hello, need help with a php script

HawkeNN · December 16, 2022

Hello, need help with my php script asap.

So the big problem is, that i don't know how to update my script.

The script is php7.3 and i want to update it up to 8.0.

anyone can help me updating my script to php 8.0?

IS THERE ANY AUTO UPDATER FOR SCRIPTS?

really need this script.

PLEASE SOMEONE TO HELP ME UPDATE MY SCRIPT FROM PHP7.3 TO PHP8.0

Edited December 16, 2022 by HawkeNN

Barand · December 16, 2022

Make sure your error reporting is ON in your php.ini file and let it tell you what's wrong - then fix the errors.

HawkeNN · December 16, 2022

where to find this file? There is no file with name "php.ini" in my script project.

I'm talking for ready script site that i use, but my hosting company said they will remove php 7.3/7.4 at the end of december and i need to update my script to 8.0.

ginerjm · December 16, 2022

the ini file is probably maintained by your host. If you ask they might give you a copy Or you could just set the error settings yourself.

error_reporting(E_ALL);
ini_set('display_errors', '1');
Put these lines at the start of our php script. Turn off the 2nd line once you are done developing so that any errors don't pop up on your user's screen.

HawkeNN · December 16, 2022

this showing me.. if i make the cpanel to php7.4 .

the script is made for php 7.3

is there any method that i can easily update my script to php 8?.

Quote

Warning: session_start(): Cannot start session when headers already sent in /homepages/27/d944683530/htdocs/login.php on line 15

Warning: Cannot modify header information - headers already sent by (output started at /homepages/27/d944683530/htdocs/login.php:1) in /homepages/27/d944683530/htdocs/login.php on line 17

Edited December 16, 2022 by HawkeNN

mac_gyver · December 16, 2022

the following appendices list the major changes to php - https://www.php.net/manual/en/appendices.php you will need to go through and make sure that your code isn't using any backward incompatible or removed features.

the error you posted above has nothing to do with php version. it's due to output being sent prior to the session_start statement. correcting it would involve finding what the output is and eliminating it and/or organizing your code so that the session_start occurs before any output. if you want anyone here to help with your code, you will need to post it.

HawkeNN · December 16, 2022

Quote

Warning: Undefined array key "add-task" in /homepages/27/d944683530/htdocs/admin_api.php on line 659

Warning: Undefined array key "r_item" in /homepages/27/d944683530/htdocs/admin_api.php on line 676

Warning: Undefined array key "game_name" in /homepages/27/d944683530/htdocs/admin_api.php on line 768

Warning: Undefined array key "a_title" in /homepages/27/d944683530/htdocs/admin_api.php on line 802

Warning: Undefined array key "afbads" in /homepages/27/d944683530/htdocs/admin_api.php on line 841

Warning: Undefined array key "user_b" in /homepages/27/d944683530/htdocs/admin_api.php on line 857

ERRORS.

Quote

<?php
include 'session.php';
include 'db.php';
include 'demo.php';
?>

<?php

if (isset($_POST['edit_offer'])) {
if(!$demo) {
$rand = rand();

if (isset($_FILES["fileToUpload"])) {

if(!$_FILES["fileToUpload"]["name"]=="")
{

$target_dir = "img/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]).$rand;
$uploadOk = 1;
$imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));

// Check if image file is a actual image or fake image

$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if($check !== false) {
echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
echo "File is not an image.";
$uploadOk = 0;
}

// Check if file already exists
if (file_exists($target_file)) {
echo "Sorry, file already exists.";
$uploadOk = 0;
}

// Check file size
if ($_FILES["fileToUpload"]["size"] > 500000) {
echo "Sorry, your file is too large.";
$uploadOk = 0;
}

// Allow certain file formats
/* if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
&& $imageFileType != "gif" ) {
echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
$uploadOk = 0;
}*/

// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
echo "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
$title = $_POST['title'];
$sub = $_POST['SubTitle'];
$status = $_POST['status'];
$file = url().$target_file;
if (isset($_POST['url'])) {
$url = $_POST['url'];
$update_sql = "UPDATE `offers` SET `title`= '$title', `sub`= '$sub', `status`= '$status', `image`= '$file', `offer_name`= '$url' WHERE id=".$_POST['edit_offer'];
}else {
$update_sql = "UPDATE `offers` SET `title`= '$title', `sub`= '$sub', `status`= '$status', `image`= '$file' WHERE id=".$_POST['edit_offer'];
}

