Jump to content

Unexpected T_Variable issue

TGWSE_GY

By TGWSE_GY
in PHP Coding Help

Recommended Posts

TGWSE_GY Regular Member

TGWSE_GY

Posted
Posted

So I have been through this code for the past 4.5 hours. PHP Engine sets off a warning of unexpected t_variable when the hostingedit_process.php is ran.

 

Below is the line that it says is causing the problem

$con = mysql_connect($dbserver, $dbuname, $dbpword);

 

here is the whole block of code from the file:

$dbserver = "localhost";
$dbuname = "database";
$dbpword = "password";
$con = mysql_connect($dbserver, $dbuname, $dbpword);
if(!$con){
	die('Could not connect to the database server :' . mysql_error());
}
	//Select Database
	mysql_select_db("vri_inkcontrol", $con);
	//Get idcname
	$q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$cname' AND dname='$dname'";
	$r = mysql_query($q);
	//Put idcname query into an array
	$r_array = mysql_fetch_assoc($r);
	//Store idcname result from previouse query
	$idcname = $r_array['idcname'];
	//trap duplicate records	

	//If the number of rows returned by above query is not greater then we
	if(mysql_num_rows($r) == 0){
		//Insert idcname in `tbl_hosting_cname` since id doesn't exist
		$q = "INSERT INTO `tbl_hosting_cname` SET cname='$cname'";
		mysql_query($q);
		//grab the cname id in `tbl_hosting_cname`
		$q = "SELECT idcname FROM `tbl_hosting_cname WHERE cname='$cname'";
		$r = mysql_query($q);
		//now we must grab the id cname from array
		$q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$cname'";
		$r = mysql_query($q);
		$row = mysql_fetch_assoc($r);
		$idcname = $row['idcname'];

		$r = mysql_query("SELECT * FROM `tbl_hosting_domain` WHERE cname='$idcname' AND dname='$dname'");
		if(mysql_num_rows($r) !== 1){

			$q = "INSERT INTO `tbl_hosting_domain` (idcname, cname, ip, ns1, ns2, ftpaddress, ftpuname,	ftppword, pop, smtp, webmailaddress,	diskspace, bandwidth, nummailboxes, mailboxquota, numdatabases, exp) VALUES ('$idcname', '$dname', '$ip', '$ns1', '$ns2', '$ftpserver', '$ftpuname', '$ftppword', '$pop', '$smtp', '$webmailaddy', '$adiskspace', '$ambw', '$amboxes', '$amboxesquota', '$adbases', '$exp')";
			mysql_query($q);
			$route = "Location: index.php?section=newaddyes";
	}elseif(mysql_num_rows($r) == 1){

		$q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$cname'";
		$r = mysql_query($q);
		$row = mysql_fetch_assoc($r);
		$idcname = $row['idcname'];
		$q = "UPDATE `tbl_hosting_domain` SET (ip = '$ip', ns1 = '$ns1', ns2 = '$ns2', ftpaddress = '$ftpserver', ftpuname = '$ftpuname', ftppword = '$ftppword', pop = '$pop', smtp = '$smtp', webmailaddress = '$webmailaddy', diskspace = '$adiskspace', bandwidth = '$ambw', nummailboxes = '$amboxes', mailboxquota = '$amboxesquota', numdatabases = '$adbases', exp =  '$exp'	WHERE cname='$idcname'";			
		$route = "Location: index.php?section=newaddyes";
	}else{

		$route = "Location: index.php?section=newaddno";	
	}

Link to comment
https://forums.phpfreaks.com/topic/210312-unexpected-t_variable-issue/
Share on other sites
Wolphie Member

Wolphie

Posted
Posted

You're missing a tick quote.

