Page 1 of 1

PHP Script Throwing 500

Posted: Sun Feb 24, 2008 10:42 am
by LiveFree
Hey Gents,

This script I have written in order to submit review data to the DB throws a 500 Server Error when the 'Submit' button is pressed.

The relevant code from the function:

Code: Select all

 
function addReview($errors = null) {
    $reg = Registry::getInstance();
    $content = null;
    if (isset($_POST['submitted'])) {
        $reviewProduct = mysql_real_escape_string(stripslashes($_POST['reviewProduct']));
        // We'll deal with the image upload later
        $reviewBody = htmlentities(stripslashes($_POST['reviewBody']), ENT_QUOTES);
        $reviewClosing = htmlentities(stripslashes($_POST['reviewClosing']), ENT_QUOTES);
        $reviewGood = htmlentities(stripslashes($_POST['reviewGood']), ENT_QUOTES);
        $reviewBad = htmlentities(stripslashes($_POST['reviewBad']), ENT_QUOTES);
        $reviewPresentation = floatval($_POST['reviewPresentation']);
        $reviewGraphics = floatval($_POST['reviewGraphics']);
        $reviewSound = floatval($_POST['reviewSound']);
        $reviewGameplay = floatval($_POST['reviewGameplay']);
        $reviewAppeal = floatval($_POST['reviewAppeal']);
        $catID = intval($_POST['id']);
        
        if (empty($reviewProduct) || empty($reviewBody) || empty($reviewClosing) || empty($reviewGood) || empty($reviewBad) || empty ($reviewPresentation)
            || empty($reviewGraphics) || empty($reviewSound) || empty($reviewGameplay) || empty($reviewAppeal)) {
                addReview('You have not filled in all the fields!');
                return;
        } elseif (!empty($_POST['reviewBody'])) {
            // Deal with the uploaded file
            if (!move_uploaded_file($_FILES['reviewImage']['tmp_name'], ROOT_DIR . '/modules/Reviews/uploads/' . $_FILES['reviewImage']['name'])) {
                // The uploaded image failed to well... upload
                addReview('The image has failed to upload. Please contact the system admin.');
                return;
            } else {
                $sql = "INSERT INTO `" . $reg->get('prefix') . "_review_review` VALUES ('', '" . $catID . "', '" . $reviewProduct . "', '" . $_FILES['reviewImage']['name'] . "', '" . $reviewBody . "',
                            '" . $reviewClosing . "', '" . $reviewGood . "', '" . $reviewBad . "', '" . $reviewPresentation . "', '" . $reviewGraphics . "', '" . $reviewSound . "', '" . $reviewGameplay . "',
                            '" . $reviewAppeal . "');";
                $result = $reg->get('db')->query($sql);
                
                if (empty($result)) {
                    $reg->get('log')->writeSQLErrorLog('sql.log', mysql_errno(), mysql_error(), __LINE__ - 3, __FILE__);
                }
                // We're all good, so go back to the menu
                showForm();
                return;
            }
        } else {
            $sql = "INSERT INTO `" . $reg->get('prefix') . "_review_review` VALUES ('', '" . $catID . "', '" . $reviewProduct . "', NULL, '" . $reviewBody . "',
                            '" . $reviewClosing . "', '" . $reviewGood . "', '" . $reviewBad . "', '" . $reviewPresentation . "', '" . $reviewGraphics . "', '" . $reviewSound . "', '" . $reviewGameplay . "',
                            '" . $reviewAppeal . "');";
                $result = $reg->get('db')->query($sql);
                
