[PHP] Simple way to Update

Mike · Aug 2, 2012

On the first page a MySQL row is added with a bunch of variables from what you enter into the field. But I want to somehow use $invoiceid in the second form too, and then do

Code:

UPDATE orders SET `email` = '$email' WHERE `invoiceid` = '$invoiceid'

No matter what I try, I can't seem to get it to work. I tried $_GET, but maybe I'm just doing it wrong. Can anyone offer some assistance?

theme/orderform.html

Code:

<div class="mainimage"><br />
    <div class="ordergold">
        <div class="orderform">
            <div class="tablehead">
                Secure Order Form
            </div>
            <form action="includes/orderform.php" method="post" enctype="multipart/form-data">
                <div class="goldquantity">
                    Select Gold Quantity (Millions)<br />
                    <input type="text" class="forminput" name="goldquantity" value="0" required="required">
                </div>
                <div class="totalcost">
                    Total (US Dollars)<br />
                    <div class="formnoninput">$ 0</div>
                </div>
                <div class="displayname">
                    Display Name<br />
                    <input type="text" class="forminput" name="displayname" value="" required="required">
                </div>
                <div class="paymentmethod">
                    Payment Method<br />
                    <div class="formnoninput">Paypal</div>
                </div>
                <div class="clear">
                </div>
                <input class="continue" type="submit" value="" />
            </form>
        </div>
    </div>
</div>

includes/orderform.php

PHP:

<?php
include('config.php');
include('functions.php');

        
    
        $goldquantity = $_POST['goldquantity'];
        $pricemil = 0.35;
        $totalcost = $goldquantity * $pricemil;
        $displayname = $_POST['displayname'];
        $invoice = time();
        $ipaddress = $_SERVER['REMOTE_ADDR'];



         
    mysql_query("INSERT INTO orders(`goldquantity`, `totalcost`, `displayname`, `paymentmethod`, `invoiceid`, `ipaddress`, `complete`) VALUES('" . $goldquantity . "', '" . $totalcost . "', '" . $displayname . "', 'Paypal', '" . $invoice . "', '" . $ipaddress . "', '0')") or die(mysql_error());
    echo '<meta http-equiv="REFRESH" content="0;url=../loginform.php">';


?>

theme/loginform.html

Code:

<div class="mainimage"><br />
    <div class="ordergold">
        <div class="orderform">
            <div class="tablehead">
                Secure Log In
            </div>
            <form action="includes/login.php" method="post" enctype="multipart/form-data">
                <div class="ordertext">
                    To continue with your order, please log in using the form below. Alternatively if you don't have an account, please <u><a href="registerform.php">click here</a></u> to register one.
                </div>
                <div class="goldquantity">
                    E-mail Address<br />
                    <input type="text" class="forminput" name="email" value="" required="required">
                </div>
                <div class="totalcost">
                    Password<br />
                    <input type="password" class="forminput" name="password" value="" required="required">
                </div>

                <div class="clear">
                </div>
                <input class="continue" type="submit" value="" />
            </form>
        </div>
    </div>
</div>

includes/login.php

PHP:

<?php
    session_start();
    include('config.php');
    include('functions.php');

     
    $email = clean($_POST['email']);
    $passwordb = clean($_POST['password']);
    $invoiceid = $_GET['invoiceid'];
    
    $password = passwordenc($email, $passwordb);


    mysql_query("UPDATE orders SET email = '$email' WHERE invoiceid = '$invoiceid'") or die(mysql_error());

    $qry = "SELECT * FROM users WHERE email = '$email' AND password = '".$password."'";
    $result = mysql_query($qry);
    
    if($result) {
        if(mysql_num_rows($result) == 1) {
            session_regenerate_id();
            $get = mysql_fetch_assoc($result);
            $_SESSION['SESS_MEMBER_ID'] = $get['id'];
            $_SESSION['SESS_NAME'] = $get['email'];
            session_write_close();
            header("location: ../idupload.php");
            exit();
        }else {
            header("location: ../loginform.php");
            exit();
        }
    }else {
        header("location: ../idupload.php");
    }

?>

TimeBomb · Aug 2, 2012

1) Which form is "first" and which is "second" (in terms of flow)? It's difficult to tell from your scripts.

2) Your script is blatantly prone to SQL injection.

3) I explained this recently in another thread, but that thread got deleted for some reason unbeknownst to me... you should not be using meta refresh to refresh pages. You should use header('Location:
You must be registered to see links
'). The only reason you wouldn't be able to use this is if you already sent out content before sending out headers. In that case, it shows bad application design. If you have no other choice, meta refresh does usually work, although it is incorrect HTML if it is anywhere outside of the head tag.