$db = mysqli_query($link,$update_sql);
if ($db) {
header("Location: ".url());
}else {echo mysqli_error($link);}

echo "The file ". htmlspecialchars( basename( $_FILES["fileToUpload"]["name"])). " has been uploaded.";
} else {
echo "Sorry, there was an error uploading your file.";
}
}
}else {
$file = url().$target_file;
$title = $_POST['title'];
$sub = $_POST['SubTitle'];
$status = $_POST['status'];
if (isset($_POST['url'])) {

$url = $_POST['url'];
$update_sql = "UPDATE `offers` SET `title`= '$title', `sub`= '$sub', `status`= '$status', `offer_name`= '$url' WHERE id=".$_POST['edit_offer'];
}else {
$update_sql = "UPDATE `offers` SET `title`= '$title', `sub`= '$sub', `status`= '$status' WHERE id=".$_POST['edit_offer'];
}

$db = mysqli_query($link,$update_sql);
if ($db) {
header("Location: ".url());
}else {echo mysqli_error($link);}

}

}else {
$file = url().$target_file;
$title = $_POST['title'];
$sub = $_POST['SubTitle'];
$status = $_POST['status'];
if (isset($_POST['url'])) {
$url = $_POST['url'];
$update_sql = "UPDATE `offers` SET `title`= '$title', `sub`= '$sub', `status`= '$status', `offer_name`= '$url' WHERE id=".$_POST['edit_offer'];
}else {
$update_sql = "UPDATE `offers` SET `title`= '$title', `sub`= '$sub', `status`= '$status' WHERE id=".$_POST['edit_offer'];
}

$db = mysqli_query($link,$update_sql);
if ($db) {
header("Location: ".url());
}else {echo mysqli_error($link);}

}

}

else {
header("Location: ".url());
}

}

if (isset($_POST['add_redeem'])) {
if(!$demo) {
$rand = rand();
if (isset($_FILES["fileToUpload"])) {

$target_dir = "img/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]).$rand;
$uploadOk = 1;
$imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));

// Check if image file is a actual image or fake image

$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if($check !== false) {
echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
echo "File is not an image.";
$uploadOk = 0;
}

// Check if file already exists
if (file_exists($target_file)) {
echo "Sorry, file already exists.";
$uploadOk = 0;
}

// Check file size
if ($_FILES["fileToUpload"]["size"] > 500000) {
echo "Sorry, your file is too large.";
$uploadOk = 0;
}

// Allow certain file formats
/*if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
&& $imageFileType != "gif" ) {
echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
$uploadOk = 0;
}*/

// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
echo "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {

$name = $_POST['name'];
$symbol = $_POST['symbol'];
$hint = $_POST['hint'];
$type = $_POST['type'];
$more = $_POST['more'];
$file = url().$target_file;
$add_r = "INSERT INTO reward (name,image,symbol,hint,input_type,details) VALUES ('$name','$file','$symbol','$hint','$type','$more')";
   $send_r= mysqli_query($link,$add_r);
if ($send_r) {
header("Location: redeem.php");
}else {echo mysqli_error($link);}

echo "The file ". htmlspecialchars( basename( $_FILES["fileToUpload"]["name"])). " has been uploaded.";
} else {
echo "Sorry, there was an error uploading your file.";
}
}

}

}else {
header("Location: redeem.php");
}

}

if (isset($_POST['delt'])) {
$url = $_POST['url'];
if(!$demo) {
$clm_name = $_POST['clm_name'];
$r_id = $_POST['r_id'];
$sql = "DELETE FROM $clm_name WHERE id='$r_id'";
$res = mysqli_query($link, $sql);
if ($res) {
header("Location: ".$url);
} else {
echo "Error deleting record: " . mysqli_error($conn);}
}else {
header("Location: ".$url);
}
}

if (isset($_POST['edit_redeem'])) {

if(!$demo) {

if(!$_FILES["fileToUpload"]["name"]=="")
{
$rand = rand();

$target_dir = "img/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]).$rand;
$uploadOk = 1;
$imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));

// Check if image file is a actual image or fake image

$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if($check !== false) {
echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
echo "File is not an image.";
$uploadOk = 0;
}

// Check if file already exists
if (file_exists($target_file)) {
echo "Sorry, file already exists.";
$uploadOk = 0;
}

// Check file size
if ($_FILES["fileToUpload"]["size"] > 500000) {
echo "Sorry, your file is too large.";
$uploadOk = 0;
}

// Allow certain file formats
/* if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
&& $imageFileType != "gif" ) {
echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
$uploadOk = 0;
}*/

// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
echo "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {

$name = $_POST['name'];
$symbol = $_POST['symbol'];
$hint = $_POST['hint'];
$type = $_POST['type'];
$more = $_POST['more'];
$file = url().$target_file;
$up = "UPDATE `reward` SET `name`= '$name', `symbol`= '$symbol', `hint`= '$hint', `input_type`= '$type',`image`= '$file',`details`= '$more' WHERE id=".$_POST['edit_redeem'];
$db = mysqli_query($link,$up);

if ($db) {
header("Location: redeem.php");
}else { echo mysqli_error($link);}

echo "The file ". htmlspecialchars( basename( $_FILES["fileToUpload"]["name"])). " has been uploaded.";
} else {
echo "Sorry, there was an error uploading your file.";
}
}
}else {
$name = $_POST['name'];
$coins = $_POST['coins'];
$amount = $_POST['amount'];
$symbol = $_POST['symbol'];
$hint = $_POST['hint'];
$type = $_POST['type'];
$more = $_POST['more'];

$up = "UPDATE `reward` SET `name`= '$name', `symbol`= '$symbol', `hint`= '$hint', `input_type`= '$type', `details`= '$more' WHERE id=".$_POST['edit_redeem'];
$db = mysqli_query($link,$up);
if ($db) {
header("Location: redeem.php");
}else { echo mysqli_error($link);}
}
}else {
header("Location: redeem.php");
}
}

if (isset($_POST['view_action'])) {
if(!$demo) {
$name = $_POST['view_action'];
$up = "UPDATE `reward_list` SET `status`= '$name' WHERE id = ".$_POST['view_id'];
$db = mysqli_query($link,$up);
if ($db) {
header("Location: redeem-request.php");
}else {
echo mysqli_error($link);
}
}else {
header("Location: redeem-request.php");
}
}

if (isset($_POST['add-offer'])) {

if(!$demo) {

if (isset($_FILES["fileToUpload"])) {

$target_dir = "img/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));

// Check if image file is a actual image or fake image

$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if($check !== false) {
echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
echo "File is not an image.";
$uploadOk = 0;
}

// Check if file already exists
if (file_exists($target_file)) {
echo "Sorry, file already exists.";
$uploadOk = 0;
}

// Check file size
if ($_FILES["fileToUpload"]["size"] > 500000) {
echo "Sorry, your file is too large.";
$uploadOk = 0;
}

// Allow certain file formats
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
&& $imageFileType != "gif" ) {
echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
$uploadOk = 0;
}

// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
echo "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
$title = $_POST['title'];
$SubTitle = $_POST['SubTitle'];
$url = $_POST['url'];
$file = url().$target_file;
$add_r = "INSERT INTO offers (title,image,sub,offer_name,type) VALUES ('$title','$file','$SubTitle','$url','1')";
$send_r= mysqli_query($link,$add_r);
if ($send_r) {
header("Location: ".url());
}else {
echo mysqli_error($link);
}
echo "The file ". htmlspecialchars( basename( $_FILES["fileToUpload"]["name"])). " has been uploaded.";
} else {
echo "Sorry, there was an error uploading your file.";
}
}

}else {

$title = $_POST['title'];
$SubTitle = $_POST['SubTitle'];
$add_r = "INSERT INTO offers (title,sub,offer_name,type) VALUES ('$title','$SubTitle','$url','1')";
    $send_r= mysqli_query($link,$add_r);
if ($send_r) {
header("Location: ".url());
}else {
echo mysqli_error($link);
}
}
} else {
header("Location: ".url());
}

}

if (isset($_POST['settings_user'])) {

if(!$demo) {

$d_b = $_POST['d_b'];
$spin = $_POST['spin'];
$Invited = $_POST['Invited'];
$Referral = $_POST['Referral'];
$Shere = $_POST['Shere'];
$app_id = $_POST['os_app_id'];
$api = $_POST['os_rest_api'];

$up = "UPDATE `settings` SET `daily_b_points`= '$d_b', `invited_user_bonus`= '$Invited', `referral_bonus`= '$Referral', `refer_msg`= '$Shere', `daily_spins`= '$spin',`os_app_id`= '$app_id', `os_rest_api`= '$api'";
$db = mysqli_query($link,$up);

if ($db) {

header("Location: settings.php");
}
else { echo mysqli_error($link);
}
}else {
header("Location: settings.php");
}
}

if (isset($_POST['settings_wall'])) {

if(!$demo) {

$ot_app = $_POST['ot_app'];
$ot_k = $_POST['ot_k'];
$p_id = $_POST['p_id'];
$adg = $_POST['adg'];
$OT_PUB = $_POST['ot_pub'];

