Go4Expert

Go4Expert (http://www.go4expert.com/)
-   PHP (http://www.go4expert.com/forums/php/)
-   -   PHP help urgent (http://www.go4expert.com/forums/php-help-urgent-t23006/)

bikerboy 13Aug2010 12:01

PHP help urgent
 
Hi all

Im haveing a issue here with this script adding peps to the datadatabase not sure why it dont

This is the config file for it

PHP Code:

  //----------- added 20.07.2010-----------
function user_add($facebook,$curr_user)
{
  if( !
$facebook )
  {
    return 
"testing...";
  }
  try
  {
    
$q "SELECT uid, first_name, last_name
          FROM user WHERE uid="
.$curr_user;
    
$rs $facebook->api_client->fql_query($q);
    
// Build an delimited list of users...
    
if ( $rs )
    {
      
$count count($rs);
      for( 
$i=0$i $count$i++ )
      {
        
$u_id intval($rs[$i]["uid"]);
        
$f_name trim($rs[$i]["first_name"]);
        
$l_name trim($rs[$i]["last_name"]);
        
$name $f_name." ".$l_name;
        break;
      }
    }
  }
  catch(
Exception $ex)
  {
    echo 
$ex->getMessage();
  }
  if( isset(
$u_id) AND $u_id )
  {
    @
db_execute("INSERT INTO `user` (`id` ,`name` )VALUES (".$u_id.", '".$name."');");
  }
}
function 
user_exists($curr_user)
{
  
$sql "SELECT id FROM `user` WHERE id=$curr_user;";
  
$query = @db_execute($sql);
  if( 
$query )
  return 
mysql_num_rows($query);
}
?> 

and this is the add user file

PHP Code:

  <?php
require_once('facebook-client/facebook.php');
$facebook = new Facebook_new($api_key,$secret);
//echo "currr user: $curr_user<br>";
if( $facebook->get_loggedin_user() )
{
  
$curr_user $facebook->require_login();
  if( !
user_exists($curr_user) )
  {
    @
user_add($facebook,$curr_user);
    
//echo "<br> added new user!";
  
}
  else
  {
    
//echo "<br>user already exists!";
  
}
}
?>


im so lost any help would be great

thanks

ManzZup 13Aug2010 18:50

Re: PHP help urgent
 
whatz the error you are getting?

bikerboy 13Aug2010 23:14

Re: PHP help urgent
 
i get no error thats the problem

pein87 14Aug2010 10:59

Re: PHP help urgent
 
Try this I noticed some SQL errors, you seemed confused on how to do it because some places it was done properly and others is was not. If your using a variable in the query where you see the equal sign add '".$variable_here."' and it will be all good. Give it a test let me know if it work, if not take a screen cap and link me to it so I can see the parser error and I'll help you get it fixed. Could you also say what its supposed to be doing as well I dont get the purpose of it. Are you building a page for this or are you just getting the number of users?

PHP Code:

 //----------- added 20.07.2010-----------
function user_add($facebook,$curr_user)
{
  if(!
$facebook)
  {
    return 
"testing...";
  }
  try
  {
    
$q "SELECT uid, first_name, last_name
          FROM user WHERE uid='"
.$curr_user."'";
    
$rs $facebook->api_client->fql_query($q);
    
// Build an delimited list of users...
    
if ($rs)
    {
      
$count count($rs);
      for(
$i=0$i $count$i++)
      {
        
$u_id intval($rs[$i]["uid"]);
        
$f_name trim($rs[$i]["first_name"]);
        
$l_name trim($rs[$i]["last_name"]);
        
$name $f_name " " $l_name;
        break;
      }
    }
  }
  catch(
Exception $ex)
  {
    echo 
$ex->getMessage();
  }
  if(isset(
$u_id))
  {
    @
db_execute("INSERT INTO user (id, name) VALUES('".$u_id."', '".$name."');
  }
}
function user_exists(
$curr_user)
{
  
