Webdigity Webmaster Forums - strange error on site

Meth0d

Sat 7 October 2006, 02:49 am GMT +0300

on this page: http://3rd-evolution.net/forum/index.php

you see an error,

Quote

You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

strange enough this error came out of no where with no changes made to any files, i've searched Index.php and can't find a problem there, so i will paste the code here.. im not sure what the problem is here but let me know if you can help:

Code:

<?php
require_once "../maincore.php";
require_once BASEDIR."subheader.php";
include LOCALE.LOCALESET."forum/main.php";
if (empty($lastvisited)) { $lastvisited = time(); }
echo "<table cellpadding='0' cellspacing='0' width='100%' class='tbl-border'><tr><td>
<table border='0' cellpadding='0' cellspacing='1' width='100%'><tr>
<td style='padding: 8px 4px 8px 4px; text-align:center; font-size: 10px; font-weight:bold;' colspan='2' class='tbl2'>";
$msg_count = dbcount("(message_id)", "messages", "message_to='".$userdata['user_id']."' AND message_read='0'AND message_folder='0'");
if (iMEMBER) {
echo "<table border='0' cellpadding='0' style='border-collapse: collapse' width='100%' id='table1'>
<tr><td width='150'>";
if ($userdata['user_avatar'] != "") {
echo "<center><img border='0' alt='".$locale['on106']."' title='".$locale['on106']."' src='".BASEDIR."images/avatars/".$userdata['user_avatar']."'></center>\n";
} else {
echo "<br><center><img border='0' alt='".$locale['on107']."' title='".$locale['on107']."' src='".INFUSIONS."user_info_panel/images/noimage.gif'></center><br>\n";
}
echo "</td><td width=500>";
$your_color = dbresult(dbquery("SELECT rank_color FROM ".$db_prefix."clanranks WHERE rank_id = ".$userdata['user_clanrank']),0);
echo "Welcome <b><font color='$your_color'>".$userdata['user_name']."</font></b> - You have $msg_count message(s) in your inbox.
  [<a href='".BASEDIR."setuser.php?logout=yes'><b>".$locale['420']."</b></a>]<br>";
$yourposts = number_format($userdata['user_posts']); $facount = dbresult(dbquery("SELECT count(post_id) FROM ".$db_prefix."posts"),0);
if ($yourposts == 0) { echo "You have made no posts. this is 0% of the total ".$facount." posts on this forum.<br>"; } else {
$yourperc = number_format((($yourposts/$facount)*100),1);
echo "Your posts: ".$yourposts.", this is ".$yourperc."% of the total ".$facount." posts on this forum.<br>";}
$result = dbquery(
"SELECT tp.*, tf.* FROM ".$db_prefix."posts tp
INNER JOIN ".$db_prefix."forums tf USING(forum_id)
WHERE ".groupaccess('forum_access')." AND tp.post_datestamp>'$lastvisited'"
);
$howmanyposts = dbrows($result);
echo "<br>There have been <b>$howmanyposts</b> post(s) since your last visit on ".($userdata['user_lastvisit'] != 0 ? showdate("longdate", $userdata['user_lastvisit']) : $locale['u049']).".";
include ('latestpost.php');
echo "<hr width=500 align=left><a href='".BASEDIR."profile.php?lookup=".$userdata['user_id']."'>".$locale['414']."</a>  ";
echo "<img border='0' src='".THEME."images/bullet.gif'>  <a href='".BASEDIR."edit_profile.php'>".$locale['415']."</a>  ";
if (iMEMBER) {
echo "<img border='0' src='".THEME."images/bullet.gif'>  <a href='".BASEDIR."messages.php'>".$locale['417']." ($msg_count)</a>  ";
echo "<img border='0' src='".THEME."images/bullet.gif'>  <a href='".BASEDIR."members.php'>".$locale['418']."</a>  ";
} else {
echo "  ";
}
echo "<img border='0' src='".THEME."images/bullet.gif'>  <a href='".BASEDIR."faq.php?cat_id=4'>".$locale['419']."</a>  ";
if (iMEMBER) {
echo "<br><a href='".BASEDIR."newest_threads.php'>Newest Threads</a>  ";
echo "<img border='0' src='".THEME."images/bullet.gif'>  <a href='".BASEDIR."infusions/forum_threads_list_panel/my_threads.php'>My Recent Threads</a>  ";
echo "<img border='0' src='".THEME."images/bullet.gif'>  <a href='".BASEDIR."infusions/forum_threads_list_panel/my_posts.php'>My Recent Posts</a>  ";
echo "<img border='0' src='".THEME."images/bullet.gif'>  <a href='".BASEDIR."infusions/forum_threads_list_panel/new_posts.php'>New Posts</a>  ";

}
echo "</td><td align='center' valign='top'><center><b>Top Posters</b></center><br><table border=0 width=150><tr><td>";
include ('topposters.php');
echo "</td></tr></table></td></tr></table>";

} else {
echo "<img border='0' src='".THEME."images/bullet.gif'>  <a href='".BASEDIR."register.php'>".$locale['416']."</a>  ";
}
echo "</td></tr></table></td></tr></table>\n";
echo "<table cellpadding='0' cellspacing='0' width='100%' class='tbl-border'>
<tr>
<td>
<table border='0' cellpadding='0' cellspacing='1' width='100%'>
<tr>
<td style='padding: 8px 4px 8px 4px; text-align:center; font-size: 10px;' colspan='2' class='tbl2'>";

if (iMEMBER) {
echo "<form name='search' method='post' action='".BASEDIR."search.php?stype=f'><span class='small'><b>Forum Search</b> </span>
<input type='textbox' name='stext' class='textbox' style='width:150px'>
<input type='submit' name='search' value='".$locale['550']."' class='button'>
</form>";
} else {
echo "<div align='center'><form name='loginform' method='post' action='index.php'>
Username <input type='text' name='user_name' class='textbox' style='width:100px'>  
Password <input type='password' name='user_pass' class='textbox' style='width:100px'>  
<input type='checkbox' name='remember_me' value='y' title='Remember Me' style='vertical-align:middle;'>
<input type='submit' name='login' value='Login' class='button'><br></form></div>";
}
echo "</td></tr><center><tr><td style='padding: 8px 4px 8px 4px; text-align:center; font-size: 10px;' colspan='2' class='tbl2'>";
include ('ads.php');
echo "<br><small>Are one of these ads inappropriate, or for a cheat site? Report it by clicking [<a href='".BASEDIR."report_ad.php'>here</a>].</center></center></table></td></tr></table>\n";
//Original Digi code begins here.

echo "<table cellpadding='0' cellspacing='0' width='100%' class='tbl-border'>
<tr>
<td>
";

echo "
<table border='0' cellpadding='0' cellspacing='1' width='100%'>
<tr>
<td colspan='2' class='tbl2'>".$locale['401']."</td>
<td align='center' width='50' class='tbl2'>".$locale['402']."</td>
<td align='center' width='50' class='tbl2'>".$locale['403']."</td>
<td width='120' class='tbl2'>".$locale['404']."</td>
</tr>\n";

$result = dbquery("SELECT * FROM ".$db_prefix."forums WHERE forum_cat='0' ORDER BY forum_order");
if (dbrows($result) != 0) {
while ($data = dbarray($result)) {
$forums = "";
$result2 = dbquery("SELECT * FROM ".$db_prefix."forums WHERE forum_cat='".$data['forum_id']."' ORDER BY forum_order");
if (dbrows($result2) != 0) {
while ($data2 = dbarray($result2)) {
if (checkgroup($data2['forum_access'])) {
$moderators = "";
$forum_mods = ($data2['forum_moderators'] ? explode(".", $data2['forum_moderators']) : "");
if (is_array($forum_mods)) {
sort($forum_mods);
for ($i=0;$i < count($forum_mods);$i++) {
$data3 = dbarray(dbquery("SELECT user_id,user_name,user_clanrank FROM ".$db_prefix."users WHERE user_id='".$forum_mods[$i]."'"));
$mod_color = dbresult(dbquery("SELECT rank_color FROM ".$db_prefix."clanranks WHERE rank_id = ".$data3['user_clanrank']),0);
$moderators .= "<a href='".BASEDIR."profile.php?lookup=".$data3['user_id']."'><font color='$mod_color'>".$data3['user_name']."</font></a>".($i != (count($forum_mods)-1) ? ", " : "");
}
}
$new_posts = dbcount("(*)", "posts", "forum_id='".$data2['forum_id']."' AND post_datestamp>'$lastvisited'");
$thread_count = dbcount("(*)", "threads", "forum_id='".$data2['forum_id']."'");
$posts_count = dbcount("(*)", "posts", "forum_id='".$data2['forum_id']."'");
if ($new_posts > 0) {
$fim = "<img src='".THEME."forum/foldernew.gif' alt='".$locale['560']."'>";
} else {
$fim = "<img src='".THEME."forum/folder.gif' hsrc='".THEME."forum/folder_on.gif' alt='".$locale['561']."'>";
}
� � � � $forums .= "<tr>
<td align='center' class='tbl2' onMouseover=\"this.style.backgroundColor='#026700'\" onMouseout=\"this.style.backgroundColor='#055A00'\">$fim</td>
<td class='tbl1' onMouseover=\"this.style.backgroundColor='#026700'\" onMouseout=\"this.style.backgroundColor='#055600'\"><a href='viewforum.php?forum_id=".$data2['forum_id']."'>".$data2['forum_name']."</a><br>
<span class='small'>".$data2['forum_description'].($moderators ? "<br>\n".$locale['411'].$moderators."</span></td>\n" : "</span></td>\n")."
<td align='center' class='tbl2' onMouseover=\"this.style.backgroundColor='#026700'\" onMouseout=\"this.style.backgroundColor='#055A00'\">".$thread_count."</td>
<td align='center' class='tbl1' onMouseover=\"this.style.backgroundColor='#026700'\" onMouseout=\"this.style.backgroundColor='#055600'\">".$posts_count."</td>
<td class='tbl2' align='center'� onMouseover=\"this.style.backgroundColor='#026700'\" onMouseout=\"this.style.backgroundColor='#055A00'\">";

if ($data2['forum_lastpost'] == 0) {
$forums .=� $locale['405']."</td>\n</tr>\n";
} else {
$data3 = dbarray(dbquery("SELECT user_name,user_clanrank FROM ".$db_prefix."users WHERE user_id='".$data2['forum_lastuser']."'"));
$last_color = dbresult(dbquery("SELECT rank_color FROM ".$db_prefix."clanranks WHERE rank_id = ".$data3['user_clanrank']),0);
$agent = $_SERVER['HTTP_USER_AGENT'];
if (eregi("Firefox", $agent)) {
$forums .= showdate("forumdate", $data2['forum_lastpost'])."<br>
<span class='small'>".$locale['406']."<a href='".BASEDIR."profile.php?lookup=".$data2['forum_lastuser']."' style='color: $last_color'>".$data3['user_name']."</a></span></td>
</tr>\n";
} else {
$forums .= showdate("forumdate", $data2['forum_lastpost'])."<br>
<span class='small'>".$locale['406']."<br><a href='".BASEDIR."profile.php?lookup=".$data2['forum_lastuser']."' style='color: #000000'><SPAN STYLE='filter:progid:DXImageTransform.Microsoft.Glow(Color=$last_color, Strength=5);
width:90%'><b>".$data3['user_name']."</b></span></a></span></td>
</tr>\n";
}
}
}
}
if ($forums != "") {
echo "<tr>\n<td colspan='5' class='forum-caption'>".$data['forum_name']."</td>\n</tr>\n".$forums;
unset($forums);
}
}
}
}

echo "</table>
</td>
</tr>
</table>
<table width='100%' cellpadding='0' cellspacing='0'>
<tr><td> </td><br>

<img src='".THEME."forum/foldernew.gif' style='vertical-align:middle;'> - ".$locale['409']."<br>
<img src='".THEME."forum/folder.gif' hsrc='".THEME."forum/folder_on.gif' style='vertical-align:middle;'> - ".$locale['410']."
<table border='0' cellpadding='0' cellspacing='1' width='100%'class='tbl-border'><tr><td class='forum-caption'> 
<td class='forum-caption' align='left'><b>Who is Online</b>
<tr><td class='tbl2' align='middle'>";

