Jump to content

Unexpected T_Variable issue

TGWSE_GY

By TGWSE_GY
in PHP Coding Help

 Share

Recommended Posts

TGWSE_GY Regular Member

TGWSE_GY

Posted
Posted

So I have been through this code for the past 4.5 hours. PHP Engine sets off a warning of unexpected t_variable when the hostingedit_process.php is ran.

 

Below is the line that it says is causing the problem

$con = mysql_connect($dbserver, $dbuname, $dbpword);

 

here is the whole block of code from the file:

$dbserver = "localhost";
$dbuname = "database";
$dbpword = "password";
$con = mysql_connect($dbserver, $dbuname, $dbpword);
if(!$con){
	die('Could not connect to the database server :' . mysql_error());
}
	//Select Database
	mysql_select_db("vri_inkcontrol", $con);
	//Get idcname
	$q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$cname' AND dname='$dname'";
	$r = mysql_query($q);
	//Put idcname query into an array
	$r_array = mysql_fetch_assoc($r);
	//Store idcname result from previouse query
	$idcname = $r_array['idcname'];
	//trap duplicate records	

	//If the number of rows returned by above query is not greater then we
	if(mysql_num_rows($r) == 0){
		//Insert idcname in `tbl_hosting_cname` since id doesn't exist
		$q = "INSERT INTO `tbl_hosting_cname` SET cname='$cname'";
		mysql_query($q);
		//grab the cname id in `tbl_hosting_cname`
		$q = "SELECT idcname FROM `tbl_hosting_cname WHERE cname='$cname'";
		$r = mysql_query($q);
		//now we must grab the id cname from array
		$q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$cname'";
		$r = mysql_query($q);
		$row = mysql_fetch_assoc($r);
		$idcname = $row['idcname'];

		$r = mysql_query("SELECT * FROM `tbl_hosting_domain` WHERE cname='$idcname' AND dname='$dname'");
		if(mysql_num_rows($r) !== 1){

			$q = "INSERT INTO `tbl_hosting_domain` (idcname, cname, ip, ns1, ns2, ftpaddress, ftpuname,	ftppword, pop, smtp, webmailaddress,	diskspace, bandwidth, nummailboxes, mailboxquota, numdatabases, exp) VALUES ('$idcname', '$dname', '$ip', '$ns1', '$ns2', '$ftpserver', '$ftpuname', '$ftppword', '$pop', '$smtp', '$webmailaddy', '$adiskspace', '$ambw', '$amboxes', '$amboxesquota', '$adbases', '$exp')";
			mysql_query($q);
			$route = "Location: index.php?section=newaddyes";
	}elseif(mysql_num_rows($r) == 1){

		$q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$cname'";
		$r = mysql_query($q);
		$row = mysql_fetch_assoc($r);
		$idcname = $row['idcname'];
		$q = "UPDATE `tbl_hosting_domain` SET (ip = '$ip', ns1 = '$ns1', ns2 = '$ns2', ftpaddress = '$ftpserver', ftpuname = '$ftpuname', ftppword = '$ftppword', pop = '$pop', smtp = '$smtp', webmailaddress = '$webmailaddy', diskspace = '$adiskspace', bandwidth = '$ambw', nummailboxes = '$amboxes', mailboxquota = '$amboxesquota', numdatabases = '$adbases', exp =  '$exp'	WHERE cname='$idcname'";			
		$route = "Location: index.php?section=newaddyes";
	}else{

		$route = "Location: index.php?section=newaddno";	
	}

Link to comment
Share on other sites
TGWSE_GY Regular Member

TGWSE_GY

Posted
  • Author
Posted

ok so I am not missing any ; so I am at a loss. There is nothing in that area of the code block that should be throwing this error out. I have gone through all the code and unless I am missing a comma or ' and not seeing it the code is right.

 

Any ideas?

Link to comment
Share on other sites
Wolphie Member

Wolphie

Posted
Posted

You're missing a tick quote.

