SQL Error
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1
in C:\www\htdocs\tracker\takeupload.php, line 196
it was working then went to error not sure why any information would be grateful
function bark($msg) {
genbark($msg, "Upload failed!");
}
loggedinorreturn();
if ($CURUSER["uploadpos"] == 'no')
die;
foreach(explode(":","descr:type:name") as $v) {
if (!isset($_POST[$v]))
bark("missing form data");
}
if (!empty($_POST['poster']))
$poster = unesc($_POST['poster']);
if (!isset($_FILES["file"]))
bark("missing form data");
$f = $_FILES["file"];
$fname = unesc($f["name"]);
if (empty($fname))
bark("Empty filename!");
$nfofile = $_FILES['nfo'];
if ($nfofile['name'] != '')
{
if ($nfofile['size'] == 0)
bark("0-byte NFO");
if ($nfofile['size'] > 65535)
bark("NFO is too big! Max 65,535 bytes.");
$nfofilename = $nfofile['tmp_name'];
if (@!is_uploaded_file($nfofilename))
bark("NFO upload failed");
}
$descr = unesc($_POST["descr"]);
if (!$descr)
bark("You must enter a description!");
$catid = (0 + $_POST["type"]);
if (!is_valid_id($catid))
bark("You must select a category to put the torrent in!");
if (!validfilename($fname))
bark("Invalid filename!");
if (!preg_match('/^(.+)\.torrent$/si', $fname, $matches))
bark("Invalid filename (not a .torrent).");
$shortfname = $torrent = $matches[1];
if (!empty($_POST["name"]))
$torrent = unesc($_POST["name"]);
$tmpname = $f["tmp_name"];
if (!is_uploaded_file($tmpname))
bark("eek");
if (!filesize($tmpname))
bark("Empty file!");
$dict = bdec_file($tmpname, $max_torrent_size);
if (!isset($dict))
bark("What the hell did you upload? This is not a bencoded file!");
function dict_check($d, $s) {
if ($d["type"] != "dictionary")
bark("not a dictionary");
$a = explode(":", $s);
$dd = $d["value"];
$ret = array();
foreach ($a as $k) {
unset($t);
if (preg_match('/^(.*)\((.*)\)$/', $k, $m)) {
$k = $m[1];
$t = $m[2];
}
if (!isset($dd[$k]))
bark("dictionary is missing key(s)");
if (isset($t)) {
if ($dd[$k]["type"] != $t)
bark("invalid entry in dictionary");
$ret[] = $dd[$k]["value"];
}
else
$ret[] = $dd[$k];
}
return $ret;
}
function dict_get($d, $k, $t) {
if ($d["type"] != "dictionary")
bark("not a dictionary");
$dd = $d["value"];
if (!isset($dd[$k]))
return;
$v = $dd[$k];
if ($v["type"] != $t)
bark("invalid dictionary entry type");
return $v["value"];
}
if ($CURUSER["advertisename"]=='yes'){
write_log("Torrent $id ($torrent) was uploaded by Anonymous");
}
else
{
write_log("Torrent $id ($torrent) was uploaded by $CURUSER[username]");
}
//===notify people who voted on offer thanks CoLdFuSiOn :)
if (isset($_POST['offer'])) {
$res = mysql_query("SELECT `userid` FROM `offervotes` WHERE `userid` != " . $CURUSER["id"] . " AND `offerid` = ". ($_POST['offer'] + 0)) or sqlerr(__FILE__, __LINE__);
$pn_msg = "The Offer you voted for: \"$torrent\" was uploaded by " . $CURUSER["username"] . ".\nYou can Download the Torrent here";
$some_variable = '';
while($row = mysql_fetch_assoc($res)) {
//=== use this if you DO have subject in your PMs
$some_variable .= "(0, 0, 'Offer $torrent was just uploaded', $row[userid], '" . get_date_time() . "', " . sqlesc($pn_msg) . ")";
//=== use this if you DO NOT have subject in your PMs
//$some_variable .= "(0, 0, $row[userid], '" . get_date_time() . "', " . sqlesc($pn_msg) . ")";
}
//=== use this if you DO have subject in your PMs
mysql_query("INSERT INTO messages (poster, sender, subject, receiver, added, msg) VALUES ".$some_variable."") or sqlerr(__FILE__, __LINE__);
//=== use this if you do NOT have subject in your PMs
//mysql_query("INSERT INTO messages (poster, sender, receiver, added, msg) VALUES ".$some_variable."") or sqlerr(__FILE__, __LINE__);
//===end
//=== delete all offer stuff
@mysql_query("DELETE FROM `offers` WHERE `id` = ". ($_POST['offer'] + 0));
@mysql_query("DELETE FROM `offervotes` WHERE `offerid` = ". ($_POST['offer'] + 0));
@mysql_query("DELETE FROM `comments` WHERE `offer` = ". ($_POST['offer'] + 0). "");
}
//=== end notify people who voted on offer
$res = mysql_query("SELECT name FROM categories WHERE id=$catid") or sqlerr();
$arr = mysql_fetch_assoc($res);
$cat = $arr["name"];
$res = mysql_query("SELECT email FROM users WHERE enabled='yes' AND notifs LIKE '%[cat$catid]%'") or sqlerr();
$uploader = $CURUSER['username'];
You can use the URL below to download the torrent (you may have to login).