$filename = "".THEME."forum/whosonline.gif";
if (file_exists($filename)) {
echo "<img src=".$filename." align='left'>";
} else {
echo "<img src='".THEME."images/blank.gif' width='40'>";
}� � �
echo "</td><td width='100%' align='left' class='tbl1'>";

if ($settings['maintenance'] != "1") {
$cond = ($userdata['user_level'] != 0 ? "'".$userdata['user_id']."'" : "'0' AND online_ip='".FUSION_IP."'");
$result = dbquery("SELECT * FROM ".$db_prefix."online WHERE online_user=".$cond."");
if (dbrows($result) != 0) {
$result = dbquery("UPDATE ".$db_prefix."online SET online_lastactive='".time()."' WHERE online_user=".$cond."");
} else {
$name = ($userdata['user_level'] != 0 ? $userdata['user_id'] : "0");
$result = dbquery("INSERT INTO ".$db_prefix."online VALUES('$name', '".FUSION_IP."', '".time()."')");
}
if (isset($_POST['login'])) {
$result = dbquery("DELETE FROM ".$db_prefix."online WHERE online_user='0' AND online_ip='".FUSION_IP."'");
} else if (isset($logout)) {
$result = dbquery("DELETE FROM ".$db_prefix."online WHERE online_ip='".FUSION_IP."'");
}
$result = dbquery("DELETE FROM ".$db_prefix."online WHERE online_lastactive<".(time()-60)."");
$result = dbquery("SELECT * FROM ".$db_prefix."online WHERE online_user='0'");
echo "<table border='0' width='100%'><tr><td>";
echo "<span class='small'>Today is: ".ucwords(showdate($settings['subheaderdate'], time()))."</span><br>";
echo "<span class='small'>There are currently <b>".dbrows($result)."</b> ".$locale['011']."</span><br>\n";
$result = dbquery(
"SELECT ton.*, user_id,user_name,user_clanrank FROM ".$db_prefix."online ton
LEFT JOIN ".$db_prefix."users tu ON ton.online_user=tu.user_id
WHERE online_user!='0'"
);
$facount = dbquery("SELECT count(post_id) FROM ".$db_prefix."posts");
echo "<span class='small'>Our users have posted a total of: </span><span class='small'><b>".dbresult($facount, 0)."</b> Articles<br>";
$members = dbrows($result);
if ($members != 0) {
$i = 1;
echo $locale['012'];
while($data = dbarray($result)) {
$rank_color = dbresult(dbquery("SELECT rank_color FROM ".$db_prefix."clanranks WHERE rank_id = ".$data['user_clanrank']),0);
echo "<a href='".BASEDIR."profile.php?lookup=".$data['user_id']."' class='side' style='color: $rank_color'>".$data['user_name']."</a>";

if ($i != $members) echo ", ";
$i++;
}
echo "<br>\n";
} else {
echo $locale['013']."<br>\n";
}

$result = dbquery("SELECT user_id,user_name,user_clanrank FROM ".$db_prefix."users ORDER BY user_joined DESC");
$total = dbrows($result);
$data = dbarray($result);
$rank_color = dbresult(dbquery("SELECT rank_color FROM ".$db_prefix."clanranks WHERE rank_id = ".$data['user_clanrank']),0);
echo "<br><span class='small'>Registered Users: <b>".$total."</b><br>
".$locale['016']."<a href='".BASEDIR."profile.php?lookup=".$data['user_id']."' class='side' style='color: $rank_color'>".$data['user_name']."</a></span>\n";
}

echo "<hr>";
if (iMEMBER) {
echo "<div align='left'><img border='0' src='".THEME."images/bullet.gif'> <strong><a href='".BASEDIR."infusions/forum_threads_list_panel/allthreads.php'>View all Posts</a></strong></div>";
}
echo "<div align='right'><form name='search' method='post' action='".BASEDIR."search.php?stype=f'><span class='small'>Forum Search: </span>
<input type='textbox' name='stext' class='textbox' style='width:150px'>
<input type='submit' name='search' value='".$locale['550']."' class='button'>
</form></div></td>";
echo "</td><td>";
//rank legend
include "rank_legend.php";
//rank legend
echo "</td></tr></table>";
echo"</td><br></td></tr></td></tr></table><br>\n";

require_once BASEDIR."footer.php";
?>

olaf

Sat 7 October 2006, 09:46 am GMT +0300

How to debug mysql error's?

