How to pass a variable to sql query

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

How to pass a variable to sql query

Postby roma2509 » Thu Sep 13, 2012 8:35 am

Hi to all. I have a script that modified some dates in a mysql table. When I modify some thing with this script I what to modify a folder name. In this script I use php function rename. But on submit button I get the error "Invalid argument in /home/a9225197/public_html/admin/edit_post.php on line 87", and I understand that I do something wrong this sql query.
My cod is:
Syntax: [ Download ] [ Hide ]
<?php
/**
 *
 * eliteCMS - The Lightweight CMS Copyright © 2008 elite-graphix.net.
 * eliteCMS is a free software to use for personal websites.
 * Anyone can use eliteCMS for free as long as he retain the
 * copyright note at the footer.
 * If anyone wants to remove the copyright note for commercial
 * use of the software can contact raj@elite-graphix.net.
 * eliteCMS comes with absolutely no warranty and is provided as-is.
 * raj - THE AUTHOR of the software or elite-graphix - THE COMPANY
 * will not be held responsible for any damage this software might cause.
 * You run this software at your own risk and agree not to hold author or company.
 * You are not allowed to make any profit from this software unless you
 * have a written authorization from the author to use the software for commercial use.
 *
 */

include ("includes/headerRefresh.php");
include ("includes/config.php");
include ("functions/functions.php");
require_once ("includes/session.php");
check_login();
?>
<?php get_settings(); ?>
<?php if ((intval($_GET['page']) == 0) || (intval($_GET['post']) == 0)) {
    redirect_to("manage_posts.php");
} ?>
<?php include ("header.php") ?>
<?php
$errors = array();
if (isset($_POST['submit'])) {
        $postid= $posts['id'];
$query2 = "SELECT * FROM posts where id='$postid'";
$result2 = mysql_query($query2);
while($row = mysql_fetch_array($result2)){
$oldname = $row['dirname'];
echo $oldname;
}

    if ($_POST['title'] == "")
        $errors['title'] = "Title of the Post is required !";

    if ($_POST['position'] == "")
        $errors['position'] = "Position of the Post is required !";

    if ($_POST['content'] == "")
        $errors['content'] = "Content of the Post is required !";


    if (empty($errors)) {

        $id = mysql_prep($_GET['post']);
        $page_id = mysql_prep($_POST['page_id']);
        $title = mysql_prep($_POST['title']);
        $active = mysql_prep($_POST['active']);
        $position = mysql_prep($_POST['position']);
        $content = mysql_prep($_POST['content']);
                $address = mysql_prep($_POST['address']);
                $phone = mysql_prep($_POST['phone']);
                $web = mysql_prep($_POST['web']);
                $email = mysql_prep($_POST['email']);
                $video = mysql_prep($_POST['video']);
                $map = mysql_prep($_POST['map']);
                $valid = mysql_prep($_POST['valid']);
                $dirname= mysql_prep($_POST['title']);

        $query = "UPDATE posts SET page_id = '{$page_id}', title = '{$title}', active = '{$active}', position = '{$position}', content = '{$content}', address='{$address}', phone='{$phone}', web='{$web}', email='{$email}', video='{$video}', map='{$map}', valid='{$valid}', dirname='{$dirname}'  WHERE id = {$id} ";
        $result = mysql_query($query);
        confirm_query($result);
        if (mysql_affected_rows() == 1) {
            $successMSG = "Post updated Successfully !";

        } else {
            $errorMSG = "Nothing to Update ! </br>" . mysql_error() . " ";

        }


    } else {
        $displayError = '<div class="errorMSG"><ul style="list-style:none;">';

        foreach ($errors as $error) {
            $displayError .= "<li>$error</li>";
        }
        $displayError .= '</ul></div>';
    }
rename("../uploads/".$oldname, "../uploads/".$dirname);
} else {
    //$errorMSG = "";
}

