This code gives me unexpected } on the last bracket. I spent some time fixing structure. I originally had code in the wrong blocks. I took every bit of code out of that first i statement and put it baack in, collapsing blocks along the way. Just when I had it collapsing perfect I put it back in my editor and had a new error. I added a semicolon somwhere, but eneded up with this recent error. The original error that I'm trying to fix is making it so date and encounter don't fire simutaneously. That's what that first if structure is for. If minimalCategory = '' post date, else encounter. if($_POST['minimalCategory'] === '') { /////////////////// //Process dating// ///////////////// $form = "true"; // set upgrade time $priority = (isset($_POST['priority']) ? $_POST['priority'] : false); $sponsored = (isset($_POST['sponsored']) ? $_POST['sponsored'] : false); $textAd = (isset($_POST['textAd'])? $_POST[' $textAd'] : false); // set upgrade time $priorityTime = ($priority)? $_POST['priorityTime'] : 0; $sponsorTime = ($sponsored)? $_POST['sponsorTime'] : 0; $textAdTime = ($textAd)? $_POST['textAdTime'] : 0; $forwardEmails = (isset($_POST['forwardEmails']) ? $_POST['forwardEmails'] : 'no'); $ip = $_SERVER['REMOTE_ADDR']; foreach($ipKeys as $key => $val) { if(getenv($val)) { $ip = getenv($val); }else{ $ip = 'Uknown'; } } $postDate = date('d-m-Y'); // Test required data for empty // proper video $validator->validate($_POST, 'dates'); // test if emails match $validator->validate_emails($_POST, 'dates'); // test count if no token present. if(!isset($_POST['listingToken'])) { // Test similar posts // test post count if(isset($_SESSION['id'])) { // test for registered $user = new cUser; $user->set_userID($_SESSION['id']); try{ $sqlSimilar = $db->prepare("SELECT `id` FROM `dates` WHERE `dateTitle` = ? AND `userName` = ?"); $sqlSimilar->execute(array($_POST['dateTitle'], $user->return_username())); if($sqlSimilar->rowCount() > 0) { $errors = "Can't post duplicate ads"; } }catch(\PDOException $e){ } // test count try{ $sqlCount = $db->prepare("SELECT `id` FROM `dates` WHERE `userName` = ?"); $sqlCount->execute(array($user->return_username())); if($sqlCount->rowCount() > 10) { $errors = '10 listings per category without unlimited account.'; } }catch(\PDOException $e){ } }else{ // test for guest // test similar $sqlSimilar = $db->prepare("SELECT `id` FROM `dates` WHERE `dateTitle` = ? AND `ip` = ?"); try{ $sqlSimilar->execute(array($_POST['dateTitle'], $ip)); if($sqlSimilar->rowCount() > 0) { $errors = "Can't post duplicate ads"; } }catch(\PDOException $e){ } // Test count $sqlCount = $db->prepare("SELECT `id` FROM `dates` WHERE `ip` = ?"); try{ $sqlCount->execute(array($ip)); if($sqlCount->rowCount() > 4){ $errors = "4 listings per category as guest."; } }catch(\PDOException $e){ } // end of test similar, count } // end of if !isset($listingToken) find duplicates and count } // no errors, move images if($errors == "" && $validator->return_error() == '') { $uploader->upload($_FILES); } $images = $uploader->return_images(); if(!isset($_POST['listingToken'])) { // insert the listing into db for user or guest if(isset($_SESSION['id'])) { // insert date listing for user. try{ $country = $_POST['country']; $province = $_POST['province']; $city = $_POST['city']; $sqlInsertDate = $db->prepare("INSERT INTO `dates`(`userName`, `country`, " ."`province`, `city`,`dateCategory`, `dateTitle`, `dateDescription`, `idealFirstDate`, " ."`email`, `forwardEmails`, `image1`, `image2`, `image3`, `image4`, `video1`, `video2`, " ."`video3`, `attentive`, `considerate`, `devoted`, `reliable`, `aggressive`, `rude`, " ."`mean`, `moody`, `priorityTime`, `sponsorTime`, `textAdTime`, `postDate`, " ."`ip`, `paid`, `live`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?," ." ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"); $sqlInsertDate->execute(array($user->return_username(), $_POST['country'], $_POST['province'], $_POST['city'] , $_POST['subCategory'], $_POST['dateTitle'], $_POST['dateDescription'], $_POST['idealFirstDate'] , $_POST['dateEmail'], $forwardEmails, $images[0], $images[1], $images[2], $images[3], $_POST['video1'], $_POST['video2'], $_POST['video3'], $_POST['attentive'] , $_POST['considerate'], $_POST['devoted'], $_POST['reliable'], $_POST['aggressive'] , $_POST['rude'], $_POST['mean'], $_POST['moody'], $priorityTime , $sponsorTime, $textAdTime, $postDate, $ip, 'no', 'no')); $listingID = $db->lastInsertId(); $listingToken = mcrypt_create_iv(12); $listingToken = md5($listingToken . $listingID); $tokenInserted = false; while(!$tokenInserted) { try{ $sqlTestToken = $db->prepare("SELECT `listingToken` FROM `dates` WHERE`listingToken` = ?"); $retrievedToken = $sqlTestToken->fetch(); if($sqlTestToken->rowCount() == 0) { try{ $sqlInsertToken = $db->prepare("UPDATE `dates` SET `listingToken`= ? WHERE `id` = ?"); $sqlInsertToken->execute(array($listingToken, $listingID)); $tokenInserted = true; break; }catch(\PDOException $e){} } }catch(\PDOException $e){ } $listingToken = mcrypt_create_iv(12); $listingToken = md5($listingToken . $listingID); } }catch(\PDOException $e){} // end of isset $_SESSION['id']; } }else{ // insert date listing for guest try{ $sqlInsertDate = $db->prepare("INSERT INTO `dates`(`userName`, `country`, " ."`province`, `city`, `dateCategory`, `dateTitle`, `dateDescription`, `idealFirstDate`, `email`, `forwardEmails`, " ."`image1`, `image2`, `image3`, `image4`, `video1`, `video2`, `video3`, `attentive`, " ."`considerate`, `devoted`, `reliable`, `aggressive`, `rude`, `mean`, `moody`, " ."`priorityTime`, `sponsorTime`, `textAdTime`, `postDate`, " ."`ip`, `paid`, `live`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?," ." ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"); $sqlInsertDate->execute(array('guest', $_POST['country'], $_POST['province'], $_POST['city'] , $_POST['subCategory'], $_POST['dateTitle'], $_POST['dateDescription'], $_POST['idealFirstDate'] , $_POST['dateEmail'], $forwardEmails, $images[0], $images[1], $images[2], $images[3], $_POST['video1'], $_POST['video2'], $_POST['video3'], $_POST['attentive'] , $_POST['considerate'], $_POST['devoted'], $_POST['reliable'], $_POST['aggressive'] , $_POST['rude'], $_POST['mean'], $_POST['moody'], $priorityTime , $sponsorTime, $textAdTime, $postDate, $ip, 'no', 'no')); $listingID = $db->lastInsertId(); $listingToken = mcrypt_create_iv(12); $listingToken = md5($listingToken . $listingID); $tokenInserted = false; while(!