You have an error in your SQL syntax near '' at line 1

Nuke Cadet Joined: Apr 10, 2003 Posts: 2

iHello to all the good people of NukeCops forums.
i've been around here for a few days, searched the forums all over, and didn't find the soultion, so maybe one of you will.

the site was working perfect for a year when just a week ago, my host company decided I should move for better servers because i'm gaining too much bandwidth. since then, my problems started.

I'm using Nukof (the Israeli fork of Nuke) based on ver 5.4.
Php 4.3.1
MySQL 3.23.56
Windows 2000 Servers (my host's support told me they never had Unix servers, so that couldn't be a security issue)

I can see my index.php, so i guess config.php and nuke.sql are ok (i've checked them for 10 times now.. )

here are the errors:

in article.php, it shows:

Code:

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in C:\Webspace\disk42\abulehleh.co.il\abulehleh.co.il\www\rotem\nuke\article.php on line 26

Warning: Cannot modify header information - headers already sent by (output started at C:\Webspace\disk42\abulehleh.co.il\abulehleh.co.il\www\rotem\nuke\article.php:26) in C:\Webspace\disk42\abulehleh.co.il\abulehleh.co.il\www\rotem\nuke\article.php on line 55

Warning: mysql_fetch_row(): supplied argument is not a valid MySQL result resource in C:\Webspace\disk42\abulehleh.co.il\abulehleh.co.il\www\rotem\nuke\includes\sql_layer.php on line 273

You have an error in your SQL syntax near 'order by counter desc limit 0,1' at line 1

and here comes the code itself (i belive it related to some scoring addon the guys made it added..)

Code:

<?php

/************************************************************************/
/* NuKOF: The Hebrew Web Portal System (http://nukof.dotkof.org) */
/* =========================== */
/* */
/* Copyright (c) 2002 by Shlomi Atar (shlomi@dotkof.org) and */
/* Yossi Ben-Mashiach (yossi@dotkof.org) - the founders of          */
/* Dotkof (dotkof.org) - The First Israeli Computer news Slash site    */
/* http://dotkof.org */
/* */
/* Based On PHP NUKE (http://phpnuke.org), by                   */
/* Francisco Burzi (fbc@mandrakesoft.com)                   */
/* */
/* */
/* This program is free software. You can redistribute it and/or modify */
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 2 of the License. */
/************************************************************************/

require_once("mainfile.php");

// Before all actions, see if there is a row for story in scoring table
$q = "SELECT * FROM nuke_scoring WHERE sid=$sid";
$result = mysql_query($q);
if(mysql_num_rows($result) == 0) {
$q = "INSERT INTO nuke_scoring VALUES($sid, 0,0,0)";
mysql_query($q);
$vote_num = 0; $vote_total = 0; $vote_avg = 0;
} else {
$result = mysql_fetch_array($result);
$vote_num = $result[vote_num];
$vote_total = $result[vote_total];
}

if((! is_numeric($score) && $score != 0) || $score > 5 ){
$scoreMsg = 0;
//exit;
} elseif($HTTP_COOKIE_VARS["v$sid"] == 1) {
$scoreMsg = 1;
} elseif ($score > 0 && score <= 5) {
$scoreMsg = 2;
mysql_query("UPDATE nuke_scoring SET vote_num=(vote_num+1), vote_total=(vote_total+$score) WHERE sid=$sid");
mysql_query("UPDATE nuke_scoring SET vote_avg=(vote_total/vote_num) WHERE sid=$sid");
setcookie("v$sid", "1", 108000);
} else {
$scoreMsg = -1;
}

if (stristr($REQUEST_URI,"mainfile")) {
Header("Location: article.php?sid=$sid");
} elseif (!isset($sid) && !isset($tid)) {
Header("Location: index.php");
}

if ($save AND is_user($user)) {
cookiedecode($user);
sql_query("update $user_prefix"._users." set umode='$mode', uorder='$order', thold='$thold' where uid='$cookie[0]'", $dbi);
getusrinfo($user);
$info = base64_encode("$userinfo[uid]:$userinfo[uname]:$userinfo[pass]:$userinfo[storynum]:$userinfo[umode]:$userinfo[uorder]:$userinfo[thold]:$userinfo[noscore]");
setcookie("user","$info",time()+$cookieusrtime);
}

if ($op == "Reply") {
Header("Location: comments.php?op=Reply&pid=0&sid=$sid&mode=$mode&order=$order&thold=$thold");
}

