gilk Posted August 22, 2012 Share Posted August 22, 2012 Hi, have looked thru archives and cant find any answers. Godaddy recently removed support for PHP4 and as a consequence, stuff that has been quietly working nicely has stopped under PHP5.3. I am able to create a new student, but when I try to update the student details get error "couldn't execute query". Here is the relevant code...with the password xxxx'd out. <?php /* Program name: upd_user_details.php * Description: Script displays a form with address * information obtained from the database. */ session_start(); //set session variables for students id number $_SESSION['studentid'] = "$studentid"; $studentid = $_SESSION['studentid']; //I think this might need to be set on each page where required??dunno! $_SESSION['f_name'] = "$f_name"; $f_name = $_SESSION['f_name']; //I think this might need to be set on each page where required??dunno! $_SESSION['l_name'] = "$l_name"; $l_name = $_SESSION['l_name']; //I think this might need to be set on each page where required??dunno! $_SESSION['email'] = "$email"; $email = $_SESSION['email']; //I think this might need to be set on each page where required??dunno! echo "<html> <head><title>Student Details</title></head> <body>"; // create an array that contains the labels used in the form // the keys are the field names. $labels = array( "f_name"=>"First Name:", "l_name"=>"Last Name (Surname/Family):", "salutation"=>"Dr/Mr/Mrs/Ms:", "gender"=>"Gender (m or f) :", "birthdate"=>"Date of Birth (yyyy-mm-dd):", "email"=>"Email Address:", "address1"=>"Street Address 1:", "address2"=>"Street Address 2:", "address3"=>"City or Town:", "state"=>"State:", "zip"=>"Zipcode or Postcode:", "country"=>"Country:", "occupation" => "Occupation: "); $user="distanceed"; $host="mysql39.secureserver.net"; $password="XXXXXXXXXXXX"; $database = "distanceed"; $conn = mysql_connect($host,$user,$password) or die ("couldn't connect to server"); $db = mysql_select_db($database,$conn) or die ("Couldn't select database"); $query = "SELECT * FROM auth_users WHERE id = $studentid "; $result = mysql_query($query) or die ("Couldn't execute query."); .........it is at this point that the error occurs...it seems to me that the problem is with the query where id = $studentid It is about 5 years since I wrote this code and i have forgotten it so I will need to get up to speed again There are some other breaks and they are all associated with passing of student id number. Be most pleased if anyone can advise me wht PHp5 has done to PHp4 code in regard to passing of this variable ( it is an autoincremented value from a mysql database. thanks in anticiption Quote Link to comment https://forums.phpfreaks.com/topic/267427-php5-breaks-php4/ Share on other sites More sharing options...
Jessica Posted August 22, 2012 Share Posted August 22, 2012 Use code tags on the forum. Wherever you have or die ("Couldn't execute query."); replace it with or die (mysql_error().' SQL: '.$query); So you can see the error and query. Quote Link to comment https://forums.phpfreaks.com/topic/267427-php5-breaks-php4/#findComment-1371458 Share on other sites More sharing options...
gilk Posted August 22, 2012 Author Share Posted August 22, 2012 OK done that! error now ou have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 2 SQL: SELECT * FROM auth_users WHERE id = also excuse my ignorance (newbie) what do you mean by " use code tags on the forum" Now that you can see the new and enhanced error message can you pls advise where to go next. Thanks Quote Link to comment https://forums.phpfreaks.com/topic/267427-php5-breaks-php4/#findComment-1371460 Share on other sites More sharing options...
ManiacDan Posted August 22, 2012 Share Posted August 22, 2012 When posting code, surround it in [ PHP ] and [/ PHP ] tags, without spaces inside the tags. That's how you color your code and make it easier to read. Your error message indicates that your query it malformed. Then it prints the query. As you can see, your query is missing the value for student ID. That's because you never get the value for studentid from anywhere. Your code initially uses it here: $_SESSION['studentid'] = "$studentid"; (This variable doesn't need to be quoted in this line) You are relying on an old feature of PHP called register_globals. I have bad news for you: Every single one of your pages is probably broken. Your code was assuming there was a key called 'studentid' in $_GET, $_POST, or $_COOKIE. You have to figure out which one, and put this at the top of your file: $studentid = $_POST['studentid']; You then need to repeat this exercise with every single variable you use this way. On every page, in every file. You upgraded your PHP install without knowing how it would work. It's like upgrading your operating system. Some of your apps will stop working. In your case, you were doing something critically wrong and nobody told you until it was too late. Good luck, you have a lot of changes ahead of you. Quote Link to comment https://forums.phpfreaks.com/topic/267427-php5-breaks-php4/#findComment-1371462 Share on other sites More sharing options...
