views:

189

answers:

1

Hello everyone, I am making a database, which will interact with a SQL table.

What I have achieved so far:

  • Add rows to the table.
  • Delete rows from the table.
  • Search rows from the table.
  • Paginate the results.

What I need to achieve:

  • A log in prompt when a guest tries to access the page.

In fact, I have successfully installed a log in script for it, but it seems to not work properly, here is the error:

Fatal error: Allowed memory size of 25165824 bytes exhausted (tried to allocate 77824 bytes) in /home/vol3/byethost12.com/b12_3598660/htdocs/coordbase/database.php on line 238

Now that I do not have permission to allow more memory from my host, I would need a way around this. I have already tried separating the file into multiple pages, but it seems that it still tried to allocate the same amount of bytes.

Here is the file:

<?php
require_once('db.php'); // for database details
ini_set('display_errors',1);
error_reporting (E_ALL ^ E_NOTICE);
require('../include/session.php');
if (!$session->isMember())
{
    header("../resources.php");
}
else
{
    $self = $_SERVER['PHP_SELF']; //the $self variable equals this file
    $ipaddress = ("$_SERVER[REMOTE_ADDR]"); //the $ipaddress var equals users IP
    $connect = mysql_connect($host,$username,$password) or die('<p class="error">Unable to connect to the database server at this time.</p>');
    mysql_select_db($database,$connect) or die('<p class="error">Unable to connect to the database at this time.</p>');

require('../include/header.php');//Page Header

if($_GET['cmd'] == "delete")
{
      echo "<center><h1>Delete</h1></center>";

            if(isset($_POST['delete'])) {
      $time = date("Y-m-d H:i:s");

      $queryc = "DELETE FROM coords WHERE id=".$_GET['id'].";";
      $resultc = mysql_unbuffered_query("$queryc") or die("Could not delete the selected base from the database at this time, please try again later.");
      $sqls = "INSERT INTO reports SET ip='$ipaddress', date='$time';";
      //run the query. if it fails, display error
      $report = mysql_unbuffered_query("$sqls") or die("Could not add report to the database, but the base has been deleted successfully.");



      echo "<center>The selected base has been deleted from the database successfully!<br>
         <a href=http://www.teamdelta.byethost12.com/coordbase/database.php&gt;Back to Main</a><br><br>
         <font color=\"red\"><b>YOUR IP HAS BEEN LOGGED. ABUSE OF THIS SYSTEM WILL RESULT IN AN IP BAN!</b></font></center>";

      }
      else
      {


     $queryd = "SELECT * FROM coords WHERE id=".$_GET['id'].";";
        $resultf = mysql_unbuffered_query("$queryd") or die('<p class="error">There was an unexpected error grabbing the base from the database.</p>');

        ?>
        <center>
        <table>
        <table width="83%" border="1">
        <tr>
        <td ><b>Tag</b></td>
        <td ><b>Guild</b></td>
     <td ><b>Player</b></td>
     <td ><b>Base</b></td>
     <td ><b>Location</b></td>
     <td ><b>Econ</b></td>
     <td ><b>Comments</b></td>
     </tr>
<?php
        while ($rowa = mysql_fetch_array($resultf)) {

                        $id = stripslashes($rowa['id']);
                        $tag = stripslashes($rowa['tag']);
                        $guild = stripslashes($rowa['guild']);
                        $name = stripslashes($rowa['name']);
                        $base = stripslashes($rowa['base']);
                        $location = stripslashes($rowa['location']);
                        $comment = stripslashes($rowa['comment']);
                        $id = stripslashes($rowa['id']);
                        $econ = stripslashes($rowa['econ']);
                        $maxecon = stripslashes($rowa['maxecon']);

                        echo('<tr><center><td>['.$tag.']</td><td>'.$guild.'</td><td>'.$name.'</td><td>'.$base.'</td><td><a href="http://delta.astroempires.com/map.aspx?loc='.$location.'"&gt;'.$location.'&lt;/a&gt;&lt;/td&gt;&lt;td&gt;'.$econ.'/'.$maxecon.'&lt;/td&gt;&lt;td&gt;'.$comment.'&lt;/td&gt;&lt;/center&gt;&lt;/tr&gt;');
                        }
?>
</table>
</table>
<b>Are you sure you wish to delete the selected base?</b>
<br>
<input type="button" value="Cancel" id="button1" name="button1"onclick="window.location.href='database.php';">
<form action="<?php $self ?>" name="deletefrm" method="post" align="right" valign="bottom" onsubmit="return validate();">
Confirm Delete<input type=checkbox name="confirm"><input type="submit" name="delete" value="Delete" />
</form>
</center>
<br>
<center><font color="red"><b>YOUR IP WILL BE LOGGED. ABUSE OF THIS SYSTEM WILL RESULT IN AN IP BAN!</b></font></center>

<?php
}
}
else
{
if(isset($_POST['add'])) {
?>
    <tr>
     <td style="background: url(http://www.teamdelta.byethost12.com/barbg.jpg) repeat-x top;">
      <center><b><font color="#F3EC84">»Info«</font></b></center>
     </td>
    </tr>
    <tr><!--info content-->
     <td style="background: #222222;">
<?php
   //fetch data
   $data = strip_tags(mysql_real_escape_string($_POST['list']));
   $comment = strip_tags(mysql_real_escape_string($_POST['comment']));

   $data_lines = explode( "\\r\\n", $data );
   $comment_lines = explode("\\r\\n", $comment);

   for($i=0;$i<count($data_lines);$i++)
   {

      $data_fields = explode( ",", $data_lines[$i]);

      $time = time();
      $queryb = "INSERT INTO coords SET
        tag='{$data_fields[0]}',
        guild='{$data_fields[1]}',
        name='{$data_fields[2]}',
        base='{$data_fields[3]}',
        econ='{$data_fields[5]}',
        maxecon='{$data_fields[6]}',
        location='{$data_fields[4]}',
        comment='{$comment_lines[$i]}',
        ipaddress='$ipaddress' ,
        date='$time';";


      // if it succeeds, display message
      if (mysql_unbuffered_query($queryb))
      {
         echo('<p class="success">Successful posting of ['.$data_fields[3].']!</p>');
      }
      else
      {
         echo('<p class="error">Error could not post ['.$data_fields[3].'] to database!</p>');
      }
   }//end for loop
}//end if $_POST['add'] statement
?>


<?php

if (isset($_GET['cmd']) == "add"){
?>



<!--start inputbox-->
<center><table width="100%">
       <tr>
        <td style="background: url(http://www.teamdelta.byethost12.com/barbg.jpg) repeat-x top;">
         <center><b><font color="#F3EC84">»Add«</font></b></center>
        </td>
       </tr>
       <tr>
        <td style="background: #222222;"><!-- at the bottom of the page, we display our comment form -->
         <form action="<?php $self ?>" method="post" onsubmit="return valid(this)">
          <table width="100%" border ="0" valign="top">
           <tr>
            <td>
             List:
            </td>
            <td align="left">
             <textarea name="list" rows="10" cols="70"></textarea>
            </td>
            <td valign="top">
             <font color="red"><b>[Post list arranged like so!]</b></font><br>
             <br>
             E.G:<br>
             <br>
             (tag),(guild),(player,(base),(coordinates),(econ),(maxecon)<br>
             ~TD~,~Team Delta~,DarkLink,Base1,D03:56:21:11,101,101<br>
             FARM,Guild896,player 5,Base #3,D69:62:89:10,98,135<br>
            </td>
           </tr>
           </tr>
            <td>
            Comment:
            </td>
            <td>
             <textarea name="comment" rows="10" cols="70"></textarea>
            </td>
            <td>
            <font color="red"><b>[Post comments on a new line for each base!]</b></font><br>
             E.G "PS 10/10 PR 10/10"<br>
              "PR 5/5 DT 10/10"
            </td>
            <td>
            <td>
            </td>
            <td valign="bottom" align="right">
             <p>
              <input type="submit" name="add" value="Add" />
             </p>
            </td>
           </tr>
          </table>
         </form>
         <a href="database.php">Back to Main</a>
        </td>
      </tr>
</table></center>
     <!--end input box-->

<?php
}
else
{
if (isset($_GET['search']) == "do"){
$title = "<center><h1>Results</h1>";


$search = stripslashes($_GET['searchterm']);
$asearch = trim($search);
$bsearch = strip_tags($asearch);
$csearch = mysql_real_escape_string($bsearch);


$types = "types of search";

switch ($_GET['type']){
case 'name':
$types = "name";
break;

case 'tag':
$types = "tag";
break;

case 'guild':
$types = "guild";
break;

default:
$types = "";
echo "<center><b>Please select a search type before continuing! You are being redirected, please wait.<br>
<a href=\"database.php\">Click here</a>, if you do not wish to wait.</b></center>";
header("Refresh: 5; url=http://www.teamdelta.byethost12.com/coordbase/database.php");
exit;
break;
}


