Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 73
  • Last Modified:

PHP Errors on PAge

I have a site that I am working on.  When I go to the home page, and fill out a the form, everything is fine.  But when a colleage goes to the same site and fills out the form, he gets a PHP error:
http://23.101.151.179/

Can someone look and let me know what the issue is?  The issue was on my screen for a while cause I had a problem with my jQuery syntax.
0
rgranlund
Asked:
rgranlund
  • 7
  • 6
  • 3
  • +4
1 Solution
 
Marco GasiFreelancerCommented:
Beh, without seeing the code I can just say the same thing the error message says: the variable DB result to be undefined...
Can you show the code of the script?
0
 
rjohnsonjrCommented:
Can you paste the error?
0
 
Tom BeckCommented:
libraries/Functions.php(688) : eval()'d code
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
Dave BaldwinFixer of ProblemsCommented:
Here is what I see.  Most developers would tell you that using 'eval' is potentially a very bad practice.  If done so someone can inject their own code there, they can run anything.  It can be worse than SQL injection.
PHP error
0
 
rgranlundAuthor Commented:
But why would I not be getting the error on my screen?
0
 
Dave BaldwinFixer of ProblemsCommented:
Because there is something about your account that is already saved and being used.  Switch to a different browser or even a different computer and check it again.
0
 
rgranlundAuthor Commented:
Please try again.
0
 
Dave BaldwinFixer of ProblemsCommented:
Just...

{!-- ra:000000007803329500000000137c1794 --}
0
 
rgranlundAuthor Commented:
Here is the code I have.  Maybe that will help:
<?php

class Quote {
		
	private $EE;
	private $html;
	private $start_price;
	private $bs;
	private $bike_value;
	private $adjusted_start_price;
	private $policy_number;
	

	
	/**
	 * Constructor
	 */
	public function __construct()
	{
		$this->EE =& get_instance();
		$this->html = '';
		$this->starting_price = '';
		$this->bs = '';
		$this->bike_value = '';
		$this->adjusted_start_price = '';
		$this->policy_number = '';
	}

	
	
	 
	public function renderQuote() {

    $ip = $_SERVER['REMOTE_ADDR'];
    if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
        $ip = $_SERVER['HTTP_CLIENT_IP'];
    } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
        $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
    }

	if(isset($_POST['get_quote'])) { // Handle the form.)
		$bv = $_POST['bike_value'];
		$bs = $_POST['bike_state'];
		$be = $_POST['email_value'];
							
				
		$email_query = $this->EE->db->select('email_address')
				->from('exp_bicycle_addresses')
				->where('email_address', $be)
				->limit('1')
				->get();
		
		$emthere = $email_query->result();
		
		$email_query->free_result();	
		
		
		
			
			if(!$emthere)	{

	//  START INSERT EMAIL ADDRESS INTO DB
				$email_data = array('email_address'=> $be, 'date'=> 'NOW()', 'ip'=> $ip);
				$sql_e = $this->EE->db->insert_string('exp_bicycle_addresses', $email_data);
				
				$DB->query($sql_e);
	//  END INSERT EMAIL INTO DB
			} 
			
		
//  START CREAT QUOTE
		$create_quote = ee()->db->query("SELECT id, state, pd_base_rate FROM exp_state_rates WHERE id = '$bs'");
		
		$state_data = $create_quote->result();

			
		foreach ($state_data AS $row):
			
				$div = 100;
    			$id = $row->id;
				$st = $row->state; 
		 		$br = $row->pd_base_rate;
		endforeach;
    			$rate = $bv/$div;
				$sub_price = $br * $rate;
				$sub_p = number_format($sub_price, 2, '.', ',');
				$html = $sub_price;
				$html = number_format($html, 2, '.', ',');
				$month = 12;
				$month = $html/$month;
				$month = number_format($month, 2, '.', ',');

				if ($html > 100) {
					$this->html .= '<input type="hidden" name="state_value" value="'.$html.'" />';
					$this->html .= '<br />Your Estimated Base Rate:  &nbsp;&nbsp;<span class="price-lrg">  $<span id="estimate_year" class="price">'.$html.'</span> per year</span>';
				}

				if ($html < 100)	{
					$this->html .= '<input type="hidden" name="state_value" value="100" />';
					$this->html .= '<br />Your Estimated Base Rate:  &nbsp;&nbsp; <span class="price-lrg">$100 per year</span>';
				}
				