$result = sql_query("select catid, aid, time, title, hometext, bodytext, topic, informant, notes, haspoll, pollID, counter,comments FROM $prefix"._stories." where sid=$sid", $dbi);
list($catid, $aid, $time, $title, $hometext, $bodytext, $topic, $informant, $notes, $haspoll, $pollID, $counter,$comcounter) = sql_fetch_row($result, $dbi);
sql_query("UPDATE $prefix"._stories." SET counter=counter+1 where sid=$sid", $dbi);

$artpage = 1;
$pagetitle = "- $title";
require("header.php");
$artpage = 0;

formatTimestamp($time);
$title = stripslashes($title);
$hometext = stripslashes($hometext);
$bodytext = stripslashes($bodytext);
$notes = stripslashes($notes);

if ($notes != "") {
$notes = "<br><br><b>"._NOTE."</b> <i>$notes</i>";
} else {
$notes = "";
}

if($bodytext == "") {
$bodytext = "$hometext$notes";
} else {
$bodytext = "$hometext<br><br>$bodytext$notes";
}

if($informant == "") {
$informant = $anonymous;
}

getTopics($sid);

if ($catid != 0) {
$resultx = sql_query("select title from $prefix"._stories."_cat where catid='$catid'", $dbi);
list($title1) = sql_fetch_row($resultx, $dbi);
$title = "<a href=\"categories.php?op=newindex&catid=$catid\" style=\"color: white\"><font class=\"storycat\" style=\"color: white\">$title1</font></a>: $title";
}

echo "<table width=\"100%\" border=\"0\"><tr><td valign=\"top\" width=\"100%\">\n";
themearticle($aid, $informant, $datetime, $title, $bodytext, $topic, $topicname, $topicimage, $topictext);
echo "</td><td>&</td><td valign=\"top\">\n";

if ($multilingual == 1) {
$querylang = "AND (blanguage='$currentlang' OR blanguage='')";
} else {
$querylang = "";
}

/* Determine if the article has attached a poll */
if ($haspoll == 1) {
$url = sprintf("pollBooth.php?op=results&pollID=%d", $pollID);
$boxContent = "<form action=\"pollBooth.php\" method=\"post\">";
$boxContent .= "<input type=\"hidden\" name=\"pollID\" value=\"".$pollID."\">";
$boxContent .= "<input type=\"hidden\" name=\"forwarder\" value=\"".$url."\">";
$result = sql_query("SELECT pollTitle, voters FROM $prefix"._poll_desc." WHERE pollID=$pollID", $dbi);
list($pollTitle, $voters) = sql_fetch_row($result, $dbi);
$boxTitle = _ARTICLEPOLL;
$boxContent .= "<font class=\"content\"><b>$pollTitle</b></font><br><br>\n";
$boxContent .= "<table border=\"0\" width=\"100%\">";
for($i = 1; $i <= 12; $i++) {
$result = sql_query("SELECT pollID, optionText, optionCount, voteID FROM $prefix"._poll_data." WHERE (pollID=$pollID) AND (voteID=$i)", $dbi);
$object = sql_fetch_object($result, $dbi);
if(is_object($object)) {
   $optionText = $object->optionText;
   if($optionText != "") {
   $boxContent .= "<tr><td valign=\"top\"><input type=\"radio\" name=\"voteID\" value=\"".$i."\"></td><td width=\"100%\"><font class=\"content\">$optionText</font></td></tr>\n";
   }
}
}
$boxContent .= "</table><br><center><font class=\"content\"><input type=\"submit\" value=\""._VOTE."\"></font><br>";
if (is_user($user)) {
cookiedecode($user);
}
for($i = 0; $i < 12; $i++) {
$result = sql_query("SELECT optionCount FROM $prefix"._poll_data." WHERE (pollID=$pollID) AND (voteID=$i)", $dbi);
$object = sql_fetch_object($result, $dbi);
$optionCount = $object->optionCount;
$sum = (int)$sum+$optionCount;
}
$boxContent .= "<font class=\"content\">[ <a href=\"pollBooth.php?op=results&pollID=$pollID&mode=$cookie[4]&order=$cookie[5]&thold=$cookie[6]\"><b>"._RESULTS."</b></a> | <a href=\"pollBooth.php\"><b>"._POLLS."</b></a> ]<br>";

