Jump to content

Archived

This topic is now archived and is closed to further replies.

hostfreak

Problem, but no clue as of why

Recommended Posts

Recently my host upgraded their php version to 4.4 . It caused some minor incompatibilities with my code, no problem I was able to get those fixed. Well now I have come across a problem that I have no clue how to fix. I have a database that has several fields and a primary key of employee_num. The database has these fields (more, but these are the relevant ones):
employee_num | firstname | lastname | cdl_exp | hiredate | userlevel

cdl_exp and hiredate are "date" fields all of which have a default value of 0000-00-00 (cannot change that). I can enter all my required information finely (all fields, including the date fields). However on my edit page I can edit all the fields successfully except the date fields. I explode the dates to make it easier to edit them via dropdown.

When I update a certain employee, it defaults all the date fields to 0000-00-00 for that specific employee I am editing. Here is the code for the edit page (e.g: http://www.domain.com/employee.php?view=dot&page=employees/dot/employee_file&employee_num=1):

[code]
<?php
if($session->logged_in){

if (isset($_POST['submit'])) {
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$hiredate = $_POST['hiredate'];
$cdl_exp = $_POST['cdl_exp'];

$query = "UPDATE users SET firstname = '$firstname', lastname = '$lastname', hiredate = '$hiredateY-$hiredatem-$hiredated', cdl_exp = '$cdl_expY-$cdl_expm-$cdl_expd' WHERE employee_num = '$employee_num' AND userlevel = '1'";

$result = mysql_query($query);
echo "The Employee File for $firstname $lastname Has Been Updated!<br>";
}
?>

<b><u>Employee File</u></b><br><br>

<table id="addtable">

<?php
$sql = mysql_query("SELECT * FROM users WHERE employee_num='$employee_num' AND userlevel='1'"); 
while ($row = mysql_fetch_array($sql)) {
$firstname = $row["firstname"];
$lastname = $row["lastname"];

$array = explode('-', $row['hiredate']);
$hiredateY = $array[0];
$hiredatem = $array[1];
$hiredated = $array[2];

$array = explode('-', $row['cdl_exp']);
$cdl_expY = $array[0];
$cdl_expm = $array[1];
$cdl_expd = $array[2];
}
?>

<?php
if ($session->isAdmin()) {
?>

<form name='updateequipment' method='post' action="<?php echo $_SERVER['PHP_SELF']; ?>?view=dot&page=employees/dot/employee_file">
<input type='hidden' name='employee_num' value='<?php echo "$employee_num"; ?>'>

<tr>
<td id="addtableleftcolumn">First Name:</td>
<td id="addtablerightcolumn">&nbsp;<input type='text' name='firstname' value='<?php echo "$firstname"; ?>' id="addbasicinput"></td>
</tr>

<tr>
<td id="addtableleftcolumn">Last Name:</td>
<td id="addtablerightcolumn">&nbsp;<input type='text' name='lastname' value='<?php echo "$lastname"; ?>' id="addbasicinput"></td>
</tr>

<tr>
<td id="addtableleftcolumn">Date Of Hire:</td>
<td id="addtablerightcolumn">
&nbsp;<select name="hiredatem" id="addbasicselect">
<option value="<?php echo "$hiredatem"; ?>"><?php echo "$hiredatem"; ?></option>
<option value="01">01</option>
<option value="02">02</option>
<option value="03">03</option>
<option value="04">04</option>
<option value="05">05</option>
<option value="06">06</option>
<option value="07">07</option>
<option value="08">08</option>
<option value="09">09</option>
<option value="10">10</option>
<option value="11">11</option>
<option value="12">12</option>
</select>

<select name="hiredated" id="addbasicselect">
<option value="<?php echo "$hiredated"; ?>"><?php echo "$hiredated"; ?></option>
<option value="01">01</option>
<option value="02">02</option>
<option value="03">03</option>
<option value="04">04</option>
<option value="05">05</option>
<option value="06">06</option>
<option value="07">07</option>
<option value="08">08</option>
<option value="09">09</option>
<option value="10">10</option>
<option value="11">11</option>
<option value="12">12</option>
<option value="13">13</option>
<option value="14">14</option>
<option value="15">15</option>
<option value="16">16</option>
<option value="17">17</option>
<option value="18">18</option>
<option value="19">19</option>
<option value="20">20</option>
<option value="21">21</option>
<option value="22">22</option>
<option value=23"">23</option>
<option value="24">24</option>
<option value="25">25</option>
<option value="26">26</option>
<option value="27">27</option>
<option value="28">28</option>
<option value="29">29</option>
<option value="30">30</option>
<option value="31">31</option>
</select>

<input type="text" name="hiredateY" value="<?php echo "$hiredateY"; ?>" id="addyearinput"> m-d-y
</td>
</tr>

<tr>
<td id="addtableleftcolumn"><font color="#000000">CDL Expiration Date:</font></td>
<td id="addtablerightcolumn">
&nbsp;<select name="cdl_expm" id="addbasicselect">
<option value="<?php echo "$cdl_expm"; ?>"><?php echo "$cdl_expm"; ?></option>
<option value="01">01</option>
<option value="02">02</option>
<option value="03">03</option>
<option value="04">04</option>
<option value="05">05</option>
<option value="06">06</option>
<option value="07">07</option>
<option value="08">08</option>
<option value="09">09</option>
<option value="10">10</option>
<option value="11">11</option>
<option value="12">12</option>
</select>

