Where's the mistake pls...

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
angelena
Forum Commoner
Posts: 53
Joined: Mon Nov 22, 2004 4:10 am

Where's the mistake pls...

Post by angelena »

Code: Select all

<?php
<?php
	$curwd = getcwd();
	chdir('../catalog');
  require('includes/application_top.php');
	chdir($curwd);

	if (!tep_session_is_registered('customer_id') || $customer_type!='Admin' && $customer_type!='Boss' && $customer_type!='Center')    {
		header("Location: log_off.php");
	}
	$errormsg = "";
	$error = false;
	$veri = "false";
	$totalprice = 0;
	$submitted = false;
	
    # data pass from previous form
    $topic_id = tep_db_prepare_input($HTTP_GET_VARS['topic_id']);
    $location1 = tep_db_prepare_input($HTTP_GET_VARS['location']);

  
   	$get_center_query = tep_db_query("select * FROM topic where topic_id = '".$topic_id."'");
	$get_center = tep_db_fetch_array($get_center_query);

 if (isset($HTTP_POST_VARS['action']) && ($HTTP_POST_VARS['action'] == 'verify')) {
	$veri = tep_db_prepare_input($HTTP_POST_VARS['veri']);
	$customerid = tep_db_prepare_input($HTTP_POST_VARS['customerid']);
	$topic = tep_db_prepare_input($HTTP_POST_VARS['topic']);
	$motivator = tep_db_prepare_input($HTTP_POST_VARS['motivator']);
	$location = tep_db_prepare_input($HTTP_POST_VARS['location']);
	$time = tep_db_prepare_input($HTTP_POST_VARS['time']);
	$date = tep_db_prepare_input($HTTP_POST_VARS['date']);
    $process = tep_db_prepare_input($HTTP_POST_VARS['action1']);

    if($error==false) $veri = "true";
  
    if ($process == 'process') {

tep_db_query("update topic set topic = '".$topic2."', motivator = '".$motivator2."', location = '".$location."', date = '".$date2."', time = '".$time2."' where topic_id = '".$topic_id."'");


	$submitted = true;
	
  }
}   
if($submitted != true){
?>
<?PHP   require('includes/headbanner.php'); ?>
        
<table width="70%" border="1" align="center" cellpadding="0" cellspacing="0" bordercolor="#DEE0E1">
     <form name="form1" method="post" action="<?PHP echo ("edit_attend.php"); ?>">   
        <input type="hidden" name="action" value="verify">
        <input type="hidden" name="veri" value="<?PHP echo $veri; ?>">
		<?PHP if($veri=="true"){ ?>
        <input type="hidden" name="action1" value="process">
		<?PHP } ?>
          <tr>
            <td class="mlm" height="21" colspan="3"><div align="center"></div></td>
          </tr>
          <tr class="headerNavigation"> 
            <td height="21" colspan="3"><img src="images/Button02.gif" width="18" height="18">CHANGE 
              COMMISSION <?PHP echo $errormsg; ?></td>
          </tr>
          <tr> 
            <td width="76" nowrap  class="mlm"><strong>Topic</strong></td>
            <td width="369" class="mlm" ><strong><font color="#FF0000"> 
               <?PHP  if($veri=="false"){
				 	echo(tep_draw_input_field('topic2',$get_center['topic'])); 
				}
				else{
					echo (tep_draw_hidden_field('topic2',$topic2));
					echo ($topic2);
				}
			?>
              </font></strong></td>
          </tr>
          <tr> 
            <td width="76" nowrap  class="mlm"><strong>Motivator</strong></td>
            <td class="mlm" ><strong><font color="#FF0000"> 
              <strong><font color="#FF0000">
              <?PHP  if($veri=="false"){
				 	echo(tep_draw_input_field('motivator2',$get_center['motivator'])); 
				}
				else{
					echo (tep_draw_hidden_field('motivator2',$motivator2));
					echo ($motivator2);
				}
			?>
              </font></strong>            </font></strong></td>
          </tr>
          <tr> 
            <td  class="mlm" height="21"><strong>Location</strong></td>
            <td  class="mlm" height="21"> 
              <strong><font color="#FF0000">
              <?PHP  if($veri=="false"){
				 	echo(tep_draw_input_field('location',$get_center['location'])); 
				}
				else{
					echo (tep_draw_hidden_field('location',$location));
					echo ($location);
				}
			?>
            </font></strong>            </td>
          </tr>
        