$up = "UPDATE `settings` SET `OT_APP_ID`= '$ot_app', `OT_KEY`= '$ot_k', `PF_ID`= '$p_id', `AG_WALLCODE`= '$adg',`OT_PUB`= '$OT_PUB'";
$db = mysqli_query($link,$up);

if ($db) {

header("Location: settings.php");
}
else { echo mysqli_error($link);
}
}else {
header("Location: settings.php");
}
}

if (isset($_POST['edit_user'])) {

if(!$demo) {

$u = $_POST['edit_user'];

$email = $_POST['email'];
$name = $_POST['name'];
$phone = $_POST['phone'];
$points = $_POST['points'];

$up = "UPDATE `users` SET `email`= '$email', `name`= '$name', `phone`= '$phone', `points`= '$points' WHERE username = '$u'";
$db = mysqli_query($link,$up);

if ($db) {

header("Location: users.php");
}
else { echo mysqli_error($link);
}
}else {
header("Location: users.php");
}
}

if(isset($_POST['admin_update'])){
$u = $_POST['admin_update'];
if(!$demo) {
$rand = rand();
if(!basename($_FILES["fileToUpload"]["name"])=="")
{

$target_dir = "img/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]).$rand;
$uploadOk = 1;
$imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));

// Check if image file is a actual image or fake image

$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if($check !== false) {
echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
echo "File is not an image.";
$uploadOk = 0;
}

// Check if file already exists
if (file_exists($target_file)) {
echo "Sorry, file already exists.";
$uploadOk = 0;
}

// Check file size
if ($_FILES["fileToUpload"]["size"] > 500000) {
echo "Sorry, your file is too large.";
$uploadOk = 0;
}

// Allow certain file formats
/*if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
&& $imageFileType != "gif" ) {
echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
$uploadOk = 0;
}*/

// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
echo "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
$pro = url().$target_file;

echo "The file ". htmlspecialchars( basename( $_FILES["fileToUpload"]["name"])). " has been uploaded.";
} else {
echo "Sorry, there was an error uploading your file.";
}
}
}else {
$pro = $_POST['pro'];
echo "this";
}

if(isset($_POST['old']) && isset($_POST['new']) && !$_POST['old']=="" && !$_POST['new']==""){
$old = $_POST['old'];
$new = $_POST['new'];
$old_pass = hash('sha256', $old);
$new_pass = hash('sha256', $new);
$check = mysqli_query($link,"SELECT * FROM tbl_admin");
$re = mysqli_fetch_assoc($check);
if($re['password']==$old_pass){
$email = $_POST['email'];
$name = $_POST['name'];
$company = $_POST['company'];
$username = $_POST['username'];
$update = mysqli_query($link,"UPDATE tbl_admin SET email='$email',name='$name',company='$company', password='$new_pass', profile='$pro',username = '$username'");
if($update){
header("Location: profile.php");
}else {
echo "Update Failed With Password";
}
}else {
echo "Password Not Match";
}
}else {
$email = $_POST['email'];
$name = $_POST['name'];
$company = $_POST['company'];
$username = $_POST['username'];
$update = mysqli_query($link,"UPDATE tbl_admin SET email='$email',name='$name',company='$company' , profile='$pro', username='$username'");
if($update){
header("Location: profile.php");
}else {
echo "Update Failed";
}
}
}else {
header("Location: profile.php");
}
}

if (isset($_POST['edit-task'])) {
if(!$demo) {
$invites = $_POST['invites'];
$points = $_POST['points'];
$up = "UPDATE `ref_achi` SET `invites`= '$invites', `points`= '$points' WHERE id=".$_POST['edit-task'];
$db = mysqli_query($link,$up);
if ($db) {
header("Location: refer-task.php");
}else {
echo mysqli_error($link);
}
}else {
header("Location: refer-task.php");
}
}

if (isset($_POST['vpn_check'])) {
if(!$demo) {
if (isset($_POST['vpn'])) {
$vpn = 1;
}else
{
$vpn = 0;
}
$vpn = $_POST['vpn'];
if($vpn==0 or $vpn == 1){

