SMS Website , Barred or Not Barred Php - php

Im starting a sms website and im nearly complete - just one feature i need to add into it and im a but stuck,
Ive got a form that they fill out with their name , number and message and then they click send , that gets sent to another form to proceed with the validation of the message etc,
What i need is to be able to crosslist the number field against a known database list of blacklisted numbers that dont want messages sent to their phone.
This is the checking code at the moment: so if you imagine at the moment there is a button called send and a button called check number.
When you click check number it will either find the number or not , I know its strange having 2 numbers but its the way its built at the moment.
NOW , instead of it saying number not found id like it to enable the send button , I know how to disable it via disabled="disabled" but i dont know how to automate it , Id like the button greyed out when users go to the form , then when this checks the numbers id like it to ungrey the button if the number isnt in the list.
<?php
$con = mysql_connect("localhost","xxx_members","xxxx");
if(!$con)
{
die("could not connect:".mysql_error());
}
mysql_select_db("xxx_number",$con);
$mobile = $_GET['c'];
$count = mysql_num_rows(mysql_query("select * from mobileCheck where number = '".$number."'"));
if($count > 0) {
echo "Number found">";
}else{
echo "Number Not Found">";
}
?>
Any help on this would be appreciated , its starting to drive me up the wall
Thanks


First of all you need to correct your php code that you listed:
if($count > 0) {
echo "1";
}else{
echo "0";
}
Now you need to make and ajax call to the above file when the first button is clicked using JS and collect back the server response, i.e, either 1 or 0. Now you need to do a client side checking of the server response and enable the button dynamically using javascript it the server echoed 1.


number_check.php
<?php
$con = mysql_connect("localhost","xxx_members","xxxx");
if(!$con)
die("could not connect:".mysql_error());
mysql_select_db("xxx_number",$con);
$number = $_POST['number'];
$count = mysql_num_rows(mysql_query("select * from mobileCheck where number = '".$number."'"));
if($count > 0)
{
echo 1;
}else{
echo 0;
}
?>
html:
<input type="text" id="number" value="" />
<input type="button" id="btn_send" value="Send SMS" disabled />
javascript - jQuery:
$.post("number_check.php", { number: $('#number').value},
function(data) {
if (data == '1')
$('#btn_send').disabled = false;
else
$('#btn_send').disabled = true;
});
I'm sorry but I didn't test the solution, but I think this is your answer. You will of course need to test the number with the db on post, because enabling the button is simple and could be a possible flaw, so you cannot rely on disabling the button, it is only for ergonomic purposes.

Related

Accessing a sql database with two different functions

I'm making a movie rating website for a project and how to do the rating system has left me at a blank. Please let me know of a proper way to this if you know.
This gets the movie number from the url and displays the relevant information in the page
<body>
<?php
global $conn;
$conn = mysqli_connect('localhost','root','','filmsdb');
function show()
{
global $film;
global $conn;
$film = $_GET['fm'];
$sql = "SELECT * FROM movies WHERE m_No='$film'";
$ok = mysqli_query($conn,$sql);
$data = mysqli_fetch_array($ok);
$c_r= $data[8];
$c_rc= $data[9];
?>
//displays the movie information and uses radio buttons to get user rating
Then this lets the user rate the movie
<?php
}
function act1()
{
if(isset($_POST['rsub']))
{
global $film;
global $conn;
$rate = $_POST['rate'];
$sqlr= "UPDATE movies SET rating=rating+$rate, rate_count=rate_count+1 WHERE m_No='$film'";
$output = mysqli_query($conn,$sqlr);
}
if($output==1)
{
echo 'Data Stored';
}
else
{
echo 'Data Not Stored ';
echo mysqli_error($conn);
}
}
$conn = null;
?>
</body>
</html>
when only the first function is being used, it works, but when I try to use the rating system, this error comes in the browser, mysqli_query() expects parameter 1 to be mysqli, null given... Any idea on a workaround for this?