 

//grab the cname id in `tbl_hosting_cname`
		$q = "SELECT idcname FROM `tbl_hosting_cname WHERE cname='$cname'";
		$r = mysql_query($q);

 

It should be:

$dbserver = "localhost";
$dbuname = "database";
$dbpword = "password";
$con = mysql_connect($dbserver, $dbuname, $dbpword);
if(!$con){
	die('Could not connect to the database server :' . mysql_error());
}
	//Select Database
	mysql_select_db("vri_inkcontrol", $con);
	//Get idcname
	$q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$cname' AND dname='$dname'";
	$r = mysql_query($q);
	//Put idcname query into an array
	$r_array = mysql_fetch_assoc($r);
	//Store idcname result from previouse query
	$idcname = $r_array['idcname'];
	//trap duplicate records	

	//If the number of rows returned by above query is not greater then we
	if(mysql_num_rows($r) == 0){
		//Insert idcname in `tbl_hosting_cname` since id doesn't exist
		$q = "INSERT INTO `tbl_hosting_cname` SET cname='$cname'";
		mysql_query($q);
		//grab the cname id in `tbl_hosting_cname`
		$q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$cname'";
		$r = mysql_query($q);
		//now we must grab the id cname from array
		$q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$cname'";
		$r = mysql_query($q);
		$row = mysql_fetch_assoc($r);
		$idcname = $row['idcname'];

		$r = mysql_query("SELECT * FROM `tbl_hosting_domain` WHERE cname='$idcname' AND dname='$dname'");
		if(mysql_num_rows($r) !== 1){

			$q = "INSERT INTO `tbl_hosting_domain` (idcname, cname, ip, ns1, ns2, ftpaddress, ftpuname,	ftppword, pop, smtp, webmailaddress,	diskspace, bandwidth, nummailboxes, mailboxquota, numdatabases, exp) VALUES ('$idcname', '$dname', '$ip', '$ns1', '$ns2', '$ftpserver', '$ftpuname', '$ftppword', '$pop', '$smtp', '$webmailaddy', '$adiskspace', '$ambw', '$amboxes', '$amboxesquota', '$adbases', '$exp')";
			mysql_query($q);
			$route = "Location: index.php?section=newaddyes";
	}elseif(mysql_num_rows($r) == 1){

		$q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$cname'";
		$r = mysql_query($q);
		$row = mysql_fetch_assoc($r);
		$idcname = $row['idcname'];
		$q = "UPDATE `tbl_hosting_domain` SET (ip = '$ip', ns1 = '$ns1', ns2 = '$ns2', ftpaddress = '$ftpserver', ftpuname = '$ftpuname', ftppword = '$ftppword', pop = '$pop', smtp = '$smtp', webmailaddress = '$webmailaddy', diskspace = '$adiskspace', bandwidth = '$ambw', nummailboxes = '$amboxes', mailboxquota = '$amboxesquota', numdatabases = '$adbases', exp =  '$exp'	WHERE cname='$idcname'";			
		$route = "Location: index.php?section=newaddyes";
	}else{

		$route = "Location: index.php?section=newaddno";	
	}

 

It's also very bad practice to insert variable values directly into SQL queries. This makes your code extremely vulnerable to injection. You should use http://php.net/manual/en/function.mysql-real-escape-string.php to escape each string to help prevent injection.

 

Also these lines confuse me:

//grab the cname id in `tbl_hosting_cname`
		$q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$cname'";
		$r = mysql_query($q);
		//now we must grab the id cname from array
		$q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$cname'";
		$r = mysql_query($q);

Both queries are the same and you're reassigning the first declaration of the variables with the second query?

Link to comment
Share on other sites
Wolphie Member

Wolphie

Posted
Posted

Just out of curiosity, is there anymore code to this file?