if ($pollcomm) {
list($numcom) = sql_fetch_row(sql_query("select count(*) from $prefix"._pollcomments." where pollID=$pollID", $dbi), $dbi);
$boxContent .= "<br>"._VOTES.": <b>$sum</b> | "._PCOMMENTS." <b>$numcom</b>\n\n";
} else {
$boxContent .= "<br>"._VOTES." <b>$sum</b>\n\n";
}
$boxContent .= "</font></center></form>\n\n";
themesidebox($boxTitle, $boxContent);
}

$result = sql_query("select title, content, active, position from $prefix"._blocks." where bkey='login' $querylang", $dbi);
list($title, $content, $active, $position) = sql_fetch_row($result, $dbi);
if (($active == 1) AND ($position == "r") AND (!is_user($user))) {
loginbox();
}

$boxtitle = ""._RELATED."";
$boxstuff = "<font class=\"content\">";

$result = sql_query("select name, url from $prefix"._related." where tid=$topic", $dbi);
while(list($name, $url) = sql_fetch_row($result, $dbi)) {
$boxstuff .= "<strong><big>&</big></strong>&<a href=\"$url\" target=\"new\">$name</a><br>\n";
}

$boxstuff .= "<strong><big>&</big></strong>&<a href=\"search.php?topic=$topic\">"._MOREABOUT." $topictext</a><br>\n";
$boxstuff .= "<strong><big>&</big></strong>&<a href=\"search.php?author=$aid\">"._NEWSBY." $aid</a><br>\n";

/* This is a list for automatic related links on article internal page */
/* For this I used a multi-dimensional array so we can show the links titles */
/* as we want, doesn't matter the case of the string in the article. You can */
/* add or remove links from this array as you wish to fit your needs */

$relatedarray = array (
      "סקס"    => array ("אתר למנוולים בני 18 ומעלה"       => "http://www.sex4free.co.il")
      );

         ### NuKOF Addon : Mult-showes fix
$ar=array();
while (list ($key) = each ($relatedarray)) {
$relarr = eregi($key, $bodytext);
if ($relarr) {
list($rep, $val) = each ($relatedarray[$key]);
   if (!in_array($val,$ar))
   {
   array_push($ar,$val);
$boxstuff .= "<strong><big>&</big></strong>&<a href=\"$val\" target=\"new\">$rep</a><br>\n";

   }
}
}
         ### END NuKOF Addon : Mult-showes fix
/* Multi-dimensional array end here */

$boxstuff .= "</font><br><hr noshade width=\"95%\" size=\"1\"><center><font class=\"content\"><b>"._MOSTREAD." $topictext:</b><br>\n";

global $multilingual, $currentlang;
if ($multilingual == 1) {
$querylang = "AND (alanguage='$currentlang' OR alanguage='')"; /* the OR is needed to display stories who are posted to ALL languages */
} else {
$querylang = "";
}
$result2 = sql_query("select sid, title, acomm from $prefix"._stories." where topic=$topic $querylang order by counter desc limit 0,1", $dbi);
list($topstory, $ttitle, $acomm) = sql_fetch_row($result2, $dbi);

$boxstuff .= "<a href=\"article.php?sid=$topstory\">$ttitle</a></font></center><br>\n";
$counter = $counter+1;
$boxstuff .= "<BR><center>($counter כניסות | $comcounter תגובות)</center>\n";

themesidebox($boxtitle, $boxstuff);