?>

<div id="body">
<div class="box bigBox">
<h1>Add New Post</h1>
<?php display_msg(); ?>
<?php selected_page(); ?>
<form action="<?php echo $PHP_SELF; ?>" method="post">
<table width="100%" align="center" cellpadding="0" cellspacing="0" id="post_form">
<tr bgcolor="#EEF7FD">
<td width="27%" class="padd">Categoria Companie :</td>
<td width="73%" class="padd">
<select name="page_id" class="select1" onChange="MM_jumpMenu('parent',this,0)">
<?php
if (isset($selected_page['id'])) {
    echo "<option value=\"{$selected_page['id']}\">{$selected_page['menu_name']}</option>\n";
} else {
    $query = "SELECT * FROM pages ORDER BY id";
    $result = mysql_query($query);
    confirm_query($result);
    while ($pages = mysql_fetch_array($result)) {
        echo "<option value=\"add_post.php?page={$pages['id']}\">{$pages['menu_name']}</option>\n";
    }
}
?>
</select>
</td>
</tr>
<tr>
<td class="padd">Denumire Companie :</td>
<td class="padd">
<input name="title" type="text" class="input" id="title" value="<?php echo $selected_post['title'] ?>"/>
<?php if (!empty($errors['title'])) {
    echo "&nbsp;<span class=\"mend\">*</span>";
} ?>
</td>
</tr>
<tr bgcolor="#EEF7FD">
<td class="padd">Post Published :</td>
<td class="padd">
<select name="active" class="select">
<option value="1" <?php if ($selected_post['active'] == 1) {
    echo "selected";
} ?>>Yes</option>
<option value="0" <?php if ($selected_post['active'] == 0) {
    echo "selected";
} ?>>No</option>
</select>
</td>
</tr>
<tr>
<td valign="bottom" class="padd">Post Position :</td>
<td valign="bottom" class="padd">
<?php if (isset($_GET['page'])) {
    display_acquired_posts();

} ?>
<input name="position" type="text" class="inputSmall" id="position" value="<?php echo
$selected_post['position'] ?>"/>
<?php if (!empty($errors['position'])) {
    echo "&nbsp;<span class=\"mend\">*</span>";
} ?>
</td>
</tr>
<tr bgcolor="#EEF7FD">
<td class="padd">Descriere Companie</td>
<td class="padd">
<script language="JavaScript1.2" type="text/javascript">
  WYSIWYG.attach('content', full);
  </script>
<textarea name="content" id="content" class="contentArea"><?php echo $selected_post['content'] ?></textarea>
<?php if (!empty($errors['content'])) {
    echo "&nbsp;<span class=\"mend\">*</span>";
} ?>
</td>
</tr>
<tr>
<td class="padd">Adresa Companie :</td>
<td class="padd">
<input name="address" type="text" class="input" id="address" value="<?php echo $selected_post['address'] ?>"/>
<?php if (!empty($errors['address'])) {
    echo "&nbsp;<span class=\"mend\">*</span>";
} ?>
</td>
</tr>

<tr>
<td class="padd">Nr. Telefon Companie :</td>
<td class="padd">
<input name="phone" type="text" class="input" id="phone" value="<?php echo $selected_post['phone'] ?>"/>
<?php if (!empty($errors['phone'])) {
    echo "&nbsp;<span class=\"mend\">*</span>";
} ?>
</td>
</tr>

<tr>
<td class="padd">Adresa Web :</td>
<td class="padd">
<input name="web" type="text" class="input" id="web" value="<?php echo $selected_post['web'] ?>"/>
<?php if (!empty($errors['web'])) {
    echo "&nbsp;<span class=\"mend\">*</span>";
} ?>
</td>
</tr>

<tr>
<td class="padd">Email Companie :</td>
<td class="padd">
<input name="email" type="text" class="input" id="email" value="<?php echo $selected_post['email'] ?>"/>
<?php if (!empty($errors['email'])) {
    echo "&nbsp;<span class=\"mend\">*</span>";
} ?>
</td>
</tr>

<tr>
<td class="padd">Video Link :</td>
<td class="padd">
<input name="video" type="text" class="input" id="video" value="<?php echo $selected_post['video'] ?>"/>
<?php if (!empty($errors['video'])) {
    echo "&nbsp;<span class=\"mend\">*</span>";
} ?>
</td>
</tr>