$tokenInserted) { try{ $sqlTestToken = $db->prepare("SELECT `listingToken` FROM `dates` WHERE `listingToken` = ?"); $retrievedToken = $sqlTestToken->fetch(); if($sqlTestToken->rowCount() == 0) { try{ $sqlInsertToken = $db->prepare("UPDATE `dates` SET `listingToken`= ? WHERE `id` = ?"); $sqlInsertToken->execute(array($listingToken, $listingID)); $tokenInserted = true; break; }catch(\PDOException $e){} } }catch(\PDOException $e){ } $listingToken = mcrypt_create_iv(12); $listingToken = md5($listingToken . $listingID); } }catch(\PDOException $e){ } // end of insert date as guest. } // end of !isset listingToken }else{ // listing token set if($errors == 'Can\'t post duplicate ads') { $errors = ''; } //find tokenTable // update listing at table by token. $tokenTable = ''; $listingToken = $_POST['listingToken']; try{ $sqlCheckDates = $db->prepare("SELECT `listingToken` FROM `dates` WHERE `listingToken` = ?"); $sqlCheckDates->execute(array($listingToken)); if($sqlCheckDates->rowCount() > 0) { $tokenTable = 'dates'; } }catch(\PDOException $e){} if($tokenTable != '') { //update listing at token switch($tokenTable) { case "dates": try{ $sqlEditListing = $db->prepare("UPDATE `dates` SET `country`= ?,`province`= ?,`city`= ?" .",`dateTitle`= ?,`dateDescription`= ?,`idealFirstDate` = ? , `email`= ?,`forwardEmails`= ?,`image1`= ?, " ."`image2`= ?,`image3`= ?,`image4`= ?,`video1`= ?,`video2`= ?,`video3`= ?,`attentive`= ?" .",`considerate`= ?,`devoted`= ?,`reliable`= ?,`aggressive`= ?,`rude`= ?,`mean`= ?, " ."`moody`= ?,`priorityTime`= ?,`sponsorTime`= ?,`textAdTime`= ?,`listingToken`= ?, " ."`postDate`= ?,`ip`= ?,`paid`= ?,`live`= ? WHERE `listingToken` = ?"); $sqlEditListing->execute(array($_POST['country'], $_POST['province'], $_POST['city'] , $_POST['subCategory'], $_POST['dateTitle'], $_POST['dateDescription'], $_POST['idealFirstDate'] , $_POST['dateEmail'], $forwardEmails, $_POST['image1'], $images[0], $images[1], $images[2], $images[3], $_POST['video1'], $_POST['video2'], $_POST['video3'], $_POST['attentive'] , $_POST['considerate'], $_POST['devoted'], $_POST['reliable'], $_POST['aggressive'] , $_POST['rude'], $_POST['mean'], $_POST['moody'], $priorityTime , $sponsorTime, $textAdTime, $postDate, $ip, 'no', 'no', $listingToken)); }catch(\PDOException $e){ } break; // end update listing by table switch. } }else{ // missmatched token error. } // end of update date at listingToken } // return to pay form if upgrades add else return to preview ad form if($errors == '') { if($priority || $sponsored || $textAd) { // go to form for payment echo 'Please wait...'; // echo '<META HTTP-EQUIV="Refresh" Content="0; URL=../../../postad.php?listingtoken='.urlencode($listingToken).'&payment=true">'; }elseif(!$priority && !$sponsored && !$textAd){ // go to preview ad echo 'Please wait...'; // echo '<META HTTP-EQUIV="Refresh" Content="0; URL=../../../listing.php?listingtoken='.urlencode($listingToken).'&preview=true">'; } }else{ // return to form with error. echo 'Please wait...'; // echo '<META HTTP-EQUIV="Refresh" Content="0; URL=../../../postad.php?&listingtoken='.urlencode($listingToken).'&maincategory='.$mainCategory.'&subcategory='.$subCategory.'&minimalcategory='.$minimalCategory.'&country='.$country.'&city='.$city.'&province='.$province.'&form=true&error='.urlencode($errors).'">'; } // end of listing token set. } // end date }else{ // encounter ///////////////////// //Process encounter// ///////////////////// // Collect info from post $form = "true"; $food = (isset($_POST['food']) ? 'yes' : 'on'); $feet = (isset($_POST['feet']) ? 'yes' : 'no'); $spanking = (isset($_POST['spanking']) ? 'yes' : 'no'); $bondage = (isset($_POST['bondage']) ? 'yes' : 'no'); $roleplay = (isset($_POST['roleplay']) ? 'yes' : 'no'); $domination = (isset($_POST['domination']) ? 'yes' : 'no'); $swining = (isset($_POST['swinging']) ? 'yes' : 'no'); $crossDressing = (isset($_POST['crossDressing']) ? 'yes' : 'no'); $forwardEmails = (isset($_POST['forwardEmails']) ? $_POST['forwardEmails'] : 'no'); $priority = (isset($_POST['priority']) ? $_POST['priority'] : false); $sponsored = (isset($_POST['sponsored']) ? $_POST['sponsored'] : false); $textAd = (isset($_POST['textAd'])? $_POST[' $textAd'] : false); // set upgrade time $priorityTime = ($priority)? $_POST['priorityTime'] : 0; $sponsorTime = ($sponsored)? $_POST['sponsorTime'] : 0; $textAdTime = ($textAdTime)? $_POST['textAdTime'] : 0; $ip = $_SERVER['REMOTE_ADDR']; foreach($ipKeys as $key => $val) { if(getenv($val)) { $ip = getenv($val); }else{ $ip = 'Uknown'; } } $postDate = date('d-m-Y'); // Test required data for empty $validator->validate($_POST, 'encounters'); // test if emails match $validator->validate_emails($_POST, 'encounters'); // Test similar posts // test post count if(isset($_SESSION['id'])) { // test for registered $user = new cUser; $user->set_userID($_SESSION['id']); try{ $sqlSimilar = $db->prepare("SELECT `id` FROM `encounters` WHERE `encounterTitle` = ? AND `userName` = ?"); $sqlSimilar->execute(array($_POST['encounterTitle'], $user->return_username())); if($sqlSimilar->rowCount() > 0) { $errors = "Can't post duplicate ads"; } }catch(\PDOException $e){ } // test count try{ $sqlCount = $db->prepare("SELECT `id` FROM `encounters` WHERE `userName` = ?"); $sqlCount->execute(array($user->return_username())); if($sqlCount->rowCount() > 10) { $errors = '10 listings per category without unlimited account.'; } }catch(\PDOException $e){ } // end test similar, count, for user.s }else{ // test for guest // test similar $sqlSimilar = $db->prepare("SELECT `id` FROM `encounters` WHERE `encounterTitle` = ? AND `ip` = ?"); try{ $sqlSimilar->execute(array($_POST['encounterTitle'], $ip)); if($sqlSimilar->rowCount() > 0) { $errors = "Can't post duplicate ads"; } }catch(\PDOException $e){ } // Test count $sqlCount = $db->prepare("SELECT `id` FROM `encounters` WHERE `ip` = ?"); try{ $sqlCount->execute(array($ip)); if($sqlCount->rowCount() > 4){ $errors = "4 listings per category as guest."; } }catch(\PDOException $e){ } // end of test similar, count for guest } // end of if !isset($listingToken) find duplicates and count } // no errors, move images // test images for errors. // upload images. if($errors == "" && $validator->return_error() == '') { $uploader->upload($_FILES); } $images = $uploader->return_images(); // update images if(!isset($_POST['listingToken'])) { // insert the listing into db for user or guest if(isset($_SESSION['id'])) { // insert encounter listing for user. try{ $country = $_POST['country']; $province = $_POST['province']; $city = $_POST['city']; $sqlInsertEncounter = $db->prepare("INSERT INTO `encounters`(`userName`, `country`, " ."`province`, `city`, `encounterCategory`, `encounterTitle`, `encounterDescription`, " ."`email`, `forwardEmails`, `image1`, `image2`, `image3`, `image4`, `video1`, " ."