 

Also this line:

$q = "UPDATE `tbl_hosting_domain` SET (ip = '$ip', ns1 = '$ns1', ns2 = '$ns2', ftpaddress = '$ftpserver', ftpuname = '$ftpuname', ftppword = '$ftppword', pop = '$pop', smtp = '$smtp', webmailaddress = '$webmailaddy', diskspace = '$adiskspace', bandwidth = '$ambw', nummailboxes = '$amboxes', mailboxquota = '$amboxesquota', numdatabases = '$adbases', exp =  '$exp'	WHERE cname='$idcname'";

 

Should be:

$q = "UPDATE `tbl_hosting_domain` SET ip = '$ip', ns1 = '$ns1', ns2 = '$ns2', ftpaddress = '$ftpserver', ftpuname = '$ftpuname', ftppword = '$ftppword', pop = '$pop', smtp = '$smtp', webmailaddress = '$webmailaddy', diskspace = '$adiskspace', bandwidth = '$ambw', nummailboxes = '$amboxes', mailboxquota = '$amboxesquota', numdatabases = '$adbases', exp = '$exp' WHERE cname='$idcname'";

Link to comment
Share on other sites
TGWSE_GY Regular Member

TGWSE_GY

Posted
  • Author
Posted

Wolphie: See below for whole file

 

 

<?php
//--
// FormBoss v1.0 PHP Form Process Script - Generated: August 7, 2010
//--
session_start();
$error = 0; $valError = "";
ini_set('display_errors', 1);
error_reporting(E_ALL);

// Form Page Submit Security
$domain_list = explode(',',"");
$ip_limit = 0;

$active = 1;
$active_message = <<<EOT
Sorry, this form is currently disabled.
EOT;

include_once 'security/secure_submit.php';

include_once 'lib/utility.php';

$_SESSION["entry_key"] = isset($_SESSION["entry_key"]) ? $_SESSION["entry_key"] : md5(time() + rand(10000, 1000000));


// cname - text
if(isset($_POST['cname']) && $_POST['cname'] != '') {
$cname = isset($_POST['cname']) ? $_POST['cname'] : '';
$_SESSION['cname'] = $cname;
} else {
$error = '1'; $valError .= 'Company Name : is required.<br/>';
}
if(isset($_SESSION['cname_is'])) { $_SESSION['cname_is'] = 0; }
$cname = isset($_SESSION['cname']) ? $_SESSION['cname'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['cname'] = $cname;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Company Name :'] = $cname;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['cname'] = "Company Name :";

// dname - text
if(isset($_POST['dname']) && $_POST['dname'] != '') {
$dname = isset($_POST['dname']) ? $_POST['dname'] : '';
$_SESSION['dname'] = $dname;
} else {
$error = '1'; $valError .= 'Domain Name : is required.<br/>';
}
if(isset($_SESSION['dname_is'])) { $_SESSION['dname_is'] = 0; }
$dname = isset($_SESSION['dname']) ? $_SESSION['dname'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['dname'] = $dname;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Domain Name :'] = $dname;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['dname'] = "Domain Name :";

// ipaddress - text
if(isset($_POST['ipaddress']) && $_POST['ipaddress'] != '') {
$ipaddress = isset($_POST['ipaddress']) ? $_POST['ipaddress'] : '';
$_SESSION['ipaddress'] = $ipaddress;
} else {
$error = '1'; $valError .= 'IP Address : is required.<br/>';
}
if(isset($_SESSION['ipaddress_is'])) { $_SESSION['ipaddress_is'] = 0; }
$ipaddress = isset($_SESSION['ipaddress']) ? $_SESSION['ipaddress'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['ipaddress'] = $ipaddress;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['IP Address :'] = $ipaddress;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ipaddress'] = "IP Address :";

// ns1 - text
if(isset($_POST['ns1']) && $_POST['ns1'] != '') {
$ns1 = isset($_POST['ns1']) ? $_POST['ns1'] : '';
$_SESSION['ns1'] = $ns1;
} else {
$error = '1'; $valError .= 'Name Server 1 : is required.<br/>';
}
if(isset($_SESSION['ns1_is'])) { $_SESSION['ns1_is'] = 0; }
$ns1 = isset($_SESSION['ns1']) ? $_SESSION['ns1'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['ns1'] = $ns1;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Name Server 1 :'] = $ns1;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ns1'] = "Name Server 1 :";

