Page 1 of 1
4.3.11 vs 4.4.4
Posted: Tue Jun 26, 2007 11:55 pm
by jimster
Hi all .. i'm a newbie ...
I have a simple PHP script that works in 4.3.11 but not in 4.4.4
It's a script that receives variables from a Flash movie and passes them on to MySQL.
Does anyone know if there are any big differences between the 2 versions that I need to be aware of?
Thanks!
Re: 4.3.11 vs 4.4.4
Posted: Wed Jun 27, 2007 2:53 am
by Gente
jimster wrote:Does anyone know if there are any big differences between the 2 versions that I need to be aware of?
php.net knows.
Check here
jimster wrote:It's a script that receives variables from a Flash movie and passes them on to MySQL.
You can clear all unnecessary and put your code.
Posted: Wed Jun 27, 2007 10:13 pm
by jimster
feyd | Please use Code: Select all
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
Thanks! I had looked at that page from phpnet before, in particular the changelog for 4.4, but found nothing that could be causing the problem.
Here's what the code looks like. I think it's the BuildQuery portion that's causing me grief. Any suggestions at all will be appreciated!
Code: Select all
<?php
// Define database connection details
$dbHost = "xxx";
$dbUser = "xxx";
$dbPass = "xxx";
$dbName = "xxx";
// Attempt to connect to MySQL server
$link = @mysql_connect($dbHost, $dbUser, $dbPass);
// If the connection was unsuccessful...
if (!$link)
{
// Report error to Flash and exit
print "&result=Fail";
print "&errorMsg=" . urlencode("Could not connect to server");
exit;
}
// Attempt to connect to MySQL server
$link = @mysql_connect($dbHost, $dbUser, $dbPass);
// If the connection was unsuccessful...
if (!$link)
{
// Report error to Flash and exit
print "&result=Fail";
print "&errorMsg=" . urlencode("Could not connect to database");
exit;
}
// Attempt to select database. If unsuccessfull...
if (!@mysql_select_db($dbName))
{
// Report error to Flash and exit
print "&result=Fail";
print "&errorMsg=" . urlencode("Could not select $dbName database");
exit;
}
// Build Query
$query = "INSERT INTO petition (username, continent, country, email)
VALUES('$userName', '$userContinent', '$userCountry', '$userEmail')";
// Execute Query
$result = @mysql_query($query);
if($userContinent=="Asia"){
// Build Asia Query
$cont1_query = "INSERT INTO petition_as (username, country, email)
VALUES('$userName', '$userCountry', '$userEmail')";
// Execute Query
$result = @mysql_query($cont1_query);
}
if($userContinent=="Australia"){
// Build Australia Query
$cont2_query = "INSERT INTO petition_oz (username, country, email)
VALUES('$userName', '$userCountry', '$userEmail')";
// Execute Query
$result = @mysql_query($cont2_query);
}
if($userContinent=="Africa"){
// Build Africa Query
$cont3_query = "INSERT INTO petition_af (username, country, email)
VALUES('$userName', '$userCountry', '$userEmail')";
// Execute Query
$result = @mysql_query($cont3_query);
}
if($userContinent=="Europe"){
// Build Europe Query
$cont4_query = "INSERT INTO petition_uk (username, country, email)
VALUES('$userName', '$userCountry', '$userEmail')";
// Execute Query
$result = @mysql_query($cont4_query);
}
if($userContinent=="North America"){
// Build North America Query
$cont5_query = "INSERT INTO petition_na (username, country, email)
VALUES('$userName', '$userCountry', '$userEmail')";
// Execute Query
$result = @mysql_query($cont5_query);
}
if($userContinent=="South America"){
// Build South America Query
$cont6_query = "INSERT INTO petition_sa (username, country, email)
VALUES('$userName', '$userCountry', '$userEmail')";
// Execute Query
$result = @mysql_query($cont6_query);
}
// If query was successful
if ($result)
{
// Report success back to Flash movie
print "&result=Okay";
}
else
{
// Otherwise, tell Flash we stuffed up
print "&result=Fail";
print "&errorMsg=" . urlencode("Failed to submit petition, please try again later.");
}
// Close the connection
mysql_close($link);
?>
feyd | Please use Code: Select all
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
Posted: Wed Jun 27, 2007 10:58 pm
by Ambush Commander
While I do not see anything in that snippet you posted that would suggest it wouldn't work in PHP 4.4, I do see SQL injection and code duplication.
Posted: Thu Jun 28, 2007 12:39 am
by jimster
wow ... sounds serious. will they actually prevent my code from working on one server running 4.4.4 when it works on another server running 4.3.11?
Posted: Thu Jun 28, 2007 7:14 am
by Ambush Commander
Ah, I know why it's not working: you're using register globals (I was wondering where all the variables were coming from). Are you using get or post to submit the form?
Posted: Thu Jun 28, 2007 9:21 pm
by jimster
We're using POST
Posted: Thu Jun 28, 2007 9:25 pm
by Ambush Commander
Alright. The first thing to do is make sure that the $_POST variable is filled with values. Read up on what the
$_POST superglobal is, then show me you assigning the local variables from this array.
Posted: Sun Jul 01, 2007 9:01 pm
by jimster
Thanks! I sent you a PM, not sure if you received it.
To anyone else, I'm willing to pay to get this sorted out. Anyone confident of fixing this pls send me a PM.