YZFR1 Posted November 25, 2014 Share Posted November 25, 2014 (edited) Hi, I'll try and keep this brief but it really is a case of searching for needle in a haystack... I've just started working for a UK charity whose main activity is supported by a massive website. Stacks of information sheets, 3 distinct forums (each about the size of Freaks here), numerous blogs, events pages, webinars etc. etc. Essentially, it is an on-line free community that serves the needs of a very sizeable percentage of man and womankind. Like many charities it relies on gratis contributions from those with time or money to spare. I don't have either, but I do believe in what they are doing. The problem is that that the site itself has grown or rather mutated to become a huge data repository, built from a number of contributors with different skills sets and ways of doing things. At the back of it lurks a CMS which staff (a limited number) use to update site content. 95% of the site is in PHP, with a host of other ingredients thrown into the pot (Tiny-MCE, Perl, Ajax, Fancybox, html5, flash, blah and blah). The problem is in the CMS when someone tries to enter a date beyond 2014 there is no option to do so - -.i.e. that's as far as the dropdown goes. I can see the problem but can't find the offending script/files. Anywhere. Here's a snippet from the viewable source for those with keener eyesight: <form action="index.php?content=data_universal_new&table=events" method="post" ENCTYPE="multipart/form-data" > <input type="hidden" name="change" value=""> <table summary="" border="0"> <tr> <td valign="top">Title</td> <td><input type="text" name="titlex" size="30" maxlength="256" value=""></td> </tr> <tr> <td valign="top">Microsite</td> <td> <select name="micrositex"> <option value="INF UK" > INF UK</option> <option value="MTL" > MTL</option> <option value="ACE BABES" > ACE BABES</option> </select> </td> </tr> <tr> <td valign="top">Short description</td> <td><textarea name="short_descriptionx" cols="40" rows="5" ></textarea></td> </tr> <tr> <td valign="top">Thumbnail</td> <td> <input type="file" name="graphic[thumbnailx]"> <input type="checkbox" name="deletepic[thumbnail]" value="yes"> Delete? </td> </tr> <tr> <td valign="top">Main page</td> <td> <div id="tm"><textarea id="elm1" name="main_pagex" style=" height: 400px;width:460px;" class="mceEditor"></textarea></div> <p> <script type="text/javascript"> function toggleEditor(id) { if (!tinyMCE.getInstanceById(id)) tinyMCE.execCommand('mceAddControl', false, id); else tinyMCE.execCommand('mceRemoveControl', false, id); } </script> <div><a href="javascript:toggleEditor('elm1');">[Add/Remove editor]</a></div> <a href="upload.php" title="Upload Documents" class="iframe">Upload Documents</a> <span class="tooltip" title="Click here to start the document uploader,The documents will be available to link to in the link list drop-down"> <img src="../images/help.png" border="0" width="15" height="15" alt="" align="top" > </span> </p> </td> </tr> <tr> <td valign="top">Date</td> <td> <select name="date[4]"> <option >1</option> <option >2</option> <option >3</option> <option >4</option> <option >5</option> <option >6</option> <option >7</option> <option >8</option> <option >9</option> <option >10</option> <option >11</option> <option >12</option> <option >13</option> <option >14</option> <option >15</option> <option >16</option> <option >17</option> <option >18</option> <option >19</option> <option >20</option> <option >21</option> <option >22</option> <option >23</option> <option >24</option> <option selected>25</option> <option >26</option> <option >27</option> <option >28</option> <option >29</option> <option >30</option> <option >31</option> </select> <select name="date[3]"> <option value="1" >Jan</option> <option value="2" >Feb</option> <option value="3" >Mar</option> <option value="4" >Apr</option> <option value="5" >May</option> <option value="6" >Jun</option> <option value="7" >Jul</option> <option value="8" >Aug</option> <option value="9" >Sep</option> <option value="10" >Oct</option> <option value="11" selected>Nov</option> <option value="12" >Dec</option> </select> <select name="date[5]"> <option value="2002" >2002</option> <option value="2003" >2003</option> <option value="2004" >2004</option> <option value="2005" >2005</option> <option value="2006" >2006</option> <option value="2007" >2007</option> <option value="2008" >2008</option> <option value="2009" >2009</option> <option value="2010" >2010</option> <option value="2011" >2011</option> <option value="2012" >2012</option> <option value="2013" >2013</option> <option value="2014" selected >2014</option> </select> </td></tr> <tr> <td> </td> <td><input type="submit" value="Submit"></td> </tr> </table> </form> </div> <div id="man_div"> <p><a href="index.php?content=data_universal_new&add=yes&table=events">Add event</a></p> Hmm. Any thoughts would be greatly appreciated. Edited November 25, 2014 by Ch0cu3r Quote Link to comment Share on other sites More sharing options...
Ch0cu3r Posted November 25, 2014 Share Posted November 25, 2014 I can see the problem but can't find the offending script/files. Nor can we without seeing the PHP code You need to find the PHP code that is generating the HTML for the year dropmenu here <select name="date[5]"> <option value="2002" >2002</option> <option value="2003" >2003</option> <option value="2004" >2004</option> <option value="2005" >2005</option> <option value="2006" >2006</option> <option value="2007" >2007</option> <option value="2008" >2008</option> <option value="2009" >2009</option> <option value="2010" >2010</option> <option value="2011" >2011</option> <option value="2012" >2012</option> <option value="2013" >2013</option> <option value="2014" selected >2014</option> </select> It is hard to tell you exactly what to look for in the code. There are to many possibilities to list. The only thing I can suggest is to look for calls to date incombination with a for loop etc. Quote Link to comment Share on other sites More sharing options...
YZFR1 Posted November 25, 2014 Author Share Posted November 25, 2014 (edited) Point taken, like I said it's a haystack. Here's the events.php and datax.php. Events <? if (isset ($item)){ $query = "select * from events where id='$item' "; $result= mysql_db_query("$db", $query); while ($r= mysql_fetch_array($result)) { //$flag=$r["flag"]; ?> <h2><? echo $r["title"]?></h2> <? if ($r['thumbnail']!=''){?> <img class="thumbnail" src="/img/<? echo $r['id'];?>/events/thumbnail/200" alt=""> <? }?> <p class="storyDate"><strong><? echo date ( "d M Y",$r["date"])?></strong></p> <? echo $r["main_page"]?> <? } } else{ echo '<h1></h1>'; echo $body; $nowx=$now-86400; $query = "select * from events where `microsite`='$microsite' and `date`>$nowx order by `date` asc "; $result= mysql_query($query); while ($r= mysql_fetch_array($result)) { ?> <a href="<? echo $_SERVER['REQUEST_URI']?>/<? echo $r['id'];?>/<? echo $r['title'];?>" class="news"> <div class="news-single"> <? if ($r['thumbnail']!=''){?> <img class="thumbnail" src="/img_crop/<? echo $r['id'];?>/events/thumbnail/50/50/1:1" width="50" height="50" alt=""> <? }?> <h3><strong><? echo $r['title'];?> </strong></h3> <p class="news_date"><? echo date ("j M y",$r['date']);?></p> <p><? echo $r['short_description'];?>...</p> </div> </a> <? } } ?> ------------------------------------------------------------------------------------------------------------------------------------------------- Datax <div id="con_div"><? //config $table='news'; $order=' timestamp desc'; //workings //File uploads for graphics and docs if (count($_FILES)!=0){ foreach($_FILES["graphic"]["name"] as $key=>$val){ //echo $key; if ($_FILES["graphic"]["name"][$key]!=''){ $graphic_name=$_FILES["graphic"]["name"][$key]; $dest=$root.'/pics/'.$graphic_name; //echo $dest; copy($_FILES["graphic"]["tmp_name"][$key], $dest); } } } // get the structure $query = "DESCRIBE $table"; $result= mysql_db_query("$db", $query); while ($r= mysql_fetch_array($result)) { //create the ket type array $keytype[$r[Field]]=$r[Type]; } //delete resource if (isset ($delete_resource)){ $query = "delete from $table where id='$delete_resource' "; $result= mysql_db_query("$db", $query); } // if we are inserting if (isset ($change) && $change==''){ $unixtime=mktime( 0, 0, 0, $timestamp[3], $timestamp[4], $timestamp[5]); $_POST["timestamp"]=$unixtime; echo '<pre>'; print_r($_POST); print_r($_GET); print_r($_FILES); echo '</pre>'; // roll through the POST variables foreach($_POST as $key=>$val){ //@@@@@@@@@@@@@|| // needs to be variable || //@@@@@@@@@@@@@|| if($key=='timestamp') { // check whether it is empty if ($_FILES["graphic"]["name"]["thumbnail"]!=''){ $xxx=$_FILES["graphic"]["name"]["thumbnail"]; $construct.=' `thumbnail`, '; $inserts.