Skip navigation.
Home

When I was your age I didn't have luxuries like...

Bad Architecture

being able to select more than one column from the database at a time!
(thanks to Nightflyer for this submission)

<?php
$server      
= "localhost";
  
$user        = "root";
  
$password    = "";
  
$database    = "mmnetrix";
  
$tbl_content = "netcard";

  
$db_connect  = mysql_connect($server, $user, $password);
  
$db_close    = mysql_close($db_connect);
  
$db_select   = mysql_select_db($database, $db_connect);

  
$id = $_GET['id'];

  
$sql_name         = mysql_query("SELECT name FROM $tbl_content WHERE id = '$id'", $db_connect);
  
$sql_strasse      = mysql_query("SELECT strasse FROM $tbl_content WHERE id = '$id'", $db_connect);
  
$sql_plz          = mysql_query("SELECT plz FROM $tbl_content WHERE id = '$id'", $db_connect);
  
$sql_ort          = mysql_query("SELECT ort FROM $tbl_content WHERE id = '$id'", $db_connect);
  
$sql_tel          = mysql_query("SELECT tel FROM $tbl_content WHERE id = '$id'", $db_connect);
  
$sql_fax          = mysql_query("SELECT fax FROM $tbl_content WHERE id = '$id'", $db_connect);
  
$sql_email        = mysql_query("SELECT email FROM $tbl_content WHERE id = '$id'", $db_connect);
  
$sql_inet         = mysql_query("SELECT inet FROM $tbl_content WHERE id = '$id'", $db_connect);
  
$sql_ansprpartner = mysql_query("SELECT ansprpartner FROM $tbl_content WHERE id = '$id'", $db_connect);
  
$sql_hlkurztext   = mysql_query("SELECT hlkurztext FROM $tbl_content WHERE id = '$id'", $db_connect);
  
$sql_kurztext     = mysql_query("SELECT kurztext FROM $tbl_content WHERE id = '$id'", $db_connect);
  
$sql_hllangtext   = mysql_query("SELECT hllangtext FROM $tbl_content WHERE id = '$id'", $db_connect);
  
$sql_langtext     = mysql_query("SELECT langtext FROM $tbl_content WHERE id = '$id'", $db_connect);
  
$sql_hlliste      = mysql_query("SELECT hlliste FROM $tbl_content WHERE id = '$id'", $db_connect);
  
$sql_liste        = mysql_query("SELECT liste FROM $tbl_content WHERE id = '$id'", $db_connect);
  
$sql_grafik       = mysql_query("SELECT grafik FROM $tbl_content WHERE id = '$id'", $db_connect);
?>

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Older versions of serendipity exhibited similar behaviour when accessing the plugin configuration entries as a side effect of the nature of the plugin API. In my blog, 87 queries were being made to create the front page. Fixes in current S9Y reduced that number to 7.

Oh Lord, this can't be...

First, connecting to the MySQL server as root without a password.

Second, closing the MySQL connection right after connecting and even without checking if the connection actually succeeded.

Third, making one query by each field. Terrible.

And fourth, not escaping the $id variable before placing it into the SQL queries.

Well, at least he took the time to align all the equals signs...

i know this code, the author is an php/mysql newbie. this was just
a first try to get into mysql.
but it's really funny to see how newbies write down code without
thinking :)

Why do we always get noobcode from Germans??? We are not ALL that bad :(
And the root-without-password thing really shows s/he's working with an environment that's (hopefully) been newly set up for training purposes.

like i said he is a noob. but he's getting help from some good
coders, so don't be afraid. the code looks better now.

greeting from germany ;)

The answer is simple..

Professional Germans write code in English because german letters like "�", "�", "�" and "�" can't be used in variable-names or function names and so on.
German noobs are just kiddies who are not be able to speak English.

Thats all.

uh...you guys don't think that...just maybe...the password was removed before this was posted on the world-wide internet?

R O F L O L.
Well I haven't thought about that but probably paul is right and this script noe has access to ALL MySQL instances on the planet MUAHAHAHA

Or maybe they are trying to use a database where the table names are in German.

My MySQL database on my testbed inside my firewalled network is running on Windows as root with no password. Big deal!

Post new comment




*

  • Web and e-mail addresses are automatically converted into links.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <pre> <p> <br /> <br>