<tr>
<td class="padd">Harta Companie :</td>
<td class="padd">
<input name="map" type="text" class="input" id="map" value="<?php echo $selected_post['map'] ?>"/>
<?php if (!empty($errors['map'])) {
    echo "&nbsp;<span class=\"mend\">*</span>";
} ?>
</td>
</tr>

<tr>
<td class="padd">Activ pina la: </td>
<td class="padd">
<input name="valid" type="text" class="input" id="valid" value="<?php echo $selected_post['valid'] ?>"/>
<?php if (!empty($errors['valid'])) {
    echo "&nbsp;<span class=\"mend\">*</span>";
} ?>
</td>
</tr>
<tr>
<td>&nbsp;</td>
<td class="padd">
<input type="submit" name="submit" id="submit" value="Update Post"  class="formBU" style="margin-left:120px;"/>
<a href="manage_posts.php" target="_self" class="linkBU">Cancel</a>
<a href="manage_uploads.php" target="_self" class="linkBU">Manage Images</a></td>
</tr>
</table>
</form>
</div>
</div>
<?php include ("footer.php") ?>


And the script from other page that redirects to this page
Syntax: [ Download ] [ Hide ]
<?php
/**
 *
 * eliteCMS - The Lightweight CMS Copyright © 2008 elite-graphix.net.
 * eliteCMS is a free software to use for personal websites.
 * Anyone can use eliteCMS for free as long as he retain the
 * copyright note at the footer.
 * If anyone wants to remove the copyright note for commercial
 * use of the software can contact raj@elite-graphix.net.
 * eliteCMS comes with absolutely no warranty and is provided as-is.
 * raj - THE AUTHOR of the software or elite-graphix - THE COMPANY
 * will not be held responsible for any damage this software might cause.
 * You run this software at your own risk and agree not to hold author or company.
 * You are not allowed to make any profit from this software unless you
 * have a written authorization from the author to use the software for commercial use.
 *
 */

include ("includes/headerRefresh.php");
include ("includes/config.php");
include ("functions/functions.php");
require_once ("includes/session.php");
check_login();
get_settings();
include ("header.php") ?>
<div id="body">
<div class="box bigBox">
<h1>Manage CMS Posts</h1>
<?php
if (isset($_GET['deleted']) && $_GET['deleted'] == 1) {
    $successMSG = "The post has been deleted successfully !.";

}
if (isset($_GET['newpost']) && $_GET['newpost'] == 1) {
    $successMSG = "Post created successfully !.";

}
?>

<?php display_msg(); ?>
<a href="add_post.php" title="Add New Post" target="_self" class="addPageButton">Add New Post</a>
<?php
echo "<table cellspacing=\"0\" cellpadding=\"0\" id=\"pageList\">\n";
echo "<tr>\n";
echo "<th width=\"26%\" scope=\"col\">Page Name</th>\n";
echo "<th width=\"30%\" scope=\"col\"style=\"text-align:left; padding-left:40px;\">Post Title</th>\n";
echo "<th width=\"11%\" scope=\"col\">Post Order</th>\n";
echo "<th width=\"11%\" scope=\"col\">Published</th>\n";
echo "<th width=\"11%\" scope=\"col\">Edit Post</th>\n";
echo "<th width=\"11%\" scope=\"col\">Delete Post</th>\n";
echo "</tr>\n";
$i = 0;
$color1 = "#EEF7FD";
$color2 = "#FFFFFF";
$query = "SELECT * FROM posts ORDER BY page_id";
$result = mysql_query($query);
confirm_query($result);
while ($posts = mysql_fetch_array($result)) {
    $query = "SELECT * FROM pages WHERE id ={$posts['page_id']}";
    $result1 = mysql_query($query);
    confirm_query($result1);
    $page = mysql_fetch_array($result1);
    $i++;
    echo "<tr bgcolor=\"" . (($i % 2 == 0) ? $color1 : $color2) . "\">\n";
    echo "<td>{$page['menu_name']}</td>\n";
    echo "<td style=\"text-align:left; padding-left:5px;\">{$posts['title']}</td>\n";
    echo "<td>{$posts['position']}</td>\n";
    echo "<td>";
    if ($posts['active'] == 0) {
        echo "No";
    } else {
        echo "Yes";
    }
    echo "</td>\n";
    echo "<td><a href=\"edit_post.php?page=" . urlencode($page['id']) . "&post=" .
        urlencode($posts['id']) . "\"><img src=\"images/post_edit.png\" width=\"16\" height=\"16\" /></a></td>\n";
    echo "<td><a href=\"delete_post.php?post=" . urlencode($posts['id']) . "\"><img src=\"images/post_delete.png\" width=\"16\" height=\"16\" onClick=\"return confirm('Are you sure you wann delete this post. This action can not be undone!.');\"/></a></td>\n";
    echo "</tr>\n";