 

//grab the cname id in `tbl_hosting_cname`
		$q = "SELECT idcname FROM `tbl_hosting_cname WHERE cname='$cname'";
		$r = mysql_query($q);

 

It should be:

$dbserver = "localhost";
$dbuname = "database";
$dbpword = "password";
$con = mysql_connect($dbserver, $dbuname, $dbpword);
if(!$con){
	die('Could not connect to the database server :' . mysql_error());
}
	//Select Database
	mysql_select_db("vri_inkcontrol", $con);
	//Get idcname
	$q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$cname' AND dname='$dname'";
	$r = mysql_query($q);
	//Put idcname query into an array
	$r_array = mysql_fetch_assoc($r);
	//Store idcname result from previouse query
	$idcname = $r_array['idcname'];
	//trap duplicate records	

	//If the number of rows returned by above query is not greater then we
	if(mysql_num_rows($r) == 0){
		//Insert idcname in `tbl_hosting_cname` since id doesn't exist
		$q = "INSERT INTO `tbl_hosting_cname` SET cname='$cname'";
		mysql_query($q);
		//grab the cname id in `tbl_hosting_cname`
		$q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$cname'";
		$r = mysql_query($q);
		//now we must grab the id cname from array
		$q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$cname'";
		$r = mysql_query($q);
		$row = mysql_fetch_assoc($r);
		$idcname = $row['idcname'];

		$r = mysql_query("SELECT * FROM `tbl_hosting_domain` WHERE cname='$idcname' AND dname='$dname'");
		if(mysql_num_rows($r) !== 1){

			$q = "INSERT INTO `tbl_hosting_domain` (idcname, cname, ip, ns1, ns2, ftpaddress, ftpuname,	ftppword, pop, smtp, webmailaddress,	diskspace, bandwidth, nummailboxes, mailboxquota, numdatabases, exp) VALUES ('$idcname', '$dname', '$ip', '$ns1', '$ns2', '$ftpserver', '$ftpuname', '$ftppword', '$pop', '$smtp', '$webmailaddy', '$adiskspace', '$ambw', '$amboxes', '$amboxesquota', '$adbases', '$exp')";
			mysql_query($q);
			$route = "Location: index.php?section=newaddyes";
	}elseif(mysql_num_rows($r) == 1){

		$q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$cname'";
		$r = mysql_query($q);
		$row = mysql_fetch_assoc($r);
		$idcname = $row['idcname'];
		$q = "UPDATE `tbl_hosting_domain` SET (ip = '$ip', ns1 = '$ns1', ns2 = '$ns2', ftpaddress = '$ftpserver', ftpuname = '$ftpuname', ftppword = '$ftppword', pop = '$pop', smtp = '$smtp', webmailaddress = '$webmailaddy', diskspace = '$adiskspace', bandwidth = '$ambw', nummailboxes = '$amboxes', mailboxquota = '$amboxesquota', numdatabases = '$adbases', exp =  '$exp'	WHERE cname='$idcname'";			
		$route = "Location: index.php?section=newaddyes";
	}else{

		$route = "Location: index.php?section=newaddno";	
	}

 

It's also very bad practice to insert variable values directly into SQL queries. This makes your code extremely vulnerable to injection. You should use http://php.net/manual/en/function.mysql-real-escape-string.php to escape each string to help prevent injection.

 

Also these lines confuse me:

//grab the cname id in `tbl_hosting_cname`
		$q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$cname'";
		$r = mysql_query($q);
		//now we must grab the id cname from array
		$q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$cname'";
		$r = mysql_query($q);

Both queries are the same and you're reassigning the first declaration of the variables with the second query?

Wolphie Member

Wolphie

Posted
Posted

Just out of curiosity, is there anymore code to this file?

 

Also this line:

$q = "UPDATE `tbl_hosting_domain` SET (ip = '$ip', ns1 = '$ns1', ns2 = '$ns2', ftpaddress = '$ftpserver', ftpuname = '$ftpuname', ftppword = '$ftppword', pop = '$pop', smtp = '$smtp', webmailaddress = '$webmailaddy', diskspace = '$adiskspace', bandwidth = '$ambw', nummailboxes = '$amboxes', mailboxquota = '$amboxesquota', numdatabases = '$adbases', exp =  '$exp'	WHERE cname='$idcname'";

 

Should be:

$q = "UPDATE `tbl_hosting_domain` SET ip = '$ip', ns1 = '$ns1', ns2 = '$ns2', ftpaddress = '$ftpserver', ftpuname = '$ftpuname', ftppword = '$ftppword', pop = '$pop', smtp = '$smtp', webmailaddress = '$webmailaddy', diskspace = '$adiskspace', bandwidth = '$ambw', nummailboxes = '$amboxes', mailboxquota = '$amboxesquota', numdatabases = '$adbases', exp = '$exp' WHERE cname='$idcname'";

TGWSE_GY Regular Member

TGWSE_GY

Posted
  • Author
Posted

Wolphie: See below for whole file

 

 

<?php
//--
// FormBoss v1.0 PHP Form Process Script - Generated: August 7, 2010
//--
session_start();
$error = 0; $valError = "";
ini_set('display_errors', 1);
error_reporting(E_ALL);

// Form Page Submit Security
$domain_list = explode(',',"");
$ip_limit = 0;

$active = 1;
$active_message = <<<EOT
Sorry, this form is currently disabled.
EOT;

include_once 'security/secure_submit.php';

include_once 'lib/utility.php';

$_SESSION["entry_key"] = isset($_SESSION["entry_key"]) ? $_SESSION["entry_key"] : md5(time() + rand(10000, 1000000));


// cname - text
if(isset($_POST['cname']) && $_POST['cname'] != '') {
$cname = isset($_POST['cname']) ? $_POST['cname'] : '';
$_SESSION['cname'] = $cname;
} else {
$error = '1'; $valError .= 'Company Name : is required.<br/>';
}
if(isset($_SESSION['cname_is'])) { $_SESSION['cname_is'] = 0; }
$cname = isset($_SESSION['cname']) ? $_SESSION['cname'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['cname'] = $cname;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Company Name :'] = $cname;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['cname'] = "Company Name :";

// dname - text
if(isset($_POST['dname']) && $_POST['dname'] != '') {
$dname = isset($_POST['dname']) ? $_POST['dname'] : '';
$_SESSION['dname'] = $dname;
} else {
$error = '1'; $valError .= 'Domain Name : is required.<br/>';
}
if(isset($_SESSION['dname_is'])) { $_SESSION['dname_is'] = 0; }
$dname = isset($_SESSION['dname']) ? $_SESSION['dname'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['dname'] = $dname;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Domain Name :'] = $dname;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['dname'] = "Domain Name :";

// ipaddress - text
if(isset($_POST['ipaddress']) && $_POST['ipaddress'] != '') {
$ipaddress = isset($_POST['ipaddress']) ? $_POST['ipaddress'] : '';
$_SESSION['ipaddress'] = $ipaddress;
} else {
$error = '1'; $valError .= 'IP Address : is required.<br/>';
}
if(isset($_SESSION['ipaddress_is'])) { $_SESSION['ipaddress_is'] = 0; }
$ipaddress = isset($_SESSION['ipaddress']) ? $_SESSION['ipaddress'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['ipaddress'] = $ipaddress;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['IP Address :'] = $ipaddress;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ipaddress'] = "IP Address :";

// ns1 - text
if(isset($_POST['ns1']) && $_POST['ns1'] != '') {
$ns1 = isset($_POST['ns1']) ? $_POST['ns1'] : '';
$_SESSION['ns1'] = $ns1;
} else {
$error = '1'; $valError .= 'Name Server 1 : is required.<br/>';
}
if(isset($_SESSION['ns1_is'])) { $_SESSION['ns1_is'] = 0; }
$ns1 = isset($_SESSION['ns1']) ? $_SESSION['ns1'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['ns1'] = $ns1;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Name Server 1 :'] = $ns1;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ns1'] = "Name Server 1 :";

// ns2 - text
if(isset($_POST['ns2']) && $_POST['ns2'] != '') {
$ns2 = isset($_POST['ns2']) ? $_POST['ns2'] : '';
$_SESSION['ns2'] = $ns2;
} else {
$error = '1'; $valError .= 'Name Server 2 : is required.<br/>';
}
if(isset($_SESSION['ns2_is'])) { $_SESSION['ns2_is'] = 0; }
$ns2 = isset($_SESSION['ns2']) ? $_SESSION['ns2'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['ns2'] = $ns2;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Name Server 2 :'] = $ns2;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ns2'] = "Name Server 2 :";