first start showing the sql statement! (do you think here is someone having the time to study you code?) ;D

Meth0d

Sat 7 October 2006, 11:43 am GMT +0300

thats exactly my point , i dont know why its showing this error

olaf

Sat 7 October 2006, 12:22 pm GMT +0300

Quote from: Meth0d on Oct 07, 2006, 11:43:13 AM

thats exactly my point , i dont know why its showing this error

But if you say that this happend without that you changed something then maybe your provider has changed something, ask him first (as for register_globals)

Mind_nl

Sat 7 October 2006, 01:26 pm GMT +0300

yes, since the error states something is wrong near '' it looks like you have an empty variable. The appearance of the error without you changing anything could very well be caused by register_globals being turned off. My own host has changed this last week, causing some errors to appear on some of my sites.

If its a register_globals problem you could upload a php.ini with register_globals on as a quick fix, then try to fix your code to be able to work with register_globals off as the on setting can cause serious security issues...

olaf

Sat 7 October 2006, 01:55 pm GMT +0300

Quote from: Mind_nl on Oct 07, 2006, 01:26:43 PM

If its a register_globals problem you could upload a php.ini with register_globals on as a quick fix, then try to fix your code to be able to work with register_globals off as the on setting can cause serious security issues...

that will not work on the most shared hostings...

Mind_nl

Sat 7 October 2006, 05:20 pm GMT +0300

It worked on mine, so I guess its worth a try. If not you can always contact the hosting provider

Nikolas

Mon 9 October 2006, 09:37 am GMT +0300

Ok, you gave me an idea for a new snippet tutorial :)

Check this out, Register globals without having register_globals = on from php.ini

Meth0d

Fri 13 October 2006, 08:47 pm GMT +0300

I tried entering that code at the top of forum/index.php (where the error occurs) but didn't fix =/

olaf

Fri 13 October 2006, 09:02 pm GMT +0300

Quote from: Nikolas on Oct 09, 2006, 09:37:50 AM

Ok, you gave me an idea for a new snippet tutorial :)

Check this out, Register globals without having register_globals = on from php.ini

maybe this is better:

Code:

<?php
foreach ( $_REQUEST as $k => $v )
{
eval ( "\$$k = '$v';" );
}
?>

@method,

do you know that register_globals is the problem?

Meth0d

Sat 14 October 2006, 07:49 am GMT +0300

no, that's just what is suggestd here. i have no idea what the problem is. have already went all the way through the code, cleaning it up in various ways. to no avail

olaf

Sat 14 October 2006, 08:55 am GMT +0300

Quote from: Meth0d on Oct 14, 2006, 07:49:18 AM

no, that's just what is suggestd here. i have no idea what the problem is. have already went all the way through the code, cleaning it up in various ways. to no avail

maybe you should clear this up otherwise is everything else we do wasting time (we are not magicians) ;D

Meth0d

Tue 17 October 2006, 06:49 am GMT +0300

well, it turns out register_globals is set to ON For my host.. so this cant be the problem right?

olaf

Tue 17 October 2006, 11:05 am GMT +0300

Quote from: Meth0d on Oct 17, 2006, 06:49:50 AM

well, it turns out register_globals is set to ON For my host.. so this cant be the problem right?

right

Meth0d

Fri 20 October 2006, 02:14 am GMT +0300

ok i have narrowed the problem down to be somewhere in this group of coding:

Code:

<?php
echo "<table cellpadding='0' cellspacing='0' width='100%' class='tbl-border'>
<tr>
<td>
<table border='0' cellpadding='0' cellspacing='1' width='100%'>
<tr>
<td colspan='2' class='tbl2'>".$locale['401']."</td>
<td align='center' width='50' class='tbl2'>".$locale['402']."</td>
<td align='center' width='50' class='tbl2'>".$locale['403']."</td>
<td width='120' class='tbl2'>".$locale['404']."</td>
</tr>\n";