<select name="cdl_expd" id="addbasicselect">
<option value="<?php echo "$cdl_expd"; ?>"><?php echo "$cdl_expd"; ?></option>
<option value="01">01</option>
<option value="02">02</option>
<option value="03">03</option>
<option value="04">04</option>
<option value="05">05</option>
<option value="06">06</option>
<option value="07">07</option>
<option value="08">08</option>
<option value="09">09</option>
<option value="10">10</option>
<option value="11">11</option>
<option value="12">12</option>
<option value="13">13</option>
<option value="14">14</option>
<option value="15">15</option>
<option value="16">16</option>
<option value="17">17</option>
<option value="18">18</option>
<option value="19">19</option>
<option value="20">20</option>
<option value="21">21</option>
<option value="22">22</option>
<option value=23"">23</option>
<option value="24">24</option>
<option value="25">25</option>
<option value="26">26</option>
<option value="27">27</option>
<option value="28">28</option>
<option value="29">29</option>
<option value="30">30</option>
<option value="31">31</option>
</select>

<input type="text" name="cdl_expY" value="<?php echo "$cdl_expY"; ?>" id="addyearinput"> m-d-y
</td>
</tr>

</table>
<input name='submit' type='submit' value='Update Employee' id="addbasicselect">
</form>

<?php
}
} else {
$ip = $_SERVER['REMOTE_ADDR'];
echo "You are not authorized to view this page! An email has been dispatched to the administrators to inform them of your whereabouts!<br>
Your IP address: <b>$ip</b> , has been recorded and will be reported to the law if this happens again!";
}
?>
[/code]

Now you may be thinking there is a lot of information not called, but that page is included from another page that does call the information. Here is the code for the page that the edit page is included from (http://www.domain.com/employee.php):

[code]
<?php
include("include/session.php");

if ($session->logged_in) {

include("include/constants.inc");

$connection = mysql_connect("$server","$user","$password"); 
$db = mysql_select_db("$database", $connection);   

$sql = mysql_query("SELECT * FROM settings"); 
while ($row = mysql_fetch_array($sql)) {
$title = $row["title"];
$adminemail = $row["adminemail"];
}

$view = mysql_real_escape_string($_GET['view']);
$employee_num = mysql_real_escape_string($_GET['employee_num']);
?>

<html>
<head>
<title><?php echo "$title"; ?></title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<style type="text/css" media="screen" name="style">
        @import "style.css";
        @import "style2.css";
</style>
<style type="text/css" media="print" name="style">
        @import "print.css";
</style>
</head>
<body>

<div id="top">
<div id="logo">
Name
</div>

<div id="slogan">
Employee / Equipment Management
</div>
</div>

<?php require_once("employees/links.php"); ?>

<div id="page" align="center">
<?php
if ($session->isAdmin()){
$pathToMainPage = "stats.php";
}
if (($session->isSecretary()) || ($session->isManager())){
$pathToMainPage = "message.php";
}
$pathTo404Page = "404.php";
if(isset($_GET['page']))
{
$pathToIncludePage = $_GET['page'].=".php";
if(file_exists($pathToIncludePage)) {
include $pathToIncludePage;
}
else {
include $pathTo404Page;
}
}
else {
include $pathToMainPage;
}
?>
</div>

</body>
</html>

<?php
}
else {
$ip = $_SERVER['REMOTE_ADDR'];
echo "You are not authorized to view this page! An email has been dispatched to the administrators to inform them of your whereabouts!<br>
Your IP address: <b>$ip</b> , has been recorded and will be reported to the law if this happens again!";
}
?>
[/code]

So the problem is, that it is changing the date fields to 0000-00-00 for the specific employee being edited. It worked before they upgraded to php 4.4

Share this post


Link to post
Share on other sites
Sorry to bump this, but it is kind of urgent. I've still been trying to find out the problem, no luck yet.

Share this post


Link to post
Share on other sites
Where are these variables defined? [tt]$hiredateY-$hiredatem-$hiredated[/tt]. I only see[tt] $hiredate = $_POST['hiredate'];[/tt] being used to get the date information from[tt] $_POST[/tt].

Share this post


Link to post
Share on other sites
They are exploded into the arrays:

[code]
$array = explode('-', $row['hiredate']);
$hiredateY = $array[0];
$hiredatem = $array[1];
$hiredated = $array[2];

$array = explode('-', $row['cdl_exp']);
$cdl_expY = $array[0];
$cdl_expm = $array[1];
$cdl_expd = $array[2];
[/code]

I explode them for the dropdowns, then when I enter them into the database I combine them again.

Share this post


Link to post
Share on other sites
Yes, but they are not exploded during the $_POST/UPDATE section of your code.
[tt]
if (isset($_POST['submit'])) {
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
[b]$hiredate = $_POST['hiredate'];[/b]
$cdl_exp = $_POST['cdl_exp'];

$query = "UPDATE users SET firstname = '$firstname', lastname = '$lastname', hiredate = '[b]$hiredateY-$hiredatem-$hiredated[/b]', cdl_exp = '$cdl_expY-$cdl_expm-$cdl_expd' WHERE employee_num = '$employee_num' AND userlevel = '1'";
[/tt]

I'm guessing your upgrade included a[tt] register_globals = Off[/tt].

Share this post


Link to post
Share on other sites
Oh, right you were. Thanks. Although it works, I am a little confused. I am using the same code on another host with php version 4.2 and it works. I guess it would have something to do with the update to version 4.4. I think I recall someone saying it has something to do with register_globals?

Share this post


Link to post
Share on other sites
[url=http://us3.php.net/manual/en/security.globals.php]Register Globals[/url].

Share this post


Link to post
Share on other sites
Ah, it is all clear now. I feel like a uber noob. Thanks effigy. (oh and just now seen you said something about register_globals in your previous response, sorry I missed it)

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.