at understanding this, I just am trying to figure out what small errors I've missed. Quote Link to comment Share on other sites More sharing options...
kickstart Posted October 25, 2009 Share Posted October 25, 2009 Hi Close, but you need to also change it a couple of lines down where you strip the tags from it. $topic = $_POST['title']; $content = $_POST['content']; $topic = strip_tags($topic); $content = strip_tags($content); $ownusername=$_SESSION["real_name"]; $time=time(); All the best Keith Quote Link to comment Share on other sites More sharing options...
Leveecius Posted October 25, 2009 Author Share Posted October 25, 2009 ok that makes sense. I am going to try that now. Got this now :S Fatal error: Function name must be a string in /home/klrbal/public_html/Mafia-test/Forum.php on line 111 Quote Link to comment Share on other sites More sharing options...
kickstart Posted October 25, 2009 Share Posted October 25, 2009 Hi What is on line 111? All the best Keith Quote Link to comment Share on other sites More sharing options...
Leveecius Posted October 25, 2009 Author Share Posted October 25, 2009 I'm sorry, I just realized I didn't put up my code lol <?php session_start(); if (!(isset($_SESSION["real_name"]))) { //echo "I'm not logged in"; header('Location: index.php'); } ?> <html> <head> <title>Mafia Syndicate BETA</title> <style type="text/css"> <!-- .style4 {color: #FF0000} .style5 {color: #0000FF} --> </style> </head> <link REL="stylesheet" TYPE="text/css" HREF="main.css"> <script language=javascript src=Menus.js></script> <body background="wallpaper.jpg"> <center> <table border="0" cellspacing="0" cellpadding="0" align="center" width="95%" class="cat"> <TR> <TD width="150" background="tdbg3.jpg" bgcolor="#222222" valign="top"> <?php include("leftmenu.php");?> </TD> <td width="100%" valign="top"> <br> <?php include "includes/db_connect.php"; include "bb.php"; $delete = strip_tags($_GET['delete']); if($delete && $userlevel>=5) { mysql_query("DELETE FROM forum_question WHERE id='$delete'") or die(mysql_error()); } $sticky = strip_tags($_GET['sticky']); if($sticky && $userlevel>=5) { mysql_query("UPDATE forum_question SET sticky = '1', important = '0' WHERE id='$sticky'") or die(mysql_error()); } $unsticky = strip_tags($_GET['unsticky']); if($unsticky && $userlevel>=5) { mysql_query("UPDATE forum_question SET sticky = '0', important = '0' WHERE id='$unsticky'") or die(mysql_error()); } $important = strip_tags($_GET['important']); if($important && $userlevel>=5) { mysql_query("UPDATE forum_question SET sticky = '0', important = '1' WHERE id='$important'") or die(mysql_error()); } $unimportant = strip_tags($_GET['unimportant']); if($unimportant && $userlevel>=5) { mysql_query("UPDATE forum_question SET sticky = '0', important = '0' WHERE id='$unimportant'") or die(mysql_error()); } $lock = strip_tags($_GET['lock']); if($lock && $userlevel>=5) { mysql_query("UPDATE forum_question SET locked='1' WHERE id='$lock'") or die(mysql_error()); } $userlock = strip_tags($_GET['userlock']); if($userlock) { mysql_query("UPDATE forum_question SET locked='1' WHERE id='$lock' AND username='$username'") or die(mysql_error()); } $unlock = strip_tags($_GET['unlock']); if($unlock && $userlevel>=5) { mysql_query("UPDATE forum_question SET locked='0' WHERE id='$unlock'") or die(mysql_error()); } if ($_POST['Submit'] && strip_tags($_POST['title']) && strip_tags($_POST['content'])) { $topic = $_POST['title']; $content = $_POST['content']; $topic = strip_tags($topic); $content = strip_tags($content); $ownusername=$_SESSION["real_name"]; $time=time(); if ($mute == 1) { echo "<font color=red><b>You have been muted!