Your issue is that the two variables you're relying on with the DB connection, $conn and $film, do not exist when the page has posted back the user rating data.
Your application's lifecycle goes like this:
1) User makes initial request. PHP starts and runs the first code block, it echoes some values to the page, page is returned to the user. Once the page is returned, the request is complete and PHP stops executing. All variables declared and in memory are lost because the process has stopped running.
2) The page returned from the PHP script arrives in the user's browser. User enters their rating and posts the data back to the server. This constitutes an entirely new request.
3) The new request arrives at the server. PHP starts up again. The web is inherently stateless, so by default it remembers nothing of the previous request. Certainly not the names or values in any in-memory variables - the process that contained them died long ago and has no association with the new one.
Therefore, if you have any values that you need to use again in PHP for the second request, you can either create them again, or receive them in the request data, or the first PHP script must have stored them somewhere persistent that you can retrieve them from, such as a session variable or cookie, or database.
It's not clear from your posted code, but presumably in the second request the function act1() gets called somehow and tries to insert the data into the database. It fails because neither $film or $conn have any values in them in this new request.
I suggest you solve it like this:
1) Create your connection object again, this is easy, and you need to re-connect to MySQL for this request anyway.
2) the film you're rating should be passed back from the browser in the form data.
This is the first script, to get the initial film data and render the ratings form to the page.
//re-usable function to connect to DB. Maybe move this out to a separate file so all pages can use it.
function getDBConn() {
return mysqli_connect('localhost','root','','filmsdb');
}
function show()
{
$conn = getDBConn();
$film = $_GET['fm'];
$sql = "SELECT * FROM movies WHERE m_No='$film'";
$ok = mysqli_query($conn,$sql);
$data = mysqli_fetch_array($ok);
$c_r= $data[8];
$c_rc= $data[9];
$conn = null;
}
Your latest update doesn't show the form but I'm going to assume it's something like this, with an additional film hidden field. There should be suitable form tags around it as well.
<input type="radio" value="1" name="rate">
<input type="radio" value="2" name="rate">
<input type="radio" value="3" name="rate">
<input type="radio" value="4" name="rate"><input type="radio" value="5" name="rate">
<input type="hidden" name="film" value="<?php echo $film;?>"/>
<input type="submit" value="Rate" name="rsub">
Now is the second script, to be run when the rating data is submitted. You haven't shown how act1() is called but I'll assume you've got that covered.
function act1()
{
if(isset($_POST['rsub']))
{
$film = $_POST['film']; //get the film ID from the submitted form
$conn = getDBConn(); //assuming this script is in the same .php file as the first block, otherwise you'll need to move getDBConn into a separate php file and then include the file in each script.
$rate = $_POST['rate'];
$sqlr = "UPDATE movies SET rating=rating+$rate, rate_count=rate_count+1 WHERE m_No='$film'";
$output = mysqli_query($conn, $sqlr);
}
if ($output==1)
{
echo 'Data Stored';
}
else
{
echo 'Data Not Stored';
echo mysqli_error($conn);
}
$conn = null;
}
P.S. I know it's just an example project, but if you make a real-life site please heed the comments above re SQL injection, and don't let your applications and websites log into your DB as "root" either - give them only the privileges they actually need.

Checking to see if email is in database after hitting submit then going to url php

I'm setting up a RSVP type form on a wordpress page. Everything is sortof working but would like to fine tune things. Since I'm kindof new to PHP I thought I would ask some experts. I'm coming up with two problems.
1) When the page displays it starts checking for the email automatically before hitting submit. Is there a way to show nothing before hitting submit. Right now it is displaying the echo for the else.
When hitting submit the only way I was able to get the page to go to another url was through refresh. I couldn't get the header function to work it just kept going to a blank page.
I appreciate all the help. Here is my code.
<?PHP
if($_POST['email'] != ''){
// the email to validate
$email = $_POST['email'];
$query = mysql_query("SELECT * FROM tablename WHERE rsvpemails='$email'");
}
if(mysql_num_rows($query) != 0) {
echo '<div class="good"><h2>Your email is approved</h2>RSVP please continue to the RSVP form</div>';
echo '<META HTTP-EQUIV="Refresh" Content="0; URL=url">';
exit;
}
else {
echo '<div class="bad">Please enter your email address we used for the invite. If you have any questions or problems please email us at none#none.com</div> ';
}
?>
<form method="POST">
<input type="text" name="email">
<input type="button" value="submit">
</form>