				$this->html .= '<div style="clear:both;padding:0px 0px 13px 0px;">
	Includes Theft, Damage, Worldwide Damage Coverage, Rental Reimbursement and Roadside Assistance
</div>
<div class="clear"></div>
<h1 itemprop="name" class="product_title entry-title">Custom Bicycle Insurance From Spoke</h1>';

	 			if($html<100) {
	 				$this->starting_price = 100;	
				} else{
					$this->starting_price = $html;
				}
				
				if($sub_p < 100) {
					$this->adjusted_start_price = 100;
				} else {
				$this->adjusted_start_price = $sub_p;
				}
				
				if($bv != '') {
					$this->bike_value = $bv;	
				}
		}  //  END Form isset
		
		
//  START EMPTY QUOTE
/*This part of the code is exactly the same as the top but without the Email Entry part
 * 
 */
 
 	if(isset($_POST['get_empty_quote'])) { // Handle the form.)
		$bv = $_POST['bike_value'];
		$bs = $_POST['bike_state'];
		
//  START CREATE QUOTE

		$create_quote = $this->EE->db->select('id, state, pd_base_rate')
				->from('exp_state_rates')
				->where('id', $bs)
				->limit('1')
				->get();
		
		$state_data = $create_quote->result();
		
		$create_quote->free_result();	

	
		foreach ($state_data AS $row):
			
				$div = 100;
    			$id = $row->id;
				$st = $row->state; 
		 		$br = $row->pd_base_rate;
		endforeach;
    			$rate = $bv/$div;
				$sub_price = $br * $rate;
				$sub_p = number_format($sub_price, 2, '.', ',');
				$html = $sub_price;
				$html = number_format($html, 2, '.', ',');
				$month = 12;
				$month = $html/$month;
				$month = number_format($month, 2, '.', ',');

				if ($html > 100) {
					$this->html .= '<input type="hidden" name="state_value" value="'.$html.'" />';
					$this->html .= '<br />Your Estimated Base Rate:  &nbsp;&nbsp;<span class="price-lrg">  $<span id="estimate_year" class="price">'.$html.'</span> per year</span>';
				}

				if ($html < 100)	{
					$this->html .= '<input type="hidden" name="state_value" value="100" />';
					$this->html .= '<br />Your Estimated Base Rate:  &nbsp;&nbsp; <span class="price-lrg">$100 per year</span>';
				}
				
				$this->html .= '<div style="clear:both;padding:0px 0px 13px 0px;">
	Includes Theft, Damage, Worldwide Damage Coverage, Rental Reimbursement and Roadside Assistance
</div>
<div class="clear"></div>
<h1 itemprop="name" class="product_title entry-title">Custom Bicycle Insurance From Spoke</h1>';

				if($html<100) {
	 				$this->starting_price = 100;	
				} else{
					$this->starting_price = $html;
				}
				
				if($sub_p < 100) {
					$this->adjusted_start_price = 100;
				} else {
				$this->adjusted_start_price = $sub_p;
				}
				
				if($bv != '') {
					$this->bike_value = $bv;	
				}

				
		}  //  END Form isset
//  END EMPTY QUOTE
	}  //  END Function
	
	
	public function getHTML()	{
		return $this->html;
	}
	
	public function getPrice()	{
		return $this->starting_price;
	}
	
	public function getState()	{
		return $this->bs;
	}
	
	public function getValue()	{
		return $this->bike_value;
	}
	
	public function getBasePrice()	{
		return $this->adjusted_start_price;	
	}
	
	public function policyNumber()	{	
		$query_id = $this->EE->db->order_by('row_id', 'desc')
				->limit('1')
				->get('exp_cartthrob_order_items');
		