</b></font><br><br>"; } else { $query=mysql_query("SELECT * FROM forum_question ORDER by id DESC LIMIT 40") or die(mysql_error()); $info = mysql_fetch_object($query); $info = mysql_fetch_object($query); if ($info->title == $topic) { echo "There is already a topic with this title!"; } else { $mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$ownusername'")); $result=mysql_query($sql) or die(mysql_error()); $datetime=date("d/m/y h:i:s"); //create date time if ($topic == "") { echo "You must add a title!"; } else { $query=mysql_query("SELECT * FROM forum_question ORDER by id DESC LIMIT 40") or die(mysql_error()); $info = mysql_fetch_object($query); if ($topic !="" && $content !="") { $sql="INSERT INTO forum_question(id, title, content, datetime, username, place, lastreply)VALUES('', 'title', '$content','$datetime', '$username', 'main', '$time')"; $result=mysql_query($sql); } } } } } mysql_query("DELETE FROM forum_question WHERE title=''"); $sql="SELECT * FROM forum_question WHERE sticky='1' AND place='main' ORDER BY lastreply DESC, reply DESC"; $result=mysql_query($sql) or die(mysql_error()); $username=$_SESSION['username']; ?> <table border="1" cellspacing="0" cellpadding="0" bordercolor="black" align="center" width="75%" class="sub2"> <tr> <td class="header" colspan="2" align="center">Main Forum </td> </tr> <?php include "includes/db_connect.php"; $sql3="SELECT * FROM forum_question WHERE important='1' AND place='main' ORDER BY lastreply DESC, reply DESC"; $result3=mysql_query($sql3) or die(mysql_error()); while($rows3=mysql_fetch_array($result3)) { $locked = $rows3['locked']; echo '<tr><td width="92%" border="0" ><font color=red>IMPORTANT:</font><a href="view_topic.php?id='.$rows3['id'].'">'.forumbb($rows3['title']).'</a>'; if ($locked == 1) { echo '<span class="style4">(Locked)</span>'; } echo '</td><td width="8%" align="right">'.$rows3['reply'].'</td></tr>'; } while($rows=mysql_fetch_array($result)) { $locked = $rows['locked']; echo '<tr><td width="92%" border="0" ><span class="style5">STICKY:</span><a href="view_topic.php?id='.$rows['id'].'">'.forumbb($rows['title']).'</a>'; if ($locked == 1) { echo '<span class="style4">(Locked)</span>'; } echo '</td><td width="8%" align="right">'. $rows['reply'].'</td></tr>'; } $sql2="SELECT * FROM forum_question WHERE sticky='0' AND important='0' AND place='main' ORDER BY lastreply DESC, reply DESC LIMIT 30"; $result2=mysql_query($sql2) or die(mysql_error()); while($rows2=mysql_fetch_array($result2)) { $locked = $rows2['locked']; echo '<tr><td width="92%" border="0" ><a href="view_topic.php?id='.$rows2['id'].'">'.htmlentities($rows2['title']).'</a>'; if ($locked == 1) { echo '<span class="style4">(Locked)</span>'; } echo '</td><td width="8%" align="right">'.$rows2['reply'].'</td></tr>'; } ?> </table> <center><form action="Forum.php" method="post"> Title:<br> <input name="title" style="border:1px solid black;" class="tbox" type="text"><br> Content:<br> <textarea name="content" style="border:1px solid black;" class="tbox" cols="50" rows="8"></textarea><br><br> <center><input name="Submit" type="submit" class="tbox" value="Post topic!"></center> </form></center> <br><br> <?php if ($userlevel >= 10) { echo '<center><a href="wipeforum.php"><font color="#FF0000">*<b>Clear Forum</b></font></a></center>'; } ?> <br><br> </td> <TD width="150" valign="top"> <?php include("rightmenu.php");?> </TD> </TR> </table> </center> </body> </html> Quote Link to comment Share on other sites More sharing options...
kickstart Posted October 25, 2009 Share Posted October 25, 2009 Hi You have :- $mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$ownusername'")); Change it back to:- $fetch=mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$ownusername'")); You also do the change to those lines mentioned in this previous post All the best Keith Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.