One thing to note is that your SQL query is vulnerable to SQL Injection.
https://en.wikipedia.org/wiki/SQL_injection
You should be sanitizing your POST variables, like ->
$email = mysql_real_escape_string($_POST['email']);
To your actual question, however -
Move your if(mysql_num_rows($query) != 0) block into the if($_POST['email'] != '') block so that it only checks for row data if $_POST['email'] is set (and consequently $query will be populated with something).
Here's also some more info on meta refresh tags.
https://en.wikipedia.org/wiki/Meta_refresh

Put entire PHP code in condition.
<?php
if($_POST['email'] != ''){
// the email to validate
$email = $_POST['email'];
$query = mysql_query("SELECT * FROM tablename WHERE rsvpemails='$email'");
if(mysql_num_rows($query) != 0) {
header("location: $url"); // Redirect
exit;
}
else {
echo '<div class="bad">Please enter your email address we used for the invite. If you have any questions or problems please email us at none#none.com</div> ';
}
}
?>

You need to check if a form was submitted, BEFORE you start doing the verification:
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
... form was submitted, validate it
}
You're running your query only if something was submitted, but checking the database result regardless. So if nothing gets submitted, you STILL check the number of rows returned, which is obviously zero, since you never ran the query in the first place.

Javascript/PHP interaction only appears on second click

Have searched for the answer but no joy, so here goes...
I'm working on a mobile hybrid app. I want the user to fill in their id number, which is then submitted to a javascript function for basic validation, then kicks in a jQuery.getJSON request to my serverside PHP which returns the data and then my jQuery will repopulate the form div with the data.
Currently it doesn't really work at all in Firefox, and only works correctly in Safari after I press the submit button for a second time. It returns the correct data, so the link is ok.
My problem is: Why does the div not get repopulated after the first click?
HTML:
<div id="login540div">
<form id="login540form" onSubmit="login540()">
Enter Student ID number<input type="text" name="login540id" id="login540id"/>
<input type="submit" value="Submit" />
</form>
</div>
Javascript:
function login540(){
// validates the data entered is an integer.
var loginNo = document.getElementById("login540id").value;
//if(!isNaN(loginNo))
if((parseFloat(loginNo) == parseInt(loginNo)) && !isNaN(loginNo))
{
//jSonCaller(loginNo);
$.getJSON('http://localhost:8888/c05673160/login540.php?q='+loginNo, function(data){
//alert(data);
$('#login540div').html("<p>First Name ="+
data.firstName+
"</p> Last Name ="+data.lastName+" </p>Module No.1 ="+
data.moduleNo1+"</p> Module No.2 ="+
data.moduleNo2+"<p> Course ID="+
data.courseID+"</p>");
})
}
else
{
// alert(loginNo); CHECKED
alert("Please make sure to insert only a whole number");
}
Then the PHP goes like this...
<?php
include ("config.php");
/*
require_once('FirePHPCore/FirePHP.class.php');
ob_start();
$firephp = FirePHP::getInstance(true);
$var = array('i'=>10, 'j'=>20);
$firephp->log($var, 'Iterators');
*/
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = 'root';
$dbname = 'collegeData';
$q=$_GET["q"];
$table = "studentTable";
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if (!$conn)
die('Could not connect: ' . mysql_error());
if (!mysql_select_db($dbname))
die("Can't select database");
$result = mysql_query("SELECT * FROM {$table} WHERE studentID = '".$q."'");
if (!$result)
die("Query to show fields from table failed!" . mysql_error());
$json = array();
while($row = mysql_fetch_array ($result))
{
$json = array(
'firstName' => $row['firstName'],
'lastName' => $row['lastName'],
'moduleNo1' => $row['moduleNo1'],
'moduleNo2' => $row['moduleNo2'],
'courseID' => $row['courseID']
);
}
$jsonstring = json_encode($json);
echo $jsonstring;
mysql_close($conn);
?>
I can't figure out what's wrong, and I've been messing around with various things for the last few days trying to fix it, but no joy, so I'd really appreciate any help you can give.

#Robbie had a good point that you don't appear to be stopping the default behavior of the form submission. To do this you need to change a couple things:
onSubmit="login540()" needs to change to onSubmit="return login540()" otherwise whatever you return from the login540() function will be ignored.
At the end of the login540() function you need to return false; to stop the form from submitting normally. You can also pass in the event object as the first argument and use event.preventDefault() instead: function login540(event){event.preventDefault();...}.
To do yourself a favor however, you can use jQuery to bind the submit event handler to the form rather than using inline JS (tisk, tisk, :) )
$('#login540form').on('submit', login540);
This way you can keep all of your JS in one place rather than spread-out all over your HTML.

