Willkommen |
|
myGully |
|
Links |
|
Forum |
|
|
|
 |
03.04.10, 12:28
|
#1
|
Erfahrener Newbie
Registriert seit: Jan 2010
Beiträge: 84
Bedankt: 11
|
PHP S***** gibt Fehler aus wo ist er?
Hi habe etwas geändert da ich die neuen werte auch in die DB eingeben will aber wenn ich dass Formular abschiken möchte kommt quarry fehler.
Ich habe schon in der DB die neuen Tabellen angelegt.
Also ich will
kill
voll
asis
serie
tode
einfügen dass input feld hat die gleiche value.
PHP-Code:
<?php
$_language->read_module('myprofile');
if(!$userID) echo $_language->module['not_logged_in'];
else {
$showerror = '';
eval ("\$title_myprofile = \"".gettemplate("title_myprofile")."\";");
echo $title_myprofile;
if(isset($_POST['submit'])) {
$nickname = htmlspecialchars(mb_substr(trim($_POST['nickname']), 0, 30));
if(isset($_POST['mail'])) $mail = $_POST['mail'];
else $mail="";
if(isset($_POST['mail_hide'])) $mail_hide = true;
else $mail_hide = false;
$usernamenew = mb_substr(trim($_POST['usernamenew']), 0, 30);
$usertext = $_POST['usertext'];
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$b_day = $_POST['b_day'];
$b_month = $_POST['b_month'];
$b_year = $_POST['b_year'];
$sex = $_POST['sex'];
$flag = $_POST['flag'];
$town = $_POST['town'];
$icq = $_POST['icq'];
$icq = str_replace('-','',$icq); // Replace -
$about = $_POST['messageabout'];
$clantag = $_POST['clantag'];
$clanname = $_POST['clanname'];
$clanhp = $_POST['clanhp'];
$clanirc = $_POST['clanirc'];
$clanhistory = $_POST['clanhistory'];
$cpu = $_POST['cpu'];
$mainboard = $_POST['mainboard'];
$monitor = $_POST['monitor'];
$ram = $_POST['ram'];
$graphiccard = $_POST['graphiccard'];
$soundcard = $_POST['soundcard'];
$connection = $_POST['connection'];
$keyboard = $_POST['keyboard'];
$mouse = $_POST['mouse'];
$mousepad = $_POST['mousepad'];
$newsletter = $_POST['newsletter'];
$homepage = str_replace('http://', '', $_POST['homepage']);
$pm_mail = $_POST['pm_mail'];
$avatar = $_FILES['avatar'];
$userpic = $_FILES['userpic'];
$language = $_POST['language'];
$kill = $_POST['kill'];
$voll= $_POST['voll'];
$asis = $_POST['asis'];
$serie = $_POST['serie'];
$tode = $_POST['tode'];
$id = $userID;
$error_array = array();
if(isset($_POST['userID']) or isset($_GET['userID']) or $userID=="") die($_language->module['not_logged_in']);
if(isset($_POST['delavatar'])) {
$filepath = "./images/avatars/";
if(file_exists($filepath.$id.'.gif')) @unlink($filepath.$id.'.gif');
if(file_exists($filepath.$id.'.jpg')) @unlink($filepath.$id.'.jpg');
if(file_exists($filepath.$id.'.png')) @unlink($filepath.$id.'.png');
safe_query("UPDATE ".PREFIX."user SET avatar='' WHERE userID='".$id."'");
}
if(isset($_POST['deluserpic'])) {
$filepath = "./images/userpics/";
if(file_exists($filepath.$id.'.gif')) @unlink($filepath.$id.'.gif');
if(file_exists($filepath.$id.'.jpg')) @unlink($filepath.$id.'.jpg');
if(file_exists($filepath.$id.'.png')) @unlink($filepath.$id.'.png');
safe_query("UPDATE ".PREFIX."user SET userpic='' WHERE userID='".$id."'");
}
//avatar
$filepath = "./images/avatars/";
if($avatar['name'] != "" or ($_POST['avatar_url'] != "" and $_POST['avatar_url'] != "http://")) {
if($avatar['name'] != "") {
move_uploaded_file($avatar['tmp_name'], $filepath.$avatar['name'].".tmp");
}
else {
$avatar['name'] = strrchr($_POST['avatar_url'],"/");