`video2`, `video3`, `food`, `feet`, `spanking`, `bondage`, `roleplay`, `domination`, " ."`swinging`, `crossDressing`, `priorityTime`, `sponsorTime`, `textAdTime`,`live`, `paid`, " ."`ip`, `postDate`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?" .", ?, ?, ? , ?, ?, ?, ?, ?, ?)"); $sqlInsertEncounter->execute(array($user->return_username(), $_POST['country'] , $_POST['province'], $_POST['city'], $_POST['subCategory'], $_POST['encounterTitle'] , $_POST['encounterDescription'], $_POST['encounterEmail'], $forwardEmails , $images[0], $images[1], $images[2], $images[3], $_POST['video1'] , $_POST['video2'], $_POST['video3'], $food, $feet , $spanking, $bondage, $roleplay, $domination, $swinging, $crossDressing , $priorityTime, $sponsorTime, $textAdTime,'no', 'no', $ip, $postDate)); $listingID = $db->lastInsertId(); $listingToken = mcrypt_create_iv(12); $listingToken = md5($listingToken . $listingID); $tokenInserted = false; while(!$tokenInserted) { try{ $sqlTestToken = $db->prepare("SELECT `listingToken` FROM `encounters` WHERE `listingToken` = ?"); $retrievedToken = $sqlTestToken->fetch(); if($sqlTestToken->rowCount() == 0) { try{ $sqlInsertToken = $db->prepare("UPDATE `encounters` SET `listingToken`= ? WHERE `id` = ?"); $sqlInsertToken->execute(array($listingToken, $listingID)); $tokenInserted = true; break; }catch(\PDOException $e){} } }catch(\PDOException $e){ } $listingToken = mcrypt_create_iv(12); $listingToken = md5($listingToken . $listingID); } }catch(\PDOException $e){} // end of isset $_SESSION['id']; }else{ // insert encounter listing for guest try{ $sqlInsertEncounter = $db->prepare("INSERT INTO `encounters`(`userName`, `country`, " ."`province`, `city`, `encounterCategory`, `encounterTitle`, `encounterDescription`, " ."`email`, `forwardEmails`, `image1`, `image2`, `image3`, `image4`, `video1`, " ."`video2`, `video3`, `food`, `feet`, `spanking`, `bondage`, `roleplay`, " ."`domination`, `swinging`, `crossDressing`,`priorityTime`, `sponsorTime`, " ."`textAdTime`, `live`, `paid`, `ip`, `postDate`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, " ."?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ? , ?, ?, ?, ?, ?, ?)"); $sqlInsertEncounter->execute(array('guest', $_POST['country'] , $_POST['province'], $_POST['city'], $_POST['subCategory'], $_POST['encounterTitle'] , $_POST['encounterDescription'], $_POST['encounterEmail'], $forwardEmails , $images[0], $images[1], $images[2], $images[3], $_POST['video1'] , $_POST['video2'], $_POST['video3'], $food, $feet , $spanking, $bondage, $roleplay, $domination, $swinging, $crossDressing , $priorityTime, $sponsorTime, $textAdTime,'no', 'no', $ip, $postDate)); $listingID = $db->lastInsertId(); $listingToken = mcrypt_create_iv(12); $listingToken = md5($listingToken . $listingID); $tokenInserted = false; while(!$tokenInserted) { try{ $sqlTestToken = $db->prepare("SELECT `listingToken` FROM `encounters` WHERE `listingToken` = ?"); $retrievedToken = $sqlTestToken->fetch(); if($sqlTestToken->rowCount() == 0) { try{ $sqlInsertToken = $db->prepare("UPDATE `encounters` SET `listingToken`= ? WHERE `id` = ?"); $sqlInsertToken->execute(array($listingToken, $listingID)); $tokenInserted = true; break; }catch(\PDOException $e){} } }catch(\PDOException $e){ } $listingToken = mcrypt_create_iv(12); $listingToken = md5($listingToken . $listingID); } }catch(\PDOException $e){ } // end of insert encounter as guest. } // end of !isset listingToken }else{ if($errors == 'Can\'t post duplicate ads') { $errors = ''; } //find tokenTable // update listing at table by token. $tokenTable = ''; $listingToken = $_POST['listingToken']; try{ $sqlCheckEncounters = $db->prepare("SELECT `listingToken` FROM `encounters` WHERE `listingToken` = ?"); $sqlCheckEncounters->execute(array($listingToken)); if($sqlCheckEncounters->rowCount() > 0) { $tokenTable = 'encounters'; } }catch(\PDOException $e){} if($tokenTable != '') { //update listing at token switch($tokenTable) { case "encounters": try{ $sqlEditListing = $db->prepare("UPDATE `encounters` SET `country`= ?, `province`= ? " .",`city`= ?,`encounterCategory`= ?,`encounterTitle`= ?,`encounterDescription`= ?, " ."`email`= ?,`forwardEmails`= ?,`image1`= ?,`image2`= ?,`image3`= ?,`image4`= ?, " ."`video1`= ?,`video2`= ?,`video3`= ?,`food`= ?,`feet`= ?,`spanking`= ?,`bondage`= ?" .",`roleplay`= ?,`domination`= ?,`swinging`= ?,`crossDressing`= ?, `priorityTime` = ?, " ."`sponsorTime`=?, `textAdTime`=?,`live`= ?,`paid`= ? ,`ip`= ?,`postDate`= ?," ."`listingToken`= ? WHERE `listingToken` = ?"); $sqlEditListing->execute(array($_POST['country'] , $_POST['province'], $_POST['city'], $_POST['subCategory'], $_POST['encounterTitle'] , $_POST['encounterDescription'], $_POST['encounterEmail'], $forwardEmails , $images[0], $images[1], $images[2], $images[3], $_POST['video1'] , $_POST['video2'], $_POST['video3'], $food, $feet , $spanking, $bondage, $roleplay, $domination, $swinging, $crossDressing , $priorityTime, $sponsorTime, $textAdTime,'no', 'no', $ip, $postDate, $listingToken)); }catch(\PDOException $e){ } break; // end update listing by table switch. } }else{ // missmatched token error. } // end of update encounter at listingToken //end of listing token is set } // return to pay form if upgrades add else return to preview ad form if($errors == '') { if($priority || $sponsored || $textAd) { // go to form for payment echo 'Please wait...'; // echo '<META HTTP-EQUIV="Refresh" Content="0; URL=../../../postad.php?listingtoken='.urlencode($listingToken).'&payment=true">'; }elseif(!$priority && !$sponsored && !$textAd){ // go to preview ad echo 'Please wait...'; /// echo '<META HTTP-EQUIV="Refresh" Content="0; URL=../../../listing.php?listingtoken='.urlencode($listingToken).'&preview=true">'; } }else{ // return to form with error. echo 'Please wait...'; // echo '<META HTTP-EQUIV="Refresh" Content="0; URL=../../../postad.php?&listingtoken='.urlencode($listingToken).'&maincategory='.$mainCategory.'&subcategory='.$subCategory.'&minimalcategory='.$minimalCategory.'&country='.$country.'&city='.$city.'&province='.$province.'&agever=true&form=true&error='.urlencode($errors).'">'; } } // end of processing encounter Code (markup):
Okay... First of, return errors from the queries - what's the point of having a try/catch-block if you're not catching anything? (personally I don't like that part of the structure in PDO, I just run an if/else on the execute bit and return a readable error with a function if there's an error). I suspect there's an error in a query. And, you could probably do some of the checks simultaneously, instead of multiple if/ else blocks.