The bottom of Function login540() is missing, but this needs to kill the default "submit" action: this can be done with "return false;" at the end. As I can't see the end, not sure if this happens or not, but the form probably "submits" while the AJAX is running.
This is compounded as the form doesn't have an action, which probably explains the different browser behaviour. I suggest setting action to "#" and then, if you see "#" added in the URL then the form has submitted and not been stopped by your function.

Only members can submit this form php

New to php. I have a form that is only for members to submit. What php code do I need for the form to check that the email address on the form is found my members database and then its okay to submit the form?
If email address is not in the members database then I want to echo "Only members can submit this form." What php code do I need to connect to database in the form and do the check so I don't get forms submitted from non members?
Thanks

At the top of your php file you could do something like this:
if(isset($_POST['email'])) {
mysql_connect("hostname","username","password");
$result = mysql_query("SELECT * FROM users WHERE email = '".mysql_real_escape_string($_POST['email'])."'");
if($row = mysql_fetch_array($result)) {
// found email
} else {
// email wasn't found
}
}
Of course you would need to replace the hostname, username and password to correct values, also you should change the users and email in the select query to the name of your table and field.
Here is a dummy form:
<form method="POST" action="<?php echo $_SERVER['SCRIPT_NAME']; ?>">
<input type="text" name="email" />
<input type="submit" value="Send" />
</form>

You want to study Mysql query and other mysql functions. The code would basically look like:
$c = mysql_connect( ...);
mysql_select_db( 'database', $c);
$q = mysql_query( "SELECT COUNT(*) FROM users WHERE email = '" .
mysql_real_escape_string( $_POST['email'],$c) . "'");
$row = mysql_fetch_row( $q);
if( $row[0]){
echo "Thanks for submitting...";
} else {
echo "Only members...";
}
This is only brief example which is far from perfection but I think it's good place for you to start.

If someone is a registered member that implies you're very likely using a $_SESSION['id_member'] variable.
This will set the cookie's name that can be seen by the client to 'member'...
if (!headers_sent() && !isset($_SESSION))
{
session_name('member');
}
...then when a user authenticates assign a session variable and their permission...
$_SESSION['member_id'] = $mysql_row['id'];
$_SESSION['member_status'] = $mysql_row['id'];
Here is a status hierarchy that you might use or change but it should be a good point of reference...
10 - Super Admin (only you)
9 - Admin// mid-level admin
8 - Assistant//restrictive admin
7 - Moderator//Don't give this status to any jerks
6 - Premium Member//they gave you money!
5 - Registered Member//normal account status
4 - Frozen Account//not banned but did something wrong, will "thaw"
3 - Unverified Email Address//registered but did not verify email
2 - Unregistered Visitor//human
1 - Good Bots
0 - Banned
Generally first determine how to catch the form...
if ($_SERVER['REQUEST_METHOD']=='GET')
{
}
else if ($_SERVER['REQUEST_METHOD']=='POST')
{
if (isset($_POST['submit_button_name_value'])) {blog_post_ajax_comment();}
}
I add the name="value" attribute/value to submit buttons, why? Have two submit options (preview and publish in example) you may want to have the server trigger one function or the other, VERY simple and valid (X)HTML.
You should check if the variable isset (keep permissions in mind).
Then check if their user permissions are adequate, you can use a simple integer to represent this.
Then wrap the isset and permission if statements around two things, one the form and secondly make sure you use these conditions when PROCESSING the form.
I always test against things to reject and throwing in database query error handling to give you a little extra boost...
//function module_method_ajax_purpose()
function blog_post_ajax_comment()
{
if (!isset($_SESSION['member'])) {http_report('403',__FUNCTION__,'Error: you must be signed in to do that.');}
else if ($_SESSION['member_status']<=4) {http_report('403',__FUNCTION__,'Error: permission denied; your account has been flagged for abuse.');}
else if (flood_control($datetime,'60')!=1) {http_report('403',__FUNCTION__,'Error: you can only post a comment once every X seconds.');}
else if (!isset($_POST['post_form_name_1']) || !isset($_POST['post_form_name_2'])) {http_report('403',__FUNCTION__,'Error: permission denied.');}
else
{
// NOW process
$query1 = "SELECT * FROM table";
$result1 = mysql_query($query1);
if ($result1)
{
//successful, increment query number for further queries
}
else {mysql_error_report($query1,mysql_error(),__FUNCTION__);}
}
Error reporting is VERY powerful, use it for HTTP, JavaScript, PHP and MySQL. You could also benefit from my answer about real-time log reading here: jQueryUI tabs and Firefox: getBBox broken?