$optiontitle = ""._OPTIONS."";
$optionbox .= "<strong><big>&</big></strong>&<a href=\"print.php?sid=$sid\">"._PRINTER."</a><br>";
$optionbox .= "<strong><big>&</big></strong>&<a href=\"friend.php?op=FriendSend&sid=$sid\">"._FRIEND."</a>\n";
if (is_admin($admin)) {
$optionbox .= "<center><br><b>"._ADMIN."</b><br>[ <a href=\"admin.php?op=adminStory\">"._ADD."</a> | <a href=\"admin.php?op=EditStory&sid=$sid\">ערוך</a> | <a href=\"admin.php?op=RemoveStory&sid=$sid\">מחק</a> ]</center>";
}
themesidebox($optiontitle, $optionbox);
if($vote_num) {
$vote_scr = $vote_total / $vote_num;
} else {
$vote_scr = "אין הצבעות";
}
$score_txt = "<form action=\"article.php\" method=\"GET\"><input type=\"hidden\" name=\"sid\" value=\"$sid\"<center>אנא דרג את הכתבה הזאת:</center><br><input type=\"hidden\" name=\"op\" value=\"rate_article\"><input type=\"radio\" name=\"score\" value=\"1\"> <img src=\"images/articles/stars-1.gif\" border=\"0\" alt=\"גרוע\"><br><input type=\"radio\" name=\"score\" value=\"2\"> <img src=\"images/articles/stars-2.gif\" border=\"0\" alt=\"רגיל\"><br><input type=\"radio\" name=\"score\" value=\"3\"> <img src=\"images/articles/stars-3.gif\" border=\"0\" alt=\"טוב\"><br><input type=\"radio\" name=\"score\" value=\"4\"> <img src=\"images/articles/stars-4.gif\" border=\"0\" alt=\"טוב מאד\"><br><input type=\"radio\" name=\"score\" value=\"5\"> <img src=\"images/articles/stars-5.gif\" border=\"0\" alt=\"מעולה\"><br><br><center><input type=\"submit\" value=\"דרג!\"></center></form><br>";
$score_txt .= "<b>ניקוד ממוצע</b>: " . round($vote_scr,3) . "<br>";
$score_txt .= "<b>מצביעים</b>:".$vote_num."</b><br>";
switch($scoreMsg) {
case -1:
break;

case 0:
$score_txt .= "<i>קוד הצבעה לא תקין</i><br>";
break;

case 1:
$score_txt .= "<i>כבר הצבעת לכתבה זו</i><br>";
break;

case 2:
$score_txt .= "<i>הצבעת בהצלחה</i><br>";
}

themesidebox("ניקוד הכתבה", $score_txt);

echo "</td></tr></table>\n";
cookiedecode($user);
if ((($mode != "nocomments") OR ($acomm == 0)) AND ($articlecomm == 1)) {
$thetitle = $title;
// include("comments.php");
$r_action = "show_bottom";
include("resp.php");
}
include ("footer.php");
?>

(if you can see, there's some hebrew text inside)

I did the debug thing, and all the rows appears on the SQL database.

besides this, all the modules gives me the "Sorry, you can't access this file directly..." and the search always give me the last 10 items that were added (no matter what i search for..)

for conclusion, phpnuke stopped loving me.. Wink

i've read the Idiots Guide and asked my host to set the files permissions. but when i asked them to change php.ini, they said they couldn't do it because it will affect all others users.

well, what can i say, you guys are my only hope..

http://www.abulehleh.co.il/rotem/nuke/analyze.php

http://www.abulehleh.co.il/rotem/nuke/ConnectTest.php

Thanks from advance,
Asaf.

p.s.
the errors happens also in the default themes, so i guess it's not a theme thing.

Joined: Jan 31, 2004 Posts: -88

u sure it's not Nuke 6.5 not 5.4????? Wink

[edit]
Also, because this isn't PHP-Nuke, only a clone / adaptation of it, we cannot offer support to it I'm afraid.

AI