		$order_id = $query_id->result_array();
		
		$query_id->free_result();
		
			foreach ($order_id as $row)
			{
				$policy_number = $row['row_id'];
			}
		return $policy_number;
	}
		
	
}  //  END Class

	$q = new Quote;
	$q->renderQuote();
	$bike_state = $q->getState();
	$bike_value = $q->getValue();
	$price = $q->getPrice();
	$base_price = $q->getBasePrice();
	$policy_number = $q->policyNumber();
                                
?>

Open in new window

0
 
Dave BaldwinFixer of ProblemsCommented:
At line 175, you have HTML added to a variable.  In line 176, you have HTML that is not part of PHP or a variable in PHP, just plain HTML.  That should be causing an error right there.  Maybe you should turn on error reporting at the top of that page.
0
 
rgranlundAuthor Commented:
I have error reporting on in that file and it reports nothing.  Also, Are you sure about those lines having error.  Those lines seem to be written correctly.

<?php
error_reporting(E_ALL);
ini_set('display_errors', '1');


class Quote {
		
	private $EE;
	private $html;
	private $start_price;
	private $bs;
	private $bike_value;
	private $adjusted_start_price;
	private $policy_number;
	

	
	/**
	 * Constructor
	 */
	public function __construct()
	{
		$this->EE =& get_instance();
		$this->html = '';
		$this->starting_price = '';
		$this->bs = '';
		$this->bike_value = '';
		$this->adjusted_start_price = '';
		$this->policy_number = '';
	}

	
	
	 
	public function renderQuote() {

    $ip = $_SERVER['REMOTE_ADDR'];
    if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
        $ip = $_SERVER['HTTP_CLIENT_IP'];
    } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
        $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
    }

	if(isset($_POST['get_quote'])) { // Handle the form.)
		$bv = $_POST['bike_value'];
		$bs = $_POST['bike_state'];
		$be = $_POST['email_value'];
							
				
		$email_query = $this->EE->db->select('email_address')
				->from('exp_bicycle_addresses')
				->where('email_address', $be)
				->limit('1')
				->get();
		
		$emthere = $email_query->result();
		
		$email_query->free_result();	
		
		
		
			
			if(!$emthere)	{

	//  START INSERT EMAIL ADDRESS INTO DB
				$email_data = array('email_address'=> $be, 'date'=> 'NOW()', 'ip'=> $ip);
				$sql_e = $this->EE->db->insert_string('exp_bicycle_addresses', $email_data);
				
				$DB->query($sql_e);
	//  END INSERT EMAIL INTO DB
			} 
			
		
//  START CREAT QUOTE
		$create_quote = ee()->db->query("SELECT id, state, pd_base_rate FROM exp_state_rates WHERE id = '$bs'");
		
		$state_data = $create_quote->result();

			
		foreach ($state_data AS $row):
			
				$div = 100;
    			$id = $row->id;
				$st = $row->state; 
		 		$br = $row->pd_base_rate;
		endforeach;
    			$rate = $bv/$div;
				$sub_price = $br * $rate;
				$sub_p = number_format($sub_price, 2, '.', ',');
				$html = $sub_price;
				$html = number_format($html, 2, '.', ',');
				$month = 12;
				$month = $html/$month;
				$month = number_format($month, 2, '.', ',');

				if ($html > 100) {
					$this->html .= '<input type="hidden" name="state_value" value="'.$html.'" />';
					$this->html .= '<br />Your Estimated Base Rate:  &nbsp;&nbsp;<span class="price-lrg">  $<span id="estimate_year" class="price">'.$html.'</span> per year</span>';
				}

				if ($html < 100)	{
					$this->html .= '<input type="hidden" name="state_value" value="100" />';
					$this->html .= '<br />Your Estimated Base Rate:  &nbsp;&nbsp; <span class="price-lrg">$100 per year</span>';
				}
				