$up = "UPDATE `settings` SET `vpn`= '$vpn'";
$db = mysqli_query($link,$up);
if ($db) {
header("Location: settings.php");
}else {
echo mysqli_error($link);
}
}else
{
echo "Invalid value";
}
}else {
header("Location: settings.php");
}
}

if ($_POST['add-task']) {
if(!$demo) {
$invites = $_POST['invites'];
$points = $_POST['points'];
$register_user = "INSERT INTO ref_achi (invites,points) VALUES ('$invites','$points')";
   $send_server= mysqli_query($link,$register_user);
if ($send_server) {
header("Location: refer-task.php");
}else {
echo mysqli_error($link);
}
}else {
header("Location: refer-task.php");
}
}

if ($_POST['r_item']) {
if(!$demo) {
$coins = $_POST['coins'];
$amount = $_POST['amount'];
$r_id = $_POST['r_item'];
$register_user = "INSERT INTO reward_amounts (coins,amount,r_id) VALUES ('$coins','$amount','$r_id')";
   $send_server= mysqli_query($link,$register_user);
if ($send_server) {
header("Location: redeem-list.php?i=".$_POST['r_item']);
}else {
echo mysqli_error($link);
}
}else {
header("Location: redeem-list.php?i=".$_POST['r_item']);
}
}

if (isset($_POST['edit_r_item'])) {
if(!$demo) {
$coins = $_POST['coins'];
$amount = $_POST['amount'];
$r_id = $_POST['edit_r_item'];
$up = "UPDATE `reward_amounts` SET `coins`= '$coins', `amount`= '$amount' WHERE id=".$r_id;
$db = mysqli_query($link,$up);
if ($db) {
header("Location: redeem.php");
}else {
echo mysqli_error($link);
}
}else {
header("Location: redeem.php");
}
}

if (isset($_POST['eboot'])) {

if(!$demo) {

if (isset($_FILES["fileToUpload"])) {

$target_dir = "img/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));

// Check if image file is a actual image or fake image

$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if($check !== false) {
echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
echo "File is not an image.";
$uploadOk = 0;
}

// Check file size
if ($_FILES["fileToUpload"]["size"] > 500000) {
echo "Sorry, your file is too large.";
$uploadOk = 0;
}

// Allow certain file formats
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
&& $imageFileType != "gif" ) {
echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
$uploadOk = 0;
}

// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
echo "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], "examples/eboot.".$imageFileType)) {

echo "The file ". htmlspecialchars( basename( $_FILES["fileToUpload"]["name"])). " has been uploaded.";
header("Location: settings.php");
} else {
echo "Sorry, there was an error uploading your file.";
}
}

}
}else {
header("Location: settings.php");
}
}

if ($_POST['game_name']) {
if(!$demo) {
$name = $_POST['game_name'];
$image = $_POST['image'];
$url = $_POST['url'];
$register_user = "INSERT INTO games (title,image,game) VALUES ('$name','$image','$url')";
   $send_server= mysqli_query($link,$register_user);
if ($send_server) {
header("Location: game.php");
}else {
echo mysqli_error($link);
}
}else {
header("Location: game.php");
}
}

if (isset($_POST['edit_game_name'])) {
if(!$demo) {
$name = $_POST['edit_game_name'];
$image = $_POST['image'];
$url = $_POST['url'];
$up = "UPDATE `games` SET `title`= '$name', `image`= '$image', `game`= '$url' WHERE id=".$_POST['game_id'];
$db = mysqli_query($link,$up);
if ($db) {
header("Location: game.php");
}else {
echo mysqli_error($link);
}
}else {
header("Location: game.php");
}
}

if ($_POST['a_title']) {
if(!$demo) {
$a_title = $_POST['a_title'];
$image = $_POST['image'];
$url = $_POST['url'];
$points = $_POST['points'];
$time = $_POST['time'];
$register_user = "INSERT INTO readTask (title,image,points,time,url) VALUES ('$a_title','$image','$points','$time','$url')";
   $send_server= mysqli_query($link,$register_user);
if ($send_server) {
header("Location: article.php");
}else {
echo mysqli_error($link);
}
}else {
header("Location: article.php");
}
}

if (isset($_POST['aa_title'])) {
if(!$demo) {
$a_title = $_POST['aa_title'];
$image = $_POST['image'];
$url = $_POST['url'];
$points = $_POST['points'];
$time = $_POST['time'];
$up = "UPDATE `readTask` SET `title`= '$a_title', `image`= '$image', `points`= '$points', `time`= '$time', `url`= '$url' WHERE id=".$_POST['a_id'];
$db = mysqli_query($link,$up);
if ($db) {
header("Location: article.php");
}else {
echo mysqli_error($link);
}
}else {
header("Location: article.php");
}
}

if ($_POST['afbads']) {
if(!$demo) {
$fbadsunit = $_POST['afbads'];
$fbadtime = $_POST['afbtime'];
$register_user = "UPDATE `settings` SET `fb_ad_id`= '$fbadsunit', `fb_ad_time`= '$fbadtime'";
   $send_server= mysqli_query($link,$register_user);
if ($send_server) {
header("Location: settings.php");
}else {
echo mysqli_error($link);
}
}else {
header("Location: settings.php");
}
}