Hey, The issue isn't a query. The problem is in the structure. I'm getting: ( ! ) Parse error: syntax error, unexpected '}' in C:\wamp\www\gateway\code\php\process_listing.php on line 1499 1499 of the entire block is that last curly bracket.. I'm not having trouble getting data into the db. The problem is which parts of the code was firing, before I tried fixing it.. The structure is supposed to be: if($minimalCategory == '') { // post date here }else{ // post encounter here } Code (markup): The problem I was facing was even though $minimalCategory was blank it was firing date code, plus some of the encounter code. I figured I had messed up curly brackets. I gutted the structure and started putting the code back in the if statement by hand. I thought I had it perfect but ended up getting an unexpected curly brace or some other error. I decided to add a brace somewhere I thought one should be, then got this most recent error..
*headdesk* The error is in the line 283 in the code above (unless that else is the end of the very first IF (the if ($_POST['minimalCategory'] one) - you have an extra } else { there - you should really clean up the code somewhat, and format it properly - then it'll be much easier to notice where there's an extra bit of code - and collapse the {} that belongs together (which will make things like this a lot easier to search for) - as for the catch()-blocks, you're right, they're probably not a part of this problem, but unless you actually put something in there, they're also completely superflous, and you can get rid of the whole try/catch bit alltogether. Same goes for concatenating bits of a query - that is very much not needed, and will slow things down. Another thing - you keep jumping between "" and '' for empty strings, or just encapsulating strings - I suggest sticking to one type (I recommend '') to keep things easier to read, and easier to spot errors. As for a tip for finding the error - I suggest commenting out content from one if/else block at the time (just the content, not the if/else themselves) and see if the error goes away - if it does, you've found the block that contains the error, and if it doesn't, you have an extra or missing if/else-statement
Hey, thanks for the reply. 283 goes with 148. 148 is if(!isset($_POST['listingToken'])). When the user sends the form the first time there is no listing token. The listing goes in the db, listingToken is generated and put in the db. The second time the form is sent there is a listingToken, this is an error fix, it goes to 148 and updates the db at listingToken. I actually tried collapsing code blocks in phpstorm, but it was still confusing. I'll give it a go again. I'lll try commenting out the content, never thought of that. I didn't think the error was inside a block, but rather the blocks them-self. What other suggested would you say could clean up the code. I could try running it through a beautifier, but I can't find one that has a normal structure like this... some of them are really weird. I don't have a tab key either, lol. If you think that code is bad you should see what it's cut down from. The people at Dreamincode gave me a beating, so edited the code down. Check out job as example of how it was case "joblistings": /////////////////////// //Process job listing// /////////////////////// // Collect info from post $mainCategory = $_POST['mainCategory']; $subCategory = $_POST['subCategory']; $minimalCategory = $_POST['minimalCategory']; $country = $_POST['country']; $province = $_POST['province']; $city = $_POST['city']; $form = "true"; $jobTitle = $_POST['jobTitle']; $jobDescription = $_POST['jobDescription']; $jobEducation = $_POST['jobEducation']; $jobWages = $_POST['jobWages']; $email = $_POST['jobEmail']; $email2 = $_POST['jobEmail2']; if(isset($_POST['forwardEmails'])) { $forwardEmails = $_POST['forwardEmails']; }else { $forwardEmails = 'no'; } $images = array(3); $image1 = ""; $image2 = ""; $image3 = ""; $image4 = ""; $uploadedImages = false; $video1 = $_POST['video1']; $video2 = $_POST['video2']; $video3 = $_POST['video3']; if(isset($_POST['priority'])) { $priority = $_POST['priority']; }else{ $priority = false; } if(isset($_POST['sponsored'])) { $sponsored = $_POST['sponsored']; }else{ $sponsored = false; } if(isset($_POST['textAd'])) { $textAd = $_POST['textAd']; }else{ $textAd = false; } // set upgrade time $priorityTime = 0; $sponsorTime = 0; $textAdTime = 0; if($priority) { $priorityTime = $_POST['priorityTime']; } if($sponsored) { $sponsorTime = $_POST['sponsorTime']; } if($textAd) { $textAdTime = $_POST['textAdTime']; } $ip = $_SERVER['REMOTE_ADDR']; if (getenv('HTTP_CLIENT_IP')) { $ip = getenv('HTTP_CLIENT_IP'); } else if(getenv('HTTP_X_FORWARDED_FOR')) { $ip = getenv('HTTP_X_FORWARDED_FOR'); } else if(getenv('HTTP_X_FORWARDED')) { $ip = getenv('HTTP_X_FORWARDED'); } else if(getenv('HTTP_FORWARDED_FOR')) { $ip = getenv('HTTP_FORWARDED_FOR'); } else if(getenv('HTTP_FORWARDED')) { $ip = getenv('HTTP_FORWARDED'); } else if(getenv('REMOTE_ADDR')) { $ip = getenv('REMOTE_ADDR'); } else { $ip = 'UNKNOWN'; } $postDate = date('d-m-Y'); // Test required data for empty $emptyFound = false; foreach($_POST as $key => $val) { if($key == "jobTitle" || $key == "jobDescription" || $key == "jobEducation" || $key == "jobWages" || $key == "jobEmail" || $key == "jobEmail2") { if($val == "") { $emptyFound = true; } } } if($emptyFound){ $errors = "Required field blank"; } // test video files for $videoLinkError = false; foreach($_POST as $key => $val) { if($key == 'video1' || $key == 'video2' || $key == 'video3' ) { if(!ctype_alnum($key)) { $videoLinkError = true; } } } if($videoLinkError){ $errors = "Video link wrong"; } // test if emails match if($email != $email2) { $errors = 'Emails don\'t match'; } // test count if no token present. if(!isset($_POST['listingToken'])) { // Test similar posts // test post count if(isset($_SESSION['id'])) { // test for registered $user = new cUser; $user->set_userID($_SESSION['id']); try{ $sqlSimilar = $db->prepare("SELECT `id` FROM `jobs` WHERE `jobTitle` = ? AND `userName`= ?"); $sqlSimilar->execute(array($jobTitle, $user->return_username())); if($sqlSimilar->rowCount() > 0) { $errors = "Can't post duplicate ads"; } }catch(\PDOException $e){ } // test count try{ $sqlCount = $db->prepare("SELECT `id` FROM `jobs` WHERE `userName` = ?"); $sqlCount->execute(array($user->return_username())); if($sqlCount->rowCount() > 10) { $errors = '10 listings per category without unlimited account.'; } }catch(\PDOException $e){ } }else{ // test for guest // test similar $sqlSimilar = $db->prepare("SELECT `id` FROM `jobs` WHERE `jobTitle` = ? AND `ip` = ?"); try{ $sqlSimilar->execute(array($jobTitle, $ip)); if($sqlSimilar->rowCount() > 0) { $errors = "Can't post duplicate ads"; } }catch(\PDOException $e){ } // Test count $sqlCount = $db->prepare("SELECT `id` FROM `jobs` WHERE `ip` = ?"); try{ $sqlCount->execute(array($ip)); if($sqlCount->rowCount() > 4){ $errors = "4 listings per category as guest."; } }catch(\PDOException $e){ } // end of test similar, count } // end of if !isset($listingToken) find duplicates and count } // no errors, move images if($errors == "") { // test images for errors. // upload images. $upload_directory = '..\..\..\\' . 