php error

See this code:

<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
echo "entered proc_registern.php<br>";

Open in new window


These are the first 4 lines in a php program (called from another).

The program displays a BLANK screen in the browser.

View source is totally blank, so nothing is rendered?

also, I ran the source code through http://phpcodechecker.com/

No errors

How can this happen?
Richard KortsBusiness Owner / Chief DeveloperAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Terry WoodsIT GuruCommented:
Usually in a situation like that you'll find the code isn't being run, or there's a problem elsewhere. I'd try:
1. adding a line above the given code (but after the <?php tag) with 
die("helloworld");

Open in new window

in case that helps show what's happening
2. checking any htaccess files that might call other files, to find out which code is really being run
Ray PaseurCommented:
the code isn't being run
Yep, there could be any number of things wrong.  The other (calling) program might have logic in it that establishes a conditional call to this program, and the conditions are not met.  Another program might have started output buffering and then discarded the buffers.  Most likely it's the former.  Try running this script all by itself, then go looking for the reasons the calling program is not running it.
Dave BaldwinFixer of ProblemsCommented:
Your sample code above works just fine here.
Expert Spotlight: Joe Anderson (DatabaseMX)

We’ve posted a new Expert Spotlight!  Joe Anderson (DatabaseMX) has been on Experts Exchange since 2006. Learn more about this database architect, guitar aficionado, and Microsoft MVP.

Read Article
Julian HansenCommented:
These are the first 4 lines in a php program (called from another).
How is this code "called"?
Richard KortsBusiness Owner / Chief DeveloperAuthor Commented:
Responses.

(1) When i run JUST the code snippet I posted (with or without the die statement) it works fine.

(2) The code in the calling program is like this:
<form method="post" name="st" action="proc_registern.php" onSubmit = "return chk_vals();">

Open in new window


(3) The Javascript function chk_vals is this:
function chk_vals() {
	if (document.st.fname.value == "" || document.st.lname.value == "" || document.st.company.value == "" || document.st.email.value == "" || document.st.pwd.value == "" || document.st.city.value == "") {
		alert ("Please complete all required fields.");
		return false;
	}
	if (!is_email(document.st.email.value)) {
		alert("Invalid email address.");
		return false;
	}	
	if (document.st.country.options[0].selected) {
		alert ("Please specify Country.");
		return false;
	}
	ctry = document.st.country.value;
	if (ctry == "United States" || ctry == "Mexico" || ctry == "Canada") {
		if (document.st.state.options[0].selected) {
			alert("Please specify State or Province.");
			return false;
		}
	}
	if (document.st.pwd.value != document.st.cpwd.value) {
		alert("Passwords do not match.")
		return false;
	}	
	if (document.st.pwd.value != "") {
		pw = document.st.pwd.value;
		if (pw.length < 8) {
			alert("Password length must be at least 8.");
			return false;
		}
	} else {
			alert("Please either enter a password.");
			return false;
	}		
		
	return true;
}

Open in new window


4. When the browser (FireFox) displays the blank page, the address bar is as in the attached image. That implies to me it is going to the right place.

5. The .htaccess file contains this one line:

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.lakoshvac.com/$1 [R,L]

Thanks,

Richard
Ray PaseurCommented:
Kind of a sidebar note, but you might want to check and correct the markup.  You will need to do this anyway, even if you find the error elsewhere.
https://validator.w3.org/nu/?doc=http%3A%2F%2Fwww.lakos.com%2FAbout%2Fcontact-us

I think the JavaScript might not be an influencing factor.  You might want to check the PHP logic.
Julian HansenCommented:
So, if I understand you correctly
Form => proc_registern.php
.htaccess redirects everything to https://www.lakoshvac.com

So resulting url is https://www.lakoshvac.com/proc_registern.php

Which gives a blank screen?
Richard KortsBusiness Owner / Chief DeveloperAuthor Commented:
Julian,

Yes.

Here is the code for proc_registern.php:

<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
echo "entered proc_registern.php<br>";
function gen_rand() {
	$p = "";
	for ($j = 0; $j < 6; $j++) {
		$n = rand(1,62);
		if ($n < 11) {
			$p = $p . ($n - 1);
		}
	// upper case
		if ($n > 10 && $n < 37) {
			$c = chr($n - 10 + 64);
			$p = $p . $c;
		}
	// lower case
		if ($n > 36) {
			$c = chr($n - 36 + 96);
			$p = $p . $c;	
		}	
	}
	return $p;
		