          <tr> 
            <td class="mlm" ><strong>Time</strong></td>
            <td class="mlm" > 
              <strong><font color="#FF0000">
              <?PHP  if($veri=="false"){
				 	echo(tep_draw_input_field('time2',$get_center['time'])); 
				}
				else{
					echo (tep_draw_hidden_field('time2',$time2));
					echo ($time2);
				}
			?>
            </font></strong>            </td>
          </tr>
          <tr> 
            <td class="mlm" ><strong>Date</strong></td>
            <td class="mlm" > 
              <strong><font color="#FF0000">
              <?PHP  if($veri=="false"){
				 	echo(tep_draw_input_field('date2',$get_center['date'])); 
				}
				else{
					echo (tep_draw_hidden_field('date2',$date2));
					echo ($date2);
				}
			?>
            </font></strong>            </td>
          </tr>
          <tr align="right" valign="top"> 
            <td class="mlm"  colspan="3" bgcolor="cdcdcd"> <font size="2" face="Arial, Helvetica, sans-serif"> 
              <?PHP if($veri=="false"){ ?>
              <input type="submit" name="submit" value="View First">
               <?php echo ($location);  ?>
              <?PHP } else { ?>
              <input type="submit" name="submit" value="Submit">
              <?php 
             

            ?>
              <?PHP } ?>
              <INPUT TYPE="RESET" VALUE="Clear">
              </font></td>
          </tr>
</form>
        </table>
<?PHP   require('includes/bottombanner.php'); ?>
<?PHP } else {?>
<?PHP require('includes/headbanner.php'); ?>
<div align="center"><?PHP echo("Topic changes have been updated successfully."); ?></div>
<?php echo ($location);  ?>
<?PHP   require('includes/bottombanner.php'); ?>
<?PHP } ?>
?>


Above is the update page....i did tried to test on the data that they pass,all is correct,even till the page where a message will be display to inform user that data has been successfully updated..but the data which is actually not even updated into my respective db...can anybody pls tell me where's the mistake....??
timvw
DevNet Master
Posts: 4897
Joined: Mon Jan 19, 2004 11:11 pm
Location: Leuven, Belgium

Post by timvw »

first mistake: you use the header - location with an incomplete url. this is not conform with the rfc on http1.1

second: you use deprecated $http_ vars

it is hard to guess what your custom tep_ functions do.
angelena
Forum Commoner
Posts: 53
Joined: Mon Nov 22, 2004 4:10 am

Post by angelena »

Hi Timvw,

U mean me "header("Location : log_off.php")"??..actuually all this function i do have another fle to predefined it first,cz i guess it saves up my code space and just call the function from the respective files.

The prob is,everythg seems so okie and it didnt even gif me any error message thruout this update process...wondering why....huhhh
timvw
DevNet Master
Posts: 4897
Joined: Mon Jan 19, 2004 11:11 pm
Location: Leuven, Belgium

Post by timvw »

angelena wrote:U mean me "header("Location : log_off.php")"??
Yes, i don't mean that you can't use that function, i mean that you are not conform with rfc 2616 http://www.w3.org/Protocols/rfc2616/rfc2616.html

should be something like header('Location: http://whateverhost/log_off.php');



also at line 46 you are writing code like

if ($submitted != true)

imho it's cleaner to write

if (!$submitted)



but as said before without know what your tep_ stuff does we can't say what is going wrong... using error_reporting(E_ALL) is a start in your debugging proces ;)
User avatar
Weirdan
Moderator
Posts: 5978
Joined: Mon Nov 03, 2003 6:13 pm
Location: Odessa, Ukraine

Post by Weirdan »

timvw wrote: but as said before without know what your tep_ stuff does we can't say what is going wrong...
Obviously it's a part of osCommerce engine. I can't really say more on this (aside from the fact I still have an open security-related bug on their bug-tracker :D )
angelena
Forum Commoner
Posts: 53
Joined: Mon Nov 22, 2004 4:10 am

Post by angelena »

emmm....error_reporting?.....im not familiar with that cz din use it before...can u pls provide me some guide,timvw?where shud that be included in?

thx ya ..
Post Reply