Re: mysql problems

"Curtis Maurand" <curtis@xxxxxxxxxxx> · Wed, 11 May 2011 14:25:01 -0400

Marc Guay wrote:
>> Does anyone have any ideas?
> 
> Sounds like it's getting caught in a loop.  Post the whole script
for
> best results.
> 
It looks like the site is
under attack, because I keep seeing the query, "SELECT catagory_parent FROM t_catagories where catagory_ID=" .
$_currentCat"

where $_currentCat is equal to a
value not in the database.  The only way that this can happen is if
the page is called directly without going through the default page.

the script follows.  its called leftNav.php

<?php
include
'media/includes/productDetail.php';

//$username =
"alaric";
$username = "pinetree";
//$password = "password_removed";
$password =
"password_removed";
$hostname = "127.0.0.1";
//$hostname = "www.superseeds.com";

if($_SESSION["u_id"]==""){
$_SESSION["u_id"] = uniqid();
}

//
$_cartTotal="$0.00";
$_cartCount="0";

function tallyCart($_u_id){
    global $username;
    global
$password;
    global $hostname; 
    global $_cartTotal; 
    global
$_cartCount; 

    $dbhandle =
mysql_connect($hostname, $username, $password) 

     or die("Unable to connect to
MySQL");

    $selected =
mysql_select_db("pinetree",$dbhandle) 

  or die("Could not select examples");

    //execute the SQL query and
return records
    $result = mysql_query("SELECT
* from tbl_Cart where u_ID='".$_u_id."'");
    $_holder="";

    $_counter=0;

$_getSubTotal=0;
    $_showCheckOut=0;
    while ($row = mysql_fetch_array($result)) {
        $_showCheckOut=1;
        $_pdetail=new
ProductDetail($row{'product_ID'}, $row{'product_Quantity'}, $_u_id);
         $_getSubTotal +=
$_pdetail->_subTotal;

 $_counter++;
     }

$_cartTotal = "$".number_format($_getSubTotal,2);
    $_cartCount = $_counter;

mysql_close($dbhandle);
}

tallyCart($_SESSION["u_id"]);
?>

<div id="div_cartCall">
    <div id="div_cartCall_head">
    You have <?php echo $_cartCount?> items in your
cart.<br/><br/>
    Cart total: <?php
echo $_cartTotal?>
    </div>
    <div id="div_cartCall_foot">
    <a href="cart.php">&#65533; Go to
cart</a>
    </div>
</div>
<p>

  <?php

//$username = "alaric";
$username = "pinetree";
//$password =
"removed";
$password = "removed";
//$hostname = "127.0.0.1";
$hostname =
"www.superseeds.com";

$_parents = array();  
$counter=0;

if($_GET["cat"]!=""){
    $_parent =$_GET["cat"];
}
else{
    $_parent ="0";
}

$dbhandle2 = mysql_connect($hostname, $username, $password) 
 or die("Unable to connect to MySQL");
//echo
"Connected to MySQL<br>";

//select a database
to work with
$selected =
mysql_select_db("pinetree",$dbhandle2) 
  or
die("Could not select examples");

while ($_parent !="0") {

    $result_2 = mysql_query("SELECT catagory_parent
FROM t_catagories where catagory_ID=" .$_parent);
        $num_rows_2 =
mysql_num_rows($result_2);

if($num_rows_2 > "0")

    {

    while ($row = mysql_fetch_array($result_2)) {

    $_parent= $row{'catagory_parent'};

    $_parents[$counter] = $row{'catagory_parent'};

    $counter++;

    }
        }
    }
    mysql_close($dbhandle2);

function getParent($catID,
$matchingID){

//$username = "alaric";
$username
= "pinetree";
//$password = "removed";
$password = "removed";
//$hostname =
"127.0.0.1";
$hostname = "www.superseeds.com";

$_parent="1";
    $_currentCat=$catID;
    $dbhandle2 = mysql_connect($hostname, $username,
$password) 
     or die("Unable to connect
to MySQL");
    //echo "Connected to
MySQL<br>";

//select a database to work with
    $selected =
mysql_select_db("pinetree",$dbhandle2) 

  or die("Could not select examples");

        while
($_parent !="0") {

    $result_2 = mysql_query("SELECT catagory_parent
FROM t_catagories where catagory_ID=" . $_currentCat);
              while
($row = mysql_fetch_array($result_2)) {

$_parent=$row{'catagory_parent'};

if($row{'catagory_parent'}==$matchingID){

    mysql_close($dbhandle2);

     return true;