// ns2 - text
if(isset($_POST['ns2']) && $_POST['ns2'] != '') {
$ns2 = isset($_POST['ns2']) ? $_POST['ns2'] : '';
$_SESSION['ns2'] = $ns2;
} else {
$error = '1'; $valError .= 'Name Server 2 : is required.<br/>';
}
if(isset($_SESSION['ns2_is'])) { $_SESSION['ns2_is'] = 0; }
$ns2 = isset($_SESSION['ns2']) ? $_SESSION['ns2'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['ns2'] = $ns2;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Name Server 2 :'] = $ns2;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ns2'] = "Name Server 2 :";

// ftpserver - text
if(isset($_POST['ftpserver']) && $_POST['ftpserver'] != '') {
$ftpserver = isset($_POST['ftpserver']) ? $_POST['ftpserver'] : '';
$_SESSION['ftpserver'] = $ftpserver;
} else {
$error = '1'; $valError .= 'FTP Server Address : is required.<br/>';
}
if(isset($_SESSION['ftpserver_is'])) { $_SESSION['ftpserver_is'] = 0; }
$ftpserver = isset($_SESSION['ftpserver']) ? $_SESSION['ftpserver'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['ftpserver'] = $ftpserver;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['FTP Server Address :'] = $ftpserver;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ftpserver'] = "FTP Server Address :";

// ftpuname - text
if(isset($_POST['ftpuname']) && $_POST['ftpuname'] != '') {
$ftpuname = isset($_POST['ftpuname']) ? $_POST['ftpuname'] : '';
$_SESSION['ftpuname'] = $ftpuname;
} else {
$error = '1'; $valError .= 'FTP Username : is required.<br/>';
}
if(isset($_SESSION['ftpuname_is'])) { $_SESSION['ftpuname_is'] = 0; }
$ftpuname = isset($_SESSION['ftpuname']) ? $_SESSION['ftpuname'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['ftpuname'] = $ftpuname;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['FTP Username :'] = $ftpuname;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ftpuname'] = "FTP Username :";

// ftppword - text
if(isset($_POST['ftppword']) && $_POST['ftppword'] != '') {
$ftppword = isset($_POST['ftppword']) ? $_POST['ftppword'] : '';
$_SESSION['ftppword'] = $ftppword;
} else {
$error = '1'; $valError .= 'FTP Password : is required.<br/>';
}
if(isset($_SESSION['ftppword_is'])) { $_SESSION['ftppword_is'] = 0; }
$ftppword = isset($_SESSION['ftppword']) ? $_SESSION['ftppword'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['ftppword'] = $ftppword;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['FTP Password :'] = $ftppword;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ftppword'] = "FTP Password :";

// pop - text
if(isset($_POST['pop']) && $_POST['pop'] != '') {
$pop = isset($_POST['pop']) ? $_POST['pop'] : '';
$_SESSION['pop'] = $pop;
} else {
$error = '1'; $valError .= 'POP : is required.<br/>';
}
if(isset($_SESSION['pop_is'])) { $_SESSION['pop_is'] = 0; }
$pop = isset($_SESSION['pop']) ? $_SESSION['pop'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['pop'] = $pop;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['POP :'] = $pop;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['pop'] = "POP :";

// smtp - text
if(isset($_POST['smtp']) && $_POST['smtp'] != '') {
$smtp = isset($_POST['smtp']) ? $_POST['smtp'] : '';
$_SESSION['smtp'] = $smtp;
} else {
$error = '1'; $valError .= 'SMTP : is required.<br/>';
}
if(isset($_SESSION['smtp_is'])) { $_SESSION['smtp_is'] = 0; }
$smtp = isset($_SESSION['smtp']) ? $_SESSION['smtp'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['smtp'] = $smtp;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['SMTP :'] = $smtp;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['smtp'] = "SMTP :";

// webmailaddy - text
if(isset($_POST['webmailaddy']) && $_POST['webmailaddy'] != '') {
$webmailaddy = isset($_POST['webmailaddy']) ? $_POST['webmailaddy'] : '';
$_SESSION['webmailaddy'] = $webmailaddy;
} else {
$error = '1'; $valError .= 'Webmail Address : is required.<br/>';
}
if(isset($_SESSION['webmailaddy_is'])) { $_SESSION['webmailaddy_is'] = 0; }
$webmailaddy = isset($_SESSION['webmailaddy']) ? $_SESSION['webmailaddy'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['webmailaddy'] = $webmailaddy;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Webmail Address :'] = $webmailaddy;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['webmailaddy'] = "Webmail Address :";