$result = dbquery("SELECT * FROM ".$db_prefix."forums WHERE forum_cat='0' ORDER BY forum_order");
if (dbrows($result) != 0) {
while ($data = dbarray($result)) {
$forums = "";
$result2 = dbquery("SELECT * FROM ".$db_prefix."forums WHERE forum_cat='".$data['forum_id']."' ORDER BY forum_order");
if (dbrows($result2) != 0) {
while ($data2 = dbarray($result2)) {
if (checkgroup($data2['forum_access'])) {
$moderators = "";
$forum_mods = ($data2['forum_moderators'] ? explode(".", $data2['forum_moderators']) : "");
if (is_array($forum_mods)) {
sort($forum_mods);
for ($i=0;$i < count($forum_mods);$i++) {
$data3 = dbarray(dbquery("SELECT user_id,user_name,user_clanrank FROM ".$db_prefix."users WHERE user_id='".$forum_mods[$i]."'"));
$mod_color = dbresult(dbquery("SELECT rank_color FROM ".$db_prefix."clanranks WHERE rank_id = ".$data3['user_clanrank']),0);
$moderators .= "<a href='".BASEDIR."profile.php?lookup=".$data3['user_id']."'><font color='$mod_color'>".$data3['user_name']."</font></a>".($i != (count($forum_mods)-1) ? ", " : "");
}
}
$new_posts = dbcount("(*)", "posts", "forum_id='".$data2['forum_id']."' AND post_datestamp>'$lastvisited'");
$thread_count = dbcount("(*)", "threads", "forum_id='".$data2['forum_id']."'");
$posts_count = dbcount("(*)", "posts", "forum_id='".$data2['forum_id']."'");
if ($new_posts > 0) {
$fim = "<img src='".THEME."forum/foldernew.gif' alt='".$locale['560']."'>";
} else {
$fim = "<img src='".THEME."forum/folder.gif' hsrc='".THEME."forum/folder_on.gif' alt='".$locale['561']."'>";
}
         $forums .= "<tr>
<td align='center' class='tbl2' onMouseover=\"this.style.backgroundColor='#026700'\" onMouseout=\"this.style.backgroundColor='#055A00'\">$fim</td>
<td class='tbl1' onMouseover=\"this.style.backgroundColor='#026700'\" onMouseout=\"this.style.backgroundColor='#055600'\"><a href='viewforum.php?forum_id=".$data2['forum_id']."'>".$data2['forum_name']."</a><br>
<span class='small'>".$data2['forum_description'].($moderators ? "<br>\n".$locale['411'].$moderators."</span></td>\n" : "</span></td>\n")."
<td align='center' class='tbl2' onMouseover=\"this.style.backgroundColor='#026700'\" onMouseout=\"this.style.backgroundColor='#055A00'\">".$thread_count."</td>
<td align='center' class='tbl1' onMouseover=\"this.style.backgroundColor='#026700'\" onMouseout=\"this.style.backgroundColor='#055600'\">".$posts_count."</td>
<td class='tbl2' align='center'  onMouseover=\"this.style.backgroundColor='#026700'\" onMouseout=\"this.style.backgroundColor='#055A00'\">";

if ($data2['forum_lastpost'] == 0) {
$forums .=  $locale['405']."</td>\n</tr>\n";
} else {
$data3 = dbarray(dbquery("SELECT user_name,user_clanrank FROM ".$db_prefix."users WHERE user_id='".$data2['forum_lastuser']."'"));
$last_color = dbresult(dbquery("SELECT rank_color FROM ".$db_prefix."clanranks WHERE rank_id = ".$data3['user_clanrank']),0);
$agent = $_SERVER['HTTP_USER_AGENT'];
if (eregi("Firefox", $agent)) {
$forums .= showdate("forumdate", $data2['forum_lastpost'])."<br>
<span class='small'>".$locale['406']."<a href='".BASEDIR."profile.php?lookup=".$data2['forum_lastuser']."' style='color: $last_color'>".$data3['user_name']."</a></span></td>
</tr>\n";
} else {
$forums .= showdate("forumdate", $data2['forum_lastpost'])."<br>
<span class='small'>".$locale['406']."<br><a href='".BASEDIR."profile.php?lookup=".$data2['forum_lastuser']."' style='color: #000000'><SPAN STYLE='filter:progid:DXImageTransform.Microsoft.Glow(Color=$last_color, Strength=5);
width:90%'><b>".$data3['user_name']."</b></span></a></span></td>
</tr>\n";
}