'guest\images\\'; $upload = new cChip(); $files = $upload->get_upload_var( $_FILES['image'] ); /* |----------------- | Upload File |------------------ */ foreach($files as $file ) { /* |--------------------------- | Upload Inputs |--------------------------- */ $args = array( 'upload_file' => $file, 'upload_directory' => $upload_directory, 'allowed_size' => 512000, 'extension_check' => TRUE, 'upload_overwrite' => FALSE, ); $allowed_extensions = array( /* Archives */ 'zip' => FALSE, '7z' => FALSE, /* Documents */ 'txt' => FALSE, 'pdf' => FALSE, 'doc' => FALSE, 'xls' => FALSE, 'ppt' => FALSE, /* Executables */ 'exe' => FALSE, /* Images */ 'gif' => TRUE, 'png' => TRUE, 'jpg' => TRUE, 'jpeg' => TRUE, /* Audio */ 'mp3' => FALSE, 'wav' => FALSE, /* Video */ 'mpeg' => FALSE, 'mpg' => FALSE, 'mpe' => FALSE, 'mov' => FALSE, 'avi' => FALSE ); /* |--------------------------- | Upload Hook |--------------------------- */ $upload_hook = $upload->get_upload( $args, $allowed_extensions ); /* |--------------------------- | Move File |--------------------------- */ if( $upload_hook['upload_move'] == TRUE ) { // update images array_push($images, $file['name']); /* |--------------------------- | Move File |--------------------------- */ $upload_output[] = $upload->get_upload_move(); //$object->chip_print( $upload_output ); $uploadedImages = true; } } // foreach( $files as $file ) // update images if($uploadedImages) { switch(count($images)) { case 0: break; case 1: $image1 = $images[0]; break; case 2: $image1 = $images[0]; $image2 = $images[1]; break; case 3: $image1 = $images[0]; $image2 = $images[1]; $image3 = $images[2]; break; case 4: $image1 = $images[0]; $image2 = $images[1]; $image3 = $images[2]; $image4 = $images[3]; break; } if(is_numeric($image1)){ $image1 = "";} if(is_numeric($image2)){ $image2 = ""; } if(is_numeric($image3)){ $image3 = ""; } if(is_numeric($image4)){ $image4 = ""; } // end of if uploaded images } // end of if no errors move imgs. } if(!isset($_POST['listingToken'])) { // insert the listing into db depending on user or guest if(isset($_SESSION['id'])) { // insert listing for user. try{ $country = $_POST['country']; $province = $_POST['province']; $city = $_POST['city']; $listingToken = mcrypt_create_iv(12); $sqlInsertJob = $db->prepare("INSERT INTO `jobs`(`userName`, `jobCategory`, `jobTitle`, " ."`jobDescription`, `jobWages`, `jobEducation`, `email`, `forwardEmails`, `image1`, " ."`image2`, `image3`, `image4`, `video1`, `video2`, `video3`, `priorityTime`, " ."`sponsorTime`, `textAdTime`, `postDate`,`country`,`province`,`city`, `ip`, " ."`paid`, `live`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, " ."?, ?, ?, ?, ?)"); $sqlInsertJob->execute(array($user->return_username(), $subCategory, $jobTitle , $jobDescription, $jobWages, $jobEducation, $email, $forwardEmails, $image1, $image2 , $image3, $image4, $video1, $video2, $video3, $priorityTime, $sponsorTime , $textAdTime, $postDate, $country, $province, $city, $ip, 'no', 'no')); $listingID = $db->lastInsertId(); $listingToken = md5($listingToken . $listingID); $tokenInserted = false; while(!$tokenInserted) { try{ $sqlTestToken = $db->prepare("SELECT `listingToken` FROM `jobs` WHERE `listingToken` = ?"); $retrievedToken = $sqlTestToken->fetch(); if($sqlTestToken->rowCount() == 0) { try{ $sqlInsertToken = $db->prepare("UPDATE `jobs` SET `listingToken`= ? WHERE `id` = ?"); $sqlInsertToken->execute(array($listingToken, $listingID)); $tokenInserted = true; break; }catch(\PDOException $e){} } }catch(\PDOException $e){ } $listingToken = mcrypt_create_iv(12); $listingToken = md5($listingToken . $listingID); } }catch(\PDOException $e){} // end of isset $_SESSION['id']; }else{ // insert job listing for guest try{ $listingToken = mcrypt_create_iv(12); $sqlInsertJob = $db->prepare("INSERT INTO `jobs`(`userName`, `jobCategory`, `jobTitle`, " ."`jobDescription`, `jobWages`, `jobEducation`, `email`, `forwardEmails`, `image1`, " ."`image2`, `image3`, `image4`, `video1`, `video2`, `video3`, `priorityTime`, " ."`sponsorTime`, `textAdTime`, `postDate`,`country`,`province`,`city`, `ip`, " ."`paid`, `live`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, " ."?, ?, ?, ?, ?)"); $sqlInsertJob->execute(array('guest', $subCategory, $jobTitle, $jobDescription , $jobWages, $jobEducation, $email, $forwardEmails, $image1, $image2, $image3, $image4 , $video1, $video2, $video3, $priorityTime, $sponsorTime, $textAdTime, $postDate , $country, $province, $city, $ip, 'no', 'no')); $listingID = $db->lastInsertId(); $listingToken = md5($listingToken . $listingID); $tokenInserted = false; while(!$tokenInserted) { try{ $sqlTestToken = $db->prepare("SELECT `listingToken` FROM `jobs` WHERE `listingToken` = ?"); $retrievedToken = $sqlTestToken->fetch(); if($sqlTestToken->rowCount() == 0) { try{ $sqlInsertToken = $db->prepare("UPDATE `jobs` SET `listingToken`= ? WHERE `id` = ?"); $sqlInsertToken->execute(array($listingToken, $listingID)); $tokenInserted = true; break; }catch(\PDOException $e){} } }catch(\PDOException $e){ } $listingToken = mcrypt_create_iv(12); $listingToken = md5($listingToken . $listingID); } }catch(\PDOException $e){ } // end of insert as guest. } // end of !isset listing token }else{ if($errors == 'Can\'t post duplicate ads') { $errors = ''; } //find tokenTable // update listing at table by token. $tokenTable = ''; $listingToken = $_POST['listingToken']; try{ $sqlCheckJobs = $db->prepare("SELECT `listingToken` FROM `jobs` WHERE `listingToken` = ?"); $sqlCheckJobs->execute(array($listingToken)); if($sqlCheckJobs->rowCount() > 0) { $tokenTable = 'jobs'; } }catch(\PDOException $e){} // search other tables if($tokenTable != '') { //update listing at token switch($tokenTable) { case "jobs": try{ $sqlEditListing = $db->prepare("UPDATE `jobs` SET `jobCategory`= ?,`jobTitle`= ?" .", `jobDescription` = ?,`jobWages` = ?,`jobEducation`= ?,`email`= ?,`forwardEmails` = ?" .", `image1`= ?,`image2`= ?,`image3`= ?,`image4`= ?,`video1`= ?,`video2`= ?,`video3`= ?" .", `priorityTime` = ?,`sponsorTime` = ?,`textAdTime` = ?,`postDate` = ?,`country` = ?" .", `city` = ?,`province` = ?,`ip` = ?, `paid` = ?,`live` = ? WHERE `listingToken` = ?"); $sqlEditListing->execute(array($subCategory, $jobTitle, $jobDescription , $jobWages, $jobEducation, $email, $forwardEmails, $image1, $image2, $image3, $image4 , $video1, $video2, $video3, $priorityTime, $sponsorTime, $textAdTime, $postDate , $country, $city, $province, $ip, 'no', 'no', $listingToken)); }catch(\PDOException $e){ } break; // end update listing by table switch. } }else{ // missmatched token error. } } // return to pay form if upgrades add else return to preview ad form if($errors == '') { if($priority || $sponsored || $textAd) { // go to form for payment echo 'Please wait...'; // echo '<META HTTP-EQUIV="Refresh" Content="0; URL=../../../postad.php?listingtoken='.urlencode($listingToken).'&payment=true">'; }elseif(!$priority && !$sponsored && !$textAd){ // go to preview ad echo 'Please wait...'; // echo '<META HTTP-EQUIV="Refresh" Content="0; URL=../../../listing.php?listingtoken='.urlencode($listingToken).'&preview=true">'; } }else{ // return to form with error. echo 'Please wait...'; // echo '<META HTTP-EQUIV="Refresh" Content="0; URL=../../../postad.php?&listingtoken='.urlencode($listingToken).'&maincategory='.$mainCategory.'&subcategory='.$subCategory.'&minimalcategory='.$minimalCategory.'&country='.$country.'&city='.$city.'&province='.$province.'&form=true&error='.urlencode($errors).'">'; } // end of process job listing. break; Code (markup):
Just curious, aside from other clean up tips, what do you mean by concatenating bits of the query.. I thought you had to escape a string with .. to put a variable in there.