if ($_POST['user_b']) {
if(!$demo) {
$id = $_POST['user_b'];
$status = $_POST['status'];
$register_user = "UPDATE `users` SET `status`= '$status' WHERE id = '$id'";
   $send_server= mysqli_query($link,$register_user);
if ($send_server) {
if(!isset($_POST['r']))
{
header("Location: users.php");
}else
{
header("Location: redeem-request.php");
}
}else {
echo mysqli_error($link);
}
}else {
if(!isset($_POST['r']))
{
header("Location: users.php");
}else
{
header("Location: redeem-request.php");
}
}
}
?>

Code. that's the new errors when i put php8.0

NOTE: THE CODE IS FULLY WORKING IF I USE IT ON PHP:7.3

i want to make it to work perfectly to php 8.0 and i'm receiving only errors..

Edited December 16, 2022 by HawkeNN

mac_gyver · December 16, 2022

this code always produced the list of posted undefined errors, but they were hidden due to php's error related settings not setup so that ALL php detected errors would be reported and displayed. basically, this code was developed on a system where php wasn't setup to help the developer write good code.

the solution is to find and fix what's causing each error. for the first add-task error in this line - if ($_POST['add-task']) {. the generally correct way of detecting which of several post method forms has been submitted is to use a hidden form field, with a unique value in it that you can test and use to control what form processing code to execute.

the post method form processing for the add-task, is not secure (none of the database code is), has no validation logic, is filled with copying of variables to other variables for nothing, is filled without verbose variable names, shouldn't unconditionally output raw database statement errors onto a web page, doesn't have any exit/die statement to stop php code execution, and should redirect to the exact same url of the current page upon successful completion.

HawkeNN · December 16, 2022

whaaat... I did not understand anything 😁😁😁

just with 2-3 words. Can i fix it or no?

i mean everything was working on php 7.3 and when i choose php 8.0 from the admin panel, this error appears..

can i hide them at least so my site works fine...


Warning: session_start(): Session cannot be started after headers have already been sent in /homepages/27/d944683530/htdocs/session.php on line 2

Warning: Cannot modify header information - headers already sent by (output started at /homepages/27/d944683530/htdocs/notification.php:1) in /homepages/27/d944683530/htdocs/session.php on line 7

Warning: Undefined variable $link in /homepages/27/d944683530/htdocs/inc/nav.php on line 2

Fatal error: Uncaught TypeError: mysqli_query(): Argument #1 ($mysql) must be of type mysqli, null given in /homepages/27/d944683530/htdocs/inc/nav.php:2 Stack trace: #0 /homepages/27/d944683530/htdocs/inc/nav.php(2): mysqli_query(NULL, 'SELECT * FROM t...') #1 /homepages/27/d944683530/htdocs/notification.php(6): include('/homepages/27/d...') #2 {main} thrown in /homepages/27/d944683530/htdocs/inc/nav.php on line 2

the errors are everywhere.... how can i fix them

Edited December 16, 2022 by HawkeNN

ginerjm · December 16, 2022

Standard php usage starts the session first thing and headers are output before any other output is sent to the client. Re-sequence your code and eliminate some of your errors right away.

FWIW - every single one of my scripts starts like this:

<?php

session_start();

Scripts mind you. Not modules that are included.

mac_gyver · December 16, 2022

10 minutes ago, HawkeNN said:

i mean everything was working on php 7.3

just because code produces the expected result under perfect conditions, doesn't mean that the code is finished and ready to be used. this code will fall apart when it has to deal with real-world inputs. this code needs to be completely rewritten to make it secure, provide a good user experience, to eliminate all the unnecessary variables, and to add useful validation logic and error handling, so that the code will either work or it will tell you why it doesn't.

HawkeNN · December 16, 2022

the script is admin panel for mobile application. i bought it, and all was fine, now my hosting company want from me to update the code to 8.0php, but i don't know how....

the guy from who i purchase the code, don't work anymore... and can't contact him as well... and for this i'm searching for help, so i can update it, and work as admin panel.

ginerjm · December 16, 2022

Big thing, as you have been told, is to change the code. The person who wrote it may not have been the best.

Stop entering and leaving php mode. That means forget the ?> tag. Don't ever use it. Never. Not recommended, even at the end of a script.

Show us this "session.php" module. I'd like to see what something with that name is doing for you.