}
$cwd = getcwd();
$lnc = strlen($cwd);
$l4cwd = substr($cwd,$lnc-4,4);
if ($l4cwd == "/dev") {
		$locusr = "/dev/userok.php";
		$locnet	= "/dev/net_ok.php";
		$locver = "/dev/verify_user.php";
	} else {
		$locusr = "/userok.php";
		$locnet = "/net_ok.php";
		$locver = "/verify_user.php";
	}
$state = $_POST['state'];
session_start();
// check captcha
echo "posted security = " . $_POST['security_code'] . "<br>";
if( $_SESSION['security_code'] == $_POST['security_code'] && !empty($_SESSION['security_code'] )) {
  	$formok = true;
}
// captcha bad
if (! $formok) {
	$str = "&fn=" . $_POST['fname'] . "&ln=" . $_POST['lname'] . "&tt=" . $_POST['title'] +. "&co=" . $_POST['company'] . "&ph=" . $_POST['phone'] .  "&em=" . $_POST['email'] . "&city=" . $_POST['city'] . "&pwd=" . $_POST['pwd'] . "&cpwd =" . $_POST['cpwd'];
	header("Location: registern.php?bad=1" . $str);
}	
include "db_connect.php";
$qry = "SELECT * from registered_users where email = '" . $_POST['email'] . "' and affilliation = '" . $_POST['company'] . "'";
$res = mysqli_query($link, $qry);
$nr = mysqli_num_rows($res);
$qryk = "SELECT * from parms";
$resk = mysqli_query($link, $qryk);
$p = mysqli_fetch_array($resk,MYSQLI_ASSOC); 
$key = $p['hkey'];
$gpwd = false;
if ($nr != 0) {
	// already registered
	header("Location: index.php?isuser=y");
	exit;
} else {
	$pwd = $_POST['pwd'];
	$slnl = "N";
	if ($_POST['slnl'] == "on") {
		$slnl = "Y";
	}	
		
	// send email to lakos admin (me first)
	require_once('class.phpmailer.php');
	// change to save values in temp db table
	// hash the pwd
	$code = gen_rand();
	$hpwd = hash_hmac('ripemd160', $pwd, $key);
	$qryi = "INSERT into registered_users (lastname, firstname, email, pwd, affilliation, phone, country, state, city, ccode, date_reg, subs) VALUES('" . $_POST['lname'] . "', '" . $_POST['fname'] . "', '" . $_POST['email'] . "', '" . $hpwd . "', '" . $_POST['company'] . "', '" . $_POST['phone'] . "', '" . $_POST['country'] . "', '" . $state	. "', '" . $_POST['city'] . "', '" . $code . "', '" . date('Y-m-d') . "', '" . $slnl . "')";
	//echo "insert qry = " . $qryi . "<br>";
	$resi = mysqli_query($link, $qryi);
	// update to allow pricing rights if email is in auto_pricing
	//$qryap = "SELECT * from pricing_rights where email = '" . $_POST['email'] . "'";
	//$resap = mysqli_query($link, $qryap);
	//$nap = mysqli_num_rows($resap);
	//if ($nap != 0) {
		//$qryur = "UPDATE registered_users set see_pricing = 'Y' where email = '" . $_POST['email'] . "'";
		//$resur = mysqli_query($link, $qryur);
	//}	
	$nap = 0;
	// welcome email to registrant
	$mail1             = new PHPMailer(); // defaults to using php "mail()"

	$mail1->isSMTP(); // telling the class to use SMTP transport
 
	$body             = "";
 
	$mail1->SetFrom('noreply@lakos.com');
	$mail1->Subject    = "Verify your Email - Lakos HVAC Product Configurator";
	$mail1->AddAddress($_POST['email']);
	$body = "Dear " . $_POST['fname'] . ",<br><br>";
	$body = $body . "Thank you for registering your account at Lakos HVAC Product Configurator. We need to verify your email address before you can fully register. <br><br>";
	$body = $body . "Please click on the link below to verify your email<br><br>"; 
	$body = $body . "<a href='https://www.lakoshvac.com" . $locver . "?email=". $_POST['email'] . "'>verify your email</a><br><br>";
	$body = $body . "Thank you,<br><br>";
	$body = $body . "The Lakos Product Configurator Team";
	$mail1->MsgHTML($body);
	if(!$mail1->Send()) {
		echo "Mailer Error: ". $mail1->ErrorInfo;
	} 	
}	
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
  <meta http-equiv="X-UA-Compatible" content="IE=edge">
  <meta name="viewport" content="width=device-width, initial-scale=1">
 <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css">
  <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script>
  <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js"></script>
<title>Lakos Configuration Tool - Registered User Application</title>
 <style>
.nopadding {
   padding: 0 !important;
   margin: 0 !important;
}
.wrapper{
  max-width:1100px;
  min-width:900px;
  margin:0 auto;
  
