can't execute a script

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
arukomp
Forum Contributor
Posts: 113
Joined: Sun Sep 24, 2006 4:22 am

can't execute a script

Post by arukomp »

Hello everyone,

I'm having problem. There's a page "get.php" . In that page there's a link to a page "get.php?s=1". Now when i load page "get.php", everything seems to be alright, but when i load "get.php?s=1" page, i get "500 Internal Server Error" - http://www.club4profit.com/get.php?s=1

When i looked at the log, I've found this entry:

Code: Select all

==5deb7503==============================
Request: www.club4profit.com 80.104.88.188 - - [15/Feb/2007:20:13:16 +0100] "GET /get.php?s=1 HTTP/1.1" 500 660 "http://club4profit.com/get.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; it; rv:1.8.1.1) Gecko/20061204 Firefox/2.0.0.1" - "-"
----------------------------------------
GET /get.php?s=1 HTTP/1.1
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Accept-Encoding: gzip,deflate
Connection: keep-alive
Host: club4profit.com
Keep-Alive: 300
Referer: http://club4profit.com/get.php
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; it; rv:1.8.1.1) Gecko/20061204 Firefox/2.0.0.1
mod_security-message: Access denied with code 500. Pattern match "/(new(cmd|command)|(cmd|command)[0-9]+|pro18|shell|sh|bash|get|root|spy|nmap|asc|lila)\\.(c|dat|gif|jpg|jpeg|png|sh|txt|bmp|dat|txt|js|htm|html|tmp|php|asp)\\?" at REQUEST_URI [severity "EMERGENCY"]
mod_security-action: 500

HTTP/1.1 500 Internal Server Error
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1
--5deb7503--
Now here's my php code in "get.php" page:

Code: Select all

<?php
					$s = $_GET['s'];
					$sp = "sp" . $_GET['s'];

					if ($_POST['step'] == 'two') {
						$name = $_POST['name'];
						$email = $_POST['email'];
						$egold = $_POST['egold'];
						$s = $_POST['s'];
						$ccost = $cost[$s] * $fee[$s];
						if ($name == "" || $email == "" || $egold == "") {
							echo "<script>document.location.href='getspot.php?text=error'</script>";
							exit;
						}
						$ip = $_SERVER['REMOTE_ADDR'];
						$paymenturl = "$url/index.php?text=done";
						echo "<form name='FormName' action='https://www.e-gold.com/sci_asp/payments.asp' method='POST'>";
						echo "<input type='hidden' name='PAYEE_ACCOUNT' value=$e_gold>";
						echo "<input type='hidden' name='PAYEE_NAME' value='$pname'>";
						echo "<input type='hidden' name='PAYMENT_AMOUNT' value='$ccost'>";
						echo "<input type='hidden' name='PAYMENT_UNITS' value='1'>";
						echo "<input type='hidden' name='PAYMENT_METAL_ID' value='1'>";
						echo "<input type='hidden' name='FORCED_PAYER_ACCOUNT' value='$egold'>";
						echo "<input type='hidden' name='STATUS_URL' value='$url/confirm.php'>";
						echo "<input type='hidden' name='PAYMENT_URL' value='$url/index.php'>";
						echo "<input type='hidden' name='PAYMENT_URL_METHOD' value='POST'>";
						echo "<input type='hidden' name='NOPAYMENT_URL' value='$url/getspot.php'>";
						echo "<input type='hidden' name='SUGGESTED_MEMO' value='$pname Member - $name'>";
						echo "<input type='hidden' name='BAGGAGE_FIELDS' value='NAME EMAIL S IP'>";
						echo "<input type='hidden' name='NAME' value='$name'>";
						echo "<input type='hidden' name='EMAIL' value='$email'>";
						echo "<input type='hidden' name='S' value='$s'>";
						echo "<input type='hidden' name='IP' value='$ip'>";
						echo "<input type='submit' name='PAYMENT_METHOD' value='Please wait...'>";
						echo "</form><br>If E-Gold payment page didn't appear in 5 seconds, press the button above.<br></font>";
						echo ("<script>document.FormName.submit()</script>");
					}

					if ($s == 1 or $s == 2 or $s == 3 or $s == 4 or $s == 5 or $s == 6) {
							if ($status[$sp] == 0) {
								echo "This spot hasn't started yet.";
							}
							elseif ($status[$sp] == 1) {
								$cost2 = $cost[$s];
								echo "<b>\$$cost2 Spot</b><br><br>";
?>


<form action='get.php' method='POST'>
<font color="red">*</font> <b>Your name:</b> <input type='text' name='name' maxlength="30">  <small>Maximum - 30 characters</small><br><br>
<font color="red">*</font> <b>E-Mail address:</b> <input type='text' name='email' maxlength="40">  <small>Maximum - 40 characters</small><br><br>
<font color="red">*</font> <b>E-Gold number:</b> <input type='text' name='egold' size="5" maxlength="7">  <small>Maximum - 7 numbers</small><br><br>
<b>Fields marked with </b><font color="red">*</font> <b>are required.</b><br><br><br>
<input type='hidden' name='step' value='two'>
<input type='hidden' name='s' value='<?php echo $s; ?>'>
Our E-Gold number is <b><?php echo $e_gold; ?></b>. Check before confirming payment.<br>
<input type='submit' name='submit' value='Get Spot'><br><br>
<img src="http://www.e-gold.com/gif/paywith.gif" border="0">
</form>
<?php
							}
					}
					else {
						$n1 = $cost[1];
						$n2 = $cost[2];
						$n3 = $cost[3];
						$n4 = $cost[4];
						$n5 = $cost[5];
						$n6 = $cost[6];
						echo "Choose line you want to get in:<br><br>";
						if ($status['sp1'] == 1) {
							echo "<a href='get.php?s=1'>\$$n1 line</a><br>";
						}
						if ($status['sp2'] == 1) {
							echo "<a href='get.php?s=2'>\$$n2 line</a><br>";
						}
						if ($status['sp3'] == 1) {
							echo "<a href='get.php?s=3'>\$$n3 line</a><br>";
						}
						if ($status['sp4'] == 1) {
							echo "<a href='get.php?s=4'>\$$n4 line</a><br>";
						}
						if ($status['sp5'] == 1) {
							echo "<a href='get.php?s=5'>\$$n5 line</a><br>";
						}
						if ($status['sp6'] == 1) {
							echo "<a href='get.php?s=6'>\$$n6 line</a><br>";
						}
					}
					?>
I hope someone can help me. First i thought there's something wrong with syntax in my script, but everything seems fine...

Thanks for any help
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

"get.php?" matches their pattern. Talk to your host or rename the file.
arukomp
Forum Contributor
Posts: 113
Joined: Sun Sep 24, 2006 4:22 am

Post by arukomp »

All I needed to do was to rename the file... Damn this is hard :lol: :lol:

Thanks for helping, i didn't knew there can be such a little mistake in filename to stop the script. It wasn't like that on other servers....

Thanks again, thanks very much :D
Post Reply