if(!copy($_POST['avatar_url'],$filepath.$avatar['name'].".tmp")) {
$error_array['can_not_copy'] = $_language->module['can_not_copy'];
}
}
if(!array_key_exists('can_not_copy', $error_array))
{
@chmod($filepath.$avatar['name'].".tmp", $new_chmod);
$info = getimagesize($filepath.$avatar['name'].".tmp");
if($info[0] < 91 && $info[1] < 91) {
$pic = '';
if($info[2] == 1) $pic=$id.'.gif';
elseif($info[2] == 2) $pic=$id.'.jpg';
elseif($info[2] == 3) $pic=$id.'.png';
if($pic != "") {
if(file_exists($filepath.$id.'.gif')) @unlink($filepath.$id.'.gif');
if(file_exists($filepath.$id.'.jpg')) @unlink($filepath.$id.'.jpg');
if(file_exists($filepath.$id.'.png')) @unlink($filepath.$id.'.png');
rename($filepath.$avatar['name'].'.tmp', $filepath.$pic);
safe_query("UPDATE ".PREFIX."user SET avatar='".$pic."' WHERE userID='".$id."'");
}
else {
if(unlink($filepath.$avatar['name'].".tmp")) {
$error_array[] = $_language->module['invalid_picture-format'];
}
else {
$error_array[] = $_language->module['upload_failed'];
}
}
}
else {
@unlink($filepath.$avatar['name'].".tmp");
$error_array[] = $_language->module['picture_too_big_avatar'];
}
}
}
//userpic
$filepath = "./images/userpics/";
if($userpic['name'] != "" or ($_POST['userpic_url'] != "" and $_POST['userpic_url'] != "http://")) {
if($userpic['name'] != "") {
move_uploaded_file($userpic['tmp_name'], $filepath.$userpic['name'].".tmp");
} else {
$userpic['name'] = strrchr($_POST['userpic_url'],"/");
if(!copy($_POST['userpic_url'],$filepath.$userpic['name'].".tmp")) {
$error_array['can_not_copy'] = $_language->module['can_not_copy'];
}
}
if(!array_key_exists('can_not_copy', $error_array))
{
@chmod($filepath.$userpic['name'].".tmp", $new_chmod);
$info = getimagesize($filepath.$userpic['name'].".tmp");
if($info[0] < 231 && $info[1] < 211) {
$pic = '';
if($info[2] == 1) $pic=$id.'.gif';
elseif($info[2] == 2) $pic=$id.'.jpg';
elseif($info[2] == 3) $pic=$id.'.png';
if($pic != "") {
if(file_exists($filepath.$id.'.gif')) @unlink($filepath.$id.'.gif');
if(file_exists($filepath.$id.'.jpg')) @unlink($filepath.$id.'.jpg');
if(file_exists($filepath.$id.'.png')) @unlink($filepath.$id.'.png');
rename($filepath.$userpic['name'].".tmp", $filepath.$pic);
safe_query("UPDATE ".PREFIX."user SET userpic='".$pic."' WHERE userID='".$id."'");
}
else {
if(unlink($filepath.$userpic['name'].".tmp")) {
$error_array[] = $_language->module['invalid_picture-format'];
}
else {
$error_array[] = $_language->module['upload_failed'];
}
}
}
else {
@unlink($filepath.$userpic['name'].".tmp");
$error_array[] = $_language->module['picture_too_big_userpic'];
}
}
}
$birthday = $b_year.'-'.$b_month.'-'.$b_day;
$qry = "SELECT userID FROM ".PREFIX."user WHERE username = '".$usernamenew."' AND userID != ".$userID." LIMIT 0,1";
if(mysql_num_rows(safe_query($qry))) {
$error_array[] = $_language->module['username_aleady_in_use'];
}
$qry = "SELECT userID FROM ".PREFIX."user WHERE nickname = '".$nickname."' AND userID!=".$userID." LIMIT 0,1";
if(mysql_num_rows(safe_query($qry))) {
$error_array[] = $_language->module['nickname_already_in_use'];
}
if(count($error_array))
{
$fehler=implode('<br />• ', $error_array);
$showerror = '<div class="errorbox">
<b>'.$_language->module['errors_there'].':</b><br /><br />
• '.$fehler.'