      $querya = "SELECT * FROM coords WHERE `{$types}` LIKE '%{$csearch}%' ORDER BY `{$types}`;";
      $result = mysql_unbuffered_query("$querya") or die("There was an error.<br/>" . mysql_error() . "<br />SQL Was: {$querya}");

      if (mysql_num_rows($result) < 1) {
         echo $title;
         echo "<b><center>We are sorry to announce that the search term provided: \"{$search}\", yielded no results. <br>"
            ."<hr>"
            ."<a href=\"database.php\">New Search</a></center></b>";
         exit;
      }else {
        echo $title;

?>
<b>for "<?php echo $search;?>".</b>
<hr>

        <table>
        <table width="83%" border="1">
        <tr>
        <td ><b>Tag</b></td>
        <td ><b>Guild</b></td>
     <td ><b>Player</b></td>
     <td ><b>Base</b></td>
     <td ><b>Location</b></td>
     <td ><b>Econ</b></td>
     <td ><b>Comments</b></td>
     <td ><b>Delete</b></td>
     </tr>

<?php


      while ($row = mysql_fetch_array($result)) {

                        $id = stripslashes($row['id']);
                        $tag = stripslashes($row['tag']);
                        $guild = stripslashes($row['guild']);
                        $name = stripslashes($row['name']);
                        $base = stripslashes($row['base']);
                        $location = stripslashes($row['location']);
                        $comment = stripslashes($row['comment']);
                        $id = stripslashes($row['id']);
                        $econ = stripslashes($row['econ']);
                        $maxecon = stripslashes($row['maxecon']);

                        echo('<tr><center><td>['.$tag.']</td><td>'.$guild.'</td><td>'.$name.'</td><td>'.$base.'</td><td><a href="http://delta.astroempires.com/map.aspx?loc='.$location.'"&gt;'.$location.'&lt;/a&gt;&lt;/td&gt;&lt;td&gt;'.$econ.'/'.$maxecon.'&lt;/td&gt;&lt;td&gt;'.$comment.'&lt;/td&gt;&lt;td&gt;&lt;a href=database.php?id='.$id.'&cmd=delete>Delete</a></td></center></tr>');
                        }

echo "<a href=\"database.php\">New Search</a>";
?>
</table>
</table>
<?php
   }
    }
else{

// find out how many rows are in the table
$sql = "SELECT COUNT(*) FROM coords";
$result = mysql_unbuffered_query($sql, $connect) or trigger_error("SQL", E_USER_ERROR);
$r = mysql_fetch_row($result);
$numrows = $r[0];

// number of rows to show per page
$rowsperpage = 10;
// find out total pages
$totalpages = ceil($numrows / $rowsperpage);

// get the current page or set a default
if (isset($_GET['currentpage']) && is_numeric($_GET['currentpage'])) {
   // cast var as int
   $currentpage = (int) $_GET['currentpage'];
} else {
   // default page num
   $currentpage = 1;
} // end if

// if current page is greater than total pages...
if ($currentpage > $totalpages) {
   // set current page to last page
   $currentpage = $totalpages;
} // end if
// if current page is less than first page...
if ($currentpage < 1) {
   // set current page to first page
   $currentpage = 1;
} // end if

// the offset of the list, based on current page
$offset = ($currentpage - 1) * $rowsperpage;
?>
</center>



       <!--start inputbox-->
       <center>
       <table width="83%">
       <tr>
        <td style="background: url(http://www.teamdelta.byethost12.com/barbg.jpg) repeat-x top;">
         <center><b><font color="#F3EC84">»Search«</font></b></center>
        </td>
       </tr>
       <tr>
        <td style="background: #222222;"><!-- at the bottom of the page, we display our comment form -->
         <form method="GET" action="<?php echo $_SERVER['PHP_SELF'];?>" name="searchForm" onsubmit="return valid(this)">
          <table border ="0" width="100%">
           <tr>

            <td><center>
             Search For: <input type="text" name="searchterm">
             Player <input type="radio" name="type" value="name" checked> |
             Guild Tag <input type="radio" name="type" value="tag"> |
             Guild Name <input type="radio" name="type" value="guild">
             <input type="hidden" name="search" value="do">
                <input type="submit" value="Search">
                &nbsp;&nbsp; <a href="database.php?cmd=add">Add new bases</a>
           </tr>
                                    </center>
            </td>
           </tr>
         </form>
        </td>
      </tr>
      </table>
      </center>
      <!--end input box-->
     <hr>
        <center>
        <table>
        <table width="83%" border="1">
        <tr>
        <td ><b>Tag</b></td>
        <td ><b>Guild</b></td>
     <td ><b>Player</b></td>
     <td ><b>Base</b></td>
     <td ><b>Location</b></td>
     <td ><b>Econ</b></td>
     <td ><b>Comments</b></td>
     <td ><b>Delete</b></td>
     </tr>
<?php
    $query = "SELECT * FROM coords ORDER BY `tag` ASC LIMIT $offset, $rowsperpage;";
    $result = mysql_unbuffered_query("$query") or die('<p class="error">There was an unexpected error grabbing routes from the database.</p>');

