Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

mysql / php form works on internet but not on intranet

Posted on 2011-09-15
7
Medium Priority
?
612 Views
Last Modified: 2012-05-12
I am attempting to port an established web site with mysql backend to an intranet site.  To date I have established the database and web site, with tables and data, on a stand-alone Windows 7/Wamp setup.

The intranet web site functions correctly.  I can access the database from phpmyadmin however, when I attempt to use the intranet form (php/html) to access the database I am getting a “Use of undefined constant ID - assumed ‘ID’” error, and the resulting garbage in the form.

This appears to be only on the call from the table to fill the form, not when data is sent to the table.

Specifics:

      Internet:      MySQL 5.0, PHP 5, Apache on Linux Server

      Intranet:      MySQL 5.0.7, PHP 5.3.5, Apache 2.2.17, on Windows 7

I have reviewed the php constant reference and I am at a loss to understand why the error is occurring.  Any help would be appreciated.
0
Comment
Question by:dibrandt
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
7 Comments
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 36547166
PHP 5.3 is much pickier about errors.  You may have an unquoted variable key like $row[ID] when it should be $row['ID'].
0
 
LVL 51

Expert Comment

by:Steve Bink
ID: 36547182
Can you post the code causing the error?
0
 

Author Comment

by:dibrandt
ID: 36550574
DaveBaldwin,

You may have identifed the problem.

routinet,

One page of the offending code is below:

<?php

include("eTicketVars.inc");

$con = mysql_connect($host, $user,$passwd);
mysql_select_db($database, $con)or die ("Couldn't select database.");


$search=$_POST['search'];

$data = 'SELECT * FROM `Ticket` WHERE `ID` = "'.$search.'"';
  $query = mysql_query($data) or die("Couldn't execute query. ". mysql_error());
  $data2 = mysql_fetch_array($query);

$act = "edit_eTicket2-1.php";

$App_date = $data2['Approv_date'];
$todays_date = date("Y-m-d");

$today = strtotime($todays_date);
$Approval = strtotime($App_date);

if ($Approval <= $today)
     $act = "eTick_approved.php";

   
?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> 
<html>

<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252"><meta http-equiv="Content-Language" content="en-us">
<TITLE>Beaver eTicket Worksheet</TITLE>
<BASE target="main">
<script type="text/javascript" src="/_js/main_tw.js"></script>
</head>
<body onload="init()">
<script type="text/javascript" src="/_js/menu_tw-s.js"></script>
<blockquote>
      <form name="edit_eTicket1-1" method="POST" action="<?php echo $act;?>">
      
<p align="center">    <font face="Arial" size="1">W&nbsp;&nbsp;&nbsp; O&nbsp;&nbsp;&nbsp;    O&nbsp;&nbsp;&nbsp;    D&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; B&nbsp;&nbsp;&nbsp;    A&nbsp;&nbsp;&nbsp;    D&nbsp;&nbsp;&nbsp;    G&nbsp;&nbsp;&nbsp; E&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; F&nbsp;&nbsp;&nbsp; O&nbsp;&nbsp;&nbsp; R&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; T&nbsp;&nbsp;&nbsp; H&nbsp;&nbsp;&nbsp; E&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 2&nbsp; 1&nbsp;&nbsp; st&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; C&nbsp;&nbsp;&nbsp; E&nbsp;&nbsp;&nbsp; N&nbsp;&nbsp;&nbsp; T&nbsp;&nbsp;&nbsp; U&nbsp;&nbsp;&nbsp;     R&nbsp;&nbsp;&nbsp; Y</font></p>
<HR>

<table border="0" cellpadding="0" cellspacing="0" width="90%" height="20">
      <tr>
            <td><b><font size="6">Wood Badge Ticket Work Sheet</font></b><br>
            <font size="4">A Personal Statement of Vision and Mission</font></td>
            <td width="158">
            <IMG width="150" height="121" src="/images/WB-LOG.gif" alt=Log align="right" ></td>
      </tr>
</table>
<p></p>
<p><font size="2" face="Arial">ID Number: <input type="text" name="ID" value="<?php echo $data2[ID]?>" size="4" tabindex="1" readonly="true">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Date:(mm/dd/yyyy) <input type="text" name="Date" value="<?php echo $data2[Date]?>" size="11" tabindex="2">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;Date Stamp:
<input type="text" name="Time" value="<?php echo $data2[Time]?>" size="16" tabindex="3"></font><font size="2" face="Arial">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</font>


<p><font face="Arial"><font size="2">Name: <input type="text" name="Name" value="<?php echo $data2[Name]?>" size="35" tabindex="3">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;Wood Badge Course No.: C7-129-11-01</font></font></P>
<p><font size="2" face="Arial">My Scouting Position:
<input type="text" name="ScoutingPosition" value="<?php echo $data2[ScoutingPosition]?>" size="37" tabindex="4"></font></P>
<p><font size="2" face="Arial">The Team That Will Benefit From My Leadership:
<input type="text" name="Team" value="<?php echo $data2[Team]?>" size="82" tabindex="5"></font></P>
<p><font face="Arial"><B>Scouting's Value</B></font></p>
<blockquote>
      <blockquote>
            <font face="Arial"><b><font size="2">Scout Oath<br></font></b>
            <font size="2">On my honor I will do my best to do my duty to God and my country and to obey the Scout Law; to help other people at all times; to keep myself physically strong, mentally awake, and morally straight.</font><br><br>

