Advertisement
Guest User

Untitled

a guest
Oct 25th, 2016
100
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.11 KB | None | 0 0
  1. Error:
  2. Invalid query: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '( ID int NOT NULL AUTO_INCREMENT, PRIMARY KEY(ID), timestamp int NOT NU' at line 1
  3. --------------
  4. My process.php
  5. <?php
  6. require_once('config.php');
  7. require_once('functions.php');
  8. require_once('../extlib/vdaemon/vdaemon.php');
  9. require_once('../extlib/recaptchalib.php');
  10.  
  11. /*Checks the CAPTCHA*/
  12. $resp = recaptcha_check_answer (R_PRIVATE,
  13. $_SERVER["REMOTE_ADDR"],
  14. $_POST["recaptcha_challenge_field"],
  15. $_POST["recaptcha_response_field"]);
  16.  
  17. if (!$resp->is_valid) {
  18. die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." .
  19. "(reCAPTCHA said: " . $resp->error . ")");
  20. }
  21.  
  22.  
  23. /*Check to see if the form was submitted from the installed domain. If so,
  24. process the data. If not, kill the script. Obviously, you can disable this, but
  25. it's strongly recommended that you keep this check in place.*/
  26. $domain = $_SERVER['HTTP_HOST'];
  27. $uri = parse_url($_SERVER['HTTP_REFERER']);
  28. $r_domain = $uri['host'];
  29.  
  30. if ( $domain == $r_domain ) {
  31.  
  32. /*Open the connection to our database use the info from the config file.*/
  33. $link = f_sqlConnect(DB_USER, DB_PASSWORD, DB_NAME);
  34.  
  35. /*This cleans our &_POST array to prevent against SQL injection attacks.*/
  36. $_POST = f_clean($_POST);
  37.  
  38. /*These are the main variables we'll use to process the form.*/
  39. $table = $_POST['formID'];
  40. $keys = implode(", ", (array_keys($_POST)));
  41. $values = implode("', '", (array_values($_POST)));
  42.  
  43. /*These are variables for our redirect.*/
  44. $redirect = $_POST['redirect_to'];
  45. $referred = $_SERVER['HTTP_REFERER'];
  46. $query = parse_url($referred, PHP_URL_QUERY);
  47. $referred = str_replace(array('?', $query), '', $referred);
  48.  
  49. /*These are the extra data fields we'll collect on form submission.*/
  50. $x_fields = 'timestamp, ip';
  51. $x_values = time() . "', '" . f_getIP();
  52.  
  53. /*Check to see if the table exists and if it doesn't create it.*/
  54. if ( !f_tableExists($table, DB_NAME) ) {
  55. $sql = "CREATE TABLE $table (
  56. ID int NOT NULL AUTO_INCREMENT,
  57. PRIMARY KEY(ID),
  58. timestamp int NOT NULL,
  59. ip int NOT NULL
  60. )";
  61.  
  62. $result = mysql_query($sql);
  63.  
  64. if (!$result) {
  65. die('Invalid query: ' . mysql_error());
  66. }
  67.  
  68. }
  69.  
  70. /*Check to see if the fields specified in the form exist and if they don't, create them.*/
  71. foreach ($_POST as $key => $value) {
  72. $column = mysql_real_escape_string($key);
  73. $alter = f_fieldExists($table, $column, $column_attr = "VARCHAR( 255 ) NULL" );
  74.  
  75. if (!alter) {
  76. echo 'Unable to add column: ' . $column;
  77. }
  78. }
  79.  
  80. /*Insert out values into the database.*/
  81. $sql="INSERT INTO $table ($keys, $x_fields) VALUES ('$values', '$x_values')";
  82.  
  83. if (!mysql_query($sql)) {
  84. die('Error: ' . mysql_error());
  85. }
  86.  
  87. /*Close our database connection.*/
  88. mysql_close();
  89.  
  90. /*Redirect the user after a successful form submission*/
  91. if ( !empty ( $redirect ) ) {
  92. header("Location: $redirect?msg=1");
  93. } else {
  94. header("Location: $referred?msg=1");
  95. }
  96. } else {
  97. die('You are not allowed to submit data to this form');
  98. }
  99. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement