tbird Posted September 17, 2017 Share Posted September 17, 2017 Hello guys,I need a little help with some php and MySQL queries. I have one application made by someone from GitHub that I will like to modify a little for my needs. The aplications is a FIAS-PMS from pbxinaflash with witch you can checkin, checkout and set wakeup call for one extension. The goal is to create a different report for extension used by office and guests. For guests is working perfectly.The code looks like this :$dbconnection = mysql_connect($dbhost, $dbuser, $dbpass) or die("Database connection failed");mysql_select_db($dbname) or die("data base Hotel-Rooms open failed");$query = "SELECT `ID`, `Desc` FROM `Rooms` ORDER BY `Desc` ASC";$result = mysql_query($query) or die ("Couldn't execute SQL query on Hotel-Users table.") ;mysql_close($dbconnection);echo " <SELECT ID=\"RoomsComboBox\" NAME=\"RoomsComboBox\">";echo "<OPTION VALUE=\"ALL\" SELECTED> ".$SecLab22." </OPTION>";while ($row = mysql_fetch_array($result)) {echo "<OPTION VALUE=\"$row[0]\">" . $row[1] . "</OPTION>";}echo "</SELECT>";echo "</TD>" ;echo "<TD><INPUT TYPE=\"SUBMIT\" NAME=\"SearchButton\" VALUE=\"".$SecLab21."\"></TD>\n" ;echo "</TR>\n" ;echo "</TABLE></div>\n";echo "</FORM>\n";if(isset($_POST['SearchButton'])) :echo"<TABLE cellSpacing=0 cellPadding=0 width=900 border=0>\n" ;echo "<TR><TD>Id</TD><TD>".$SecLab7."</TD><TD>".$SecLab14."</TD><TD>".$SecLab15."</TD><TD>".$SecLab17."</TD><TD>".$SecLab31."</TD><TD>".$SecLab1."</TD>" ;$dbconnection = mysql_connect($dbhost, $dbuser, $dbpass) or die("Database connection failed");mysql_select_db($dbname) or die("data base Hotel-Rates open failed");$between = '';$room = '';$query = "SELECT * FROM `Users`";$RoomsComboBox = $_POST['RoomsComboBox'];$FROMD = $_POST['FROMD'] ;$FROMM = $_POST['FROMM'] ;$FROMY = $_POST['FROMY'] ;$TOD = $_POST['TOD'] ;$TOM = $_POST['TOM'] ;$TOY = $_POST['TOY'] ;if ($RoomsComboBox !== 'ALL') {$room = " `Room` = '" . $RoomsComboBox . "'";}if ($FROMD !== '' AND $FROMM !== '' AND $FROMY !== '') {$from = " `Checkout` >= '" . $FROMY . "-" . $FROMM . "-" . $FROMD . "'";if ($TOD !== '' AND $TOM !== '' AND $TOY !== '') {$to = " AND `Checkout` <= '" . $TOY . "-" . $TOM . "-" . $TOD . "'";}$between = $from . $to;}If ($between !== '' OR $room !== '') {$query = $query . " WHERE" ;}If ($between !== '' AND $room !== '') {$query = $query . $between . " AND" . $room;}If ($between !== '' AND $room == '') {$query = $query . $between;}If ($between == '' AND $room !== '') {$query = $query . $room;}$query = $query . " ORDER BY ID DESC";//printf($query);What I did : From : $query = "SELECT `ID`, `Desc` FROM `Rooms` ORDER BY `Desc` ASC" ;to$query = "SELECT `ID`, `Desc` FROM `Rooms` WHERE `Desc` = 'Frontoffice' OR `Desc` = 'Backoffice' OR `Desc` = 'Manager' ORDER BY `Desc` ASC" ;from : $query = "SELECT * FROM `Users`";to $query = "SELECT * FROM `Users` WHERE `Desc` = 'Frontoffice' OR `Desc` = 'Backoffice' OR `Desc` = 'Manager' " ;Partial is working, I can see in the combobox only office extensions, i can search if i peek " all " from dropdown , but if i choose something else for exemple Frontoffice and click search the page is replaying with one error.The date search is not working at all. I have to advice you guys, i don`t know php and MySQL just some very basics Please can someone help me with some syntaxs ? Thanks a lot. Link to comment Share on other sites More sharing options...
ginerjm Posted September 17, 2017 Share Posted September 17, 2017 If you are going to copy code, at least copy code that is somewhat current. The Mysql_* extension is deprecated. Gone. No longer in modern PHP. Find a different script to copy. Or write your own using mysqlI functions or better yet, the PDO extension. And then - when you have a problem be a little more specific as to why it is not working. And wrap your code in the proper forum-designated tags. And maybe even get rid of the color highlighting? Link to comment Share on other sites More sharing options...
tbird Posted September 17, 2017 Author Share Posted September 17, 2017 Well thanks for you time, but it didn`t help me at all. If you do not want to help or you don`t know, why did you post ? Link to comment Share on other sites More sharing options...
Barand Posted September 17, 2017 Share Posted September 17, 2017 (edited) Date search is not working at all Can you please define "not working". If you try a date search and echo $query, what does it show? Edited September 17, 2017 by Barand Link to comment Share on other sites More sharing options...
Jacques1 Posted September 17, 2017 Share Posted September 17, 2017 Well thanks for you time, but it didn`t help me at all. His reply contained more useful information than any other resource you've learned/copypasted from so far. When you're completely new to a topic, it's a good idea to actually listen to those who know what they're talking about. Whether you like to hear it or not, the code you've chosen is amateur crap which is at least 13 years out of date and hasn't been updated in the last 6 years. As soon as your hoster decides to update the PHP version (the 5.x branch has already reached the end of active support), the whole application will cease to function. Link to comment Share on other sites More sharing options...
tbird Posted September 17, 2017 Author Share Posted September 17, 2017 Hello, Barand, in mysql log or php i don`t see any error log just in web page the site is replay`in with " mysql script error " . I missed a part of code : $query = $query . " ORDER BY ID DESC"; //printf($query); $result = mysql_query($query) or die("Web site query failed"); mysql_close($dbconnection); while ($row = mysql_fetch_array($result)) { echo "<TR><TD><FONT face=verdana,sans-serif>" . $row["ID"] . "</TD><TD>" . $row["Desc"] . "</TD><TD>" .$row["Name"] ."</TD><TD>" . $row["Checkin"] . "</TD><TD>" . $row["Checkout"] . "</TD><TD>" . $row["Total"] . "</TD><TD><a href=\"ec.php?Ext=" .$row["Ext"] . "&Checkin=" . $row["Checkin"] . "&Checkout=" . $row["Checkout"] ."\">".$SecLab29."</a></TD></TR>\n" ; } echo "</TABLE>\n"; endif; At the end . Jacques is not a problem for me beause is old. Is running on my server and i`m not planning to change anything there. In the future who nows maybe i will learn php and i will can rewrite the code to be more secure and fully compatibile with php7. For the moment is running in LAN where i don`t see any security issue. Thanks Link to comment Share on other sites More sharing options...
Jacques1 Posted September 17, 2017 Share Posted September 17, 2017 I didn't even get to the topic of security. The point is that the code is broken on every single level and one of the worst possible choices you could have made. If you simply accepted that half of the features will never work and the other half will randomly crash, sure, you could do that. But you're obviously here to get this stuff fixed, and I'm telling you that's hopeless. Link to comment Share on other sites More sharing options...
Barand Posted September 17, 2017 Share Posted September 17, 2017 If you try a date search and echo $query, what does it show? Had I been able to see the query you were submitting then I might have been able to help you. As you can't be bothered to provide the requested information then I'll leave you to it. Good luck. Link to comment Share on other sites More sharing options...
tbird Posted September 18, 2017 Author Share Posted September 18, 2017 With this attitude, you will not get anyware. I found the solution, don`t need help anymore. Moderatos please close this topic and also delete my account ! Have a nice day. Link to comment Share on other sites More sharing options...
cyberRobot Posted September 18, 2017 Share Posted September 18, 2017 Locking topic. Link to comment Share on other sites More sharing options...
Recommended Posts