I don't understand the curly brace on line 387. I don't think that's needed. Those redirects aren't supposed to be part of a block. They happen if there is no errors, or if there are errors. When I take that out the error shifts to unexpected case... Here's the code beautifued. // ///////////////// // Process dating// // /////////////// $form = 'true'; // set upgrade time $priority = (isset($_POST['priority']) ? $_POST['priority'] : false); $sponsored = (isset($_POST['sponsored']) ? $_POST['sponsored'] : false); $textAd = (isset($_POST['textAd']) ? $_POST[' $textAd'] : false); // set upgrade time $priorityTime = ($priority) ? $_POST['priorityTime'] : 0; $sponsorTime = ($sponsored) ? $_POST['sponsorTime'] : 0; $textAdTime = ($textAd) ? $_POST['textAdTime'] : 0; $forwardEmails = (isset($_POST['forwardEmails']) ? $_POST['forwardEmails'] : 'no'); $ip = $_SERVER['REMOTE_ADDR']; foreach($ipKeys as $key => $val) { if (getenv($val)) { $ip = getenv($val); } else { $ip = 'Uknown'; } } $postDate = date('d-m-Y'); // Test required data for empty // proper video $validator->validate($_POST, 'dates'); // test if emails match $validator->validate_emails($_POST, 'dates'); // test count if no token present. if (!isset($_POST['listingToken'])) { // Test similar posts // test post count if (isset($_SESSION['id'])) { // test for registered $user = new cUser; $user->set_userID($_SESSION['id']); try { $sqlSimilar = $db->prepare('SELECT `id` FROM `dates` WHERE `dateTitle` = ? AND `userName` = ?'); $sqlSimilar->execute(array( $_POST['dateTitle'], $user->return_username() )); if ($sqlSimilar->rowCount() > 0) { $errors = 'Can\'t post duplicate ads'; } } catch(PDOException $e) { } // test count try { $sqlCount = $db->prepare('SELECT `id` FROM `dates` WHERE `userName` = ?'); $sqlCount->execute(array( $user->return_username() )); if ($sqlCount->rowCount() > 10) { $errors = '10 listings per category without unlimited account.'; } } catch(PDOException $e) { } } else { // test for guest // test similar $sqlSimilar = $db->prepare('SELECT `id` FROM `dates` WHERE `dateTitle` = ? AND `ip` = ?'); try { $sqlSimilar->execute(array( $_POST['dateTitle'], $ip )); if ($sqlSimilar->rowCount() > 0) { $errors = "Can't post duplicate ads"; } } catch(PDOException $e) { } // Test count $sqlCount = $db->prepare('SELECT `id` FROM `dates` WHERE `ip` = ?'); try { $sqlCount->execute(array( $ip )); if ($sqlCount->rowCount() > 4) { $errors = '4 listings per category as guest.'; } } catch(PDOException $e) { } // end of test similar, count } // end of if !isset($listingToken) find duplicates and count } // no errors, move images if ($errors == "" && $validator->return_error() == '') { $uploader->upload($_FILES); } $images = $uploader->return_images(); if (!isset($_POST['listingToken'])) { // insert the listing into db for user or guest if (isset($_SESSION['id'])) { // insert date listing for user. try { $country = $_POST['country']; $province = $_POST['province']; $city = $_POST['city']; $sqlInsertDate = $db->prepare('INSERT INTO `dates`(`userName`, `country`, " ."`province`, `city`,`dateCategory`, `dateTitle`, `dateDescription`, `idealFirstDate`, " ."`email`, `forwardEmails`, `image1`, `image2`, `image3`, `image4`, `video1`, `video2`, " ."`video3`, `attentive`, `considerate`, `devoted`, `reliable`, `aggressive`, `rude`, " ."`mean`, `moody`, `priorityTime`, `sponsorTime`, `textAdTime`, `postDate`, " ."`ip`, `paid`, `live`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?," ." ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)'); $sqlInsertDate->execute(array( $user->return_username() , $_POST['country'], $_POST['province'], $_POST['city'], $_POST['subCategory'], $_POST['dateTitle'], $_POST['dateDescription'], $_POST['idealFirstDate'], $_POST['dateEmail'], $forwardEmails, $images[0], $images[1], $images[2], $images[3], $_POST['video1'], $_POST['video2'], $_POST['video3'], $_POST['attentive'], $_POST['considerate'], $_POST['devoted'], $_POST['reliable'], $_POST['aggressive'], $_POST['rude'], $_POST['mean'], $_POST['moody'], $priorityTime, $sponsorTime, $textAdTime, $postDate, $ip, 'no', 'no' )); $listingID = $db->lastInsertId(); $listingToken = mcrypt_create_iv(12); $listingToken = md5($listingToken . $listingID); $tokenInserted = false; while (!$tokenInserted) { try { $sqlTestToken = $db->prepare('SELECT `listingToken` FROM `dates` WHERE`listingToken` = ?'); $retrievedToken = $sqlTestToken->fetch(); if ($sqlTestToken->rowCount() == 0) { try { $sqlInsertToken = $db->prepare('UPDATE `dates` SET `listingToken`= ? WHERE `id` = ?'); $sqlInsertToken->execute(array( $listingToken, $listingID )); $tokenInserted = true; break; } catch(PDOException $e) { } } } catch(PDOException $e) { } $listingToken = mcrypt_create_iv(12); $listingToken = md5($listingToken . $listingID); } } catch(PDOException $e) { } // end of isset $_SESSION['id']; } } else { // insert date listing for guest try { $sqlInsertDate = $db->prepare('INSERT INTO `dates`(`userName`, `country`, " ."`province`, `city`, `dateCategory`, `dateTitle`, `dateDescription`, `idealFirstDate`, `email`, `forwardEmails`, " ."`image1`, `image2`, `image3`, `image4`, `video1`, `video2`, `video3`, `attentive`, " ."`considerate`, `devoted`, `reliable`, `aggressive`, `rude`, `mean`, `moody`, " ."`priorityTime`, `sponsorTime`, `textAdTime`, `postDate`, " ."`ip`, `paid`, `live`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?," ." ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)'); $sqlInsertDate->execute(array( 'guest', $_POST['country'], $_POST['province'], $_POST['city'], $_POST['subCategory'], $_POST['dateTitle'], $_POST['dateDescription'], $_POST['idealFirstDate'], $_POST['dateEmail'], $forwardEmails, $images[0], $images[1], $images[2], $images[3], $_POST['video1'], $_POST['video2'], $_POST['video3'], $_POST['attentive'], $_POST['considerate'], $_POST['devoted'], $_POST['reliable'], $_POST['aggressive'], $_POST['rude'], $_POST['mean'], $_POST['moody'], $priorityTime, $sponsorTime, $textAdTime, $postDate, $ip, 'no', 'no' )); $listingID = $db->lastInsertId(); $listingToken = mcrypt_create_iv(12); $listingToken = md5($listingToken . $listingID); $tokenInserted = false; while (!