             }

}
        }

mysql_close($dbhandle2);
    return false;

}

?>

  <?php

function getRowCount($_catID){

    global
$_parents;
    global $username;
    global $password;
    global
$hostname; 

$dbhandle = mysql_connect($hostname, $username, $password) 
     or die("Unable to connect to
MySQL");

$selected = mysql_select_db("pinetree",$dbhandle) 
      or die("Could not select
examples");

$result = mysql_query("SELECT COUNT(*) as theCount FROM t_catagories
where catagory_parent=".$_catID);

    while ($row = mysql_fetch_array($result)) {

if($row{'theCount'}=="0"){

        mysql_close($dbhandle);
            return
"0";
        }
        else{

        mysql_close($dbhandle);
            return
"".$row{'theCount'};

}
    }
}

function
generateNav($_parent, $_style){

if(getRowCount($_parent)>0){

        global $_parents;
        global $username;
        global $password;
        global $hostname; 

    $dbhandle3 = mysql_connect($hostname, $username,
$password) 
         or
die("Unable to connect to MySQL");

$selected = mysql_select_db("pinetree",$dbhandle3) 
          or die("Could not
select examples");

        //execute the SQL query and return
records

if($_parent!="0"){

    $result = mysql_query("SELECT catagory_ID,
catagory_name, catagory_parent FROM t_catagories where
catagory_parent=".$_parent ." ORDER BY catagory_name");
        }else{

        $result = mysql_query("SELECT
catagory_ID, catagory_name, catagory_parent FROM t_catagories where
catagory_parent=".$_parent);

    }

        //fetch tha data from the database

if($_parent=="0"){

   echo "<div class=\"mainCat\">";
        }else{

        if($_style!=""){

    echo "<div
class=\"dv_leftNavigation_head\"
id=\"div_".$_parent."\"
style=\"display:".$_style."\">";

}else{

        echo "<div
class=\"dv_leftNavigation_head\"
id=\"div_".$_parent."\">";

}
        }

    while ($row = mysql_fetch_array($result)) {

        $_cat_id=$row{'catagory_ID'};

    $_match_2="+";    

foreach($_parents as $id){

        if($id== $_cat_id){

        $_match_2="-";

    }

    }

     if($_cat_id==$_GET["cat"]){

    $_match_2="-";

         }

if($row{'catagory_parent'}=="0"){

               echo
"<div class=\"LeftNav_tab\">";

}else{

if(getRowCount($row{'catagory_ID'})!="0"){

        echo "<div
class=\"dv_leftNavigation\">";

    echo "<input type=\"button\"
value=\"".$_match_2."\"
onClick=\"accordian('div_".$row{'catagory_ID'}."',
this);\" class=\"btnNav\"/>";

    }else{

             echo
"<div class=\"dv_leftNavigation_2\"> ";

    }

       }

           echo "<a
href=\"products.php?cat=" . $_cat_id 
."\">" .
$row{'catagory_name'}."</a>";

          echo
"</div>"; 

    //generateNav($_cat_id);

        $_match=0;    

foreach($_parents as $id){

        if($id== $_cat_id){

generateNav($_cat_id,"");

    $_match=1;

        }

        }

if($_cat_id==$_GET["cat"] && $_match==0){

    generateNav($_cat_id,"");
            }else{

    if($row{'catagory_parent'}!="0"){

generateNav($_cat_id,"none");

            }

}    

          }

if($row{'catagory_parent'}=="0"){

          echo
"</div>"; 

  }else{

    echo "</div>"; 

         }

        //fetch tha data from the database

        //echo "<div
class=\"dv_leftNavigation\">";

        //close the
connection

//mysql_close($dbhandle3);
    }

}
?> 

  <?php
  echo "<div
class=\"div_left\">";

generateNav("0","");
  echo
"</div>";
  ?>
</p>
<div
align="center">
  <p><br />

<br />
  </p>
  <p><a
href="http://www.facebook.com/pages/Pinetree-Garden-Seeds/146880398658578?ref=ts;";
target="_blank"><img
src="images/FacebookBadge.gif" alt="Follow Pinetree Garden
Seeds On Facebook.com" width="144" height="44"
border="0" align="middle" /></a></p>
  <p><a href="http://twitter.com/pinetreeseeds/";
target="_blank"><img
src="images/Twitter_Follow_Me_Icon.jpg" alt="Follow
Pinetree Garden Seeds On Twitter.com" width="115"
height="94" border="0" align="middle"
/></a></p>
</div>

> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 
>