$sql = "SELECT id FROM user WHERE id='".$curr_user."'";
  
$query = @db_execute($sql);
  if(
$query)

  return mysql_num_rows(
$query);
}
?> 


ManzZup 14Aug2010 11:12

Re: PHP help urgent
 
ahh yah i think pein87 is right
adding the variable inside ' ' would likely do it
if it you now gets an error please post :D
else i hope your app may b working now :D

bikerboy 14Aug2010 11:17

Re: PHP help urgent
 
get a error here function user_exists($curr_user)
{
$sql = "SELECT id FROM user WHERE id='".$curr_user."'";
$query = @db_execute($sql);
if($query)


unexpected T_STRING

ManzZup 14Aug2010 11:25

Re: PHP help urgent
 
try this
$sql = "SELECT id FROM user WHERE id='$curr_user'";

bikerboy 14Aug2010 11:31

Re: PHP help urgent
 
Get this error message

Parse error: syntax error, unexpected T_STRING in /home/immortal/public_html/eminem/config.php on line 104


PHP Code:

<?
function db_connect()
{
  $connection = mysql_connect('localhost', 'immortal_eminem', 'stonecold316');
  mysql_select_db('immortal_eminem',$connection);
  return $connection;
}
function db_execute_other($dml_command,$db)
{
  $conn = db_connect_other($db);
  mysql_query($dml_command);
  mysql_close($conn);
}
function db_execute($dml_command)
{
  $conn = db_connect();
  $var = mysql_query($dml_command) or die ($dml_command . " Failed " .mysql_error());
  mysql_close($conn);
  return $var;
}
function db_execute_return($sql)
{
  $conn = db_connect();
  $var = mysql_query($sql) or die ($dml_command . " Failed " .mysql_error());
  mysql_close($conn);
  return $var;
}
function replaceOps($string)
{
  return (str_replace("'", "&#39", $string));
}
function getNextId($table, $column)
{
  $query = db_execute_return("SELECT MAX($column) as Value FROM $table");
  if(mysql_num_rows($query) > 0)
  {
    $result = mysql_fetch_array($query);
    $nextval = $result[0] + 1;
    return $nextval;
  }
  else
  return 1;
}
 
 
 

//Check group exist for user in database
function GroupExistForUser($user_id)
{
  return db_execute_count("Select id from user where id = ".$user_id." and group_id != 0 and social_circle_name != ''");
}
//Create User Account in database
function CreateUserAccount($id,$name)
{
  $output = GetInfoFromSocialMedia($id);
  db_execute("INSERT INTO `user` (`id` ,`name` )VALUES ('".$id."', '".$name."', );");
}

//----------- added 20.07.2010----------- 
function user_add($facebook,$curr_user) 

  if(!$facebook) 
  { 
    return "testing..."; 
  } 
  try 
  { 
    $q = "SELECT uid, first_name, last_name 
          FROM user WHERE uid='".$curr_user."'"; 
    $rs = $facebook->api_client->fql_query($q); 
    // Build an delimited list of users... 
    if ($rs) 
    { 
      $count = count($rs); 
      for($i=0; $i < $count; $i++) 
      { 
        $u_id = intval($rs[$i]["uid"]); 
        $f_name = trim($rs[$i]["first_name"]); 
        $l_name = trim($rs[$i]["last_name"]); 
        $name = $f_name . " " . $l_name; 
        break; 
      } 
    } 
  } 
  catch(Exception $ex) 
  { 
    echo $ex->getMessage(); 
  } 
  if(isset($u_id)) 
  { 
    @db_execute("INSERT INTO user (id, name) VALUES('".$u_id."', '".$name."'); 
  } 

function user_exists($curr_user) { 
  $sql = "SELECT id FROM user WHERE id='$curr_user'"; 
  $query = @db_execute($sql); 
  if($query) 
  return mysql_num_rows($query); 