PS - going to have to go do some snow removal soon so if you want to continue this conv you'll have to keep up with your responses or I'll have to leave you hanging for a few

Edited December 16, 2022 by ginerjm

HawkeNN · December 16, 2022

Quote

<?php
session_start();

//onclick="this.disabled='disabled';"
if(empty($_SESSION['username']))
   header("Location: login.php");

?>

<?php

function url(){
$protocol = ((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off') || $_SERVER['SERVER_PORT'] == 443) ? "https://" : "http://";
$url = $protocol . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
return str_replace("admin_api.php","",$url);
}


?>

that's the file, please don't close this topic

ginerjm · December 16, 2022

Ok - your author seems to be sloppy or just not well trained. When one does a header to leave the current script one needs to do an exit or else the execution just keeps going.

HawkeNN · December 16, 2022

What you need? I will give you everything

ginerjm · December 16, 2022

Add an exit to to follow that header call to the login script. That s/b obvious from what I told you and if it's not you have a whole lot to learn.

HawkeNN · December 16, 2022

name of the file you want? really don't know what you need..

ginerjm · December 16, 2022

I don't know what your last post is talking about.

Go to the code that is making the header call to the login script. Add a line

exit();

after that. Be sure that the 2 lines are wrapped in {} to include them within the if statement.

HawkeNN · December 16, 2022

can't make it, ,the whole site stop where i put "exit();" or my login panel stops work... could you add me in skype, so you can check via "anydesk" please..

stelio_pzz - skype

Edited December 16, 2022 by HawkeNN

ginerjm · December 16, 2022

Of course it stops that is what an exit does.

So I think you are saying that the login script is dying on you. Well, add some echos in there to see what is happening. That is how you debug.

HawkeNN · December 16, 2022

how to add these "echos"? where to add them

ginerjm · December 16, 2022

Post the login script here. Be sure to show the name so we can keep track of your code.

HawkeNN · December 16, 2022

Just now, ginerjm said:

Post the login script here. Be sure to show the name so we can keep track of your code.

Quote

<?php
session_start();
ob_start();
include 'db.php';
extract($_REQUEST);
$data =" ";
if(@$usernamee){
$pwd = hash('sha256', $password);

$sql = "SELECT * FROM tbl_admin WHERE username=? AND password=?";
$stmt = $link->prepare($sql);
$stmt->bind_param("ss", $usernamee, $pwd);
$stmt->execute();
$result = $stmt->get_result();

if(mysqli_num_rows($result)>=1){
$_SESSION['username']=$username;
header("Location: index.php");
}else {
$data = "Invalid Login ID";
}
}

$sql = mysqli_query($link,"SELECT * FROM tbl_admin");
$res = mysqli_fetch_assoc($sql);
$_SESSION['company']=$res['company'];
ob_end_flush();
?>
<?php include 'inc/head.php';?>
<body class="crm_body_bg">

<section class="main_content dashboard_part large_header_bg" style="padding: 0;">

<div class="main_content_iner ">
<div class="container-fluid p-0">
<div class="row justify-content-center">
<div class="col-12">
<div class="dashboard_header mb_50">
<div class="row">
<div class="col-lg-6">
<div class="dashboard_header_title">
<h3><?php echo $res['company'];?>- Login</h3>
</div>
</div>

</div>
</div>
</div>
<div class="col-lg-12">
<div class="white_box mb_30">
<div class="row justify-content-center">
<div class="col-lg-6">

<div class="modal-content cs_modal">
<div class="modal-header justify-content-center theme_bg_1">
<h5 class="modal-title text_white">Log in</h5>
</div>
<div class="modal-body">

<div class="text-center text-muted mb-4">
<small>
<?php if($data!=" "){
echo "<div class='alert alert-warning' role='alert'>
<span class='alert-icon'><i class='ni ni-like-2'></i></span>
<span class='alert-text'><strong>Warning! </strong> $data</span>
</div>";
}
?>

</small>
</div>

<form role="form" action="" method="post">
<div class="form-group">
<input class="form-control" placeholder="Username" name="usernamee" type="text">
</div>
<div class="form-group">
<input class="form-control" placeholder="Password" name="password" type="password">
</div>
<button type="submit"class="btn_1 full_width text-center">Log in</button>

</form>

</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>

</section>

<script src="js/jquery-3.4.1.min.js"></script>

<script src="js/popper.min.js"></script>

<script src="js/bootstrap.min.js"></script>

<script src="js/metisMenu.js"></script>

<script src="vendors/scroll/perfect-scrollbar.min.js"></script>
<script src="vendors/scroll/scrollable-custom.js"></script>

<script src="js/custom.js"></script>

</body>
</html>

thats the login.php file

ginerjm · December 16, 2022

Made some cleanups and corrections. This is so much more than a "login" script. In fact I don't see it actually logging in someone but rather just showing a page if the username is known and it doesn't seem to do a login. It also has multiple html errors such as no doctype tag, nor head not html and the js code seems to be not in the head area at all.

