I need the orkin man... I have bugs killing the game.

Blackhawk

Ok heres the deal... I am the vice manager of a textbased game... I keep having mysql errors. I have learned where to fined them (I think0 and where to look for associated strings ( I hope) anyway here is It says i have an error on line 17 in my gameconfig.php file. I think its connected to either the race.php file or the main line... here are the code i think it could be: 😕

this is in the gameconfig.php file. if i counted the semi-colons right this is line 17
mysql_query("update userdb set ipaddress='$ip' where email='$email'");

ok i am not sure but these 2 could be lines 16 and 17 or 17 and 18 from race.php file
echo " Signups Today: $signups [signups]";
echo " Players Online: $playersonline";

however when i put the error into google search it takes me to the game site and it says Race.php so I am not sure... and there is definetly not enough space here to list the whole file. so if you could please see what i am missing.

Thank you for any help in this matter I am hoping to have this resolved... if anyone is interested in seeing the game in its current state please leave me a message. btw the server can only do 1 cron job a day. so its kinda crippled in what the player gets. so I am a staff thats about to :eek: be strung up in the rafters :xbones: by an :mad: mob of players.... HELP!!!

halojoy

lets put some colors
when we see 'wrong colors', we are into a PHP syntax error

<?php
// begin

mysql_query("update userdb set ipaddress='$ip' where email='$email'");

// these 2 could be lines 16 and 17 or 17 and 18 from race.php file
echo "<br><b>Signups Today:</b> $signups [signups]";
echo "<br><b>Players Online:</b> $playersonline";

?>

I would change this line.
Remove one space, add singe quotes 'signup' and use braces

echo "<br><b>Signups Today:</b> {$signups['signups']}";

laserlight

halojoy, associative array indices need not be quoted when used in strings. In fact, your example is incorrect because it lacks braces around the array element. Correct would be:

echo "<br><b>Signups Today:</b> $signups[signups]";
// or
echo "<br><b>Signups Today:</b> {$signups['signups']}";
// or
echo "<br><b>Signups Today:</b> " . $signups['signups'];

halojoy

So you say my version wont work?

Yes, I was thinking of using braces here: {$signups['signups']}

Personally I always prefer and would use your version 3.
And this is maybe why I suggested wrong.
This is what I use:

echo '<br><b>Signups Today:</b> ' . $signups['signups'];

Blackhawk

ok. i will let you know how they work. thank you every one. if anyone wants to look. let me know.

Blackhawk

$ip=$_SERVER['REMOTE_ADDR'];
mysql_query("update userdb set active='$time' where email='$email'");
mysql_query("update userdb set active2='$realtime' where email='$email'");
mysql_query("update userdb set ipaddress='$ip' where email='$email'");

I am thinking one of them is the error.... I mean isn't this suppost to be one line? not 4 right? (warning: this person is a noob. and is subject to random thoughts)

Horizon88

It CAN be one line, and usually IS, but technically can be run like that. :/ What you'd probably be better off doing is something like:

//assuming you've established a mysql connection already
$sql = mysql_real_escape_string("UPDATE userdb SET active='$time', active2='$realtime', ipaddress='$ip' WHERE email='$email';");
mysql_query($sql);

Blackhawk

ok I am going to try and see what can be done... Here's to hoping

Blackhawk

anyone interested in a coding job? seriously... I think the game owner would agree... the site is now a yo-yo... I don't understand it... i just work there,

laserlight

Horizon88's solution is on the right track, but mysql_real_escape_string() should not be applied to the entire SQL statement. It should be applied to each variable that contains a string and is used in the SQL statement. Otherwise the single quotes used to delimit the strings in SQL would themselves be escaped.

Two ways of doing this would be:

$sql = sprintf("UPDATE userdb SET active='%s', active2='%s', ipaddress='%s'
                    WHERE email='%s'",
               mysql_real_escape_string($time),
               mysql_real_escape_string($realtime),
               mysql_real_escape_string($ip),
               mysql_real_escape_string($email));
mysql_query($sql);

and

$time = mysql_real_escape_string($time);
$realtime = mysql_real_escape_string($realtime);
$ip = mysql_real_escape_string($ip);
$email = mysql_real_escape_string($email);
$sql = "UPDATE userdb SET active='$time', active2='$realtime', ipaddress='$ip'
        WHERE email='$email'";
mysql_query($sql);

anyone interested in a coding job? seriously... I think the game owner would agree.

Unfortunately soliciting for employees is forbidden here.

Horizon88

Argh, right - I always forget it's just the variables with mysql_real_escape_string.

Blackhawk

sorry I won't do that again... oops

Blackhawk

ok i got rid of the errors on the log in page i had to delete this line mysql_free_result($res);

however now we can't log in... if i understand it correctly this is a code to clear the previous fetch from the database... if so I am at a dead end cause now there are no errors listed. just a bad login and a link to relogin.

Blackhawk

btw this is line 17 mysql_free_result($res);

troybtj

Assuming the game functioned properly before the errors appeared, what changed when the errors started appearing in race.php ?

If you put the mysql_free_result($res); back in line 17 on the login page, does it take you to the race.php page?

Is the login page short enough to put in a post with {php} {/php} tags? (replace the {} with []).

Blackhawk

I will try...

Blackhawk

the errors appeared after we relocated the game to another server (btw it has only 1 cron task it can do in a day... and we are working on relocating again. however we beleive it was do to the compression and decompression of the code. is there a program to proof read code as a whole?
but yeah it was working before transfer

troybtj

This could be a case where your previous server had gpc_magic_quotes enabled, and the new server doesn't, or vice-versa.

"Magic Quotes" automatically adds backslashes to quotes (",') in input for "protection", but it is best to have them off and apply security in your code.

Add:

<?php
if (get_magic_quotes_gpc()) {
echo "Magic Quotes is set ON";
} else {
echo "Magic Quotes are OFF";
}
?>

to the file that displays the login information. If you still have access to the previous server, do the same to see if the setting is different.

Blackhawk

ok trying

Blackhawk

ok taking a break for the day. thank you for helping... I think the issue is much deeper. like there is a version conflict. and i am at a brickwall... I need a freshstart . i will see you all in 3 days... Iam at my wits ends.. i have work and however i am farther than i was a day😃 ago. thank you for all your time and efforts... i will keep you updated as this progresses.