What day is it? Buried dropdown list option problem

[YZFR1]

Hi, I'll try and keep this brief but it really is a case of searching for needle in a haystack... I've just started working for a UK charity whose main activity is supported by a massive website. Stacks of information sheets, 3 distinct forums (each about the size of Freaks here), numerous blogs, events pages, webinars etc. etc. Essentially, it is an on-line free community that serves the needs of a very sizeable percentage of man and womankind. Like many charities it relies on gratis contributions from those with time or money to spare. I don't have either, but I do believe in what they are doing. The problem is that that the site itself has grown or rather mutated to become a huge data repository, built from a number of contributors with different skills sets and ways of doing things. At the back of it lurks a CMS which staff (a limited number) use to update site content. 95% of the site is in PHP, with a host of other ingredients thrown into the pot (Tiny-MCE, Perl, Ajax, Fancybox, html5, flash, blah and blah). The problem is in the CMS when someone tries to enter a date beyond 2014 there is no option to do so - -.i.e. that's as far as the dropdown goes. I can see the problem but can't find the offending script/files. Anywhere. Here's a snippet from the viewable source for those with keener eyesight:

<form action="index.php?content=data_universal_new&table=events" method="post" ENCTYPE="multipart/form-data" >
<input type="hidden" name="change" value="">
<table summary="" border="0">
<tr>
<td valign="top">Title</td>
<td><input type="text" name="titlex" size="30" maxlength="256" value=""></td>
</tr> <tr>
<td valign="top">Microsite</td>
<td>
<select name="micrositex">
<option value="INF UK" > INF UK</option>
<option value="MTL" > MTL</option>
<option value="ACE BABES" > ACE BABES</option>
</select>
</td>



</tr> <tr>
<td valign="top">Short description</td>
<td><textarea name="short_descriptionx" cols="40" rows="5" ></textarea></td>
</tr> <tr>
<td valign="top">Thumbnail</td>
<td>
<input type="file" name="graphic[thumbnailx]"> <input type="checkbox" name="deletepic[thumbnail]" value="yes"> Delete?
</td>
</tr> <tr>
<td valign="top">Main page</td>
<td>
<div id="tm"><textarea id="elm1" name="main_pagex" style=" height: 400px;width:460px;" class="mceEditor"></textarea></div>
<p>
<script type="text/javascript">


function toggleEditor(id) {
if (!tinyMCE.getInstanceById(id))
tinyMCE.execCommand('mceAddControl', false, id);
else
tinyMCE.execCommand('mceRemoveControl', false, id);
}
</script>
<div><a href="javascript:toggleEditor('elm1');">[Add/Remove editor]</a></div>
<a href="upload.php" title="Upload Documents" class="iframe">Upload Documents</a>
<span class="tooltip" title="Click here to start the document uploader,The documents will be available to link to in the link list drop-down">
<img src="../images/help.png" border="0" width="15" height="15" alt="" align="top" >
</span>
</p>
</td>
</tr> <tr>
<td valign="top">Date</td>
<td>
<select name="date[4]">
<option >1</option>
<option >2</option>
<option >3</option>
<option >4</option>
<option >5</option>
<option >6</option>
<option >7</option>
<option >8</option>
<option >9</option>
<option >10</option>
<option >11</option>
<option >12</option>
<option >13</option>
<option >14</option>
<option >15</option>
<option >16</option>
<option >17</option>
<option >18</option>
<option >19</option>
<option >20</option>
<option >21</option>
<option >22</option>
<option >23</option>
<option >24</option>
<option selected>25</option>
<option >26</option>
<option >27</option>
<option >28</option>
<option >29</option>
<option >30</option>
<option >31</option>
</select>
<select name="date[3]">
<option value="1" >Jan</option>
<option value="2" >Feb</option>
<option value="3" >Mar</option>
<option value="4" >Apr</option>
<option value="5" >May</option>
<option value="6" >Jun</option>
<option value="7" >Jul</option>
<option value="8" >Aug</option>
<option value="9" >Sep</option>
<option value="10" >Oct</option>
<option value="11" selected>Nov</option>
<option value="12" >Dec</option>
</select>
<select name="date[5]">
<option value="2002" >2002</option>
<option value="2003" >2003</option>
<option value="2004" >2004</option>
<option value="2005" >2005</option>
<option value="2006" >2006</option>
<option value="2007" >2007</option>
<option value="2008" >2008</option>
<option value="2009" >2009</option>
<option value="2010" >2010</option>
<option value="2011" >2011</option>
<option value="2012" >2012</option>
<option value="2013" >2013</option>
<option value="2014" selected >2014</option>
</select>
</td></tr> <tr>
<td> </td>
<td><input type="submit" value="Submit"></td>
</tr>
</table>
</form>
</div>
　
　
<div id="man_div">
<p><a href="index.php?content=data_universal_new&add=yes&table=events">Add event</a></p>

Hmm. Any thoughts would be greatly appreciated.