$tokenInserted) { try { $sqlTestToken = $db->prepare('SELECT `listingToken` FROM `dates` WHERE `listingToken` = ?'); $retrievedToken = $sqlTestToken->fetch(); if ($sqlTestToken->rowCount() == 0) { try { $sqlInsertToken = $db->prepare('UPDATE `dates` SET `listingToken`= ? WHERE `id` = ?'); $sqlInsertToken->execute(array( $listingToken, $listingID )); $tokenInserted = true; break; } catch(PDOException $e) { } } } catch(PDOException $e) { } $listingToken = mcrypt_create_iv(12); $listingToken = md5($listingToken . $listingID); } } catch(PDOException $e) { } // end of insert date as guest. } // end of !isset listingToken } else { // listing token set if ($errors == 'Can\'t post duplicate ads') { $errors = ''; } // find tokenTable // update listing at table by token. $tokenTable = ''; $listingToken = $_POST['listingToken']; try { $sqlCheckDates = $db->prepare('SELECT `listingToken` FROM `dates` WHERE `listingToken` = ?'); $sqlCheckDates->execute(array( $listingToken )); if ($sqlCheckDates->rowCount() > 0) { $tokenTable = 'dates'; } } catch(PDOException $e) { } if ($tokenTable != '') { // update listing at token switch ($tokenTable) { case "dates": try { $sqlEditListing = $db->prepare('UPDATE `dates` SET `country`= ?,`province`= ?,`city`= ?" .",`dateTitle`= ?,`dateDescription`= ?,`idealFirstDate` = ? , `email`= ?,`forwardEmails`= ?,`image1`= ?, " ."`image2`= ?,`image3`= ?,`image4`= ?,`video1`= ?,`video2`= ?,`video3`= ?,`attentive`= ?" .",`considerate`= ?,`devoted`= ?,`reliable`= ?,`aggressive`= ?,`rude`= ?,`mean`= ?, " ."`moody`= ?,`priorityTime`= ?,`sponsorTime`= ?,`textAdTime`= ?,`listingToken`= ?, " ."`postDate`= ?,`ip`= ?,`paid`= ?,`live`= ? WHERE `listingToken` = ?'); $sqlEditListing->execute(array( $_POST['country'], $_POST['province'], $_POST['city'], $_POST['subCategory'], $_POST['dateTitle'], $_POST['dateDescription'], $_POST['idealFirstDate'], $_POST['dateEmail'], $forwardEmails, $_POST['image1'], $images[0], $images[1], $images[2], $images[3], $_POST['video1'], $_POST['video2'], $_POST['video3'], $_POST['attentive'], $_POST['considerate'], $_POST['devoted'], $_POST['reliable'], $_POST['aggressive'], $_POST['rude'], $_POST['mean'], $_POST['moody'], $priorityTime, $sponsorTime, $textAdTime, $postDate, $ip, 'no', 'no', $listingToken )); } catch(PDOException $e) { } break; // end update listing by table switch. } } else { // missmatched token error. } // end of update date at listingToken } // return to pay form if upgrades add else return to preview ad form if ($errors == '') { if ($priority || $sponsored || $textAd) { // go to form for payment echo 'Please wait...'; // echo '<META HTTP-EQUIV="Refresh" Content="0; URL=../../../postad.php?listingtoken='.urlencode($listingToken).'&payment=true">'; } elseif (!$priority && !$sponsored && !$textAd) { // go to preview ad echo 'Please wait...'; // echo '<META HTTP-EQUIV="Refresh" Content="0; URL=../../../listing.php?listingtoken='.urlencode($listingToken).'&preview=true">'; } } else { // return to form with error. echo 'Please wait...'; // echo '<META HTTP-EQUIV="Refresh" Content="0; URL=../../../postad.php?&listingtoken='.urlencode($listingToken).'&maincategory='.$mainCategory.'&subcategory='.$subCategory.'&minimalcategory='.$minimalCategory.'&country='.$country.'&city='.$city.'&province='.$province.'&form=true&error='.urlencode($errors).'">'; } // end date } else { // encounter // /////////////////// // Process encounter// // /////////////////// // Collect info from post $form = "true"; $food = (isset($_POST['food']) ? 'yes' : 'on'); $feet = (isset($_POST['feet']) ? 'yes' : 'no'); $spanking = (isset($_POST['spanking']) ? 'yes' : 'no'); $bondage = (isset($_POST['bondage']) ? 'yes' : 'no'); $roleplay = (isset($_POST['roleplay']) ? 'yes' : 'no'); $domination = (isset($_POST['domination']) ? 'yes' : 'no'); $swining = (isset($_POST['swinging']) ? 'yes' : 'no'); $crossDressing = (isset($_POST['crossDressing']) ? 'yes' : 'no'); $forwardEmails = (isset($_POST['forwardEmails']) ? $_POST['forwardEmails'] : 'no'); $priority = (isset($_POST['priority']) ? $_POST['priority'] : false); $sponsored = (isset($_POST['sponsored']) ? $_POST['sponsored'] : false); $textAd = (isset($_POST['textAd']) ? $_POST[' $textAd'] : false); // set upgrade time $priorityTime = ($priority) ? $_POST['priorityTime'] : 0; $sponsorTime = ($sponsored) ? $_POST['sponsorTime'] : 0; $textAdTime = ($textAdTime) ? $_POST['textAdTime'] : 0; $ip = $_SERVER['REMOTE_ADDR']; foreach($ipKeys as $key => $val) { if (getenv($val)) { $ip = getenv($val); } else { $ip = 'Uknown'; } } $postDate = date('d-m-Y'); // Test required data for empty $validator->validate($_POST, 'encounters'); // test if emails match $validator->validate_emails($_POST, 'encounters'); // Test similar posts // test post count if (isset($_SESSION['id'])) { // test for registered $user = new cUser; $user->set_userID($_SESSION['id']); try { $sqlSimilar = $db->prepare("SELECT `id` FROM `encounters` WHERE `encounterTitle` = ? AND `userName` = ?"); $sqlSimilar->execute(array( $_POST['encounterTitle'], $user->return_username() )); if ($sqlSimilar->rowCount() > 0) { $errors = "Can't post duplicate ads"; } } catch(PDOException $e) { } // test count try { $sqlCount = $db->prepare("SELECT `id` FROM `encounters` WHERE `userName` = ?"); $sqlCount->execute(array( $user->return_username() )); if ($sqlCount->rowCount() > 10) { $errors = '10 listings per category without unlimited account.'; } } catch(PDOException $e) { } // end test similar, count, for user.s } else { // test for guest // test similar $sqlSimilar = $db->prepare("SELECT `id` FROM `encounters` WHERE `encounterTitle` = ? AND `ip` = ?"); try { $sqlSimilar->execute(array( $_POST['encounterTitle'], $ip )); if ($sqlSimilar->rowCount() > 0) { $errors = "Can't post duplicate ads"; } } catch(PDOException $e) { } // Test count $sqlCount = $db->prepare("SELECT `id` FROM `encounters` WHERE `ip` = ?"); try { $sqlCount->execute(array( $ip )); if ($sqlCount->rowCount() > 4) { $errors = "4 listings per category as guest."; } } catch(PDOException $e) { } // end of test similar, count for guest } // end of if !isset($listingToken) find duplicates and count } // no errors, move images // test images for errors. // upload images. if ($errors == "" && $validator->return_error() == '') { $uploader->upload($_FILES); } $images = $uploader->return_images(); // update images if (!isset($_POST['listingToken'])) { // insert the listing into db for user or guest if (isset($_SESSION['id'])) { // insert encounter listing for user. try { $country = $_POST['country']; $province = $_POST['province']; $city = $_POST['city']; $sqlInsertEncounter = $db->prepare("INSERT INTO `encounters`(`userName`, `country`, " . "`province`, `city`, `encounterCategory`, `encounterTitle`, `encounterDescription`, " . "`email`, `forwardEmails`, `image1`, `image2`, `image3`, `image4`, `video1`, " . "`video2`, `video3`, `food`, `feet`, `spanking`, `bondage`, `roleplay`, `domination`, " . "`swinging`, `crossDressing`, `priorityTime`, `sponsorTime`, `textAdTime`,`live`, `paid`, " . "`ip`, `postDate`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?" . ", ?, ?, ? , ?, ?, ?, ?, ?, ?)"); $sqlInsertEncounter->execute(array( $user->return_username() , $_POST['country'], $_POST['province'], $_POST['city'], $_POST['subCategory'], $_POST['encounterTitle'], $_POST['encounterDescription'], $_POST['encounterEmail'], $forwardEmails, $images[0], $images[1], $images[2], $images[3], $_POST['video1'], $_POST['video2'], $_POST['video3'], $food, $feet, $spanking, $bondage, $roleplay, $domination, $swinging, $crossDressing, $priorityTime, $sponsorTime, $textAdTime, 'no', 'no', $ip, $postDate )); $listingID = $db->lastInsertId(); $listingToken = mcrypt_create_iv(12); $listingToken = md5($listingToken . $listingID); $tokenInserted = false; while (!