}
#dialog { text-align:center; }
.custom-overlay { background-color: black; background-image: none; opacity: 0.4; } 
</style> 
<script>
cwd = "<? print $cwd; ?>";
lnc = cwd.length;
l4cwd = cwd.substr(lnc-4,4);
  (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
  (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
  m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
  })(window,document,'script','//www.google-analytics.com/analytics.js','ga');
 
  ga('create', 'UA-5238882-1', 'auto');
  ga('send', 'pageview');
 $(function() {
  $('#resendEmail').click(function() {
    var data1 = "<? print $_POST['email']; ?>";
    var data2 = "<? print $_POST['fname']; ?>";

    $.ajax({

      url: "registrant_email.php",
      data: "email=" + data1 + "&fname=" + data2,
      type: "post", //can be get or post
      success: function(data) {
		
		if(data.trim() === "1") {
			alert("Your email has been re-sent'");
		}
		else {
        alert("there was an issue sending the email");
		}
	} 

    });
    return false;
  });
});
$(document).ready(function() {
    $('#showDialog').click(function(e){
        $('#dialog').dialog({
            modal: true, 
            open: function() {
                $('.ui-widget-overlay').addClass('custom-overlay');
            },
            close: function() {
                $('.ui-widget-overlay').removeClass('custom-overlay');
            }
        });
    });
});
function show_thank() {
	document.getElementById("showDialog").click();
}
</script> 
</head>
<body>
<button id="showDialog"  style="display:none;">Show The Dialog</button>

<div id="dialog" style="display:none;">
    <h1>Thank You</h1>
    <p>Your email has been sent</p>
</div>
<div class="wrapper">
<div class="container-fluid" >
<div class="row">
	<div class="col-sm-6 col-xs-6"><img src="images/logo.jpg"></div>
</div>	
<div class="row">
	<div class="col-sm-12 col-xs-12" style="padding-top:3px;">&nbsp;</div>
</div>
<div class="row">
	<div class="col-sm-12 col-xs-12 text-center" style="padding-top:2px; padding-bottom:2px; background-color:#0A2F98; color: white; font-size:20px"><b>HT Product Configurator</b></div>
</div>
<div class="row" style="padding-top: 50px;">
<div class="col-sm-2 col-xs-2">&nbsp;</div>
<div class="col-sm-8 col-xs-8" style="font-size:20px; color:#5B9BD5;">You are almost done with your registration.<br><br>
We sent an email to the email address you provided. Please check your inbox and click the link in that email to continue using Lakos HVAC Product Configurator.</div>
<div class="col-sm-2 col-xs-2">&nbsp;</div>
</div>
<div class="row" style="padding-top: 30px;">
	<div class="col-sm-2 col-xs-2">&nbsp;</div>
	<div class="col-sm-8 col-xs-8 text-left" style="font-size:18px;"><a id="resendEmail" href="#">Click Here to resend email</a></div>
	<div class="col-sm-2 col-xs-2">&nbsp;</div>
</div>
<div class="row" style="padding-top: 30px;">
	<div class="col-sm-2 col-xs-2">&nbsp;</div>
	<div class="col-sm-8 col-xs-8" style="font-size:20px; color:#5B9BD5;"><p>Why do I have to do this?</p>
<p>We want to ensure that you own your email address and someone is not impersonating you.</p><br><br> 

<p>I have not received my email</p>
<p>Check your spam mailbox and ensure lakos.com is allowed to send you an email. If you registered with an incorrect email address, please re-register with the correct email address.</p><br>
Still having trouble? Contact <a href="mailto:lit@lakos.com">lit@lakos.com</a> </div>
<div class="col-sm-2 col-xs-2">&nbsp;</div>
</div>
</div>
</div>
</body>
</html>

Open in new window


Except for the initial echo, line 4, the changes from the prior version (which worked) are lines 40 - 49.

I am attempting to add a version of captcha.

Thanks
Julian HansenCommented:
According to my installation you have the following errors

line 47: syntax error, unexpected '.' 
$str = "&fn=" . $_POST['fname'] . "&ln=" . $_POST['lname'] . "&tt=" . $_POST['title'] +. "&co="

Open in new window

See the '+' sign - classic bug where php and javascript are being used - conacatenators are mixex up

There are some other issues - but I will address those in another post

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Richard KortsBusiness Owner / Chief DeveloperAuthor Commented:
Excellent, I see that. I'll fix. It's probably obvious that I converted that string from a Javascript that was similar.

Why do none of the error checkings, etc., catch this?

Richard
Julian HansenCommented:
More errors

Line 43 and 46 use of $formok when not set anywhere
Line 53 
$nr = mysqli_num_rows($res);

Open in new window

no such function mysqli_num_rows() you want 
mysqli_affected_rows ($link)

Open in new window


That should sort the obvious ones out.

You need to look at doing something about how you access your $_POST vars - accessing them directly as you have is problematic on a number of levels
1. It poses a security risk - which sort of goes against what you are trying to do with the CAPTCHA
2. It does not take into account the $_POST might not be there.

