Page 1 of 1

How to pass a variable to sql query

Posted: Thu Sep 13, 2012 8:35 am
by roma2509
Hi to all. I have a script that modified some dates in a mysql table. When I modify some thing with this script I what to modify a folder name. In this script I use php function rename. But on submit button I get the error "Invalid argument in /home/a9225197/public_html/admin/edit_post.php on line 87", and I understand that I do something wrong this sql query.
My cod is:

Code: Select all

<?php
/**
 *
 * eliteCMS - The Lightweight CMS Copyright © 2008 elite-graphix.net.
 * eliteCMS is a free software to use for personal websites.
 * Anyone can use eliteCMS for free as long as he retain the
 * copyright note at the footer.
 * If anyone wants to remove the copyright note for commercial
 * use of the software can contact raj@elite-graphix.net.
 * eliteCMS comes with absolutely no warranty and is provided as-is.
 * raj - THE AUTHOR of the software or elite-graphix - THE COMPANY
 * will not be held responsible for any damage this software might cause.
 * You run this software at your own risk and agree not to hold author or company.
 * You are not allowed to make any profit from this software unless you
 * have a written authorization from the author to use the software for commercial use.
 *
 */
include ("includes/headerRefresh.php");
include ("includes/config.php");
include ("functions/functions.php");
require_once ("includes/session.php");
check_login();
?>
<?php get_settings(); ?>
<?php if ((intval($_GET['page']) == 0) || (intval($_GET['post']) == 0)) {
    redirect_to("manage_posts.php");
} ?>
<?php include ("header.php") ?>
<?php
$errors = array();
if (isset($_POST['submit'])) {
	$postid= $posts['id'];
$query2 = "SELECT * FROM posts where id='$postid'";
$result2 = mysql_query($query2);
while($row = mysql_fetch_array($result2)){
$oldname = $row['dirname'];
echo $oldname;
}

    if ($_POST['title'] == "")
        $errors['title'] = "Title of the Post is required !";

    if ($_POST['position'] == "")
        $errors['position'] = "Position of the Post is required !";

    if ($_POST['content'] == "")
        $errors['content'] = "Content of the Post is required !";


    if (empty($errors)) {

        $id = mysql_prep($_GET['post']);
        $page_id = mysql_prep($_POST['page_id']);
        $title = mysql_prep($_POST['title']);
        $active = mysql_prep($_POST['active']);
        $position = mysql_prep($_POST['position']);
        $content = mysql_prep($_POST['content']);
		$address = mysql_prep($_POST['address']);
		$phone = mysql_prep($_POST['phone']);
		$web = mysql_prep($_POST['web']);
		$email = mysql_prep($_POST['email']);
		$video = mysql_prep($_POST['video']);
		$map = mysql_prep($_POST['map']);
		$valid = mysql_prep($_POST['valid']);
		$dirname= mysql_prep($_POST['title']);

        $query = "UPDATE posts SET page_id = '{$page_id}', title = '{$title}', active = '{$active}', position = '{$position}', content = '{$content}', address='{$address}', phone='{$phone}', web='{$web}', email='{$email}', video='{$video}', map='{$map}', valid='{$valid}', dirname='{$dirname}'  WHERE id = {$id} ";
        $result = mysql_query($query);
        confirm_query($result);
        if (mysql_affected_rows() == 1) {
            $successMSG = "Post updated Successfully !";

        } else {
            $errorMSG = "Nothing to Update ! </br>" . mysql_error() . " ";

        }


    } else {
        $displayError = '<div class="errorMSG"><ul style="list-style:none;">';

        foreach ($errors as $error) {
            $displayError .= "<li>$error</li>";
        }
        $displayError .= '</ul></div>';
    }
rename("../uploads/".$oldname, "../uploads/".$dirname);
} else {
    //$errorMSG = "";
}

?>

<div id="body">
<div class="box bigBox">
<h1>Add New Post</h1>
<?php display_msg(); ?>
<?php selected_page(); ?>
<form action="<?php echo $PHP_SELF; ?>" method="post">
<table width="100%" align="center" cellpadding="0" cellspacing="0" id="post_form">
<tr bgcolor="#EEF7FD">
<td width="27%" class="padd">Categoria Companie :</td>
<td width="73%" class="padd">
<select name="page_id" class="select1" onChange="MM_jumpMenu('parent',this,0)">
<?php
if (isset($selected_page['id'])) {
    echo "<option value=\"{$selected_page['id']}\">{$selected_page['menu_name']}</option>\n";
} else {
    $query = "SELECT * FROM pages ORDER BY id";
    $result = mysql_query($query);
    confirm_query($result);
    while ($pages = mysql_fetch_array($result)) {
        echo "<option value=\"add_post.php?page={$pages['id']}\">{$pages['menu_name']}</option>\n";
    }
}
?>
</select>
</td>
</tr>
<tr>
<td class="padd">Denumire Companie :</td>
<td class="padd">
<input name="title" type="text" class="input" id="title" value="<?php echo $selected_post['title'] ?>"/>
<?php if (!empty($errors['title'])) {
    echo "&nbsp;<span class=\"mend\">*</span>";
} ?>
</td>
</tr>
<tr bgcolor="#EEF7FD">
<td class="padd">Post Published :</td>
<td class="padd">
<select name="active" class="select">
<option value="1" <?php if ($selected_post['active'] == 1) {
    echo "selected";
} ?>>Yes</option>
<option value="0" <?php if ($selected_post['active'] == 0) {
    echo "selected";
} ?>>No</option>
</select>
</td>
</tr>
<tr>
<td valign="bottom" class="padd">Post Position :</td>
<td valign="bottom" class="padd">
<?php if (isset($_GET['page'])) {
    display_acquired_posts();