</div>';
}
else
{
safe_query("UPDATE `".PREFIX."user`
SET
nickname='".$nickname."',
username='".$usernamenew."',
email_hide='".$mail_hide."',
firstname='".$firstname."',
lastname='".$lastname."',
sex='".$sex."',
country='".$flag."',
town='".$town."',
birthday='".$birthday."',
icq='".$icq."',
usertext='".$usertext."',
clantag='".$clantag."',
clanname='".$clanname."',
clanhp='".$clanhp."',
clanirc='".$clanirc."',
clanhistory='".$clanhistory."',
cpu='".$cpu."',
mainboard='".$mainboard."',
ram='".$ram."',
monitor='".$monitor."',
graphiccard='".$graphiccard."',
soundcard='".$soundcard."',
verbindung='".$connection."',
keyboard='".$keyboard."',
mouse='".$mouse."',
mousepad='".$mousepad."',
mailonpm='".$pm_mail."',
newsletter='".$newsletter."',
homepage='".$homepage."',
about='".$about."',
language='".$language."',
kill='".$kill."',
voll='".$voll."',
asis='".$asis."',
serie='".$serie."',
tode='".$tode."',
WHERE
userID='".$id."'");
redirect("index.php?site=profile&id=$id", $_language->module['profile_updated'],3);
}
}
if(isset($_GET['action']) AND $_GET['action']=="editpwd") {
$bg1 = BG_1;
$bg2 = BG_2;
$bg3 = BG_3;
$bg4 = BG_4;
$border = BORDER;
eval("\$myprofile_editpwd = \"".gettemplate("myprofile_editpwd")."\";");
echo $myprofile_editpwd;
}
elseif(isset($_POST['savepwd'])) {
$oldpwd = $_POST['oldpwd'];
$pwd1 = $_POST['pwd1'];
$pwd2 = $_POST['pwd2'];
$id = $userID;
$ergebnis = safe_query("SELECT password FROM ".PREFIX."user WHERE userID='".$id."'");
$ds = mysql_fetch_array($ergebnis);
if(!(mb_strlen(trim($oldpwd)))) {
$error = $_language->module['forgot_old_pw'];
die('<b>ERROR: '.$error.'</b><br /><br /><input type="button" onclick="javas*****:history.back()" value="'.$_language->module['back'].'" />');
}
$oldmd5pwd = md5($oldpwd);
if($oldmd5pwd != $ds['password']) {
$error = $_language->module['old_pw_not_valid'];
die('<b>ERROR: '.$error.'</b><br /><br /><input type="button" onclick="javas*****:history.back()" value="'.$_language->module['back'].'" />');
}
if($pwd1 == $pwd2) {
if(!(mb_strlen(trim($pwd1)))) {
$error = $_language->module['forgot_new_pw'];
die('<b>ERROR: '.$error.'</b><br /><br /><input type="button" onclick="javas*****:history.back()" value="'.$_language->module['back'].'" />');
}
}
else {
$error = $_language->module['repeated_pw_not_valid'];
die('<b>ERROR: '.$error.'</b><br /><br /><input type="button" onclick="javas*****:history.back()" value="'.$_language->module['back'].'" />');
}
$newmd5pwd = md5(stripslashes($pwd1));
safe_query("UPDATE ".PREFIX."user SET password='".$newmd5pwd."' WHERE userID='".$userID."'");
//logout
unset($_SESSION['ws_auth']);
unset($_SESSION['ws_lastlogin']);
session_destroy();
redirect('index.php?site=login', $_language->module['pw_changed'],3);
}
elseif(isset($_GET['action']) AND $_GET['action']=="editmail") {
$bg1 = BG_1;
$bg2 = BG_2;
$bg3 = BG_3;
$bg4 = BG_4;
$border = BORDER;
eval("\$myprofile_editmail = \"".gettemplate("myprofile_editmail")."\";");
echo $myprofile_editmail;
}
elseif(isset($_POST['savemail'])){
$activationkey = createkey(20);
$activationlink = 'http://'.$hp_url.'/index.php?site=register&mailkey='.$activationkey;
$pwd = $_POST['oldpwd'];
$mail1 = $_POST['mail1'];
$mail2 = $_POST['mail2'];