$DEFAULTBASEURL/details.php?id=$id&hit=1
--
$SITENAME
EOD;
$to = "";
$nmax = 100; // Max recipients per message
$nthis = 0;
$ntotal = 0;
$total = mysql_num_rows($res);
while ($arr = mysql_fetch_row($res))
{
if ($nthis == 0)
$to = $arr[0];
else
$to .= "," . $arr[0];
++$nthis;
++$ntotal;
if ($nthis == $nmax || $ntotal == $total)
{
if (!mail("Multiple recipients <$SITEEMAIL>", "New torrent - $torrent", $body,
"From: $SITEEMAIL\r\nBcc: $to", "-f$SITEEMAIL"))
stderr("Error", "Your torrent has been been uploaded. DO NOT RELOAD THE PAGE!\n" .
"There was however a problem delivering the e-mail notifcations.\n" .
"Please let an administrator know about this error!\n");
$nthis = 0;
}
}
*******************/
SQL Error
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1
in C:\www\htdocs\tracker\takeupload.php, line 196
it was working then went to error not sure why any information would be grateful
function bark($msg) {
genbark($msg, "Upload failed!");
}
loggedinorreturn();
if ($CURUSER["uploadpos"] == 'no')
die;
foreach(explode(":","descr:type:name") as $v) {
if (!isset($_POST[$v]))
bark("missing form data");
}
if (!empty($_POST['poster']))
$poster = unesc($_POST['poster']);
if (!isset($_FILES["file"]))
bark("missing form data");
$f = $_FILES["file"];
$fname = unesc($f["name"]);
if (empty($fname))
bark("Empty filename!");
$nfofile = $_FILES['nfo'];
if ($nfofile['name'] != '')
{
if ($nfofile['size'] == 0)
bark("0-byte NFO");
if ($nfofile['size'] > 65535)
bark("NFO is too big! Max 65,535 bytes.");
$nfofilename = $nfofile['tmp_name'];
if (@!is_uploaded_file($nfofilename))
bark("NFO upload failed");
}
$descr = unesc($_POST["descr"]);
if (!$descr)
bark("You must enter a description!");
$catid = (0 + $_POST["type"]);
if (!is_valid_id($catid))
bark("You must select a category to put the torrent in!");
if (!validfilename($fname))
bark("Invalid filename!");
if (!preg_match('/^(.+)\.torrent$/si', $fname, $matches))
bark("Invalid filename (not a .torrent).");
$shortfname = $torrent = $matches[1];
if (!empty($_POST["name"]))
$torrent = unesc($_POST["name"]);
$tmpname = $f["tmp_name"];
if (!is_uploaded_file($tmpname))
bark("eek");
if (!filesize($tmpname))
bark("Empty file!");
$dict = bdec_file($tmpname, $max_torrent_size);
if (!isset($dict))
bark("What the hell did you upload? This is not a bencoded file!");
function dict_check($d, $s) {
if ($d["type"] != "dictionary")
bark("not a dictionary");
$a = explode(":", $s);
$dd = $d["value"];
$ret = array();
foreach ($a as $k) {
unset($t);
if (preg_match('/^(.*)\((.*)\)$/', $k, $m)) {
$k = $m[1];
$t = $m[2];
}
if (!isset($dd[$k]))
bark("dictionary is missing key(s)");
if (isset($t)) {
if ($dd[$k]["type"] != $t)
bark("invalid entry in dictionary");
$ret[] = $dd[$k]["value"];
}
else
$ret[] = $dd[$k];
}
return $ret;
}
function dict_get($d, $k, $t) {
if ($d["type"] != "dictionary")
bark("not a dictionary");
$dd = $d["value"];
if (!isset($dd[$k]))
return;
$v = $dd[$k];
if ($v["type"] != $t)
bark("invalid dictionary entry type");