				$this->html .= '<div style="clear:both;padding:0px 0px 13px 0px;">
	Includes Theft, Damage, Worldwide Damage Coverage, Rental Reimbursement and Roadside Assistance
</div>
<div class="clear"></div>
<h1 itemprop="name" class="product_title entry-title">Custom Bicycle Insurance From Spoke</h1>';

	 			if($html<100) {
	 				$this->starting_price = 100;	
				} else{
					$this->starting_price = $html;
				}
				
				if($sub_p < 100) {
					$this->adjusted_start_price = 100;
				} else {
				$this->adjusted_start_price = $sub_p;
				}
				
				if($bv != '') {
					$this->bike_value = $bv;	
				}
		}  //  END Form isset
		
		
//  START EMPTY QUOTE
/*This part of the code is exactly the same as the top but without the Email Entry part
 * 
 */
 
 	if(isset($_POST['get_empty_quote'])) { // Handle the form.)
		$bv = $_POST['bike_value'];
		$bs = $_POST['bike_state'];
		
//  START CREATE QUOTE

		$create_quote = $this->EE->db->select('id, state, pd_base_rate')
				->from('exp_state_rates')
				->where('id', $bs)
				->limit('1')
				->get();
		
		$state_data = $create_quote->result();
		
		$create_quote->free_result();	

	
		foreach ($state_data AS $row):
			
				$div = 100;
    			$id = $row->id;
				$st = $row->state; 
		 		$br = $row->pd_base_rate;
		endforeach;
    			$rate = $bv/$div;
				$sub_price = $br * $rate;
				$sub_p = number_format($sub_price, 2, '.', ',');
				$html = $sub_price;
				$html = number_format($html, 2, '.', ',');
				$month = 12;
				$month = $html/$month;
				$month = number_format($month, 2, '.', ',');

				if ($html > 100) {
					$this->html .= '<input type="hidden" name="state_value" value="'.$html.'" />';
					$this->html .= '<br />Your Estimated Base Rate:  &nbsp;&nbsp;<span class="price-lrg">  $<span id="estimate_year" class="price">'.$html.'</span> per year</span>';
				}

				if ($html < 100)	{
					$this->html .= '<input type="hidden" name="state_value" value="100" />';
					$this->html .= '<br />Your Estimated Base Rate:  &nbsp;&nbsp; <span class="price-lrg">$100 per year</span>';
				}
				
				$this->html .= '<div style="clear:both;padding:0px 0px 13px 0px;">Includes Theft, Damage, Worldwide Damage Coverage, Rental Reimbursement and Roadside Assistance</div><div class="clear"></div><h1 itemprop="name" class="product_title entry-title">Custom Bicycle Insurance From Spoke</h1>';

				if($html<100) {
	 				$this->starting_price = 100;	
				} else{
					$this->starting_price = $html;
				}
				
				if($sub_p < 100) {
					$this->adjusted_start_price = 100;
				} else {
				$this->adjusted_start_price = $sub_p;
				}
				
				if($bv != '') {
					$this->bike_value = $bv;	
				}

				
		}  //  END Form isset
//  END EMPTY QUOTE
	}  //  END Function
	
	
	public function getHTML()	{
		return $this->html;
	}
	
	public function getPrice()	{
		return $this->starting_price;
	}
	
	public function getState()	{
		return $this->bs;
	}
	
	public function getValue()	{
		return $this->bike_value;
	}
	
	public function getBasePrice()	{
		return $this->adjusted_start_price;	
	}
	
	public function policyNumber()	{	
		$query_id = $this->EE->db->order_by('row_id', 'desc')
				->limit('1')
				->get('exp_cartthrob_order_items');
		
		$order_id = $query_id->result_array();
		
		$query_id->free_result();
		
			foreach ($order_id as $row)
			{
				$policy_number = $row['row_id'];
			}
		return $policy_number;
	}
		
	
}  //  END Class

	$q = new Quote;
	$q->renderQuote();
	$bike_state = $q->getState();
	$bike_value = $q->getValue();
	$price = $q->getPrice();
	$base_price = $q->getBasePrice();
	$policy_number = $q->policyNumber();
                                
?>

Open in new window


This is PHP on the page before, however, I don't think it is that.