One strategy that might make it easier is to put your form variables into an array 
name="data[email]"
name="data[fname]"
etc

Open in new window

Now you can get your form data in one step
$data = isset($_POST['data']) ? $_POST['data'] : false;
if (is_array($data)) {
   // you have a valid array so you can do your sanity checks - either directly or with a generic function that loops through the array
}

Open in new window


Your mysqli_ callls seem to have been a direct conversion from an older mysql_ implementation (refer the num_rows() reference. I would go over that again and make sure it has all been converted properly.
Julian HansenCommented:
Why do none of the error checkings, etc., catch this?
They are but your ISP has blocked error reporting to the screen (mine does the same) what they do is configure errors to go to an error.log file in the webroot - I can check for them there - alternatively I can place a custom PHP.INI file in the folder to override their settings and if that is not available you can always create your own custom error handler that intercepts the error and logs it.
Richard KortsBusiness Owner / Chief DeveloperAuthor Commented:
Julian,

All excellent, thanks so much. I'm confident the combo will make it work.

Yes, the use of mysqli_num_rows is a conversion. But it works everywhere else (in this system & other projects).
Ray PaseurCommented:
If you have it in other projects, you might want to re-run your unit tests!
http://php.net/manual-lookup.php?pattern=mysqli_num_rows&scope=quickref

If you want to put in a CAPTCHA, this article has several tested-and-working code samples, ranging from simple to elaborate.
https://www.experts-exchange.com/articles/9849/Making-CAPTCHA-Friendlier-with-Simple-Number-Tests-or-PHP-Image-Manipulation.html

If you're converting from MySQL, you may find that object-oriented MySQLI is the easiest conversion.  Details here:
https://www.experts-exchange.com/articles/11177/PHP-MySQL-Deprecated-as-of-PHP-5-5-0.html
Richard KortsBusiness Owner / Chief DeveloperAuthor Commented:
Thanks for great find.
Julian HansenCommented:
You are welcome.
Richard KortsBusiness Owner / Chief DeveloperAuthor Commented:
I'm still amazed about mysqli_num_rows. I DID NOT change that.

I use it in HUNDREDS of programs & it works.

I see what Ray referenced & it says it's not a valid function, I cannot see how it works.

Was it recently dropped?

I'm reluctant to do a MASS replace with mysqli_affected_rows; scared of bad effects.

I guess I'll just do a little test program.

Thanks
Dave BaldwinFixer of ProblemsCommented:
'mysqli_num_rows' is a valid function.
http://php.net/manual/en/mysqli-result.num-rows.php
Richard KortsBusiness Owner / Chief DeveloperAuthor Commented:
Thank you Dave. I was VERY confused, I use it & it works.

Wheeew!!
Dave BaldwinFixer of ProblemsCommented:
'mysqli_num_rows' doesn't show up in the search for some reason.
Ray PaseurCommented:
Dave: That's because it's not a method of the MySQLi object.  It's a method of the MySQLi_Result object.
http://php.net/manual/en/class.mysqli-result.php

Generally speaking, MySQLi objects represent the connection and the per-connection events.  MySQLi_Result objects represent the response from SELECT queries.
Dave BaldwinFixer of ProblemsCommented:
While I know that (since I gave the link for it), it is a BS reason for it to not show up in the function search.  'mysqli_query' does show up in the search but a number of other 'mysqli' functions do not.  I consider it an error or oversight on their part.

PS:  I've had 'discussions' with the PHP web people about problems with the search function and they really don't care.
Richard KortsBusiness Owner / Chief DeveloperAuthor Commented:
I am VERY happy there are so many php experts out there in EE Land.

I have told MANY people about EE. Best deal on the planet. I could not live without it.

Richard
Ray PaseurCommented:
Dave: I've talked to them, too.  My gripe: There is only one input control on any page of the php.net site.  So why not learn from Google and put the browser focus on the search input box?  Instead, you have to visit the page, locate the search box visually, move your mouse or finger up there and activate the control.  Idiotic design.

To their credit, they are trying to improve the documentation and have removed some of the more dangerous and foolish language features at PHP7+
Julian HansenCommented:
After exclusively using the OOP mysqli and affected rows coupled with the fact that a search on php's site for mysqli_num_rows yielded no results, assumed that it did not exist.

Just goes to show there is always something to learn and never make assumptions.
Dave BaldwinFixer of ProblemsCommented:
Worse than that, if you click in the search box too quick, the page takes the focus to something else and you have to click there again.  Almost all of the 'mysqli' OOP functions have a procedural equivalent.  For us lazy people.
Julian HansenCommented:
Almost all of the 'mysqli' OOP functions have a procedural equivalent
I know but I usually setup a $mysqli object that I inject all over the place I use that to do

$mysqli->affected_rows

Which gives the same values as $result->num_rows (if you happen to have a result) - but I never use the latter so had to rely on PHP search to check for existence and ... we know the rest.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.