Please let me know what i am doing wrong here


#1

Hello Friends,

So I am trying to installing a script today. The installation wizard works well for first 2 steps but when it comes to enter the database details page and i enter the correct database details it shows 500 error message. I didn't understand what is going wrong here as according to the script documentation i have also made config.php file writable "777" but still its showing the error. Can you please have a look at the code and may be you can find out any error in this code and what is wrong here.

<?php
error_reporting(0);
if(!isset($_SESSION)) session_start();

if($_SESSION['install_step']<2)
header("Location: requirements.php");

$host = "";

$username = "";

$password = "";

$database = "";

$error = "";

$config_error = "";


function SplitSQL($file, $delimiter = ';')
{

$lines = file($file);
// Loop through each line
foreach ($lines as $line)
{
// Skip it if it's a comment
if (substr($line, 0, 2) == '--' || $line == '')
    continue;

// Add this line to the current segment
$templine .= $line;
// If it has a semicolon at the end, it's the end of the query
if (substr(trim($line), -1, 1) == ';')
{
    // Perform the query
    mysql_query($templine);
    // Reset temp variable to empty
    $templine = '';
}

}

}


if(!is_writable('../config/config.php'))
$config_error = "../config/config.php is not Writeable Please CHMOD 777";
	
if(isset($_POST['submit'])) {

	if($_SESSION['csrf'] != $_POST['csrf'])
		$error = "Error Try Again";
	
	if($error=="") {
	$host = $_POST['host'];
	
	$username = $_POST['username'];
	
	$password = $_POST['password'];
	
	$database = $_POST['database'];
	
	$connection = mysql_connect($host, $username, $password);
	
	if(!mysql_select_db($database,$connection))
	$error = "Invalid Details : Unable to Connect To Database";
	}
	
	if($error=="") {
	
			$connection = mysql_connect($host, $username, $password);
		
			mysql_select_db($database,$connection);
		
			$sql_filename = "./sql/db.sql";
		
			$sql_contents = SplitSQL($sql_filename);
		
			$config_sample_path = '../config/config.sample';
			
			$data = file_get_contents($config_sample_path);
			
			$data = str_replace("dbname",$database,$data);
			
			$data = str_replace("dbhost",$host,$data);
			
			$data = str_replace("dbuser",$username,$data);
			
			$data = str_replace("dbpass",$password,$data);
			
			$config_path = '../config/config.php';
			
			file_put_contents($config_path, $data);
			
			$_SESSION['install_step']=3;
	}
}
$key = sha1(microtime());

$_SESSION['csrf'] = $key;
?>
<!DOCTYPE html>
<html lang="en">
	<head>
		<meta charset="utf-8">
		<title>Database Details - Installation Wizard</title>
		<meta name="viewport" content="width=device-width, initial-scale=1">
		<link rel="shortcut icon" href="../style/images/favicon.png">
		<link href="style/css/bootstrap.min.css" rel="stylesheet">
		<link href="style/css/font-awesome.min.css" rel="stylesheet">
		<link href="style/css/style.css" rel="stylesheet">
		<script src="style/js/bootstrap.min.js"></script>
	</head>

	<body>
		<div class="hidden-xs">
			<div class="logo">
				<img src="style/images/logo.png">
			</div>
			<div class="sub-logo">
				Php Web Lists Script
			</div>
		</div>
		<div class="visible-xs logo-sm">
			<img src="style/images/logo-sm.png">
		</div>
		  
		<div class="container">
			<div class="row">
				<div class="col-xs-12 col-sm-3 col-md-3 col-lg-3">
					<ul class="list-group">
					  <li class="list-group-item"><i class="fa fa-smile-o"></i> Welcome</li>
					  <li class="list-group-item"><i class="fa fa-cogs"></i> Server Requirements</li>
					  <li class="list-group-item active"><i class="fa fa-list-alt"></i> Database Details</li>
					  <li class="list-group-item"><i class="fa fa-book"></i> Website Details</li>
					  <li class="list-group-item"><i class="fa fa-thumbs-up"></i> Finish</li>
					</ul>
					<div class="hidden-xs hidden-sm">
					  <center>All Rights Reserved <a href="http://www.nexthon.com">Nexthon.com</center>
					  </a>
					</div>
				</div>
				<form action="./database.php" method="post">
					<div class="col-xs-12 col-sm-9 col-md-9 col-lg-9">
						<div class="panel panel-default">
							<div class="panel-heading">
								<strong><i class="fa fa-list-alt"></i> Database Details</strong>
								<div class="pull-right"><span class="badge badge-warning">Step 3</span>
								</div>
							</div>
							<div class="panel-body">
								<p>
								<b>Enter database details below</b>
								<?php if($config_error!="") { ?>
								