<form method="post" id="get_quote" action="/index.php/store/29">
	 <input type="hidden" name="csrf_token" value="{csrf_token}" />
	<div class="bike-value">
		<input type="text" name="bike_value" id="bike_value" value="<?php if(isset($_POST['bike_value'])) {echo $_POST['bike_value'];} else {echo 'Bike Value';} ?>"  onfocus="this.value='';" {sticky}/>
	</div><div class="bike-state">
		<select name="bike_state" id="bike_state" {sticky}>
			<div><option value="" style="display:none">Choose State</option></div>
			<?php
				$query = ee()->db->query('SELECT id, state FROM exp_state_rates');
				foreach ($query->result() AS $row)
				{
					echo '<option name="bike_state" class="option-center" value="'.$row->id.'" >'.$row->state.'</option>';	
				}
			?>
		</select>
	</div><div class="email-value">
		<input type="text" name="email_value" id="email_value" value="<?php if(isset($_POST['email_value'])) {echo $_POST['email_value'];} else {echo 'Email Address';} ?>" onfocus="this.value='';" />
	</div><div class="quote-submit">
		<input class="submit" type="submit" name="submit" id="submit" value="Generate Custom Quote" />
		<input type="hidden" name="get_quote" value="TRUE" />
	</div>	
	</form>

Open in new window

0
 
Ray PaseurCommented:
What framework are you using here?
0
 
rgranlundAuthor Commented:
Expression Engine.  I had a friend in LA and a friend in Virgina run it and they had no error.
0
 
Chris StanyonCommented:
No errors for me (Win 7 / Firefox). Worked perfectly and gave me a quote of $100 / year for my bike :)

@Dave - line 176  (and 177, 178 & 179) are just an extension of line 175, so it's not an error.
0
 
Ray PaseurCommented:
No points for this, please, because it's certainly not an answer -- just a suggestion.  Have a look at the graphs on these pages, then kick Expression Engine to the curb.  If you need a CMS, WordPress is the right community to join.  And if you need a full framework take a serious look at Laravel.
http://trends.builtwith.com/cms
http://www.sitepoint.com/best-php-frameworks-2014/

BTW, Laravel includes all of the Symfony components.  If you do things exactly as documented in the online man pages, you can have an entire site up and running amazingly fast.
0
 
Ray PaseurCommented:
When I used the numeric URL, I got this:

The following errors were encountered

    This form has expired. Please refresh and try again.

Return to Previous Page

The reason is because I do not accept cookies (except from sites I know).  You might want to think about whether you really need to cookie the client browser and if so, you might want to include a test to see if the client is accepting cookies.
0
 
Dave BaldwinFixer of ProblemsCommented:
Oops, didn't see the single quotes.
0
 
Dave BaldwinFixer of ProblemsCommented:
And now I get this:

{!-- ra:000000000738d13100000000288eed7d --}
A PHP Error was encountered

Severity: Notice

Message: Undefined variable: DB

Filename: libraries/Functions.php(688) : eval()'d code

Line Number: 69
Fatal error: Call to a member function query() on a non-object in C:\inetpub\StarrSpokeDev\system\expressionengine\libraries\Functions.php(688) : eval()'d code on line 69
0
 
rgranlundAuthor Commented:
The person running the server said it had something to do with propagation?
0
 
rgranlundAuthor Commented:
Thank you for taking the time to look into this for me.  As it would turn out, it was some sort of server error.
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

  • 7
  • 6
  • 3
  • +4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now