Hey guys,
Im working on a web based application called sidekik, as of now though this small script is all im worried about.
What is here is an attempt to add a link to a page, whenever a page with a uniqe php codeing in the header is visited. If the page is visited twice, the link is not added again. These are the codings for 2 php files that were
supplied to me.
<?PHP
if(isset($_POST['link']) && is_array($_POST['link']))
{
foreach($_POST['link'] as $id => $checked)
{
if(!empty($checked))
{
$sql = "DELETE FROM sidekik
WHERE id = $id
LIMIT 1";
$result = mysql_query($sql);
if ($result)
{
Header("Location: {$_SERVER['HTTP_HOST']}{$_SERVER['PHP_SELF']}");
}
}
}
}
?>
<div align="center"><font size="3" face="Verdana, Arial, Helvetica, sans-serif"><strong>S</strong>ide<strong>K</strong>ik<em><font size="1">
By <a href="http://www.22pixels.com">22Pixels</a></font></em></font> </div>
<div align="center"><font color="#000000" size="1" face="Verdana, Arial, Helvetica, sans-serif">
<a href="http://www.22pixels.com/SideKik/SideKikFiles/Pages/index.php" target="sidekik">Index</a>
| <a href="http://www.22pixels.com/SideKik/SideKikFiles/Pages/Imageshack.php" target="sidekik">Imageshack</a>
| <a href="http://www.22pixels.com/SideKik/SideKikFiles/RadioKik/RadioKik/" target="sidekik">Radio</a>
| <a href="http://www.22pixels.com/forums/list.php" target="sidekik">Memberlist</a><br>
<?PHP
$connection = mysql_connect("localhost", "username", "password") or die( mysql_error() );
mysql_select_db("database") or die( mysql_error() );
$ip = $_SERVER["REMOTE_ADDR"];
$sql = "SELECT *
FROM sidekik
WHERE ip = '$ip'
ORDER BY time DESC";
$result = mysql_query($sql);
while ($row = mysql_fetch_assoc($result)) {
print "<form action=\"{$_SERVER['PHP_SELF']}\" method=\"post\">";
while ($row = mysql_fetch_assoc($result)) {
print "<a href=\"{$row['link']}\" target=\"sidekik\">{$row['name']}</a> <input type=\"checkbox\" name=\"link[" . $row['id'] . "]\">";
}
"</form>";
}
?><input type="submit" value="Delete" name="submit">
That is the file in wich the pages would be included in and this is the code that would help supply the links.
<?PHP
$connection = mysql_connect("localhost", "user", "password") or die( mysql_error() );
mysql_select_db("database") or die( mysql_error() );
$link = "http://" . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
$ip = $_SERVER["REMOTE_ADDR"];
$sql =
"SELECT name FROM sidekik
WHERE ip = '$ip'";
$result = mysql_query($sql);
$num_rows = mysql_num_rows($result);
if ($num_rows = 0) {
$sql2 =
"INSERT INTO sidekik (ip, link, name, time)
VALUES ('$ip', '$link', '$name', NOW())";
$result2 = mysql_query($sql2);
}
?>
Note that the username, password and database fields were filled in correctly.
I recieve the following error when i attempt to delete the link:
Warning: mysql_query(): Access denied for user: 'nobody@localhost' (Using password: NO) in /home/sites/www.22pixels.com/public_html/directory/directory/file.php on line 11
Warning: mysql_query(): A link to the server could not be established in /home/sites/www.22pixels.com/public_html/directory/directory/file.php on line 11
If you guys think you could help me out, i will sure mention you in the final credits and provide a link to this website for support. Thank you.