// ftpserver - text
if(isset($_POST['ftpserver']) && $_POST['ftpserver'] != '') {
$ftpserver = isset($_POST['ftpserver']) ? $_POST['ftpserver'] : '';
$_SESSION['ftpserver'] = $ftpserver;
} else {
$error = '1'; $valError .= 'FTP Server Address : is required.<br/>';
}
if(isset($_SESSION['ftpserver_is'])) { $_SESSION['ftpserver_is'] = 0; }
$ftpserver = isset($_SESSION['ftpserver']) ? $_SESSION['ftpserver'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['ftpserver'] = $ftpserver;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['FTP Server Address :'] = $ftpserver;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ftpserver'] = "FTP Server Address :";

// ftpuname - text
if(isset($_POST['ftpuname']) && $_POST['ftpuname'] != '') {
$ftpuname = isset($_POST['ftpuname']) ? $_POST['ftpuname'] : '';
$_SESSION['ftpuname'] = $ftpuname;
} else {
$error = '1'; $valError .= 'FTP Username : is required.<br/>';
}
if(isset($_SESSION['ftpuname_is'])) { $_SESSION['ftpuname_is'] = 0; }
$ftpuname = isset($_SESSION['ftpuname']) ? $_SESSION['ftpuname'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['ftpuname'] = $ftpuname;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['FTP Username :'] = $ftpuname;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ftpuname'] = "FTP Username :";

// ftppword - text
if(isset($_POST['ftppword']) && $_POST['ftppword'] != '') {
$ftppword = isset($_POST['ftppword']) ? $_POST['ftppword'] : '';
$_SESSION['ftppword'] = $ftppword;
} else {
$error = '1'; $valError .= 'FTP Password : is required.<br/>';
}
if(isset($_SESSION['ftppword_is'])) { $_SESSION['ftppword_is'] = 0; }
$ftppword = isset($_SESSION['ftppword']) ? $_SESSION['ftppword'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['ftppword'] = $ftppword;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['FTP Password :'] = $ftppword;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ftppword'] = "FTP Password :";

// pop - text
if(isset($_POST['pop']) && $_POST['pop'] != '') {
$pop = isset($_POST['pop']) ? $_POST['pop'] : '';
$_SESSION['pop'] = $pop;
} else {
$error = '1'; $valError .= 'POP : is required.<br/>';
}
if(isset($_SESSION['pop_is'])) { $_SESSION['pop_is'] = 0; }
$pop = isset($_SESSION['pop']) ? $_SESSION['pop'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['pop'] = $pop;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['POP :'] = $pop;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['pop'] = "POP :";

// smtp - text
if(isset($_POST['smtp']) && $_POST['smtp'] != '') {
$smtp = isset($_POST['smtp']) ? $_POST['smtp'] : '';
$_SESSION['smtp'] = $smtp;
} else {
$error = '1'; $valError .= 'SMTP : is required.<br/>';
}
if(isset($_SESSION['smtp_is'])) { $_SESSION['smtp_is'] = 0; }
$smtp = isset($_SESSION['smtp']) ? $_SESSION['smtp'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['smtp'] = $smtp;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['SMTP :'] = $smtp;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['smtp'] = "SMTP :";

// webmailaddy - text
if(isset($_POST['webmailaddy']) && $_POST['webmailaddy'] != '') {
$webmailaddy = isset($_POST['webmailaddy']) ? $_POST['webmailaddy'] : '';
$_SESSION['webmailaddy'] = $webmailaddy;
} else {
$error = '1'; $valError .= 'Webmail Address : is required.<br/>';
}
if(isset($_SESSION['webmailaddy_is'])) { $_SESSION['webmailaddy_is'] = 0; }
$webmailaddy = isset($_SESSION['webmailaddy']) ? $_SESSION['webmailaddy'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['webmailaddy'] = $webmailaddy;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Webmail Address :'] = $webmailaddy;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['webmailaddy'] = "Webmail Address :";

// adiskspace - text
if(isset($_POST['adiskspace']) && $_POST['adiskspace'] != '') {
$adiskspace = isset($_POST['adiskspace']) ? $_POST['adiskspace'] : '';
$_SESSION['adiskspace'] = $adiskspace;
} else {
$error = '1'; $valError .= 'Allocated Disk Space : is required.<br/>';
}
if(isset($_SESSION['adiskspace_is'])) { $_SESSION['adiskspace_is'] = 0; }
$adiskspace = isset($_SESSION['adiskspace']) ? $_SESSION['adiskspace'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['adiskspace'] = $adiskspace;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Allocated Disk Space :'] = $adiskspace;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['adiskspace'] = "Allocated Disk Space :";

// ambw - text
if(isset($_POST['ambw']) && $_POST['ambw'] != '') {
$ambw = isset($_POST['ambw']) ? $_POST['ambw'] : '';
$_SESSION['ambw'] = $ambw;
} else {
$error = '1'; $valError .= 'Allocated Monthly Bandwidth : is required.<br/>';
}
if(isset($_SESSION['ambw_is'])) { $_SESSION['ambw_is'] = 0; }
$ambw = isset($_SESSION['ambw']) ? $_SESSION['ambw'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['ambw'] = $ambw;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Allocated Monthly Bandwidth :'] = $ambw;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ambw'] = "Allocated Monthly Bandwidth :";

// amboxes - text
if(isset($_POST['amboxes']) && $_POST['amboxes'] != '') {
$amboxes = isset($_POST['amboxes']) ? $_POST['amboxes'] : '';
$_SESSION['amboxes'] = $amboxes;
} else {
$error = '1'; $valError .= 'Allocated MailBoxes : is required.<br/>';
}
if(isset($_SESSION['amboxes_is'])) { $_SESSION['amboxes_is'] = 0; }
$amboxes = isset($_SESSION['amboxes']) ? $_SESSION['amboxes'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['amboxes'] = $amboxes;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Allocated MailBoxes :'] = $amboxes;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['amboxes'] = "Allocated MailBoxes :";

// amboxquota - text
if(isset($_POST['amboxquota']) && $_POST['amboxquota'] != '') {
$amboxquota = isset($_POST['amboxquota']) ? $_POST['amboxquota'] : '';
$_SESSION['amboxquota'] = $amboxquota;
} else {
$error = '1'; $valError .= 'Allocated MailBox Quoted : is required.<br/>';
}
if(isset($_SESSION['amboxquota_is'])) { $_SESSION['amboxquota_is'] = 0; }
$amboxquota = isset($_SESSION['amboxquota']) ? $_SESSION['amboxquota'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['amboxquota'] = $amboxquota;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Allocated MailBox Quoted :'] = $amboxquota;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['amboxquota'] = "Allocated MailBox Quoted :";

// adbase - text
if(isset($_POST['adbase']) && $_POST['adbase'] != '') {
$adbase = isset($_POST['adbase']) ? $_POST['adbase'] : '';
$_SESSION['adbase'] = $adbase;
} else {
$error = '1'; $valError .= 'Allocated Databases : is required.<br/>';
}
if(isset($_SESSION['adbase_is'])) { $_SESSION['adbase_is'] = 0; }
$adbase = isset($_SESSION['adbase']) ? $_SESSION['adbase'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['adbase'] = $adbase;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Allocated Databases :'] = $adbase;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['adbase'] = "Allocated Databases :";

