Page 1 of 2
The code run in localhost but not in internet server
Posted: Fri Oct 13, 2006 8:31 am
by sathishkpm
Everah | Please use Code: Select all
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
Hi All,
I wrote the PHP functions which is called by javascript, and The PHP functions affects the MySQL database. which updates some fields in the tables.
This code is pretty good for localhost and run well but when I upload the same code into the server it is not working well.
Could any one please tell me the solutions for this issue.
The code is
Code: Select all
<?php
$funcName = $_GET[action];
$vars = $_GET[vars];
$funcName($vars);
function Prior($task)
{
$vars=explode(",",$task);
$result= @mysql_query("update tasks set proiority='" . $vars[1] . "' where id=" . $vars[0]);
}
?>
The calling Javascript code is
Code: Select all
function abc()
{
var pdate=new Array();
pdate[0]=task;
pdate[1]=10;
url="tasks.php?action=tasks.php&vars="+pdate;
var sURL =unescape(window.location.pathname);
window.open(url, "_self");
window.location.reload(false);
}
Thanks in advance
-Sathish
Everah | Please use Code: Select all
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
Posted: Fri Oct 13, 2006 10:47 am
by JayBird
1) dont use error supression on queries (@)
2) Put quotes around your array indices
3) Construct SQL statement better
May solve your problem, i don't know
Code: Select all
<?php
$funcName = $_GET['action'];
$vars = $_GET['vars'];
$funcName($vars);
function Prior($task)
{
$vars=explode(",",$task);
$result= mysql_query("UPDATE `tasks` SET `proiority` = '" . $vars[1] . "' WHERE `id` = " . $vars[0]);
}
?>
Posted: Fri Oct 13, 2006 9:43 pm
by cinac
First, what do the web server and/or db logs on the server show? I.e., what specific error are you getting?
Next thing I would check -- is the db on the "internet" server exactly the same as on localhost: username, password, permissions, etc.?
Re: The code run in localhost but not in internet server
Posted: Fri Oct 13, 2006 9:53 pm
by shiznatix
sathishkpm wrote:
Code: Select all
$vars = $_GET[vars];
$funcName($vars);
excuse me if i am just seeing things but I don't see how $funcName could be a function to be used like that.
Posted: Sat Oct 14, 2006 12:49 am
by sathishkpm
the server name, password and username are same in localhost an the server,
Actually I got the result in localhost in my machine but after uploading its not updating the database.
it did not through any errors.
Posted: Sat Oct 14, 2006 6:49 am
by volka
it did not through any errors.
Then either it does what it's supposed to do or there isn't enough output.
Code: Select all
<?php
/* debug settings */
error_reporting(E_ALL);
ini_set('display_errors', true);
ini_set('mysql.trace_mode', 1);
// you're sure you want to let the client chose
// whatever function it likes?
// e.g. $_GET['action'] = 'unlink' and $_GET['vars'] = 'script.php'?
$funcName = $_GET['action'];
$vars = $_GET['vars'];
$funcName($vars);
function Prior($task)
{
$vars = explode(",", $task);
$vars[0] = (int)($vars[0]);
$vars[1] = mysql_real_escape_string($vars[1]);
$query = "UPDATE
`tasks`
SET
`proiority` = '$vars[1]'
WHERE
`id` = $vars[0]";
$result = mysql_query();
if ( false===$result) {
echo '<div>', mysql_error(), "</div>\n";
}
else {
echo '<div>', mysql_affected_rows(), ' records have been updated', "</div>\n";
}
}
?>
Posted: Sat Oct 14, 2006 1:42 pm
by RobertGonzalez
What is this:
and what is it supposed to be doing?
Posted: Sat Oct 14, 2006 2:18 pm
by volka
$funcName = $_GET['action'];
It's a variable function call like
Code: Select all
<?php
$func = 'var_dump';
$vars = 'hello world';
$func($vars);
?>
Posted: Sat Oct 14, 2006 2:19 pm
by Cameri
I think the term is "Dynamic Functions", but the way you are using it is the worst way you could do it... that opens a major security hole in your script, letting people call ANY user-defined functions in your code...
You should at LEAST check if $_GET['actions'] is in some array that contains the names of the functions that you want to give access, quick example:
Code: Select all
$allowed_functions = array('Prior','SomeOtherFunc');
if (array_key_exists('actions',$_GET) && in_array($_GET['actions'],$allowed_functions)) {
$funcName = $_GET['actions'];
if (array_key_exists('vars',$_GET) && !empty($_GET['vars'])) {
$vars = $_GET[''];
// some validation for $vars, or this will lead to security holes
$funcName($vars);
} else {
//invalid vars ?
}
} else {
// invalid action!
}
That's the way I'll do it if i'm against the wall and I'll be shot if don't use this "way" of doing things, I suggest you try another method.