$ergebnis = safe_query("SELECT password, username FROM ".PREFIX."user WHERE userID='".$userID."'");
$ds = mysql_fetch_array($ergebnis);
$username = $ds['username'];
if(!(mb_strlen(trim($pwd)))) {
$error = $_language->module['forgot_old_pw'];
die('<b>ERROR: '.$error.'</b><br /><br /><input type="button" onclick="javas*****:history.back()" value="'.$_language->module['back'].'" />');
}
$md5pwd = md5(stripslashes($pwd));
if($md5pwd != $ds['password']) {
die('<b>ERROR: '.$error.'</b><br /><br /><input type="button" onclick="javas*****:history.back()" value="'.$_language->module['back'].'" />');
}
if($mail1 == $mail2) {
if(!(mb_strlen(trim($mail1)))) {
$error = $_language->module['mail_not_valid'];
die('<b>ERROR: '.$error.'</b><br /><br /><input type="button" onclick="javas*****:history.back()" value="'.$_language->module['back'].'" />');
}
}
else {
$error = $_language->module['repeated_pw_not_valid'];
die('<b>ERROR: '.$error.'</b><br /><br /><input type="button" onclick="javas*****:history.back()" value="'.$_language->module['back'].'" />');
}
// check e-mail
if(!validate_email($mail1)){
$error=$_language->module['invalid_mail'];
die('<b>ERROR: '.$error.'</b><br /><br /><input type="button" onclick="javas*****:history.back()" value="'.$_language->module['back'].'" />');
}
safe_query("UPDATE ".PREFIX."user SET email_change = '".$mail1."', email_activate = '".$activationkey."' WHERE userID='".$userID."'");
$ToEmail = $mail1;
$ToName = $username;
$header = str_replace(Array('%homepage_url%'), Array($hp_url), $_language->module['mail_subject']);
$Message = str_replace(Array('%username%', '%activationlink%', '%pagetitle%', '%homepage_url%'), Array($username, $activationlink, $hp_title, $hp_url), $_language->module['mail_text']);
if(mail($ToEmail,$header, $Message, "From:".$admin_email."\nContent-type: text/plain; charset=utf-8\n")) echo $_language->module['mail_changed'];
else echo $_language->module['mail_failed'];
}
else {
$ergebnis = safe_query("SELECT * FROM ".PREFIX."user WHERE userID='".$userID."'");
$anz = mysql_num_rows($ergebnis);
if($anz) {
$ds = mysql_fetch_array($ergebnis);
$flag = '[flag]'.$ds['country'].'[/flag]';
$country = flags($flag);
$country = str_replace("<img","<img id='county'",$country);
$sex = '<option value="m">'.$_language->module['male'].'</option><option value="f">'.$_language->module['female'].'</option><option value="u">'.$_language->module['unknown'].'</option>';
$sex = str_replace('value="'.$ds['sex'].'"','value="'.$ds['sex'].'" selected="selected"',$sex);
if($ds['newsletter'] == "1") $newsletter = '<option value="1" selected="selected">'.$_language->module['yes'].'</option><option value="0">'.$_language->module['no'].'</option>';
else $newsletter = '<option value="1">'.$_language->module['yes'].'</option><option value="0" selected="selected">'.$_language->module['no'].'</option>';
if($ds['mailonpm'] == "1") $pm_mail = '<option value="1" selected="selected">'.$_language->module['yes'].'</option><option value="0">'.$_language->module['no'].'</option>';
else $pm_mail = '<option value="1">'.$_language->module['yes'].'</option><option value="0" selected="selected">'.$_language->module['no'].'</option>';
if($ds['email_hide']) $email_hide = ' checked="checked"';
else $email_hide = '';