gilk Posted August 22, 2012 Author Share Posted August 22, 2012 You upgraded your PHP install without knowing how it would work. **it happens!...Godaddy upgraded me without my knowledge by removing support for PHP4. Users of my system alerted me that the system was broken today. The question now is what to do about it. I have a perfectly good MYSQL database with lotsa good stuff in it. Do I try and patch the old PHP4 code or should I go for a rewrite with PHP5. ( I have read that PHP6 is around the corner...I dont want this repeated when PHP5 is ditched!!!) As far as I can see, the only problem is with the studentid variable not getting passed around like it used to. Your wisdom would be appreciated. thank you Quote Link to comment https://forums.phpfreaks.com/topic/267427-php5-breaks-php4/#findComment-1371470 Share on other sites More sharing options...
Jessica Posted August 22, 2012 Share Posted August 22, 2012 ManiacDan explained to you why that's not the only problem. It will happen elsewhere. He also explained how to fix it. Quote Link to comment https://forums.phpfreaks.com/topic/267427-php5-breaks-php4/#findComment-1371473 Share on other sites More sharing options...
Barand Posted August 22, 2012 Share Posted August 22, 2012 Register_globals was switched to "off" as the default ini file setting in PHP installations ten years ago (2002), so don't blame GoDaddy too much (except for waiting so long) - there have been warnings in the PHP manual and elsewhere for many years. PS NOT recommended, as it still presents the same security risk as using register_globals, but if you need a quick fix while you rewrite your pages, add extract ($_POST); to the top of each script (or $_GET if that is the method used) Quote Link to comment https://forums.phpfreaks.com/topic/267427-php5-breaks-php4/#findComment-1371479 Share on other sites More sharing options...
gilk Posted August 22, 2012 Author Share Posted August 22, 2012 so don't blame GoDaddy too much Not blaming anyone. Just wanting the quickest, best, cost effective FIX. Hopefully that will outlast the next PHPx arrival. I thank all for their comments. Will also accept any further comments that might help. Unfortunately I am about 12000 miles from my office and wont be back till October. I can manually service my clients during this period. I do need to implement a fix when I get back to my office. Gives me about 35 days to get my head up to speed :'( Maybe I should employ a PHP pro???? Thoughts? Quote Link to comment https://forums.phpfreaks.com/topic/267427-php5-breaks-php4/#findComment-1371483 Share on other sites More sharing options...
Barand Posted August 22, 2012 Share Posted August 22, 2012 see my edit to my post Quote Link to comment https://forums.phpfreaks.com/topic/267427-php5-breaks-php4/#findComment-1371484 Share on other sites More sharing options...
gilk Posted August 22, 2012 Author Share Posted August 22, 2012 Thank you Barand. Just the sort of practical advice I was looking for. Quote Link to comment https://forums.phpfreaks.com/topic/267427-php5-breaks-php4/#findComment-1371486 Share on other sites More sharing options...
scootstah Posted August 22, 2012 Share Posted August 22, 2012 I have read that PHP6 is around the corner...I dont want this repeated when PHP5 is ditched PHP6 was scrapped and most of the features were rolled into PHP5.4. PHP5 will be supported for many years to come. Quote Link to comment https://forums.phpfreaks.com/topic/267427-php5-breaks-php4/#findComment-1371503 Share on other sites More sharing options...
gilk Posted August 22, 2012 Author Share Posted August 22, 2012 Phew! not all bad then! Quote Link to comment https://forums.phpfreaks.com/topic/267427-php5-breaks-php4/#findComment-1371504 Share on other sites More sharing options...
ManiacDan Posted August 22, 2012 Share Posted August 22, 2012 Barand's solution was very dangerous and not recommended (as he noted in his post). While it gets your site working today, your site still has security problems that are more than a decade old. You should rewrite this with modern best practices, in PHP 5.4. Quote Link to comment https://forums.phpfreaks.com/topic/267427-php5-breaks-php4/#findComment-1371505 Share on other sites More sharing options...
Barand Posted August 22, 2012 Share Posted August 22, 2012 There's still some bad news. If you are using mysql start moving over to mysqli as mysql support will disappear soon Quote Link to comment https://forums.phpfreaks.com/topic/267427-php5-breaks-php4/#findComment-1371506 Share on other sites More sharing options...
PFMaBiSmAd Posted August 22, 2012 Share Posted August 22, 2012 I recommend a rewrite as well. The posted code is apparently processing a form submission. However, it has no logic to test if a form was even submitted; it is not validating any of the submitted data (the code shouldn't even get to the point of executing the query when the $studentid is empty); and it is not doing anything to prevent sql injection/query errors due to unexpected/hacked data values. Quote Link to comment https://forums.phpfreaks.com/topic/267427-php5-breaks-php4/#findComment-1371508 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.