                if (empty($result)) {
                    $reg->get('log')->writeSQLErrorLog('sql.log', mysql_errno(), mysql_error(), __LINE__ - 3, __FILE__);
                }
                // We're all good, so go back to the menu
                showForm();
                return;
        }
    } else {
        if (!empty($errors))  $content .= "<div style='color: red; font-size: 2em;'>" . $errors . "</div>\n";
        $content .= "<form enctype='multipart/form-data' method='POST' action='" . $reg->get('siteurl') . "admin.php/op/reviews/func/addReview/'>\n";
        $content .= "<input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"30000\" />\n";
        $content .= "<table border='0' cellspacing='2' cellpadding='2'>\n";
        $content .= "<tr><td><strong>Reviewed Product Name:</strong></td><td><input type='text' name='reviewProduct' id='reviewProduct' /></td></tr>\n";
        $content .= "<tr><td><strong>Review Image (opt.):</strong></td><td><input type='file' name='reviewImage' id='reviewImage' /></td></tr>\n";
        $content .= "<tr><td><strong>Review:</strong></td><td><textarea name='reviewBody' id='reviewBody' cols='50' rows='25'></textarea></td></tr>\n";
        $content .= "<tr><td><strong>Closing Remarks:</strong></td><td><textarea name='reviewClosing' id='reviewClosing' cols='50' rows='25'></textarea></td></tr>\n";
        $content .= "<tr><td><strong>Good Points:</strong></td><td><textarea name='reviewGood' id='reviewGood' cols='25' rows='15'></textarea></td></tr>\n";
        $content .= "<tr><td><strong>Bad Points:</strong></td><td><textarea name='reviewBad' id='reviewBad' cols='25' rows='15'></textarea></td></tr>\n";
        $content .= "<tr><td><strong>Presentation:</strong></td><td><input type='text' name='reviewPresentation' id='reviewPresentation' value='0.0' /></td></tr>\n";
        $content .= "<tr><td><strong>Graphics:</strong></td><td><input type='text' name='reviewGraphics' id='reviewGraphics' value='0.0' /></td></tr>\n";
        $content .= "<tr><td><strong>Sound:</strong></td><td><input type='text' name='reviewSound' id='reviewSound' value='0.0' /></td></tr>\n";
        $content .= "<tr><td><strong>Gameplay:</strong></td><td><input type='text' name='reviewGameplay' id='reviewGameplay' value='0.0' /></td></tr>\n";
        $content .= "<tr><td><strong>Lasting Appeal:</strong></td><td><input type='text' name='reviewAppeal' id='reviewAppeal' value='0.0' /></td></tr>\n";
        $content .= "<tr><td></td><td><input type='submit' name='submit' id='submit' value='Add' /></td></tr></table>";
        $content .= "<input type='hidden' name='submitted' id='submitted' value='true' /><input type='hidden' name='id' id='id' value='" . intval($_GET['id']) . "' /></form>";
    }
    $reg->get('layout')->outputContent('Administration - Manage Reviews', $content);
}
I believe it has something to do with the way the form is written, but I do not see anything wrong with it.

And the latest errors in the error log:
'[Sun Feb 24 09:40:36 2008] [warn] Cannot get media type from 'x-mapp-php5''
'[Sun Feb 24 09:40:02 2008] [warn] RewriteOptions: MaxRedirects option has been removed in favor of the global LimitInternalRecursion directive and will be ignored. '

However, I cannot find a reference to the first message anywhere in the server .htaccess's, and I didnt think the second error was fatal to the script.

Thanks for any help

Re: PHP Script Throwing 500

Posted: Sun Feb 24, 2008 11:52 am
by Christopher
What does you .htaccess file look like?

Re: PHP Script Throwing 500

Posted: Sun Feb 24, 2008 12:09 pm
by LiveFree
The .htaccess in directory root

Code: Select all

 
RewriteEngine on
RewriteRule ^admin.php/op/([^/\.]+)/?$ admin.php?op=$1 [L]
RewriteRule ^admin.php/op/([^/\.]+)/func/([^/\.]+)/?$ admin.php?op=$1&func=$2 [L]
RewriteRule ^admin.php/op/([^/\.]+)/func/([^/\.]+)/id/([^/\.]+)/?$ admin.php?op=$1&func=$2&id=$3 [L]
 
RewriteRule ^index.php/op/([^/\.]+)/?$ index.php?op=$1 [L]
RewriteRule ^index.php/op/([^/\.]+)/func/([^/\.]+)/?$ index.php?op=$1&func=$2 [L]
RewriteRule ^index.php/op/([^/\.]+)/func/([^/\.]+)/id/([^/\.]+)/?$ index.php?op=$1&func=$2&id=$3 [L]
 
And the www root .htaccess

Code: Select all

 
# Use PHP5 as default
AddHandler application/x-httpd-php5 .php
# -FrontPage-
 
IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti*
 
 
 
<Limit GET POST>
#The next line modified by DenyIP
order allow,deny
#The next line modified by DenyIP
#deny from all
allow from all
</Limit>
<Limit PUT DELETE>
order deny,allow
deny from all
</Limit>
AuthName http://www.gphosting.net
AuthUserFile /home/gphostin/public_html/_vti_pvt/service.pwd
AuthGroupFile /home/gphostin/public_html/_vti_pvt/service.grp
 
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule blogs/(.*) keepingongaming/boards/blogview.php?user=$1
</IfModule>
<Files 403.shtml>
order allow,deny
allow from all
</Files>
 
deny from 75.47.104.82
deny from 76.193.209.242
deny from 76.194.96.70
deny from 75.47.102.133
deny from 65.6.19.69
 
Thanks man

Re: PHP Script Throwing 500

Posted: Sun Feb 24, 2008 1:02 pm
by Christopher
Why do you have two sets of identical rules in the .htaccess in directory root?

I assume that the URL in question is "admin.php/op/reviews/func/addReview/". How do you expect it will be rewritten?

Re: PHP Script Throwing 500

Posted: Sun Feb 24, 2008 7:58 pm
by Chris Corbyn
Aside from wonkey .htaccess directives, other things which can cause 500 errors are infinite loops and (more likely) infinite recursion.

Re: PHP Script Throwing 500

Posted: Tue Feb 26, 2008 1:58 pm
by LiveFree
The URL is expected to be re-written to: admin.php?op=reviews&func=addReview

And there are no places for infinite recursion to happen in the script, this has never happened anywhere in the system