        // while we still have rows from the db, display them
        while ($row = mysql_fetch_array($result)) {

         $id = stripslashes($row['id']);
                        $tag = stripslashes($row['tag']);
                        $guild = stripslashes($row['guild']);
                        $name = stripslashes($row['name']);
                        $base = stripslashes($row['base']);
                        $location = stripslashes($row['location']);
                        $comment = stripslashes($row['comment']);
                        $id = stripslashes($row['id']);
                        $econ = stripslashes($row['econ']);
                        $maxecon = stripslashes($row['maxecon']);

                        echo('<tr><center><td>['.$tag.']</td><td>'.$guild.'</td><td>'.$name.'</td><td>'.$base.'</td><td><a href="http://delta.astroempires.com/map.aspx?loc='.$location.'"&gt;'.$location.'&lt;/a&gt;&lt;/td&gt;&lt;td&gt;'.$econ.'/'.$maxecon.'&lt;/td&gt;&lt;td&gt;'.$comment.'&lt;/td&gt;&lt;td&gt;&lt;a href=database.php?id='.$id.'&cmd=delete>Delete</a></td></center></tr>');
                        }

?>
</table>
</table>
<?php

/******  build the pagination links ******/
// range of num links to show
$range = 3;

// if not on page 1, don't show back links
if ($currentpage > 1) {
   // show << link to go back to page 1
   echo " <a href='{$_SERVER['PHP_SELF']}?currentpage=1'><<</a> ";
   // get previous page num
   $prevpage = $currentpage - 1;
   // show < link to go back to 1 page
   echo " <a href='{$_SERVER['PHP_SELF']}?currentpage=$prevpage'><</a> ";
} // end if

// loop to show links to range of pages around current page
for ($x = ($currentpage - $range); $x < (($currentpage + $range) + 1); $x++) {
   // if it's a valid page number...
   if (($x > 0) && ($x <= $totalpages)) {
      // if we're on current page...
      if ($x == $currentpage) {
         // 'highlight' it but don't make a link
         echo " [<b>$x</b>] ";
      // if not current page...
      } else {
         // make it a link
         echo " <a href='{$_SERVER['PHP_SELF']}?currentpage=$x'>$x</a> ";
      } // end else
   } // end if
} // end for

// if not on last page, show forward and last page links
if ($currentpage != $totalpages) {
   // get next page
   $nextpage = $currentpage + 1;
    // echo forward link for next page
   echo " <a href='{$_SERVER['PHP_SELF']}?currentpage=$nextpage'>></a> ";
   // echo forward link for lastpage
   echo " <a href='{$_SERVER['PHP_SELF']}?currentpage=$totalpages'>>></a> ";
} // end if
/****** end build pagination links ******/


}//end else of search
}//end else of add
}//end else of delete
?>
</center>
<?php
require('../include/footer.php');//Page footer
}
?>

This would be around line 238:

<?php
   //fetch data
   $data = strip_tags(mysql_real_escape_string($_POST['list']));
   $comment = strip_tags(mysql_real_escape_string($_POST['comment']));

   $data_lines = explode( "\\r\\n", $data );
   $comment_lines = explode("\\r\\n", $comment);

   for($i=0;$i<count($data_lines);$i++)
   {

      $data_fields = explode( ",", $data_lines[$i]);

      $time = time();
      $queryb = "INSERT INTO coords SET
        tag='{$data_fields[0]}',
        guild='{$data_fields[1]}',
        name='{$data_fields[2]}',
        base='{$data_fields[3]}',
        econ='{$data_fields[5]}',
        maxecon='{$data_fields[6]}',
        location='{$data_fields[4]}',
        comment='{$comment_lines[$i]}',
        ipaddress='$ipaddress' ,
        date='$time';";


      // if it succeeds, display message
      if (mysql_unbuffered_query($queryb))
      {
         echo('<p class="success">Successful posting of ['.$data_fields[3].']!</p>');
      }
      else
      {
         echo('<p class="error">Error could not post ['.$data_fields[3].'] to database!</p>');
      }
   }//end for loop
}//end if $_POST['add'] statement
?>

I have noticed that the memory exceeds the limit when I include session.php to my file. The problem is that I need that file for my log in prompt to work.

Thank you, help is appreciated.

A: 

Check for recursions, this code cannot possibly exhaust memory. Try adding echo's around the code.

Cem Kalyoncu