Help with PDO stuff

[Paul-D]

Hi I have an error on a web page

Parse error: syntax error, unexpected token ":", expecting "]" in /vhost/r/e/d/redacted/www/secure/SecurePDO.php on line 256

The Code page with all the relevant functions is this. This worked before I converted from my_sql to PDO. Have checked this over and it seems to comply.

function StoreData($Page) at the very end of the file. Thanks for any help.

Quote

<?php
// Banking Version 2.0.0   31-03-2023  redacted.
error_reporting(E_ALL);
ini_set('display_errors', '1');
date_default_timezone_set('Europe/London');
define ('HOSTNAME1', 'redacted'); 
define ('USERNAME1', 'redacted');
define ('PASSWORD1', 'redacted');
define ('DATABASE1', 'redacted');

function connectDB()
{
    static $pdo = null;
    if($pdo === null)
    {
    $host = HOSTNAME1;
    $user = USERNAME1;
    $pass = PASSWORD1;
    $MyDB = DATABASE1;

    $pdo = new PDO("mysql:host=$host; dbname=$MyDB; charset=UTF8", $user, $pass, [
            PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
            PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
            PDO::ATTR_EMULATE_PREPARES   => false,
    ]);
    }
return $pdo;    
}

function Session_Init()
{
if (!isset($_GET['counter']))
    $_GET['counter'] = "";
if (!isset($_SESSION['current_page']))
    $_SESSION['current_page'] = '';
if (!isset($_SESSION['Event_Log']))
    $_SESSION['Event_Log'] = '';
if (!isset($_SESSION['K9']))
    $_SESSION['K9'] = '';
if (!isset($_SESSION['Survalance']))
    $_SESSION['Survalance'] = '';
if (!isset($_SESSION["K208"]))
    $_SESSION["K208"] = '';
if (!isset($_SESSION["Error_1"]))
    $_SESSION["Error_1"] = '';
if (!isset($_SESSION["Error_2"]))
    $_SESSION["Error_2"] = '';
if (!isset($_SESSION["Error_3"]))
    $_SESSION["Error_3"] = '';
if (!isset($_SESSION["Error_4"]))
    $_SESSION["Error_4"] = '';
if (!isset($_SESSION["Error_5"]))
    $_SESSION["Error_5"] = '';
if (!isset($_SESSION["Error_6"]))
    $_SESSION["Error_6"] = '';
if (!isset($_SESSION["Error_7"]))
    $_SESSION["Error_7"] = '';
if (!isset($_SESSION["Error_8"]))
    $_SESSION["Error_8"] = '';
if (!isset($_SESSION["Current"]))
    $_SESSION["Current"] = '';
if (!isset($_SESSION["DE_Retain"]))
    $_SESSION["DE_Retain"] = '0';
if (!isset($_SESSION["DE_Comment"]))
    $_SESSION["DE_Comment"] = '';

// Email Sessions
if (!isset($_SESSION["Name"]))
    $_SESSION["Name"] = '';
if (!isset($_SESSION["Name2"]))
    $_SESSION["Name2"] = '';
if (!isset($_SESSION["Email"]))
    $_SESSION["Email"] = '';
if (!isset($_SESSION["Subject"]))
    $_SESSION["Subject"] = '';
if (!isset($_SESSION["Msg"]))
    $_SESSION["Msg"] = '';
}

function KeyCheckX($key)  
{
    $ret = 1;
    if (!ctype_xdigit($key) || strlen($key) != 32) 
        $ret = "-1";

    $sub = substr($key,4,2) . substr($key,9,2) . substr($key,14,2) . substr($key,22,2);
    $x = isvaliddate($sub);

   if($x == -1)
        $ret = "-1";

        $stamp = hexdec($sub); 
        $now = time();

    if($stamp < $now)
        $ret = -1;
    else
        $ret = 1;
return $ret;
}

function isvaliddate($testdateX)
{
    $ret = -1;
    $x = hexdec($testdateX);
    $d = date("d", $x);
    $m = date("m", $x);
    $y = date("Y", $x);
    if(checkdate($m, $d, $y))
        $ret = 1;
return $ret;
}

function KeyShowX($key)
{
    $sub = substr($key,4,2) . substr($key,9,2) . substr($key,14,2) . substr($key,22,2);
    $x = hexdec($sub);
    $x = date("d-M-Y H:s",$x);
    return $x;
    exit;
}

function KeyTestX($key, $Type)
{  
    $ret = 1;
   if (!ctype_xdigit($key) || strlen($key) != 32) 
       $ret = "-1";