$tokenInserted) { try { $sqlTestToken = $db->prepare("SELECT `listingToken` FROM `encounters` WHERE `listingToken` = ?"); $retrievedToken = $sqlTestToken->fetch(); if ($sqlTestToken->rowCount() == 0) { try { $sqlInsertToken = $db->prepare("UPDATE `encounters` SET `listingToken`= ? WHERE `id` = ?"); $sqlInsertToken->execute(array( $listingToken, $listingID )); $tokenInserted = true; break; } catch(PDOException $e) { } } } catch(PDOException $e) { } $listingToken = mcrypt_create_iv(12); $listingToken = md5($listingToken . $listingID); } } catch(PDOException $e) { } // end of isset $_SESSION['id']; } else { // insert encounter listing for guest try { $sqlInsertEncounter = $db->prepare("INSERT INTO `encounters`(`userName`, `country`, " . "`province`, `city`, `encounterCategory`, `encounterTitle`, `encounterDescription`, " . "`email`, `forwardEmails`, `image1`, `image2`, `image3`, `image4`, `video1`, " . "`video2`, `video3`, `food`, `feet`, `spanking`, `bondage`, `roleplay`, " . "`domination`, `swinging`, `crossDressing`,`priorityTime`, `sponsorTime`, " . "`textAdTime`, `live`, `paid`, `ip`, `postDate`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, " . "?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ? , ?, ?, ?, ?, ?, ?)"); $sqlInsertEncounter->execute(array( 'guest', $_POST['country'], $_POST['province'], $_POST['city'], $_POST['subCategory'], $_POST['encounterTitle'], $_POST['encounterDescription'], $_POST['encounterEmail'], $forwardEmails, $images[0], $images[1], $images[2], $images[3], $_POST['video1'], $_POST['video2'], $_POST['video3'], $food, $feet, $spanking, $bondage, $roleplay, $domination, $swinging, $crossDressing, $priorityTime, $sponsorTime, $textAdTime, 'no', 'no', $ip, $postDate )); $listingID = $db->lastInsertId(); $listingToken = mcrypt_create_iv(12); $listingToken = md5($listingToken . $listingID); $tokenInserted = false; while (!$tokenInserted) { try { $sqlTestToken = $db->prepare("SELECT `listingToken` FROM `encounters` WHERE `listingToken` = ?"); $retrievedToken = $sqlTestToken->fetch(); if ($sqlTestToken->rowCount() == 0) { try { $sqlInsertToken = $db->prepare("UPDATE `encounters` SET `listingToken`= ? WHERE `id` = ?"); $sqlInsertToken->execute(array( $listingToken, $listingID )); $tokenInserted = true; break; } catch(PDOException $e) { } } } catch(PDOException $e) { } $listingToken = mcrypt_create_iv(12); $listingToken = md5($listingToken . $listingID); } } catch(PDOException $e) { } // end of insert encounter as guest. } // end of !isset listingToken } else { if ($errors == 'Can\'t post duplicate ads') { $errors = ''; } // find tokenTable // update listing at table by token. $tokenTable = ''; $listingToken = $_POST['listingToken']; try { $sqlCheckEncounters = $db->prepare("SELECT `listingToken` FROM `encounters` WHERE `listingToken` = ?"); $sqlCheckEncounters->execute(array( $listingToken )); if ($sqlCheckEncounters->rowCount() > 0) { $tokenTable = 'encounters'; } } catch(PDOException $e) { } if ($tokenTable != '') { // update listing at token switch ($tokenTable) { case "encounters": try { $sqlEditListing = $db->prepare("UPDATE `encounters` SET `country`= ?, `province`= ? " . ",`city`= ?,`encounterCategory`= ?,`encounterTitle`= ?,`encounterDescription`= ?, " . "`email`= ?,`forwardEmails`= ?,`image1`= ?,`image2`= ?,`image3`= ?,`image4`= ?, " . "`video1`= ?,`video2`= ?,`video3`= ?,`food`= ?,`feet`= ?,`spanking`= ?,`bondage`= ?" . ",`roleplay`= ?,`domination`= ?,`swinging`= ?,`crossDressing`= ?, `priorityTime` = ?, " . "`sponsorTime`=?, `textAdTime`=?,`live`= ?,`paid`= ? ,`ip`= ?,`postDate`= ?," . "`listingToken`= ? WHERE `listingToken` = ?"); $sqlEditListing->execute(array( $_POST['country'], $_POST['province'], $_POST['city'], $_POST['subCategory'], $_POST['encounterTitle'], $_POST['encounterDescription'], $_POST['encounterEmail'], $forwardEmails, $images[0], $images[1], $images[2], $images[3], $_POST['video1'], $_POST['video2'], $_POST['video3'], $food, $feet, $spanking, $bondage, $roleplay, $domination, $swinging, $crossDressing, $priorityTime, $sponsorTime, $textAdTime, 'no', 'no', $ip, $postDate, $listingToken )); } catch(PDOException $e) { } break; // end update listing by table switch. } } else { // missmatched token error. } // end of update encounter at listingToken // end of listing token is set } // return to pay form if upgrades add else return to preview ad form if ($errors == '') { if ($priority || $sponsored || $textAd) { // go to form for payment echo 'Please wait...'; // echo '<META HTTP-EQUIV="Refresh" Content="0; URL=../../../postad.php?listingtoken='.urlencode($listingToken).'&payment=true">'; } elseif (!$priority && !$sponsored && !$textAd) { // go to preview ad echo 'Please wait...'; // / echo '<META HTTP-EQUIV="Refresh" Content="0; URL=../../../listing.php?listingtoken='.urlencode($listingToken).'&preview=true">'; } } else { // return to form with error. echo 'Please wait...'; // echo '<META HTTP-EQUIV="Refresh" Content="0; URL=../../../postad.php?&listingtoken='.urlencode($listingToken).'&maincategory='.$mainCategory.'&subcategory='.$subCategory.'&minimalcategory='.$minimalCategory.'&country='.$country.'&city='.$city.'&province='.$province.'&agever=true&form=true&error='.urlencode($errors).'">'; } } Code (markup):
You NEVER (okay, a truth with a few exceptions) need to concatinate strings for SQL. You use double quotes for the whole query, and you add single quotes if you put in a variable directly (which it doesn't seem you're doing anyway). There is no need to use "." between arbitrary line breaks in the query, for instance.