[Ch0cu3r]

 

 

I can see the problem but can't find the offending script/files.

Nor can we without seeing the PHP code

 

You need to find the PHP code that is generating the HTML for the year dropmenu here

<select name="date[5]">
<option value="2002" >2002</option>
<option value="2003" >2003</option>
<option value="2004" >2004</option>
<option value="2005" >2005</option>
<option value="2006" >2006</option>
<option value="2007" >2007</option>
<option value="2008" >2008</option>
<option value="2009" >2009</option>
<option value="2010" >2010</option>
<option value="2011" >2011</option>
<option value="2012" >2012</option>
<option value="2013" >2013</option>
<option value="2014" selected >2014</option>
</select>

It is hard to tell you exactly what to look for in the code. There are to many possibilities to list. The only thing I can suggest is to look for calls to date incombination with a for loop etc.

[YZFR1]

Point taken, like I said it's a haystack. Here's the events.php and datax.php.

 

Events

<?
if (isset ($item)){
$query = "select * from events where id='$item' ";
$result= mysql_db_query("$db", $query);
while ($r= mysql_fetch_array($result)) {
//$flag=$r["flag"];
?>
<h2><? echo $r["title"]?></h2>
<? if ($r['thumbnail']!=''){?>
<img class="thumbnail" src="/img/<? echo $r['id'];?>/events/thumbnail/200" alt="">
<? }?>
<p class="storyDate"><strong><? echo date ( "d M Y",$r["date"])?></strong></p>
<? echo $r["main_page"]?>




<? 
}
}
else{ 
echo '<h1></h1>';
echo $body;
$nowx=$now-86400;
$query = "select * from events where `microsite`='$microsite' and `date`>$nowx order by `date` asc "; 
$result= mysql_query($query);
while ($r= mysql_fetch_array($result)) {
?>
<a href="<? echo $_SERVER['REQUEST_URI']?>/<? echo $r['id'];?>/<? echo $r['title'];?>" class="news"> 
<div class="news-single">
<? if ($r['thumbnail']!=''){?>
<img class="thumbnail" src="/img_crop/<? echo $r['id'];?>/events/thumbnail/50/50/1:1" width="50" height="50" alt="">
<? }?>
<h3><strong><? echo $r['title'];?> </strong></h3>
<p class="news_date"><? echo date ("j M y",$r['date']);?></p>
<p><? echo $r['short_description'];?>...</p>
</div>
</a>
<? 
}
}
?>

-------------------------------------------------------------------------------------------------------------------------------------------------

 

Datax

<div id="con_div"><? 
//config
　
$table='news';
$order=' timestamp desc';
　
　
　
//workings
//File uploads for graphics and docs
if (count($_FILES)!=0){
foreach($_FILES["graphic"]["name"] as $key=>$val){
//echo $key;
if ($_FILES["graphic"]["name"][$key]!=''){
$graphic_name=$_FILES["graphic"]["name"][$key]; 
$dest=$root.'/pics/'.$graphic_name;
//echo $dest;
copy($_FILES["graphic"]["tmp_name"][$key], $dest);
} 
} 
}

// get the structure
$query = "DESCRIBE $table";
$result= mysql_db_query("$db", $query);
while ($r= mysql_fetch_array($result)) {
//create the ket type array
$keytype[$r[Field]]=$r[Type]; 
}
//delete resource
if (isset ($delete_resource)){
$query = "delete from $table where id='$delete_resource' ";
$result= mysql_db_query("$db", $query);
}
// if we are inserting
if (isset ($change) && $change==''){
$unixtime=mktime( 0, 0, 0, $timestamp[3], $timestamp[4], $timestamp[5]);
$_POST["timestamp"]=$unixtime;
echo '<pre>';
print_r($_POST);
print_r($_GET);
print_r($_FILES);
echo '</pre>'; 
// roll through the POST variables
foreach($_POST as $key=>$val){
//@@@@@@@@@@@@@||
// needs to be variable ||
//@@@@@@@@@@@@@||
if($key=='timestamp') {
// check whether it is empty
if ($_FILES["graphic"]["name"]["thumbnail"]!=''){
$xxx=$_FILES["graphic"]["name"]["thumbnail"];
$construct.=' `thumbnail`, ';
$inserts.=", '$xxx' "; 
}
}
// bit of a clean up
if($key=='change') continue;
if($key=='deletepic') continue;
//implode the variable if it is an array
if(is_array($val)) {
$val = implode (",", $val);
}