Help with php blank page?

I run a fantasy basketball league. My php website/sql database is designed to let the person running the team do everything through the website - they can waive a player, and the player automatically goes into the FA pool, etc.
Everything has worked perfectly until about a week ago. Anytime now that a team goes to sign a player, after clicking "Sign", they get a blank PHP page. I have no idea why - I have made no adjustments to any files. It just started happening. Below is the code for the blank PHP page - can someone help?
<?php
$username = "me";
$password = "mypassword";
$database = "mydatabase";
mysql_connect(localhost,$username,$password);
#mysql_select_db($database) or die( "Unable to select database");
$Team_Offering = $_POST['Team_Name'];
$Fields_Counter = $_POST['counterfields'];
$Roster_Slots = $_POST['rosterslots'];
$Healthy_Roster_Slots = $_POST['healthyrosterslots'];
$Type_Of_Action = $_POST['Action'];
$queryt="SELECT * FROM nuke_ibl_team_info WHERE team_name = '$Team_Offering' ";
$resultt=mysql_query($queryt);
$teamid=mysql_result($resultt,0,"teamid");
$Timestamp = intval(time());
// ADD TEAM TOTAL SALARY FOR THIS YEAR
$querysalary="SELECT * FROM nuke_iblplyr WHERE teamname = '$Team_Offering' AND retired = 0 ";
$results=mysql_query($querysalary);
$num=mysql_numrows($results);
$z=0;
while($z < $num)
{
$cy=mysql_result($results,$z,"cy");
$cyy = "cy$cy";
$cy2=mysql_result($results,$z,"$cyy");
$TotalSalary = $TotalSalary + $cy2;
$z++;
}
//ENT TEAM TOTAL SALARY FOR THIS YEAR
$k=0;
$Salary=0;
while ($k < $Fields_Counter)
{
$Type=$_POST['type'.$k];
$Salary=$_POST['cy'.$k];
$Index=$_POST['index'.$k];
$Check=$_POST['check'.$k];
$queryn="SELECT * FROM nuke_iblplyr WHERE pid = '$Index' ";
$resultn=mysql_query($queryn);
$playername=mysql_result($resultn,0,"name");
$players_team=mysql_result($resultn,0,"tid");
if ($Check == "on")
{
if ($Type_Of_Action == "drop")
{
if ($Roster_Slots < 4 and $TotalSalary > 7000)
{
echo "You have 12 players and are over $70 mill hard cap. Therefore you can't drop a player! <br>You will be automatically redirected to the main IBL page in a moment. If you are not redirected, click the link.";
}else{
$queryi = "UPDATE nuke_iblplyr SET `ordinal` = '1000', `droptime` = '$Timestamp' WHERE `pid` = '$Index' LIMIT 1;";
$resulti=mysql_query($queryi);
$topicid=32;
$storytitle=$Team_Offering." make waiver cuts";
$hometext="The ".$Team_Offering." cut ".$playername." to waivers.";
// ==== PUT ANNOUNCEMENT INTO DATABASE ON NEWS PAGE
$timestamp=date('Y-m-d H:i:s',time());
$querycat="SELECT * FROM nuke_stories_cat WHERE title = 'Waiver Pool Moves'";
$resultcat=mysql_query($querycat);
$WPMoves=mysql_result($resultcat,0,"counter");
$catid=mysql_result($resultcat,0,"catid");
$WPMoves=$WPMoves+1;
$querycat2="UPDATE nuke_stories_cat SET counter = $WPMoves WHERE title = 'Waiver Pool Moves'";
$resultcat2=mysql_query($querycat2);
$querystor="INSERT INTO nuke_stories (catid,aid,title,time,hometext,topic,informant,counter,alanguage) VALUES ('$catid','Associated Press','$storytitle','$timestamp','$hometext','$topicid','Associated Press','0','english')";
$resultstor=mysql_query($querystor);
echo "<html><head><title>Waiver Processing</title>
</head>
<body>
Your waiver moves should now be processed. <br>You will be automatically redirected to the main IBL page in a moment. If you are not redirected, click the link.
</body></html>";
}
} else {
if ($players_team == $teamid)
{