=", '$xxx' "; } } // bit of a clean up if($key=='change') continue; if($key=='deletepic') continue; //implode the variable if it is an array if(is_array($val)) { $val = implode (",", $val); } $_POST[$key]=addslashes($val); $key_name = rtrim($key, "x"); $construct.=' `'.$key_name.'`, '; $inserts.=", '".addslashes($val)."' "; } // end of the POST construct // take off the end comma $construct = rtrim($construct, ", "); // The query $query = "INSERT INTO `$table` ( `id`, $construct) VALUES ( 'NULL' $inserts )"; $result= mysql_db_query("$db", $query); // echo $query; $edit=mysql_insert_id(); $path='/'; } //This is the update if (isset ($change) && $change!=''){ $unixtime=mktime( 0, 0, 0, $timestamp[3], $timestamp[4], $timestamp[5]); $_POST["timestamp"]=$unixtime; //@@@@@@@@@@@@@|| // needs to be variable || //@@@@@@@@@@@@@|| foreach($_POST as $key=>$val){ if($key=='timestamp') { // check whether it is empty if ($_FILES["graphic"]["name"]["thumbnail"]!=''){ $xxx=$_FILES["graphic"]["name"]["thumbnail"]; $changes.=" thumbnail = '$xxx', "; } if ($deletepic["thumbnail"]=='yes'){ $changes.=" `thumbnail` = '', "; } } // bit of a clean up if($key=='change') continue; if($key=='deletepic') continue; if(is_array($val)) { $val = implode (",", $val); } $_POST[$key]=addslashes($val); $key_name = rtrim($key, "x"); $val=addslashes($val); $changes.=" $key_name = '$val', "; } $changes = rtrim($changes, ", "); $query = "UPDATE `$table` SET $changes WHERE `id` ='$change' "; //echo $query; $result= mysql_db_query("$db", $query); } // for the new if ($add=='yes' || isset ($edit)){ if ( isset ($edit)){ $get='&edit='.$edit; $coursesx=array(); $query = "select * from $table where id='$edit' "; // echo $query; $result= mysql_db_query("$db", $query); while ($r= mysql_fetch_array($result)) { foreach($r as $key=>$val) { if ($val!=''){ $resourcex[$key]=$val; } } } } else{ $resourcex["flag"]=$flag; } /*print_r($resourcex); echo $resourcex["buy_link"];*/ ?> <form action="index.php?content=<? echo $content?><? echo $get?>" method="post" ENCTYPE="multipart/form-data" > <input type="hidden" name="change" value="<? echo $resourcex["id"]?>"> <table summary="" border="0"> <? /* echo '<pre>'; print_r($resourcex); echo '</pre>'; */ $count=3; foreach ($keytype as $key=>$val) { if ($key=='id') continue; if (in_array($key, $skip_array)) {?> <input type="hidden" name="<? echo $key?>x" value="<? echo $resourcex[$key]?>"> <? } else{ ?> <tr> <? if ($trans_table[$key]!='x'){?> <td valign="top"><? if (array_key_exists($key, $trans_table)){echo $trans_table[$key];} else { $keyx= str_replace("_", " ", $key); echo ucfirst($keyx);}?></td> <? }?> <? if(ereg("^int",$val) && $key!='timestamp' ){?> <td><input type="text" name="<? echo $key?>x" size="10" maxlength="256" value="<? echo $resourcex[$key]?>"></td> <? }?> <? if(ereg("^float",$val) && $key!='image'){?> <td><input type="text" name="<? echo $key?>x" size="10" maxlength="256" value="<? echo $resourcex[$key]?>"></td> <? }?> <? if(ereg("^varchar",$val) && $key!='thumbnail' && $key!='second_picture' && $key!='county' ){?> <td><input type="text" name="<? echo $key?>x" size="30" maxlength="256" value='<? echo $resourcex[$key]?>'></td> <? }?> <? if(ereg("^text",$val)){?> <? if(ereg("^text",$val) && $key=='overview'){?> <td><textarea name="<? echo $key?>x" cols="30" rows="5" class="mceEditor" id="elm3" style=" height: 250px;width: 340px;"><? echo $resourcex[$key]?></textarea></td> <? } elseif(ereg("^text",$val) && $key=='findings'){?> <td><textarea name="<? echo $key?>x" cols="30" rows="5" class="mceEditor" id="elm2" style=" height: 250px;width: 340px;"><? echo $resourcex[$key]?></textarea></td> <? } elseif(ereg("^text",$val) && $key=='main_page'){?> <td colspan="2"><textarea name="<? echo $key?>x" cols="30" rows="5" class="mceEditor" id="elm1" style=" height: 250px;width: 560px;"><? echo $resourcex[$key]?