$b_day = mb_substr($ds['birthday'],8,2);
$b_month = mb_substr($ds['birthday'],5,2);
$b_year = mb_substr($ds['birthday'],0,4);
$countries = str_replace(" selected=\"selected\"", "", $countries);
$countries = str_replace('value="'.$ds['country'].'"', 'value="'.$ds['country'].'" selected="selected"', $countries);
if($ds['avatar']) $viewavatar = '• <a href="javas*****:MM_openBrWindow(\'images/avatars/'.$ds['avatar'].'\',\'avatar\',\'width=120,height=120\')">'.$_language->module['avatar'].'</a>';
else $viewavatar = $_language->module['avatar'];
if($ds['userpic']) $viewpic = '• <a href="javas*****:MM_openBrWindow(\'images/userpics/'.$ds['userpic'].'\',\'userpic\',\'width=250,height=230\')">'.$_language->module['userpic'].'</a>';
else $viewpic = $_language->module['userpic'];
$usertext = getinput($ds['usertext']);
$clanhistory = clearfromtags($ds['clanhistory']);
$clanname = clearfromtags($ds['clanname']);
$clantag = clearfromtags($ds['clantag']);
$clanirc = clearfromtags($ds['clanirc']);
$firstname = clearfromtags($ds['firstname']);
$lastname = clearfromtags($ds['lastname']);
$town = clearfromtags($ds['town']);
$cpu = clearfromtags($ds['cpu']);
$mainboard = clearfromtags($ds['mainboard']);
$ram = clearfromtags($ds['ram']);
$monitor = clearfromtags($ds['monitor']);
$graphiccard = clearfromtags($ds['graphiccard']);
$soundcard = clearfromtags($ds['soundcard']);
$connection = clearfromtags($ds['verbindung']);
$keyboard = clearfromtags($ds['keyboard']);
$mouse = clearfromtags($ds['mouse']);
$mousepad = clearfromtags($ds['mousepad']);
$clanhp = getinput($ds['clanhp']);
$about = getinput($ds['about']);
$nickname = $ds['nickname'];
$username = getinput($ds['username']);
$email = getinput($ds['email']);
$icq = getinput($ds['icq']);
$homepage = getinput($ds['homepage']);
$kill = getinput($ds['kill']);
$voll = getinput($ds['voll']);
$asis = getinput($ds['asis']);
$serie = getinput($ds['serie']);
$tode = getinput($ds['tode']);
$langdirs = '';
$filepath = "languages/";
// Select all possible languages
$mysql_langs = array();
$query = safe_query("SELECT lang, language FROM ".PREFIX."news_languages");
while($dx = mysql_fetch_assoc($query)){
$mysql_langs[$dx['lang']] = $dx['language'];
}
if($dh = opendir($filepath)) {
while($file = mb_substr(readdir($dh), 0, 2)) {
if($file != "." and $file!=".." and is_dir($filepath.$file)) {
if(isset($mysql_langs[$file])){
$name = $mysql_langs[$file];
$name = ucfirst($name);
$langdirs .= '<option value="'.$file.'">'.$name.'</option>';
}
else {
$langdirs .= '<option value="'.$file.'">'.$file.'</option>';
}
}
}
closedir($dh);
}
if($ds['language']) $langdirs = str_replace('"'.$ds['language'].'"', '"'.$ds['language'].'" selected="selected"', $langdirs);
else $langdirs = str_replace('"'.$_language->language.'"', '"'.$_language->language.'" selected="selected"', $langdirs);
$bg1 = BG_1;
$bg2 = BG_2;
$bg3 = BG_3;
$bg4 = BG_4;
eval("\$myprofile = \"".gettemplate("myprofile")."\";");
echo $myprofile;
}
else echo $_language->module['not_logged_in'];
}
}
?>
|
|
|
03.04.10, 13:22
|
#2
|
Monk
Registriert seit: Jul 2009
Beiträge: 181
Bedankt: 29
|
Es ist immer hilfreich wenn man die Fehlermeldung hat weil dann ist das Prob schon sogut wie gelöscht! Also ich meine die gesamte mit Line etc.