$queryi = "UPDATE nuke_iblplyr SET `ordinal` = '800', `teamname` = '$Team_Offering', `tid` = '$teamid' WHERE `pid` = '$Index' LIMIT 1;";
$resulti=mysql_query($queryi);
$Roster_Slots++;
$topicid=33;
$storytitle=$Team_Offering." make waiver additions";
$hometext="The ".$Team_Offering." sign ".$playername." from waivers.";
// ==== PUT ANNOUNCEMENT INTO DATABASE ON NEWS PAGE
$timestamp=date('Y-m-d H:i:s',time());
$querycat="SELECT * FROM nuke_stories_cat WHERE title = 'Waiver Pool Moves'";
$resultcat=mysql_query($querycat);
$WPMoves=mysql_result($resultcat,0,"counter");
$catid=mysql_result($resultcat,0,"catid");
$WPMoves=$WPMoves+1;
$querycat2="UPDATE nuke_stories_cat SET counter = $WPMoves WHERE title = 'Waiver Pool Moves'";
$resultcat2=mysql_query($querycat2);
$querystor="INSERT INTO nuke_stories (catid,aid,title,time,hometext,topic,informant,counter,alanguage) VALUES ('$catid','Associated Press','$storytitle','$timestamp','$hometext','$topicid','Associated Press','0','english')";
$resultstor=mysql_query($querystor);
echo "<html><head><title>Waiver Processing</title>
</head>
<body>
Your waiver moves should now be processed. <br>You will be automatically redirected to the main IBL page in a moment. If you are not redirected, click the link.
</body></html>";
} else {
if ($Healthy_Roster_Slots < 4 and $TotalSalary + $Salary > 7000)
{
echo "You have 12 or more healthy players and this signing will put you over $70. Therefore you can not make this signing. <br>You will be automatically redirected to the main IBL page in a moment. If you are not redirected, click the link.";
} elseif ($Healthy_Roster_Slots > 3 and $TotalSalary + $Salary > 7000 and $Salary > 103) {
echo "You are over the hard cap and therefore can only sign players who are making veteran minimum contract! <br>You will be automatically redirected to the main IBL page in a moment. If you are not redirected, click the link.";
} elseif ($Healthy_Roster_Slots < 1) {
echo "You have full roster of 15 players. You can't sign another player at this time! <br>You will be automatically redirected to the main IBL page in a moment. If you are not redirected, click the link.";
} else {
$queryi = "UPDATE nuke_iblplyr SET `ordinal` = '800', `bird` = '0', `cy` = '1', `cy1` = '$Salary', `teamname` = '$Team_Offering', `tid` = '$teamid' WHERE `pid` = '$Index' LIMIT 1;";
$resulti=mysql_query($queryi);
$Roster_Slots++;
$topicid=33;
$storytitle=$Team_Offering." make waiver additions";
$hometext="The ".$Team_Offering." sign ".$playername." from waivers.";
// ==== PUT ANNOUNCEMENT INTO DATABASE ON NEWS PAGE
$timestamp=date('Y-m-d H:i:s',time());
$querycat="SELECT * FROM nuke_stories_cat WHERE title = 'Waiver Pool Moves'";
$resultcat=mysql_query($querycat);
$WPMoves=mysql_result($resultcat,0,"counter");
$catid=mysql_result($resultcat,0,"catid");
$WPMoves=$WPMoves+1;
$querycat2="UPDATE nuke_stories_cat SET counter = $WPMoves WHERE title = 'Waiver Pool Moves'";
$resultcat2=mysql_query($querycat2);
$querystor="INSERT INTO nuke_stories (catid,aid,title,time,hometext,topic,informant,counter,alanguage) VALUES ('$catid','Associated Press','$storytitle','$timestamp','$hometext','$topicid','Associated Press','0','english')";
$resultstor=mysql_query($querystor);
echo "<html><head><title>Waiver Processing</title>
</head>
<body>
Your waiver moves should now be processed. <br>You will be automatically redirected to the main IBL page in a moment. If you are not redirected, click the link.
</body></html>";
}
}
}
}
$k++;
}
?>