} ?>
<input name="position" type="text" class="inputSmall" id="position" value="<?php echo
$selected_post['position'] ?>"/>
<?php if (!empty($errors['position'])) {
    echo "&nbsp;<span class=\"mend\">*</span>";
} ?>
</td>
</tr>
<tr bgcolor="#EEF7FD">
<td class="padd">Descriere Companie</td>
<td class="padd">
<script language="JavaScript1.2" type="text/javascript">
  WYSIWYG.attach('content', full);
  </script>
<textarea name="content" id="content" class="contentArea"><?php echo $selected_post['content'] ?></textarea>
<?php if (!empty($errors['content'])) {
    echo "&nbsp;<span class=\"mend\">*</span>";
} ?>
</td>
</tr>
<tr>
<td class="padd">Adresa Companie :</td>
<td class="padd">
<input name="address" type="text" class="input" id="address" value="<?php echo $selected_post['address'] ?>"/>
<?php if (!empty($errors['address'])) {
    echo "&nbsp;<span class=\"mend\">*</span>";
} ?>
</td>
</tr>

<tr>
<td class="padd">Nr. Telefon Companie :</td>
<td class="padd">
<input name="phone" type="text" class="input" id="phone" value="<?php echo $selected_post['phone'] ?>"/>
<?php if (!empty($errors['phone'])) {
    echo "&nbsp;<span class=\"mend\">*</span>";
} ?>
</td>
</tr>

<tr>
<td class="padd">Adresa Web :</td>
<td class="padd">
<input name="web" type="text" class="input" id="web" value="<?php echo $selected_post['web'] ?>"/>
<?php if (!empty($errors['web'])) {
    echo "&nbsp;<span class=\"mend\">*</span>";
} ?>
</td>
</tr>

<tr>
<td class="padd">Email Companie :</td>
<td class="padd">
<input name="email" type="text" class="input" id="email" value="<?php echo $selected_post['email'] ?>"/>
<?php if (!empty($errors['email'])) {
    echo "&nbsp;<span class=\"mend\">*</span>";
} ?>
</td>
</tr>

<tr>
<td class="padd">Video Link :</td>
<td class="padd">
<input name="video" type="text" class="input" id="video" value="<?php echo $selected_post['video'] ?>"/>
<?php if (!empty($errors['video'])) {
    echo "&nbsp;<span class=\"mend\">*</span>";
} ?>
</td>
</tr>

<tr>
<td class="padd">Harta Companie :</td>
<td class="padd">
<input name="map" type="text" class="input" id="map" value="<?php echo $selected_post['map'] ?>"/>
<?php if (!empty($errors['map'])) {
    echo "&nbsp;<span class=\"mend\">*</span>";
} ?>
</td>
</tr>

<tr>
<td class="padd">Activ pina la: </td>
<td class="padd">
<input name="valid" type="text" class="input" id="valid" value="<?php echo $selected_post['valid'] ?>"/>
<?php if (!empty($errors['valid'])) {
    echo "&nbsp;<span class=\"mend\">*</span>";
} ?>
</td>
</tr>
<tr>
<td>&nbsp;</td>
<td class="padd">
<input type="submit" name="submit" id="submit" value="Update Post"  class="formBU" style="margin-left:120px;"/>
<a href="manage_posts.php" target="_self" class="linkBU">Cancel</a>
<a href="manage_uploads.php" target="_self" class="linkBU">Manage Images</a></td>
</tr>
</table>
</form>
</div>
</div>
<?php include ("footer.php") ?>
And the script from other page that redirects to this page

Code: Select all

<?php
/**
 *
 * eliteCMS - The Lightweight CMS Copyright © 2008 elite-graphix.net.
 * eliteCMS is a free software to use for personal websites.
 * Anyone can use eliteCMS for free as long as he retain the
 * copyright note at the footer.
 * If anyone wants to remove the copyright note for commercial
 * use of the software can contact raj@elite-graphix.net.
 * eliteCMS comes with absolutely no warranty and is provided as-is.
 * raj - THE AUTHOR of the software or elite-graphix - THE COMPANY
 * will not be held responsible for any damage this software might cause.
 * You run this software at your own risk and agree not to hold author or company.
 * You are not allowed to make any profit from this software unless you
 * have a written authorization from the author to use the software for commercial use.
 *
 */
include ("includes/headerRefresh.php");
include ("includes/config.php");
include ("functions/functions.php");
require_once ("includes/session.php");
check_login();
get_settings();
include ("header.php") ?>
<div id="body">
<div class="box bigBox">
<h1>Manage CMS Posts</h1>
<?php
if (isset($_GET['deleted']) && $_GET['deleted'] == 1) {
    $successMSG = "The post has been deleted successfully !.";

