Hey Monique, Thank you much for the reply. The code is listed below, wasnt sure
if i should send it in a file or not, security purposes. Database is named
dtrackLog, all tables are present, and if i query from the command line, I can
see the data in the fields that I have previously entered. When attempting to
draw it out, none of it or one field is present. With the code below, I am not
seeing any data at this point. Let me know what you think and where I could
have some issues.
Regards,
dre
<html>
<body>
<?php
$db = mysql_connect("localhost", "root");
mysql_select_db("dtrackLog",$db);
if ($submit) {
// here if no ExID then adding else we're editing
if ($ExID) {
$sql = "UPDATE TL_Exploit SET
LogID='$LogID',OfficialName='$OfficialName',BugTraqID='$BugTraqID',PublishedDate='$PublishedDate',Type='$Type',Range='$Range',Damage='$Damage',OnlineReferences='$OnlineReferences',
SoftwareAffected='$SoftwareAffected',NotVulnerable='$NotVulnerable',Symptoms='$Symptoms',HowTo='$HowTo',ObjectAffected='$ObjectAffected',Discussion='$Discussion',Credits='$Credits',WHERE
ExID=$ExID";
} else {
$sql = "INSERT INTO TL_Exploit (LogID, OfficialName, BugTraqID,
PublishedDate, Type, Range, Damage, OnlineReferences, SoftwareAffected,
NotVulnerable, Symptoms, HowTo, ObjectAffected, Discussion, Credits) VALUES
('$LogID','$OfficalName','$BugTraqID','$PublishedDate','$Type','$Range','$Damage','$OnlineReferences','$SoftwareAffected','$NotVulnerable','$Symptoms','$HowTo','$ObjectAffected','$Discussion','$Credits')";
}
// run SQL against the dtracklog
$result = mysql_query($sql);
echo "Record inserted<p>";
} elseif ($delete) {
// delete a record from dtracklog
$sql = "DELETE FROM TL_Exploit WHERE ExID=$ExID";
$result = mysql_query($sql);
echo "$sql Record deleted!<p>";
} else {
if (!$ExID) {
$result = mysql_query("SELECT * FROM TL_Exploit",$db);
while ($myrow = mysql_fetch_array($result)) {
printf("<a href=\"%s?id=%s\">%s %s</a> \n", $PHP_SELF, $myrow["ExID"],
$myrow["LogID"], $myrow["OfficalName"], $myrow["BugTraqID"],
$myrow["PublishedDate"], $myrow["Type"], $myrow["Range"], $myrow["Damage"],
$myrow["OnlineReferences"], $myrow["SoftwareAffected"],
$myrow["NotVulnerable"], $myrow["Symptoms"], $myrow["HowTo"],
$myrow["ObjectAffected"], $myrow["Discussion"], $myrow["Credits"]);
printf("<a href=\"%s?id=%s&delete=yes\">(DELETE)</a><br>", $PHP_SELF,
$myrow["ExID"]);
}
}
?>
<P>
<a href="<?php echo $PHP_SELF?>">ADD A RECORD</a>
<P>
<form method="post" action="<?php echo $PHP_SELF?>">
<?php
if ($ExID) {
// editing so select a record
$sql = "SELECT * FROM TL_Exploit WHERE ExID=$ExID";
$result = mysql_query($sql);
$myrow = mysql_fetch_array($result);
$ExID = $myrow["ExID"];
$LogID = $myrow["LogID"];
$OfficialName = $myrow["OfficialName"];
$BugTraqID = $myrow["BugTraqID"];
$PublishedDate = $myrow["PublishedDate"];
$Type = $myrow["Type"];
$Range = $myrow["Range"];
$Damage = $myrow["Damage"];
$OnlineReferences = $myrow["OnlineReferences"];
$SoftwareAffected = $myrow["SoftwareAffected"];
$NotVulnerable = $myrow["NotVulnerable"];
$Symptoms = $myrow["Symptoms"];
$HowTo = $myrow["HowTo"];
$ObjectAffected = $myrow["ObjectAffected"];
$Discussion = $myrow["Discussion"];
$Credits = $myrow["Credits"];
// print the ExID for editing
?>
<input type="int(10) unsigned" name="ExID" value="<?php echo $ExID ?>">
<?php
}
?>
Log ID:<input type="Text" name="LogID" value="<?php echo $LogID ?>"><br>
Official Name:<input type="Text" name="OfficialName" value="<?php echo
$OfficialName ?>"><br>
BugTraq ID:<input type="Text" name="BugTraqID" value="<?php echo $BugTraqID
?>"><br>
Published Date:<input type="Text" name="PublishedDate" value="<?php echo
$PublishedDate ?>"><br>
Type:<input type="Text" name="Type" value="<?php echo $Type ?>"><br>
Range:<input type="Text" name="Range" value="<?php echo $Range ?>"><br>
Damage:<input type="Text" name="Damage" value="<?php echo $Damage ?>"><br>
Online References:<input type="Text" name="OnlineReferences" value="<?php echo
$OnlineReferences ?>"><br>
Software Affected:<input type="Text" name="Software Affected" value="<?php
echo $SoftwareAffected ?>"><br>
Not Vulnerable:<input type="Text" name="NotVulnerable" value="<?php echo
$NotVulnerable ?>"><br>
Symptoms:<input type="Text" name="Symptoms" value="<?php echo $Symptoms
?>"><br>
How To:<input type="Text" name="HowTo" value="<?php echo $HowTo ?>"><br>
Object Affected:<input type="Text" name="ObjectAffected" value="<?php echo
$ObjectAffected ?>"><br>
Discussion:<input type="Text" name="Discussion" value="<?php echo $Discussion
?>"><br>
Credits:<input type="Text" name="Credits" value="<?php echo $Credits ?>"><br>
<input type="Submit" name="submit" value="Enter exploit/vulnerablitiy">
</form>
<?php
}
?>
</body>
</html>
Quoting "Monique Y. Herman" <[EMAIL PROTECTED]>:
> On 2004-03-25, [EMAIL PROTECTED] penned:
> > Hi folks,
> >
> > NEWBIE here, I am having issues with pulling data out of several
> > tables in MySQL. I am running debian 3.0.23 with MySQL 3.23.49, I can
> > create the tables and view them through mysqladmin along with the
> > data, put using the webform that I created with PHP4, only some of the
> > fields of data are being displayed. Any idea at where I need to start
> > to look for issues? Does this sould like a DB issue or a code issue
> > with my webform? Any insight would be much appreciated. Thank you.
> >
>
> I would love to see the PHP code where it interacts with the database
> (minus the username and password, of course). Are you doing a "select *
> from" kind of thing?
>
> --
> monique
>
>
> --
> To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> with a subject of "unsubscribe". Trouble? Contact
> [EMAIL PROTECTED]
>
>
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
