thewicard
Member
- Nov 4, 2011
- 41
- 3
Just a small php for flaws in your database, More will be added if asked for.
Save it as whatever.php, configure it, and enter it through through a browser.
Save it as whatever.php, configure it, and enter it through through a browser.
PHP:
<?php
//Configuration
mysql_connect("localhost","root","password"); //Mysql details
mysql_select_db('dbname'); //Database
$password = "123"; //Your password
//Checks your selection
if (isset($_POST["sjekk"]))
{
$passord = preg_replace('/[^A-Åa-z0-9-b ., c<> d?!]/', '', $_POST['passord']);
if ($passord == $password)
{ $sjekk = preg_replace('/[^0-9]/', '', $_POST['sjekk']); }
else
{ echo "Wrong password.<br><br>"; }
}
if ($sjekk == '')
{
echo '<b>DBChecker v1.00</b><br><br>';
?>
<form method="post">
<input type="radio" name="sjekk" value="1"></input>
User items <font style="color:red;"><b>Heavy</b></font><br>
<input type="radio" name="sjekk" value="2"></input>
Furniture <font style="color:orange;"><b>Average</b></font><br>
<br>Password:<br><input type="password" name="passord"></input><br><br>
<input type="submit" value="Check" class="submit">
</form>
<?php
}
//Checks user items
if ($sjekk == '1')
{
// Checks "items" table
$errors = 0;
$getitems = mysql_query("SELECT DISTINCT base_id FROM items") or die(mysql_error());
while($res = mysql_fetch_array($getitems)){
$getbase = mysql_query('SELECT * FROM items_base WHERE item_id = "'.$res['base_id'].'"');
$base_num = mysql_num_rows($getbase);
if ($base_num == '0')
{
$errors = $errors + 1;
echo "<b>Error!</b> base item ".$res['base_id']." does not exist!<br>";
}
}
echo "<br>Total errors in table 'items': $errors<br><br>";
//Checks "items_users" table (Heavy)
$errors = 0;
$getitems = mysql_query("SELECT * FROM items_users") or die(mysql_error());
while($res = mysql_fetch_array($getitems)){
$getbase = mysql_query('SELECT * FROM items WHERE item_id = "'.$res['item_id'].'"');
$base_num = mysql_num_rows($getbase);
if ($base_num == '0')
{
$errors = $errors + 1;
echo "<b>Error!</b> item ".$res['item_id']." does not exist!<br>";
}
$getbase = mysql_query('SELECT * FROM items WHERE id = "'.$res['item_id'].'" AND placedBy != "'.$res['user_id'].'"');
$base_num = mysql_num_rows($getbase);
if ($base_num == '0')
{
$errors = $errors + 1;
echo "<b>Error!</b> item ".$res['item_id']." does not have correct owner!<br>";
}
}
echo "<br>Total errors in table 'items_users': $errors<br><br>";
//Checks "items_moodlight" table
$errors = 0;
$getitems = mysql_query("SELECT * FROM items_moodlight") or die(mysql_error());
while($res = mysql_fetch_array($getitems)){
$getbase = mysql_query('SELECT * FROM items WHERE item_id = "'.$res['item_id'].'"');
$base_num = mysql_num_rows($getbase);
if ($base_num == '0')
{
$errors = $errors + 1;
echo "<b>Error!</b> item ".$res['item_id']." does not exist!<br>";
}
}
echo "<br>Total errors in table 'items_moodlight': $errors<br><br>";
//Checks "items_rooms" table (Heavy)
$errors = 0;
$getitems = mysql_query("SELECT * FROM items_rooms") or die(mysql_error());
while($res = mysql_fetch_array($getitems)){
$getbase = mysql_query('SELECT * FROM items WHERE item_id = "'.$res['item_id'].'"');
$base_num = mysql_num_rows($getbase);
if ($base_num == '0')
{
$errors = $errors + 1;
echo "<b>Error!</b> item ".$res['item_id']." does not exist!<br>";
}
$getbase = mysql_query('SELECT * FROM rooms WHERE id = "'.$res['room_id'].'"');
$base_num = mysql_num_rows($getbase);
if ($base_num == '0')
{
$errors = $errors + 1;
echo "<b>Error!</b> room ".$res['room_id']." does not exist!<br>";
}
}
echo "<br>Total errors in table 'items_rooms': $errors<br><br>";
//Checks items_rooms_songs table
$errors = 0;
$getitems = mysql_query("SELECT * FROM items_rooms_songs") or die(mysql_error());
while($res = mysql_fetch_array($getitems)){
$getbase = mysql_query('SELECT * FROM rooms WHERE id = "'.$res['roomid'].'"');
$base_num = mysql_num_rows($getbase);
if ($base_num == '0')
{
$errors = $errors + 1;
echo "<b>Error!</b> room ".$res['roomid']." does not exist!<br>";
}
$getbase = mysql_query('SELECT * FROM items_base WHERE item_id = "'.$res['baseitem'].'"');
$base_num = mysql_num_rows($getbase);
if ($base_num == '0')
{
$errors = $errors + 1;
echo "<b>Error!</b> base item ".$res['baseitem']." does not exist!<br>";
}
}
echo "<br>Total errors in table 'items_rooms_songs': $errors<br><br>";
}
//Checks furniture
if ($sjekk == '2')
{
//Checks table items_base_gifts
$errors = 0;
$getitems = mysql_query("SELECT * FROM items_base_gifts") or die(mysql_error());
while($res = mysql_fetch_array($getitems)){
$getbase = mysql_query('SELECT * FROM items_base WHERE item_id = "'.$res['baseid'].'"');
$base_num = mysql_num_rows($getbase);
if ($base_num == '0')
{
$errors = $errors + 1;
echo "<b>Error!</b> base id ".$res['baseid']." does not exist!<br>";
}
}
echo "<br>Total errors in table 'items_base_gifts': $errors<br><br>";
//Checks table catalog_items_copy
$errors = 0;
$getitems = mysql_query("SELECT * FROM catalog_items_copy") or die(mysql_error());
while($res = mysql_fetch_array($getitems)){
$getbase = mysql_query('SELECT * FROM items_base WHERE item_id = "'.$res['item_ids'].'"');
$base_num = mysql_num_rows($getbase);
if ($base_num == '0')
{
$errors = $errors + 1;
echo "<b>Error!</b> base id ".$res['item_ids']." does not exist!<br>";
}
$getbase = mysql_query('SELECT * FROM catalog_pages WHERE id = "'.$res['page_id'].'"');
$base_num = mysql_num_rows($getbase);
if ($base_num == '0')
{
$errors = $errors + 1;
echo "<b>Error!</b> catalog page ".$res['page_id']." does not exist!<br>";
}
}
echo "<br>Total errors in table 'catalog_items_copy': $errors<br><br>";
}
?>