}
if (isset($_GET['newpost']) && $_GET['newpost'] == 1) {
    $successMSG = "Post created successfully !.";

}
?>

<?php display_msg(); ?>
<a href="add_post.php" title="Add New Post" target="_self" class="addPageButton">Add New Post</a>
<?php
echo "<table cellspacing=\"0\" cellpadding=\"0\" id=\"pageList\">\n";
echo "<tr>\n";
echo "<th width=\"26%\" scope=\"col\">Page Name</th>\n";
echo "<th width=\"30%\" scope=\"col\"style=\"text-align:left; padding-left:40px;\">Post Title</th>\n";
echo "<th width=\"11%\" scope=\"col\">Post Order</th>\n";
echo "<th width=\"11%\" scope=\"col\">Published</th>\n";
echo "<th width=\"11%\" scope=\"col\">Edit Post</th>\n";
echo "<th width=\"11%\" scope=\"col\">Delete Post</th>\n";
echo "</tr>\n";
$i = 0;
$color1 = "#EEF7FD";
$color2 = "#FFFFFF";
$query = "SELECT * FROM posts ORDER BY page_id";
$result = mysql_query($query);
confirm_query($result);
while ($posts = mysql_fetch_array($result)) {
    $query = "SELECT * FROM pages WHERE id ={$posts['page_id']}";
    $result1 = mysql_query($query);
    confirm_query($result1);
    $page = mysql_fetch_array($result1);
    $i++;
    echo "<tr bgcolor=\"" . (($i % 2 == 0) ? $color1 : $color2) . "\">\n";
    echo "<td>{$page['menu_name']}</td>\n";
    echo "<td style=\"text-align:left; padding-left:5px;\">{$posts['title']}</td>\n";
    echo "<td>{$posts['position']}</td>\n";
    echo "<td>";
    if ($posts['active'] == 0) {
        echo "No";
    } else {
        echo "Yes";
    }
    echo "</td>\n";
    echo "<td><a href=\"edit_post.php?page=" . urlencode($page['id']) . "&post=" .
        urlencode($posts['id']) . "\"><img src=\"images/post_edit.png\" width=\"16\" height=\"16\" /></a></td>\n";
    echo "<td><a href=\"delete_post.php?post=" . urlencode($posts['id']) . "\"><img src=\"images/post_delete.png\" width=\"16\" height=\"16\" onClick=\"return confirm('Are you sure you wann delete this post. This action can not be undone!.');\"/></a></td>\n";
    echo "</tr>\n";

}
echo "</table>\n";
?>
</div>
</div>
<?php include ("footer.php") ?>

Re: How to pass a variable to sql query

Posted: Thu Sep 13, 2012 3:23 pm
by Christopher
The error is with line:

Code: Select all

rename("../uploads/".$oldname, "../uploads/".$dirname);
Do you know what the values of $oldname and $dirname are?

Re: How to pass a variable to sql query

Posted: Thu Sep 13, 2012 4:17 pm
by roma2509
Yes, the problem is in rename function, I know it. But I dont know how to pass a variable into sql query, the problem is in this cod

Code: Select all

$postid= $posts['id'];
$query2 = "SELECT * FROM posts where id='$postid'";
$result2 = mysql_query($query2);
while($row = mysql_fetch_array($result2)){
$oldname = $row['dirname'];
echo $oldname;
}
I need to get the value that is pass from other page, I think from this one:

Code: Select all

echo "<td><a href=\"edit_post.php?page=" . urlencode($page['id']) . "&post=" .
        urlencode($posts['id']) . "\"><img src=\"images/post_edit.png\" width=\"16\" height=\"16\" /></a></td>\n";

Re: How to pass a variable to sql query

Posted: Fri Sep 14, 2012 10:01 am
by roma2509
Ok, the question will be how to get the value of ($posts['id']) that is pass from this code

Code: Select all

echo "<td><a href=\"edit_post.php?page=" . urlencode($page['id']) . "&post=" .
        urlencode($posts['id']) . "\"><img src=\"images/post_edit.png\" width=\"16\" height=\"16\" /></a></td>\n";
from one page to other page. I need to use this value to make a sql query.

Re: How to pass a variable to sql query

Posted: Mon Sep 17, 2012 4:51 am
by Mordred
You will find the value in $_GET['post'] in the other page.
Note that there are multiple SQL injection problems with the script as-is, and what you are doing with blindly calling rename() is completely unsafe.
Are you the author of this CMS and if not - why did you chose it specifically? It doesn't look very well written to me.