return $v["value"];
}
if ($CURUSER["advertisename"]=='yes'){
write_log("Torrent $id ($torrent) was uploaded by Anonymous");
}
else
{
write_log("Torrent $id ($torrent) was uploaded by $CURUSER[username]");
}
//===notify people who voted on offer thanks CoLdFuSiOn :)
if (isset($_POST['offer'])) {
$res = mysql_query("SELECT `userid` FROM `offervotes` WHERE `userid` != " . $CURUSER["id"] . " AND `offerid` = ". ($_POST['offer'] + 0)) or sqlerr(__FILE__, __LINE__);
$pn_msg = "The Offer you voted for: \"$torrent\" was uploaded by " . $CURUSER["username"] . ".\nYou can Download the Torrent here";
$some_variable = '';
while($row = mysql_fetch_assoc($res)) {
//=== use this if you DO have subject in your PMs
$some_variable .= "(0, 0, 'Offer $torrent was just uploaded', $row[userid], '" . get_date_time() . "', " . sqlesc($pn_msg) . ")";
//=== use this if you DO NOT have subject in your PMs
//$some_variable .= "(0, 0, $row[userid], '" . get_date_time() . "', " . sqlesc($pn_msg) . ")";
}
//=== use this if you DO have subject in your PMs
mysql_query("INSERT INTO messages (poster, sender, subject, receiver, added, msg) VALUES ".$some_variable."") or sqlerr(__FILE__, __LINE__);
//=== use this if you do NOT have subject in your PMs
//mysql_query("INSERT INTO messages (poster, sender, receiver, added, msg) VALUES ".$some_variable."") or sqlerr(__FILE__, __LINE__);
//===end
//=== delete all offer stuff
@mysql_query("DELETE FROM `offers` WHERE `id` = ". ($_POST['offer'] + 0));
@mysql_query("DELETE FROM `offervotes` WHERE `offerid` = ". ($_POST['offer'] + 0));
@mysql_query("DELETE FROM `comments` WHERE `offer` = ". ($_POST['offer'] + 0). "");
}
//=== end notify people who voted on offer
$res = mysql_query("SELECT name FROM categories WHERE id=$catid") or sqlerr();
$arr = mysql_fetch_assoc($res);
$cat = $arr["name"];
$res = mysql_query("SELECT email FROM users WHERE enabled='yes' AND notifs LIKE '%[cat$catid]%'") or sqlerr();
$uploader = $CURUSER['username'];
You can use the URL below to download the torrent (you may have to login).
$DEFAULTBASEURL/details.php?id=$id&hit=1
--
$SITENAME
EOD;
$to = "";
$nmax = 100; // Max recipients per message
$nthis = 0;
$ntotal = 0;
$total = mysql_num_rows($res);
while ($arr = mysql_fetch_row($res))
{
if ($nthis == 0)
$to = $arr[0];
else
$to .= "," . $arr[0];
++$nthis;
++$ntotal;
if ($nthis == $nmax || $ntotal == $total)
{
if (!mail("Multiple recipients <$SITEEMAIL>", "New torrent - $torrent", $body,
"From: $SITEEMAIL\r\nBcc: $to", "-f$SITEEMAIL"))
stderr("Error", "Your torrent has been been uploaded. DO NOT RELOAD THE PAGE!\n" .
"There was however a problem delivering the e-mail notifcations.\n" .
"Please let an administrator know about this error!\n");
$nthis = 0;
}
}
*******************/
There is nothing wrong to the codes above. I had some sql probs though in my source and download.php was not working. After detailed study i found out bugs at php 5.x version. I upgraded to latest php and everything worked fine. Just upgrade to latest php and mysql.