            <font face="Arial"><b><font size="2">Scout Law</font></b><br>
            <font size="2">A Scout is trustworthy, loyal, helpful, friendly, courteous, kind, obedient, cheerful, thrifty, brave, clean, and reverent.</font></font></font></blockquote>
</blockquote>
<p><font face="Arial"><B>Scouting's Mission Statement </B></font>&nbsp;</p>
<blockquote>
      <blockquote>
            <p><font face="Arial" size="2">The mission of the Boy Scouts of America is to prepare young people to make ethical and moral choices over their lifetimes by instilling in them the values of the Scout Oath and Law.</font></P>
      </blockquote>
</blockquote>

<P><font face="Arial"><B>My vision of success and the related plan of action</B><br>

<textarea rows= 9 name="MyVision" size="100" tabindex="6" style="text-align: left" cols="89"><?php echo $data2[MyVision]?></textarea>
</font></P>

<p><font face="Arial" size="2"><b>SMART Goal </b>(Specific, Measurable, Attainable,
Relevant, and Timely)</font><br>
<textarea rows=8 name="Smart"  size="96" tabindex="7" style="text-align: left" cols="89"><?php echo $data2[Smart]?></textarea></font></p>
<p><font face="Arial" size="2"><b>Who:</b><br><textarea rows=4 name="Who" size="96" tabindex="8" style="text-align: left" cols="89"><?php echo $data2[Who]?></textarea></font></p>

<p><font face="Arial" size="2"><b>What:</b><br><textarea rows=4 name="What" size="96" tabindex="9" style="text-align: left" cols="89"><?php echo $data2[What]?></textarea></font></p>

<p><font face="Arial" size="2"><b>When:</b><br><textarea rows=4 name="WhenD" size="96" tabindex="10" style="text-align: left" cols="89"><?php echo $data2[WhenD]?></textarea></font></p>

<p><font face="Arial" size="2"><b>Where:</b><br><textarea rows=4 name="WhereD" size="96" tabindex="11" style="text-align: left" cols="89"><?php echo $data2[WhereD]?></textarea></font></p>

<p><font face="Arial" size="2"><b>Why:</b><br><textarea rows=4 name="Why" size="96" tabindex="12" style="text-align: left" cols="89"><?php echo $data2[Why]?></textarea></font></p>

<p><font face="Arial" size="2"><b>How:</b><br><textarea rows=4 name="How" size="96" tabindex="13" style="text-align: left" cols="89"><?php echo $data2[How]?></textarea></font></p>

<p><font face="Arial" size="2"><b>How Verified:</b><br><textarea rows=4 name="HowVerified" size="96" tabindex="14" style="text-align: left" cols="89"><?php echo $data2[HowVerified]?></textarea></font></p>




            <p></P>
            <p><input type="submit" value="Submit" name="B1"></p>      
            </form><HR>
      <H5>Wood Badge eTicket Worksheet.<br>Copyright © 2009
NEIC Wood Badge. All rights reserved. <BR>Revised:
      <!--WEBBOT BOT=TimeStamp
    S-Type="EDITED"
    S-Format="%m/%d/%y"
--></H5>
</blockquote>
</BODY>
</HTML>

0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 

Author Comment

by:dibrandt
ID: 36550597
DaveBaldwin,

If I change the code to work with PHP 5.3, will it still work with PHP 5?

Is it backward compatible? Or will I need to generate two sets of code?
0
 
LVL 84

Accepted Solution

by:
Dave Baldwin earned 2000 total points
ID: 36550901
If you change <?php echo $data2[ID]?> to <?php echo $data2["ID"]?> , that is what has always been recommended in PHP so it will work fine with previous versions.  The thing that changed in PHP 5.3 is that it insists on telling you that it's an error (which it always was).  Look for "Array do's and don'ts" on http://us3.php.net/manual/en/language.types.array.php .
0
 

Author Closing Comment

by:dibrandt
ID: 36551240
Thanks!  Some times it takes another set of eyes.
0
 
LVL 51

Expert Comment

by:Steve Bink
ID: 36551277
DaveBaldwin's point is definitely the source of your issue.  I can see several locations in that code with the same semantics.  

One other suggestion: make sure you clean your input.  Right now, your application is vulnerable to SQL injection attacks.  This is likely to be an application-wide issue.

http://en.wikipedia.org/wiki/SQL_injection
http://us3.php.net/mysql-real-escape-string

<?php

include("eTicketVars.inc");

$con = mysql_connect($host, $user,$passwd);
mysql_select_db($database, $con)or die ("Couldn't select database.");

$search=$_POST['search'];

// This line will save a lot of your hair
$search=mysql_real_escape_string($_POST['search']);

$data = 'SELECT * FROM `Ticket` WHERE `ID` = "'.$search.'"';
  $query = mysql_query($data) or die("Couldn't execute query. ". mysql_error()); 

Open in new window

0

Featured Post

The Ideal Solution for Multi-Display Applications

Check out ATEN’s VS1912 12-Port DP Video Wall Media Player at InfoComm 2017. Kerri describes how easy it is to design creative video walls in asymmetric layouts and schedule detailed playlists ahead of time with its advanced scheduling feature.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This post looks at MongoDB and MySQL, and covers high-level MongoDB strengths, weaknesses, features, and uses from the perspective of an SQL user.
In this blog, we’ll look at how improvements to Percona XtraDB Cluster improved IST performance.
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question