__________________
AC:B Fan!
|
|
|
03.04.10, 15:00
|
#3
|
Stammi
Registriert seit: Sep 2009
Beiträge: 1.274
Bedankt: 694
|
Das sieht mir stark nach webSPELL aus. Geh mal in die _settings.php und suche die zeile Debug OFF und ersetzte sie durch Debug ON...
Dann mache nocheinmal eine eingabe damit der fehler wiederkommt dann wird er nämlich voll ausgegeben
|
|
|
03.04.10, 17:55
|
#4
|
Erfahrener Newbie
Registriert seit: Jan 2010
Beiträge: 84
Bedankt: 11
|
jo is webspell. Danke für die schnelle antworten.
Hier die lange fehler variante:
# Query failed: errorno=1064
# error=You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'kill='', voll='', asis='ww', serie='', tode='', ' at line 34
# query=UPDATE `clan_user` SET nickname='[TRIX]Bludi', username='[TRIX]Bludi', email_hide='1', firstname='Fabian', lastname='H', sex='m', country='de', town='Großheubach', birthday='1994-02-13', icq='', usertext='[TRIX]Super-Administrator[flag]de[/flag]', clantag='TRIX', clanname='TRIX', clanhp='hier^^', clanirc='TRIX', clanhistory='TRIX', cpu='AMD Phenom II X4 955 BE', mainboard='Gigabyte UD5P', ram='DDR3 4GB 1666', monitor='Samsung SyncMaster 2494HS', graphiccard='Readon HD 5770', soundcard='Onboard', verbindung='4000er Leitung (DSL)', keyboard='Logitech (Standart)', mouse='Labtec (Standart)', mousepad='IKEA^^', mailonpm='1', newsletter='1', homepage='hier^^', about='', language='de', kill='', voll='', asis='ww', serie='', tode='', WHERE userID='1'
|
|
|
10.05.10, 10:41
|
#5
|
Anfänger
Registriert seit: Jan 2010
Beiträge: 23
Bedankt: 4
|
Code:
tode='".$tode."',
WHERE userID='".$id."'");
Der Fehler kommt weil du in der UPDATE-Abfrage vor dem WHERE ein Komma hast, nimm einfach das Komma raus.
So ist richtig:
Code:
tode='".$tode."'
WHERE userID='".$id."'");
|
|
|
10.05.10, 18:23
|
#6
|
Mitglied
Registriert seit: Aug 2009
Ort: void* (*wtf[])(void **);
Beiträge: 453
Bedankt: 137
|
also wenn die POST parmeter den selben namen haben wie die spalten der tabelle, würd' ich's so machen:
Code:
$ignore = array ('delavatar', 'deluserpic', '................');
foreach ($_POST as $k => $v) {
if (! in_array ($k, $ignore)) {
$update[] = "$k='" . mysql_real_escape_string ($v) . "'";
}
}
if ($update) {
$sql = 'update TABLE set ' . implode (',', $update) . " where userID='".$id."'";
}
__________________
entropie erfordert keine wartung
|
|
|
Forumregeln
|
Du kannst keine neue Themen eröffnen
Du kannst keine Antworten verfassen
Du kannst keine Anhänge posten
Du kannst nicht deine Beiträge editieren
HTML-Code ist Aus.
|
|
|
Alle Zeitangaben in WEZ +1. Es ist jetzt 09:29 Uhr.
().
|