// exp - text
if(isset($_POST['exp']) && $_POST['exp'] != '') {
$exp = isset($_POST['exp']) ? $_POST['exp'] : '';
$_SESSION['exp'] = $exp;
} else {
$error = '1'; $valError .= 'Expires On : is required.<br/>';
}
if(isset($_SESSION['exp_is'])) { $_SESSION['exp_is'] = 0; }
$exp = isset($_SESSION['exp']) ? $_SESSION['exp'] : '';
$_SESSION['qs']["{$_SESSION['entry_key']}"]['exp'] = $exp;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Expires On :'] = $exp;
$_SESSION['qs-label']["{$_SESSION['entry_key']}"]['exp'] = "Expires On :";

if($error){
if(isset($_SESSION['pages'][''])) { unset($_SESSION['pages']['']); } 
$_SESSION["e_message"] = $valError;
header("Location: {$_SESSION['MAX_PATH_PROC']}hostingedit.php");
return;
} else {
$_SESSION['pages'][''] = 'pass';
}

$dbserver = "localhost";
$dbuname = "vri_dev";
$dbpword = "*******";
$con = mysql_connect($dbserver, $dbuname, $dbpword);
if(!$con){
	die('Could not connect to the database server :' . mysql_error());
}
	//Select Database
	mysql_select_db("vri_inkcontrol", $con);
	//Get idcname
	$q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$cname' AND dname='$dname'";
	$r = mysql_query($q);
	//Put idcname query into an array
	$r_array = mysql_fetch_assoc($r);
	//Store idcname result from previouse query
	$idcname = $r_array['idcname'];
	//trap duplicate records	

	//If the number of rows returned by above query is not greater then we
	if(mysql_num_rows($r) == 0){
		//Insert idcname in `tbl_hosting_cname` since id doesn't exist
		$q = "INSERT INTO `tbl_hosting_cname` SET cname='$cname'";
		mysql_query($q);
		//grab the cname id in `tbl_hosting_cname`
		$q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$cname'";
		$r = mysql_query($q);
		//now we must grab the id cname from array
		$q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$cname'";
		$r = mysql_query($q);
		$row = mysql_fetch_assoc($r);
		$idcname = $row['idcname'];

		$r = mysql_query("SELECT * FROM `tbl_hosting_domain` WHERE cname='$idcname' AND dname='$dname'");
		if(mysql_num_rows($r) !== 1){

			$q = "INSERT INTO `tbl_hosting_domain` (idcname, cname, ip, ns1, ns2, ftpaddress, ftpuname,	ftppword, pop, smtp, webmailaddress,	diskspace, bandwidth, nummailboxes, mailboxquota, numdatabases, exp) VALUES ('$idcname', '$dname', '$ip', '$ns1', '$ns2', '$ftpserver', '$ftpuname', '$ftppword', '$pop', '$smtp', '$webmailaddy', '$adiskspace', '$ambw', '$amboxes', '$amboxesquota', '$adbases', '$exp')";
			mysql_query($q);
			$route = "Location: index.php?section=newaddyes";
	}elseif(mysql_num_rows($r) == 1){

		$q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$cname'";
		$r = mysql_query($q);
		$row = mysql_fetch_assoc($r);
		$idcname = $row['idcname'];
		$q = "UPDATE `tbl_hosting_domain` SET (ip = '$ip', ns1 = '$ns1', ns2 = '$ns2', ftpaddress = '$ftpserver', ftpuname = '$ftpuname', ftppword = '$ftppword', pop = '$pop', smtp = '$smtp', webmailaddress = '$webmailaddy', diskspace = '$adiskspace', bandwidth = '$ambw', nummailboxes = '$amboxes', mailboxquota = '$amboxesquota', numdatabases = '$adbases', exp =  '$exp'	WHERE cname='$idcname'";			
		$route = "Location: index.php?section=newaddyes";
	}else{

		$route = "Location: index.php?section=newaddno";	
	}


// default action
header("Location: {$_SESSION['MAX_PATH_PROC']}");
return;
}
?>

 

thanks again.

TGWSE_GY Regular Member

TGWSE_GY

Posted
  • Author
Posted

Wolphie: actually I am using a function it is calling secure_submit.php to validate the form for in-proper entries. Also removing them is not fixing the problem.

 

ProjectFear: the code above connecting to mysql is not my code as it belongs to the developer that designed this system/site and now I am having to go through and fix his coding short comings.

 

Thanks

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.