// adiskspace - text
if(isset($_POST['adiskspace']) && $_POST['adiskspace'] != '') {
$adiskspace = isset($_POST['adiskspace']) ? $_POST['adiskspace'] : '';
$_SESSION['adiskspace'] = $adiskspace;
} else {
$error = '1'; $valError .= 'Allocated Disk Space : is required.<br/>';
}
if(isset($_SESSION['adiskspace_is'])) { $_SESSION['adiskspace_is'] = 0; }
$adiskspace = isset($_SESSION['adiskspace']) ? $_SESSION['adiskspace'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['adiskspace'] = $adiskspace;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Allocated Disk Space :'] = $adiskspace;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['adiskspace'] = "Allocated Disk Space :";

// ambw - text
if(isset($_POST['ambw']) && $_POST['ambw'] != '') {
$ambw = isset($_POST['ambw']) ? $_POST['ambw'] : '';
$_SESSION['ambw'] = $ambw;
} else {
$error = '1'; $valError .= 'Allocated Monthly Bandwidth : is required.<br/>';
}
if(isset($_SESSION['ambw_is'])) { $_SESSION['ambw_is'] = 0; }
$ambw = isset($_SESSION['ambw']) ? $_SESSION['ambw'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['ambw'] = $ambw;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Allocated Monthly Bandwidth :'] = $ambw;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ambw'] = "Allocated Monthly Bandwidth :";

// amboxes - text
if(isset($_POST['amboxes']) && $_POST['amboxes'] != '') {
$amboxes = isset($_POST['amboxes']) ? $_POST['amboxes'] : '';
$_SESSION['amboxes'] = $amboxes;
} else {
$error = '1'; $valError .= 'Allocated MailBoxes : is required.<br/>';
}
if(isset($_SESSION['amboxes_is'])) { $_SESSION['amboxes_is'] = 0; }
$amboxes = isset($_SESSION['amboxes']) ? $_SESSION['amboxes'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['amboxes'] = $amboxes;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Allocated MailBoxes :'] = $amboxes;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['amboxes'] = "Allocated MailBoxes :";

// amboxquota - text
if(isset($_POST['amboxquota']) && $_POST['amboxquota'] != '') {
$amboxquota = isset($_POST['amboxquota']) ? $_POST['amboxquota'] : '';
$_SESSION['amboxquota'] = $amboxquota;
} else {
$error = '1'; $valError .= 'Allocated MailBox Quoted : is required.<br/>';
}
if(isset($_SESSION['amboxquota_is'])) { $_SESSION['amboxquota_is'] = 0; }
$amboxquota = isset($_SESSION['amboxquota']) ? $_SESSION['amboxquota'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['amboxquota'] = $amboxquota;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Allocated MailBox Quoted :'] = $amboxquota;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['amboxquota'] = "Allocated MailBox Quoted :";

// adbase - text
if(isset($_POST['adbase']) && $_POST['adbase'] != '') {
$adbase = isset($_POST['adbase']) ? $_POST['adbase'] : '';
$_SESSION['adbase'] = $adbase;
} else {
$error = '1'; $valError .= 'Allocated Databases : is required.<br/>';
}
if(isset($_SESSION['adbase_is'])) { $_SESSION['adbase_is'] = 0; }
$adbase = isset($_SESSION['adbase']) ? $_SESSION['adbase'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['adbase'] = $adbase;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Allocated Databases :'] = $adbase;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['adbase'] = "Allocated Databases :";