<?php
// login.php
session_start();
ob_start();
include 'db.php';
extract($_REQUEST);		// POOR CODING  SHOULD USE GET OR POST AND NOT REQUEST
echo "in login.php at line ".__LINE__."<br>";
$data =" ";
if(@$usernamee)	// BAD PRACTICE USING THE @ SIMPLY HIDES ERRORS AND YOU SHOULD NOT IGNORE THEM.  FIX THE CODE AND REMOVE THE @
		// WHY THE 2 E'S IN THE VARIABLE NAME???
{
    $pwd = hash('sha256', $password);
    $sql = "SELECT * FROM tbl_admin WHERE username=? AND password=?";	// SHOULD NAME THE COLUMNS YOU WANT AND NOT USE *
    $stmt = $link->prepare($sql); 
    $stmt->bind_param("ss", $usernamee, $pwd);
    $stmt->execute();
    $result = $stmt->get_result();	//  WHAT IS GET_RESULT?  IS THAT A MYSQLI FUNCTION INSTEAD OF A FETCH?
    if(mysqli_num_rows($result)>=1)
	{
		$_SESSION['username']=$username;	// WHERE DID THIS VARIABLE GET CREATED??
		header("Location: index.php");	// SHOULD HAVE AN EXIT AFTER ANY REDIRECT (WHICH IS THIS)
    }
	else 
		$data = "Invalid Login ID";
}
echo "in login.php at line ".__LINE__."<br>";
$sql = mysqli_query($link,"SELECT * FROM tbl_admin");	// SHOULD NAME THE COLUMNS YOU WANT AND NOT USE *
$res = mysqli_fetch_assoc($sql);
$_SESSION['company'] = $res['company'];
ob_end_flush();
include 'inc/head.php';

$code=<<<heredocs
<body class="crm_body_bg">
<section class="main_content dashboard_part large_header_bg" style="padding: 0;">
<div class="main_content_iner ">
<div class="container-fluid p-0">
<div class="row justify-content-center">
<div class="col-12">
<div class="dashboard_header mb_50">
<div class="row">
<div class="col-lg-6">
<div class="dashboard_header_title">
<h3>{$res['company']} - Login</h3>
</div>
</div>
</div>
</div>
</div>
<div class="col-lg-12">
<div class="white_box mb_30">
<div class="row justify-content-center">
<div class="col-lg-6">
<div class="modal-content cs_modal">
<div class="modal-header justify-content-center theme_bg_1">
<h5 class="modal-title text_white">Log in</h5>
</div>
<div class="modal-body">
<div class="text-center text-muted mb-4">
<small>
heredocs;
echo $code;

echo "in login.php at line ".__LINE__."<br>";
if($data != " ")
{
	echo "<div class='alert alert-warning' role='alert'>
		<span class='alert-icon'><i class='ni ni-like-2'></i></span>
		<span class='alert-text'><strong>Warning! </strong> $data</span>
		</div>";
}
$code=<<<heredocs
</small>
</div>
<form role="form" action="" method="post">
<div class="form-group">
<input class="form-control" placeholder="Username" name="usernamee" type="text">
</div>
<div class="form-group">
<input class="form-control" placeholder="Password" name="password" type="password">
</div>
<button type="submit"class="btn_1 full_width text-center">Log in</button>
</form>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</section>
<script src="js/jquery-3.4.1.min.js"></script>
<script src="js/popper.min.js"></script>
<script src="js/bootstrap.min.js"></script>
<script src="js/metisMenu.js"></script>
<script src="vendors/scroll/perfect-scrollbar.min.js"></script>
<script src="vendors/scroll/scrollable-custom.js"></script>
<script src="js/custom.js"></script>
</body>
</html>
heredocs;
echo $code;

The guy who wrote this did not follow normal practice. He is using extract to retrieve the inputs from your form's POST array instead of actually referencing them as what they are - elements of the $_POST array created when a form is submitted. This is noted in the official php manual as "bad practice" and highlighted there.

I don't now what is supposed to be happening here but I assume you do. So read thru it and try to understand what is going on and see if it makes sense. Note my comments about the things that looking at. I will not even try to figure out the logic and leave that to you. And if you don't now PHP you may be out in the cold.

Sign In

hello, need help with a php script

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Join the conversation

Important Information