4) Where are you having difficulties passing invoice id? Which line did you attempt to pass it via GET?

Mike · Aug 2, 2012

timebomb said:
1) Which form is "first" and which is "second" (in terms of flow)? It's difficult to tell from your scripts.

2) Your script is blatantly prone to SQL injection.

3) I explained this recently in another thread, but that thread got deleted for some reason unbeknownst to me... you should not be using meta refresh to refresh pages. You should use header('Location:
You must be registered to see links
'). The only reason you wouldn't be able to use this is if you already sent out content before sending out headers. In that case, it shows bad application design. If you have no other choice, meta refresh does usually work, although it is incorrect HTML if it is anywhere outside of the head tag.

4) Where are you having difficulties passing invoice id? Which line did you attempt to pass it via GET?

1) The top one is first, bottom one is second. I also have a third I need this implemented on too, but I figured you guys would only need to see 2.

2) How can I secure it more?

3) I used header in most places, but the places where it's <meta> had errors when I had them as header.

4) I'm just not entirely sure how to go about doing it. I didn't know what line to really put it at, or what to even put really.

TimeBomb · Aug 3, 2012

includes/orderform.php
Find:

PHP:

echo '<meta http-equiv="REFRESH" content="0;url=../loginform.php">';

Replace with:

PHP:

echo '<meta http-equiv="REFRESH" content="0;url=../loginform.php?invoiceid=' . $invoice . '">';

That should pass it to loginform.php via GET, as you currently attempt to capture.

Taking a GET variable and plugging it into an SQL query is one way to open up your script for SQL injection. See:

PHP:

$invoiceid = $_GET['invoiceid'];
    // ...
    mysql_query("UPDATE orders SET email = '$email' WHERE invoiceid = '$invoiceid'") or die(mysql_error());

Mike · Aug 3, 2012

timebomb said:
includes/orderform.php
Find:

PHP:

echo '<meta http-equiv="REFRESH" content="0;url=../loginform.php">';

Replace with:

PHP:

echo '<meta http-equiv="REFRESH" content="0;url=../loginform.php?invoiceid=' . $invoice . '">';

That should pass it to loginform.php via GET, as you currently attempt to capture.

Taking a GET variable and plugging it into an SQL query is one way to open up your script for SQL injection. See:

PHP:

$invoiceid = $_GET['invoiceid']; // ... mysql_query("UPDATE orders SET email = '$email' WHERE invoiceid = '$invoiceid'") or die(mysql_error());

That's what I had but it didn't work to pass onto the next form after login.php. Should I just do a hidden input field with $invoiceid then another GET?

And it doesn't update the row, it simply adds a new row with only the e-mail filled out.

Edit: In this case it didn't even create the new e-mail row.

PHP:

<?php
    session_start();
    include('config.php');
    include('functions.php');

     
    $email = clean($_POST['email']);
    $passwordb = clean($_POST['password']);
    $invoiceid = $_GET['invoiceid'];
    
    $password = passwordenc($email, $passwordb);


    mysql_query("UPDATE orders SET email = '$email' WHERE invoiceid = '$invoiceid'") or die(mysql_error());

    $qry = "SELECT * FROM users WHERE email = '$email' AND password = '".$password."'";
    $result = mysql_query($qry);
    
    if($result) {
        if(mysql_num_rows($result) == 1) {
            session_regenerate_id();
            $get = mysql_fetch_assoc($result);
            $_SESSION['SESS_MEMBER_ID'] = $get['id'];
            $_SESSION['SESS_NAME'] = $get['email'];
            session_write_close();
            header("location: ../idupload.php");
            exit();
        }else {
            header("location: ../loginform.php");
            exit();
        }
    }else {
        header("location: ../idupload.php");
    }

?>

Am I just putting it in the wrong spot?

TimeBomb · Aug 3, 2012

Mike said:

That's what I had but it didn't work to pass onto the next form after login.php. Should I just do a hidden input field with $invoiceid then another GET?

And it doesn't update the row, it simply adds a new row with only the e-mail filled out.

Edit: In this case it didn't even create the new e-mail row.

PHP:

<?php
    session_start();
    include('config.php');
    include('functions.php');

     
    $email = clean($_POST['email']);
    $passwordb = clean($_POST['password']);
    $invoiceid = $_GET['invoiceid'];
    
    $password = passwordenc($email, $passwordb);


    mysql_query("UPDATE orders SET email = '$email' WHERE invoiceid = '$invoiceid'") or die(mysql_error());

    $qry = "SELECT * FROM users WHERE email = '$email' AND password = '".$password."'";
    $result = mysql_query($qry);
    
    if($result) {
        if(mysql_num_rows($result) == 1) {
            session_regenerate_id();
            $get = mysql_fetch_assoc($result);
            $_SESSION['SESS_MEMBER_ID'] = $get['id'];
            $_SESSION['SESS_NAME'] = $get['email'];
            session_write_close();
            header("location: ../idupload.php");
            exit();
        }else {
            header("location: ../loginform.php");
            exit();
        }
    }else {
        header("location: ../idupload.php");
    }

?>

Am I just putting it in the wrong spot?