$_POST[$key]=addslashes($val); 
$key_name = rtrim($key, "x");
$construct.=' `'.$key_name.'`, ';
$inserts.=", '".addslashes($val)."' "; 

} 

// end of the POST construct 

// take off the end comma 
$construct = rtrim($construct, ", "); 
// The query
$query = "INSERT INTO `$table` ( `id`, $construct)
VALUES (
'NULL' $inserts
)";
$result= mysql_db_query("$db", $query);
// 
echo $query;
$edit=mysql_insert_id(); 
$path='/';
}
　
//This is the update
if (isset ($change) && $change!=''){
$unixtime=mktime( 0, 0, 0, $timestamp[3], $timestamp[4], $timestamp[5]);
$_POST["timestamp"]=$unixtime;
　
//@@@@@@@@@@@@@||
// needs to be variable ||
//@@@@@@@@@@@@@||
　
foreach($_POST as $key=>$val){
if($key=='timestamp') {
// check whether it is empty
if ($_FILES["graphic"]["name"]["thumbnail"]!=''){
$xxx=$_FILES["graphic"]["name"]["thumbnail"];
$changes.=" thumbnail = '$xxx', "; 
}
if ($deletepic["thumbnail"]=='yes'){
$changes.=" `thumbnail` = '', "; 
}
}
// bit of a clean up
if($key=='change') continue;
if($key=='deletepic') continue;
if(is_array($val)) {
$val = implode (",", $val);
}
$_POST[$key]=addslashes($val); 
$key_name = rtrim($key, "x");
$val=addslashes($val);
$changes.=" $key_name = '$val', "; 
} 
$changes = rtrim($changes, ", ");
　
$query = "UPDATE `$table` SET 
$changes
WHERE `id` ='$change' ";
//echo $query;
$result= mysql_db_query("$db", $query);
}
　
// for the new
if ($add=='yes' || isset ($edit)){
if ( isset ($edit)){
$get='&edit='.$edit;
$coursesx=array();
$query = "select * from $table where id='$edit' ";
// echo $query;
$result= mysql_db_query("$db", $query);
while ($r= mysql_fetch_array($result)) {
foreach($r as $key=>$val)
{
if ($val!=''){ 
$resourcex[$key]=$val;
}
}

}

}
else{
$resourcex["flag"]=$flag;
}
/*print_r($resourcex);
echo $resourcex["buy_link"];*/
?>
<form action="index.php?content=<? echo $content?><? echo $get?>" method="post" ENCTYPE="multipart/form-data" >
<input type="hidden" name="change" value="<? echo $resourcex["id"]?>">
<table summary="" border="0">
<? 
/* echo '<pre>';
print_r($resourcex);
echo '</pre>'; */

$count=3;
foreach ($keytype as $key=>$val)
{
if ($key=='id') continue;
if (in_array($key, $skip_array)) {?>
<input type="hidden" name="<? echo $key?>x" value="<? echo $resourcex[$key]?>">
<? }
else{
?>
<tr>
<? if ($trans_table[$key]!='x'){?>
<td valign="top"><? if (array_key_exists($key, $trans_table)){echo $trans_table[$key];} else { $keyx= str_replace("_", " ", $key); echo ucfirst($keyx);}?></td>
<? }?>
<? if(ereg("^int",$val) && $key!='timestamp' ){?>
<td><input type="text" name="<? echo $key?>x" size="10" maxlength="256" value="<? echo $resourcex[$key]?>"></td>
<? }?>
<? if(ereg("^float",$val) && $key!='image'){?>
<td><input type="text" name="<? echo $key?>x" size="10" maxlength="256" value="<? echo $resourcex[$key]?>"></td>
<? }?>
<? if(ereg("^varchar",$val) && $key!='thumbnail' && $key!='second_picture' && $key!='county' ){?>
<td><input type="text" name="<? echo $key?>x" size="30" maxlength="256" value='<? echo $resourcex[$key]?>'></td>
<? }?>
<? if(ereg("^text",$val)){?>
<? if(ereg("^text",$val) && $key=='overview'){?>
<td><textarea name="<? echo $key?>x" cols="30" rows="5" class="mceEditor" id="elm3" style=" height: 250px;width: 340px;"><? echo $resourcex[$key]?></textarea></td>
<? } elseif(ereg("^text",$val) && $key=='findings'){?> 
<td><textarea name="<? echo $key?>x" cols="30" rows="5" class="mceEditor" id="elm2" style=" height: 250px;width: 340px;"><? echo $resourcex[$key]?></textarea></td>
<? } elseif(ereg("^text",$val) && $key=='main_page'){?> 
<td colspan="2"><textarea name="<? echo $key?>x" cols="30" rows="5" class="mceEditor" id="elm1" style=" height: 250px;width: 560px;"><? echo $resourcex[$key]?></textarea>
<p>
<a href="upload.php" title="Upload Documents" class="iframe">Upload Documents</a>
<span class="tooltip" title="Click here to start the document uploader,The documents will be available to link to in the link list drop-down">
<img src="../images/help.png" border="0" width="15" height="15" alt="" align="top" >
</span>
</p>
</td>
<? }else{?>
<td><textarea name="<? echo $key?>x" cols="30" rows="5" ><? echo $resourcex[$key]?></textarea></td>
<? }?>
<? }?>
<? if(ereg("^set",$val)){
$val = rtrim($val, "')");
$val= ltrim($val, "set('");
$option_array=explode("','", $val );
$content_array=explode(",", $resourcex[$key]);
?>
<td>