     $sub = substr($key,4,2) . substr($key,9,2) . substr($key,14,2) . substr($key,22,2);
     $x = isvaliddate($sub);
   
   if($x == -1)
        $ret= "-1";
return $ret;
}

function LogMeX($name , $pwd1) 
{
    $pdo = connectDB();
    $Name = md5($name);
    $Pwd1 = md5($pwd1);
    $sqlUser = "SELECT * FROM LIBusersX WHERE UserKey = '$Pwd1' AND UserN = '$Name'";
    $stmt = $pdo->query($sqlUser);
    $rs= $stmt->fetch();
    $User = $rs['User'];
    return $User;        
}

function KeySetX($unit,$val)
{                         
    $t_stamp = time();
    $stamp = $t_stamp + ($unit * $val);
    $key = md5($stamp);
    $now = dechex($stamp);
    //echo date("d m Y H:s",$t_stamp);
    //exit;
    $split = str_split($now, 2); // $split = str_split($now, 2); XXXC
    $key[4] = $split[0][0];
    $key[5] = $split[0][1];
    $key[9] = $split[1][0];
    $key[10] = $split[1][1];
    $key[14] = $split[2][0];
    $key[15] = $split[2][1];
    $key[22] = $split[3][0];
    $key[23] = $split[3][1];
    return $key;
}

function SetMe($Location)
{
    setcookie("Headquarters", "Bananarama", time()+60 * 60 * 24 * 7);
}

function TransposeKey($key)
{
$split = str_split($key,8); // superseeds crossrefimproved October 2015
$split[0] = strrev($split[0]);
$split[1] = strrev($split[1]);
$split[2] = strrev($split[2]);
$split[3] = strrev($split[3]);
$newkey = $split[3] . $split[2] . $split[1] . $split[0];
return $newkey;
}

function get_ip()
 {

     $ip="unknown"; //catch the missed 1%
     if (!empty($_SERVER['HTTP_CLIENT_IP'])) //check ip from share internet
     {
         $ip=$_SERVER['HTTP_CLIENT_IP'];
     }
     elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) //to check ip is pass from proxy
     {
         $ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
     }
     else
     {
         $ip=$_SERVER['REMOTE_ADDR'];
     }
 $pos = strpos($ip, ",");
     if($pos > 0)
     {
         $part = explode("," , $ip);
         $ip = $part[0];
     }
 return $ip;
 }

function mailtoX($page, $subject,$extra) 
{
        $browser = $_SERVER["HTTP_USER_AGENT"];
        $url = $_SERVER["REQUEST_URI"];
        //$extra .= " - " . $$url;
        $IP = get_ip();
          $to = "redacted";
        $from = $page . "redacted";
        $name="Website";
        $stamp = time();
        $val = date("d-m-Y H:i:s",$stamp);
        $headers = "From: $name <$from>\r\n";
        $message = "Message sent from Des Site IP Address " . $IP . "\r\n\r\nTime: " . $val . " (GMT)\r\n\r\nPage: " . $page . " - " . $subject . "\r\n\r\nBrowser: " . $browser . "\r\n\r\n\r\nExra Info: ". $extra . "\r\n\r\n" . $_SERVER["PHP_SELF"];
        ini_set("sendmail_from", "redacted");
        $success = mail($to,$subject, $message, $headers);
}

function StoreData($Page) // E103
{    
  $pdo = connectDB();
  $IP = $_SERVER['REMOTE_ADDR'];
  $IP = get_ip();
  $hit = 'N';
    
  if ($_SESSION['current_page'] == "")
      $hit = 'Y'; 
 
   if($_SESSION['Event_Log'] == 'YES')
  {
      $browser = $_SERVER["HTTP_USER_AGENT"];
      $stamp = time();
      $Date = date('Y-m-d',$stamp);
      $Time = date('H:i:s',$stamp);
      $DateTime = date("Y-m-d H:i:s", $stamp); 
 
    $sql = "INSERT INTO `EventLog` SET
    Date = :ThisDate,
    Stamp = :ThisStamp,
    IP = :ThisIP,
    Page = :ThisPage,
    Browser = :ThisBrowser,
    Hit = :ThisHit";
    
    $stmt = $pdo->prepare($sql);
    $stmt->execute([
    :ThisDate => $Date,
    :ThisStamp => $stamp,
    :ThisIP => $IP,
    :ThisPage => $Page,
    :ThisBrowser => $browser,
    :ThisHit => $hit
    ]);
  }
}
?>
 

x

 

Edited 23 hours ago by requinix
redacting things

[Phi11W]

Named arguments need to be quoted. 

An example from: https://www.php.net/manual/en/pdostatement.execute.php

$sth->execute( array( ':calories' => $calories, ':colour' => $colour ) );

"Unexpected" colons in the middle of PHP code gives it indigestion.  

Regards, 
   Phill Ward. 

 

[Paul-D]

Thanks. I need single quotes around ':ThisDate' working fine now. Thanks again.

 

[Random8]

I'd suggest changing your MySQL password now that you've posted it in a forum

[requinix]

Paul-D: I've redacted a few things in your post as a courtesy but you can safely assume it's already out there on the internet. Be more careful in the future.

 

2 hours ago, Random8 said:

I'd suggest changing your MySQL password now that you've posted it in a forum

Shame about the email addresses too.