									<div class="alert alert-danger">
										<i class="fa fa-times-circle"></i> 
										<?php echo($config_error) ?>
									</div>
									
								<?php }	else if($error && isset($_POST['host'])) { ?>
								
									<div class="alert alert-danger">
										<i class="fa fa-times-circle"></i> 
										<?php echo($error) ?>
									</div>
								
								<?php } else {
								
									if(isset($_POST['host'])) {	?>
									
										<div class="alert alert-success">
											<i class="fa fa-check-square"></i> 
											Database Details Added Please Wait ...
										</div>
										
										<?php echo ('<META HTTP-EQUIV="Refresh" Content="2; URL=website.php?' . time() . '">'); 
										
									}
								}
								?>
									  <div class="input-group">
										<span class="input-group-addon">Database Server</span>
										<input name="host" type="text" class="form-control" placeholder="eg. localhost" required>
									  </div>
									  <br />
									  <div class="input-group">
										<span class="input-group-addon">Database Name</span>
										<input name="database" type="text" class="form-control" placeholder="Enter Database Name" required>
									  </div>
									  <br />
									  <div class="input-group">
										<span class="input-group-addon">Database Username</span>
										<input name="username" type="text" class="form-control" placeholder="Enter Database Username" required>
									  </div>
									  <br />
									  <div class="input-group">
										<span class="input-group-addon">Password</span>
										<input name="password" type="password" class="form-control" placeholder="Enter Password" required>
									  </div>
								  </p>
								  <input type="hidden" name="csrf" value="<?php echo $key; ?>" />
								  <br />
								  <?php if($config_error=="") { ?>
								  <p>
									<button type="submit" name="submit" class="btn btn-primary btn-lg">Next</button>
								  </p>
								  <?php } else { ?>
									<a class="btn btn-success btn-lg" onClick="window.location.reload()">Refresh</a>
								  <?php } ?>
							  </div>
						</div>
					</div>
				</form>
			</div>
		</div>
	</body>
</html>

Please help me in this :slight_smile:


#2

The mysql_* methods no longer exist in current versions of PHP. You should be using mysqli_* or better still PDO. I don't know if this is the problem here, but it something you need to look at.


#3

Hello :slight_smile: So you mean to say i need to change all mysql_ to mysqli_ ?


#4

Mass replacing mysql_* to mysqli_* won't work. You need to understand how mysqli_* works before you start mass replacing mysql_* functions. Simply adding an "i" won't work. You'll probably break it even more. Some mysql_* functions don't exist in mysqli_*.


#5

Unless the file is outside of the root, and even then, you want to not set permissions to 777. Personally, I would not use any script that has that as a requirement even if only temporary before locking it down let alone permanently.

If you do set the permissions as 777 for goodness sake change them back as soon as you can.


#6

You used to use 777 but nower days it can be 755; from memory it depends on the way the server is setup.

Sorry that was folder permissions


#7

Yes I know the issue of 777 i have changed it after testing and its now on 644 again :slight_smile: I just love to test scripts and learn


#8

ohh ok but i just checked another script on the same server it has also mysql and not mysqli but that script was installed without any issue but don't know why this script has this issue.


#9

Try temporarily changing the 0 to -1
error_reporting(0);


#10

STOP WHAT YOU ARE DOING RIGHT NOW!!!!!!!

Toss this script in the trash. It is dangerous, old code that has been completely removed from Php.


#11

not working i think this script is a garbage :slight_smile: Going to delete it from my server. Anyway thank you for your kind help :slight_smile:


#12

yes you are right going to remove it from my server. :slight_smile:


#13

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.