The code I sent you should work, assuming it is reached. If it's not reached, then that's your issue. You should have no issue sending this via GET.
Also, do note that if you were to send it via a hidden input field, it would be via POST.

And... wait a minute. What is loginform.php? There's a loginform.html and login.php.

PHP:

echo '<meta http-equiv="REFRESH" content="0;url=../loginform.php">';

Why is this loginform.php and not login.php?

Mike · Aug 3, 2012

loginform.php is the main page, in my root folder. It's just a file that has many includes from the /theme/ and /includes/ folders so that the /theme/ files are only HTML, and /includes/ are only PHP.

Is my problem something to do with this? Because it's still not working...

TimeBomb · Aug 3, 2012

Mike said:
loginform.php is the main page, in my root folder. It's just a file that has many includes from the /theme/ and /includes/ folders so that the /theme/ files are only HTML, and /includes/ are only PHP.

Is my problem something to do with this? Because it's still not working...

To get this to work, the GET variable passed from orderform.php to loginform.php needs to be passed to login.php. Does loginform.php load login.php, or...? How is login.php loaded?

Mike · Aug 3, 2012

timebomb said:
To get this to work, the GET variable passed from orderform.php to loginform.php needs to be passed to login.php. Does loginform.php load login.php, or...? How is login.php loaded?

Do you have MSN? It might be easier to tell you there and we can discuss.

Each form has basically 3 pages, I'll use login as an example...

root/loginform.php

PHP:

<?php
include('includes/config.php');
include('includes/functions.php');
include('theme/header.html');
include('theme/loginform.html');
include('theme/homepage.html');
include('theme/footer.html');
?>

root/theme/loginform.html

Code:

<div class="mainimage"><br />
    <div class="ordergold">
        <div class="orderform">
            <div class="tablehead">
                Secure Log In
            </div>
            <form action="includes/login.php" method="post" enctype="multipart/form-data">
                <div class="ordertext">
                    To continue with your order, please log in using the form below. Alternatively if you don't have an account, please <u><a href="registerform.php">click here</a></u> to register one.
                </div>
                <div class="goldquantity">
                    E-mail Address<br />
                    <input type="text" class="forminput" name="email" value="" required="required">
                </div>
                <div class="totalcost">
                    Password<br />
                    <input type="password" class="forminput" name="password" value="" required="required">
                </div>

                <div class="clear">
                </div>
                <input class="continue" type="submit" value="" />
            </form>
        </div>
    </div>
</div>

root/includes/login.php

PHP:

<?php
    session_start();
    include('config.php');
    include('functions.php');

     
    $email = clean($_POST['email']);
    $passwordb = clean($_POST['password']);
    $invoiceid = $_GET['invoiceid'];
    
    $password = passwordenc($email, $passwordb);


    mysql_query("UPDATE orders SET email = '$email' WHERE invoiceid = '$invoiceid'") or die(mysql_error());

    $qry = "SELECT * FROM users WHERE email = '$email' AND password = '".$password."'";
    $result = mysql_query($qry);
    
    if($result) {
        if(mysql_num_rows($result) == 1) {
            session_regenerate_id();
            $get = mysql_fetch_assoc($result);
            $_SESSION['SESS_MEMBER_ID'] = $get['id'];
            $_SESSION['SESS_NAME'] = $get['email'];
            session_write_close();
            header("location: ../idupload.php");
            exit();
        }else {
            header("location: ../loginform.php");
            exit();
        }
    }else {
        header("location: ../idupload.php");
    }

?>

TimeBomb · Aug 3, 2012

FYI to anyone who may have similar troubles - I talked with Mike and got his issue solved.

He needed to pass the GET parameter from orderform.php to loginform.php, and pass the GET from loginform.html to login.php - the form action URL.
Note that I also recommended that he renames loginform.html to loginform.html.php for security purposes. If someone finds and is able to access loginform.html.php via URL, then they will get some minor PHP errors rather than PHP source code.

[PHP] Simple way to Update

Mike

Canadian

TimeBomb

Moderator

Mike

Canadian

TimeBomb

Moderator

Mike

Canadian

TimeBomb

Moderator

Mike

Canadian

TimeBomb

Moderator

Mike

Canadian

TimeBomb

Moderator

About Us

Online statistics

Forum statistics

RaGEZONE Sponsor