// exp - text
if(isset($_POST['exp']) && $_POST['exp'] != '') {
$exp = isset($_POST['exp']) ? $_POST['exp'] : '';
$_SESSION['exp'] = $exp;
} else {
$error = '1'; $valError .= 'Expires On : is required.<br/>';
}
if(isset($_SESSION['exp_is'])) { $_SESSION['exp_is'] = 0; }
$exp = isset($_SESSION['exp']) ? $_SESSION['exp'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['exp'] = $exp;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Expires On :'] = $exp;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['exp'] = "Expires On :";

if($error){
if(isset($_SESSION['pages'][''])) { unset($_SESSION['pages']['']); } 
$_SESSION["e_message"] = $valError;
header("Location: {$_SESSION['MAX_PATH_PROC']}hostingedit.php");
return;
} else {
$_SESSION['pages'][''] = 'pass';
}

$dbserver = "localhost";
$dbuname = "vri_dev";
$dbpword = "*******";
$con = mysql_connect($dbserver, $dbuname, $dbpword);
if(!$con){
	die('Could not connect to the database server :' . mysql_error());
}
	//Select Database
	mysql_select_db("vri_inkcontrol", $con);
	//Get idcname
	$q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$cname' AND dname='$dname'";
	$r = mysql_query($q);
	//Put idcname query into an array
	$r_array = mysql_fetch_assoc($r);
	//Store idcname result from previouse query
	$idcname = $r_array['idcname'];
	//trap duplicate records	

	//If the number of rows returned by above query is not greater then we
	if(mysql_num_rows($r) == 0){
		//Insert idcname in `tbl_hosting_cname` since id doesn't exist
		$q = "INSERT INTO `tbl_hosting_cname` SET cname='$cname'";
		mysql_query($q);
		//grab the cname id in `tbl_hosting_cname`
		$q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$cname'";
		$r = mysql_query($q);
		//now we must grab the id cname from array
		$q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$cname'";
		$r = mysql_query($q);
		$row = mysql_fetch_assoc($r);
		$idcname = $row['idcname'];

		$r = mysql_query("SELECT * FROM `tbl_hosting_domain` WHERE cname='$idcname' AND dname='$dname'");
		if(mysql_num_rows($r) !== 1){

			$q = "INSERT INTO `tbl_hosting_domain` (idcname, cname, ip, ns1, ns2, ftpaddress, ftpuname,	ftppword, pop, smtp, webmailaddress,	diskspace, bandwidth, nummailboxes, mailboxquota, numdatabases, exp) VALUES ('$idcname', '$dname', '$ip', '$ns1', '$ns2', '$ftpserver', '$ftpuname', '$ftppword', '$pop', '$smtp', '$webmailaddy', '$adiskspace', '$ambw', '$amboxes', '$amboxesquota', '$adbases', '$exp')";
			mysql_query($q);
			$route = "Location: index.php?section=newaddyes";
	}elseif(mysql_num_rows($r) == 1){

		$q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$cname'";
		$r = mysql_query($q);
		$row = mysql_fetch_assoc($r);
		$idcname = $row['idcname'];
		$q = "UPDATE `tbl_hosting_domain` SET (ip = '$ip', ns1 = '$ns1', ns2 = '$ns2', ftpaddress = '$ftpserver', ftpuname = '$ftpuname', ftppword = '$ftppword', pop = '$pop', smtp = '$smtp', webmailaddress = '$webmailaddy', diskspace = '$adiskspace', bandwidth = '$ambw', nummailboxes = '$amboxes', mailboxquota = '$amboxesquota', numdatabases = '$adbases', exp =  '$exp'	WHERE cname='$idcname'";			
		$route = "Location: index.php?section=newaddyes";
	}else{

		$route = "Location: index.php?section=newaddno";	
	}


// default action
header("Location: {$_SESSION['MAX_PATH_PROC']}");
return;
}
?>

 

thanks again.

Link to comment
Share on other sites
TGWSE_GY Regular Member

TGWSE_GY

Posted
  • Author
Posted

Wolphie: actually I am using a function it is calling secure_submit.php to validate the form for in-proper entries. Also removing them is not fixing the problem.

 

ProjectFear: the code above connecting to mysql is not my code as it belongs to the developer that designed this system/site and now I am having to go through and fix his coding short comings.

 

Thanks

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.