Posted: Sat Oct 14, 2006 3:07 pm
by RobertGonzalez
volka wrote:$funcName = $_GET['action'];
It's a variable function call like
Code: Select all
<?php
$func = 'var_dump';
$vars = 'hello world';
$func($vars);
?>
That just seems awful 'bloaty'. Why would anyone do that? I mean at least for something as small as that.
Posted: Mon Oct 16, 2006 3:00 am
by sathishkpm
Hi All,
Acually my problem is calling the function, see the follwing code,
<script>
1) var pdate=new Array();
2) pdate[0]='11';
3) pdate[1]='Files';
4) url="<?php echo $_SERVER[PHP_SELF];?>?actions=Prior"&vars="+pdate;
5) var sURL =unescape(window.location.pathname);
6) window.open(url, "_self");
7) window.location.reload(true);
</script>
In line 6, I am open the window, which contains the same path and it will open in current window itselt.
The line 6 only goign to call the particulart PHP function dynamically.
In line 7, I am reloading the page for getting the updated page from the server.
for the above criteria,
In localhost I got the good result, after calling the function I got the URL as follows,
http://localhost/mydom/tasks?actions=Pr ... s=11,Files
In myserver, It did not call the function, after calling the function I got the URL as follows,
http://www.myweb.com/mydom/tasks
The problem is in 6th and 7th line of the script.
In localhost 6th line(
window.open(url, "_self"); )is calling the PHP function and
7th (
window.location.reload(true); )line of the script working well that is reloading
the page after calling the function.
but in the server after calling the 6th line immedially the page is reloaded (7th line is called) without calling
the PHP funciton.
Please help me by solving this issue.
- Sathish.
Re: The code run in localhost but not in internet server
Posted: Mon Oct 16, 2006 5:33 am
by sathishkpm
sathishkpm wrote:Everah | Please use Code: Select all
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
Hi All,
I wrote the PHP functions which is called by javascript, and The PHP functions affects the MySQL database. which updates some fields in the tables.
This code is pretty good for localhost and run well but when I upload the same code into the server it is not working well.
Could any one please tell me the solutions for this issue.
The code is
Code: Select all
<?php
$funcName = $_GET[actions];
$vars = $_GET[vars];
$funcName($vars);
function Prior($task)
{
$vars=explode(",",$task);
$result= @mysql_query("update tasks set proiority='" . $vars[1] . "' where id=" . $vars[0]);
}
?>
The calling Javascript code is
Code: Select all
function abc()
{
var pdate=new Array();
pdate[0]=task;
pdate[1]=10;
url="tasks.php?actions=tasks.php&vars="+pdate;
var sURL =unescape(window.location.pathname);
window.open(url, "_self");
window.location.reload(false);
}
Thanks in advance
-Sathish
Everah | Please use Code: Select all
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color][/quote]
Posted: Mon Oct 16, 2006 5:34 am
by sathishkpm
sathishkpm wrote:Hi All,
Acually my problem is calling the function, see the follwing code,
<script>
1) var pdate=new Array();
2) pdate[0]='11';
3) pdate[1]='Files';
4) url="<?php echo $_SERVER[PHP_SELF];?>?actions=Prior"&vars="+pdate;
5) var sURL =unescape(window.location.pathname);
6) window.open(url, "_self");
7) window.location.reload(true);
</script>
In line 6, I am open the window, which contains the same path and it will open in current window itselt.
The line 6 only goign to call the particulart PHP function dynamically.
In line 7, I am reloading the page for getting the updated page from the server.
for the above criteria,
In localhost I got the good result, after calling the function I got the URL as follows,
http://localhost/mydom/tasks.php?action ... s=11,Files
In myserver, It did not call the function, after calling the function I got the URL as follows,
http://www.myweb.com/mydom/tasks.php
The problem is in 6th and 7th line of the script.
In localhost 6th line(
window.open(url, "_self"); )is calling the PHP function and
7th (
window.location.reload(true); )line of the script working well that is reloading
the page after calling the function.
but in the server after calling the 6th line immedially the page is reloaded (7th line is called) without calling
the PHP funciton.
Please help me by solving this issue.
- Sathish.
Re: The code run in localhost but not in internet server
Posted: Mon Oct 16, 2006 6:49 am
by volka
sathishkpm wrote:The calling Javascript code is
Code: Select all
function abc()
{
var pdate=new Array();
pdate[0]=task;
pdate[1]=10;
url="tasks.php?action=tasks.php&vars="+pdate;
var sURL =unescape(window.location.pathname);
window.open(url, "_self");
window.location.reload(false);
}
I don't see a parameter
action here.
Posted: Mon Oct 16, 2006 7:11 am
by sathishkpm
Sorry volka,
This is not action, this is actions.
did u find the problem, I need it very urgent please help me.
Thanks in advance.
- Sathish