Put the following right after the open PHP tag:
error_reporting(E_ALL);
ini_set('display_errors', 'On');
If this doesn't work, there is a probably a parse error and then you'll need to check the error log.
You will also need to escape your values that you are putting in the queries. This maybe causing a MySQL query to fail. If someone puts a " in $_POST['Team_Name'] your first query may fail.
Another final possible problem: are you sure it can still connect to MySQL?
An option to find the problem is commenting out large portions of code and then piece by piece uncommenting sectons.
Edit: So your first problem is the mysql_connect line. It needs to be changed to, notice the quotes: mysql_connect('localhost',$username,$password); Also, the variable $result and $queryt are spelt wrong in this line and used in their correct spelling: $resultt=mysql_query($queryt); I haven't checked the rest, but there maybe other errors that will cause your script to break. Some of the errors list are important to fix, but won't break your script.
Escaping: Check out the following page: http://php.net/manual/en/function.mysql-escape-string.php This basically prevents people from deleting your entire database.
Check the sample code on this page to find out how to connect to MySQL and check to see if you are connected.
Another suggestion: Are you sure none of your queries are failing? You probably want to check if the result from query is false before continuing, like:
if ($resultcat2 === false) {
trigger_error('query failed ' . $sql, E_USER_ERROR);
echo 'Sorry, there was a problem processing your request. Please try again later.';
exit;
}

Turn error reporting on for PHP in your php.ini file and see if any errors or warnings are reported. Also try removing the trailing whitespace at the end of the file before the last ?>, this has caused problems for me in the past.

Added comments to some of the above responses. Please try to dumb down for me as much as possible - I'm extremely new to this. I can't figure out why it would suddenly stop working, though, when I've made no changes at all to the code.

If you made no changes to any files and it just "broke" then that would indicate that either your webhost went thru a configuration change, your database got hosed somehow, or that someone else may've changed something.
To help spot the culprit, after every one of these
if{
else{
while{
or/and after every few statements (statements end with a semicolon ;) add this to the next line
print "<br> made it to this label: some_unique_label_name_here";
Where you should replace the label each time to help you trace the code.
This will be your first step into debugging the script to figure out how far the code execution is reaching.

Without going through your code in too much detail,I would suggest you look for any sections that may loop for a long time,without returning

After enabling error reporting, make sure to put in else statements that correspond with all of your if-statements so you can determine if those statements are being triggered or not. Throw in some echos.

Also, to clarify - I have probably three dozen PHP files on the site - this is the ONLY one that has stopped working.

As an aside, you should change every variable from a get or post such as:
$Team_Offering = $_POST['Team_Name'];
to
$Team_Offering = mysql_real_escape_string($_POST['Team_Name']);
before using it in a mysql query, otherwise you are vunerable to SQL injection attacks.

This is where I got...everything below the print line wouldn't show up if I put the print line below it.
$k=0;
$Salary=0;
print "<br> made it to this label: some_unique_label_name_here";
while ($k < $Fields_Counter)
{
$Type=$_POST['type'.$k];
$Salary=$_POST['cy'.$k];
$Index=$_POST['index'.$k];
$Check=$_POST['check'.$k];
$queryn="SELECT * FROM nuke_iblplyr WHERE pid = '$Index' ";
$resultn=mysql_query($queryn);
$playername=mysql_result($resultn,0,"name");
$players_team=mysql_result($resultn,0,"tid");

So an update...nothing. lol
If you review this code:
$k=0;
$Salary=0;
print " made it to this label: some_unique_label_name_here";
while ($k < $Fields_Counter)
{
$Type=$_POST['type'.$k];
$Salary=$_POST['cy'.$k];
$Index=$_POST['index'.$k];
$Check=$_POST['check'.$k];
$queryn="SELECT * FROM nuke_iblplyr WHERE pid = '$Index' ";
$resultn=mysql_query($queryn);
$playername=mysql_result($resultn,0,"name");
$players_team=mysql_result($resultn,0,"tid");
If I put the print statement below while, the page goes blank and it doesn't show up. If the print statement is before while, the statement shows up but there's no action made on the page. The end result is that when running this page, the player selected on the previous page should be removed from Free Agents, added to the user's team, and a story should be posted on the front page announcing it. Obviously none of those are happening here.

Categories