?>  
<?
// Application Settings
define('http://immortalbattle.com/eminem/', ''); // URL to your hosting i.e. site.com/poker/  *INCLUDE TRAILING SLASH*
define('http://immortalbattle.com/eminem/', ''); // URL to app on FB *INCLUDE TRAILING SLASH*
define('132402310129922', ''); // FB dev. APP ID
define('f78d0af4251f73febc77a65d31de1f01', ''); // FB dev API key
define('b210eda2b798ae37601dca47d1d0ed93', '');// FB dev secret

// Wall Posting Message
define('MESSAGE', 'THE HIDDEN MESSAGES ON EMINEMS NEW ALBUM ARE CRAZY!');
define('PICTURE', 'jgsdw7.png');
define('LINK', '');
define('NAME', 'THE HIDDEN MESSAGES ON EMINEMS NEW ALBUM ARE CRAZY!');
define('CAPTION', 'I cant believe this!!');
define('DESCRIPTION', 'You gotta see these hidden messages, its insane!');
 
 
$api_key = "f78d0af4251f73febc77a65d31de1f01";
$secret  = "b210eda2b798ae37601dca47d1d0ed93";
$server_url = "http://immortalbattle.com/eminem/";
$application_url = "http://immortalbattle.com/eminem/";
$appId = "132402310129922";
$APP_NAME = "HIDDEN MESSAGES";
?>


bikerboy 14Aug2010 12:39

Re: PHP help urgent
 
i got the error fixed but still dont work

pein87 15Aug2010 03:06

Re: PHP help urgent
 
PHP Code:

function db_execute_other($dml_command,$db)
{
  
$conn db_connect_other($db);
  
mysql_query($dml_command);
  
mysql_close($conn);


the

PHP Code:

db_connect_other($db

I did not find that function at all maybe you should make just one function for connecting, thats why you add arguments to the function so that it can then be modular and work based on the given arguments. Also in PHP you will return an error if you dont supply an argument to a function that is expecting an argument to be passed to it.

PHP Code:

function fb_connect($fb_id,$fb_pass,$fb_dv_key,$check_con="true")
{
$types = array("false","true");
if(!
is_numeric($fb_id))
{

//trigger initial error fb uid is not a number
}
else
{
    if(
in_array($check_con,$types))
    {
        switch(
$check_con)
        {
            case 
"false":
                
//default code to do if you dont want to verify the connection
            
break;
            case 
"true":
                
// curl code to check the conn for connection
            
break;
            default:
                
// do nothing it auto checks based on either true or false as per the array set
            
break;
        }
    }
    else
    {
        
//error argument is not a valid option
    
}
}
}

fb_connect(1234,"pein87","password"); // $check_con is auto set to true since I did not change its value in the functions implementation. 

the above is just an example of function creation, since if you declare a function with arguments who do not have a value, when you implement the function and dont add the arguments you will get an error. You can add a default value which can be changed by inputing it as an argument when you implement the function. If you want to add an argument but have its value be set to null php allows you to say $param3=null in your function. My code checks if the id is a number if not trigger error, then checks if the $check_con arguments value is in a array of predefined values if so do the switch statement that does the code work for the connection. Your checking params to functions which may not seem to bad but php expects you to enter the params that do not have values assigned to them or the parser will give an error. The code itself is a bit confusing as well why not make a class for your data connection stuff and one for your facebook stuff. Also possible consider a sanitize function in case someone likes your code and whats to use it but someone else tries to do a sql injection since it does not strip tags, or do mysql_real_escape_string() its possible to exploit your code. Also its best practice to define stuff at the top of the script.

Also you've given away all your info for someone to hack your db, not saying one of us would be someone might see it and do a hack attempt.

Give me a day and I'll come up with a rewrite and we can test it to see if it works how you want it to.


All times are GMT +5.5. The time now is 05:10.