<? foreach ($option_array as $keyy=>$valy){?>
<input type="checkbox" name="<? echo $key?>x[]" value="<? echo $valy?>" <? if (in_array($valy,$content_array)){echo ' checked';}?>> <? echo $valy?><br>
<? }?>
<input type="hidden" name="<? echo $key?>x[]" value=""> 
</td>
<? }?>
<? if(ereg("^enum",$val)){
$val = rtrim($val, "')");
$val= ltrim($val, "enum('");
$option_array=explode("','", $val );
?>
<td>
<select name="<? echo $key?>x">
<? foreach ($option_array as $keyy=>$valy){?>
<option value="<? echo $valy?>" <? if ($resourcex[$key]==$valy){echo ' selected';}?>> <? echo $valy?></option>
<? }?>
</select>
</td>
<? }?>
<? if(ereg("bigint",$val)){?>
<td><? 
if (isset ($resourcex[$key])){
$now=$resourcex[$key];}
//echo $now;
date_drop4($key, $now)?>
</td>
<? }?>
<? if(ereg("254",$val ) && $key=='thumbnail' ){?>
<td>
<? if ($resourcex[$key]!=''){?><img src="/scale_img.php?pic=<? echo $resourcex[$key]?>&max=100&folder=pics" alt="" border="0"><br><? }?>

<input type="file" name="graphic[<? echo $key?>]"> <input type="checkbox" name="deletepic[<? echo $key?>]" value="yes"> Delete?
</td>
<? }?>
<? 
$inc_name=$content.'_inc.php';
include ($inc_name);?>
</tr>
<? }}?>
<tr>
<td> </td>
<td><input type="submit" value="Publish"></td>
</tr>
</table>
</form>
<? }?>
</div>
<div id="man_div">
<h3><? echo $words?>s</h3>
　
　
<p><img src="../images/new.png" border="0" width="16" height="16" alt="" align="absmiddle"> <a href="index.php?content=<? echo $content?>&add=yes"><b>Add <? echo $words?></b></a></p>
<table summary="" border="0" width="250">
<? 
$limit_number=25;
if ($temp_access==-1){
$query = "select * from $table where flag='$flag' order by $order";
}
else{
$query = "select * from $table where flag='$flag' and `microsite`=$temp_access order by $order";
}
show_page_numbers_admin($query,$pstart,$limit_number, $content, $include, "", ""); 
$query = add_limit($query,$pstart,$limit_number); 
$result= mysql_db_query("$db", $query);
while ($r= mysql_fetch_array($result)) {
?>
<tr>
<td style="border-bottom: 1px solid;"><? echo $r["title"]?></td>
<td style="border-bottom: 1px solid;" width="20"><a href="index.php?content=<? echo $content?>&edit=<? echo $r["id"]?>"><img src="../images/edit.png" width="16" height="16" alt="" border="0"></a></td>
<td style="border-bottom: 1px solid;" width="20"><a href="index.php?content=<? echo $content?>&delete_resource=<? echo $r["id"]?>" > <img src="../images/kill.png" width="16" height="16" alt="" border="0"></a></td>
</tr>

<? }
?>
</table>
</div>

[Ch0cu3r]

Umm... It looks like the year is defined as an enum in your news table (Which is stupid IMO). Can you post the output of this

printf('<pre>%s</pre>', print_r($keytype, 1));

Add it after these lines in datax.php

while ($r= mysql_fetch_array($result)) {
//create the ket type array
$keytype[$r[Field]]=$r[Type]; 
}

In actual fact all the code in datax.php is no good really. If that is the code to one file I would hazard a guess and deem the entire CMS will need to be re-coded.