></textarea> <p> <a href="upload.php" title="Upload Documents" class="iframe">Upload Documents</a> <span class="tooltip" title="Click here to start the document uploader,The documents will be available to link to in the link list drop-down"> <img src="../images/help.png" border="0" width="15" height="15" alt="" align="top" > </span> </p> </td> <? }else{?> <td><textarea name="<? echo $key?>x" cols="30" rows="5" ><? echo $resourcex[$key]?></textarea></td> <? }?> <? }?> <? if(ereg("^set",$val)){ $val = rtrim($val, "')"); $val= ltrim($val, "set('"); $option_array=explode("','", $val ); $content_array=explode(",", $resourcex[$key]); ?> <td> <? foreach ($option_array as $keyy=>$valy){?> <input type="checkbox" name="<? echo $key?>x[]" value="<? echo $valy?>" <? if (in_array($valy,$content_array)){echo ' checked';}?>> <? echo $valy?><br> <? }?> <input type="hidden" name="<? echo $key?>x[]" value=""> </td> <? }?> <? if(ereg("^enum",$val)){ $val = rtrim($val, "')"); $val= ltrim($val, "enum('"); $option_array=explode("','", $val ); ?> <td> <select name="<? echo $key?>x"> <? foreach ($option_array as $keyy=>$valy){?> <option value="<? echo $valy?>" <? if ($resourcex[$key]==$valy){echo ' selected';}?>> <? echo $valy?></option> <? }?> </select> </td> <? }?> <? if(ereg("bigint",$val)){?> <td><? if (isset ($resourcex[$key])){ $now=$resourcex[$key];} //echo $now; date_drop4($key, $now)?> </td> <? }?> <? if(ereg("254",$val ) && $key=='thumbnail' ){?> <td> <? if ($resourcex[$key]!=''){?><img src="/scale_img.php?pic=<? echo $resourcex[$key]?>&max=100&folder=pics" alt="" border="0"><br><? }?> <input type="file" name="graphic[<? echo $key?>]"> <input type="checkbox" name="deletepic[<? echo $key?>]" value="yes"> Delete? </td> <? }?> <? $inc_name=$content.'_inc.php'; include ($inc_name);?> </tr> <? }}?> <tr> <td> </td> <td><input type="submit" value="Publish"></td> </tr> </table> </form> <? }?> </div> <div id="man_div"> <h3><? echo $words?>s</h3> <p><img src="../images/new.png" border="0" width="16" height="16" alt="" align="absmiddle"> <a href="index.php?content=<? echo $content?>&add=yes"><b>Add <? echo $words?></b></a></p> <table summary="" border="0" width="250"> <? $limit_number=25; if ($temp_access==-1){ $query = "select * from $table where flag='$flag' order by $order"; } else{ $query = "select * from $table where flag='$flag' and `microsite`=$temp_access order by $order"; } show_page_numbers_admin($query,$pstart,$limit_number, $content, $include, "", ""); $query = add_limit($query,$pstart,$limit_number); $result= mysql_db_query("$db", $query); while ($r= mysql_fetch_array($result)) { ?> <tr> <td style="border-bottom: 1px solid;"><? echo $r["title"]?></td> <td style="border-bottom: 1px solid;" width="20"><a href="index.php?content=<? echo $content?>&edit=<? echo $r["id"]?>"><img src="../images/edit.png" width="16" height="16" alt="" border="0"></a></td> <td style="border-bottom: 1px solid;" width="20"><a href="index.php?content=<? echo $content?>&delete_resource=<? echo $r["id"]?>" > <img src="../images/kill.png" width="16" height="16" alt="" border="0"></a></td> </tr> <? } ?> </table> </div> Edited November 25, 2014 by mac_gyver code tags around posted code please Quote Link to comment Share on other sites More sharing options...
Ch0cu3r Posted November 25, 2014 Share Posted November 25, 2014 (edited) Umm... It looks like the year is defined as an enum in your news table (Which is stupid IMO). Can you post the output of this printf('<pre>%s</pre>', print_r($keytype, 1)); Add it after these lines in datax.php while ($r= mysql_fetch_array($result)) { //create the ket type array $keytype[$r[Field]]=$r[Type]; } In actual fact all the code in datax.php is no good really. If that is the code to one file I would hazard a guess and deem the entire CMS will need to be re-coded. Edited November 25, 2014 by Ch0cu3r Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.