}
echo "</table>\n";
?>
</div>
</div>
<?php include ("footer.php") ?>
roma2509
Forum Newbie
 
Posts: 16
Joined: Fri Sep 07, 2012 6:20 pm

Re: How to pass a variable to sql query

Postby Christopher » Thu Sep 13, 2012 3:23 pm

The error is with line:
Syntax: [ Download ] [ Hide ]
rename("../uploads/".$oldname, "../uploads/".$dirname);
Do you know what the values of $oldname and $dirname are?
(#10850)
User avatar
Christopher
Site Administrator
 
Posts: 12554
Joined: Wed Aug 25, 2004 7:54 pm
Location: New York, NY, US

Re: How to pass a variable to sql query

Postby roma2509 » Thu Sep 13, 2012 4:17 pm

Yes, the problem is in rename function, I know it. But I dont know how to pass a variable into sql query, the problem is in this cod
Syntax: [ Download ] [ Hide ]
$postid= $posts['id'];
$query2 = "SELECT * FROM posts where id='$postid'";
$result2 = mysql_query($query2);
while($row = mysql_fetch_array($result2)){
$oldname = $row['dirname'];
echo $oldname;
}

I need to get the value that is pass from other page, I think from this one:
Syntax: [ Download ] [ Hide ]
echo "<td><a href=\"edit_post.php?page=" . urlencode($page['id']) . "&post=" .
        urlencode($posts['id']) . "\"><img src=\"images/post_edit.png\" width=\"16\" height=\"16\" /></a></td>\n";
roma2509
Forum Newbie
 
Posts: 16
Joined: Fri Sep 07, 2012 6:20 pm

Re: How to pass a variable to sql query

Postby roma2509 » Fri Sep 14, 2012 10:01 am

Ok, the question will be how to get the value of ($posts['id']) that is pass from this code
Syntax: [ Download ] [ Hide ]
echo "<td><a href=\"edit_post.php?page=" . urlencode($page['id']) . "&post=" .
        urlencode($posts['id']) . "\"><img src=\"images/post_edit.png\" width=\"16\" height=\"16\" /></a></td>\n";
from one page to other page. I need to use this value to make a sql query.
roma2509
Forum Newbie
 
Posts: 16
Joined: Fri Sep 07, 2012 6:20 pm

Re: How to pass a variable to sql query

Postby Mordred » Mon Sep 17, 2012 4:51 am

You will find the value in $_GET['post'] in the other page.
Note that there are multiple SQL injection problems with the script as-is, and what you are doing with blindly calling rename() is completely unsafe.
Are you the author of this CMS and if not - why did you chose it specifically? It doesn't look very well written to me.
Things need not have happened to be true. Tales and dreams are the shadow-truths that will endure when mere facts are dust and ashes, and forgot.
Image
My security blog. (not updated lately)
The Unexpected SQL Injection (article) (.txt, cause the .html version is broken)
Password hashing howto (and how not to) (article)
Salt strengths (article)
User avatar
Mordred
DevNet Resident
 
Posts: 1579
Joined: Sun Sep 03, 2006 5:19 am
Location: Sofia, Bulgaria


Return to PHP - Code

Who is online

Users browsing this forum: Bing [Bot], fqwnbekur, Google [Bot], Yahoo [Bot] and 29 guests