I have 3 databases which spontaneously create new entries in themselves. Up until today I thought it was happening only whenever I opened the .php file in DW. Trouble is, I was driving all day today and when I opened up the computer at the end of the drive, 3 e-mails came in saying that a blank record had been entered in each of the 3 files. How bizarre is that??!!
I thought this was possibly happening when I opened the insert.php file, even if I did nothing other than look at the code and close it out (which I just did a minute ago and sure enough, a new insert e-mail just arrived).
What in heaven’s name could be triggering this?! It’s giving me the creeps. Here’s the coding for the insert.php file:
<?php
$con = mysql_connect("servername","database","password");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("database", $con);
if(isset($_POST['hidden_value']))
if (isset ($_POST['clubServices']))
{
$strClubServices = implode (", ", $_POST['clubServices']);
}
else
{
$strClubServices = "";
}
{
$clubName = mysql_real_escape_string($_POST['clubName']);
$clubContact = mysql_real_escape_string($_POST['clubContact']);
$clubContactPosn = mysql_real_escape_string($_POST['clubContactPosn']);
$clubCity = mysql_real_escape_string($_POST['clubCity']);
$clubProvince = mysql_real_escape_string($_POST['clubProvince']);
$clubCountry = mysql_real_escape_string($_POST['clubCountry']);
$clubPhone = mysql_real_escape_string($_POST['clubPhone']);
$clubEmail = mysql_real_escape_string($_POST['clubEmail']);
$clubWebsite = mysql_real_escape_string($_POST['clubWebsite']);
$clubServices = mysql_real_escape_string($_POST['clubServices']);
$clubOther = mysql_real_escape_string($_POST['clubOther']);
$clubListing = mysql_real_escape_string($_POST['clubListing']);
$sql="
INSERT INTO
clubs (
clubName
, clubContact
, clubContactPosn
, clubCity
, clubProvince
, clubCountry
, clubPhone
, clubEmail
, clubWebsite
, clubServices
, clubOther
, clubListing
, clubExpiry
) VALUES (
'". $clubName ."'
,'". $clubContact ."'
,'". $clubContactPosn ."'
,'". $clubCity ."'
,'". $clubProvince ."'
,'". $clubCountry ."'
,'". $clubPhone ."'
,'". $clubEmail ."'
,'". $clubWebsite ."'
,'". $strClubServices ."'
,'". $clubOther ."'
,'". $clubListing ."'
, now() + INTERVAL 1 YEAR
)";
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
$to = "e-mail address";
$subject = "New listing in all-breed clubs directory";
$message = "There's a new listing for " . $clubName . ", Contact: " . $clubContact . ", Contact position: " . $clubContactPosn . ", City: " . $clubCity . ", Province: " . $clubProvince . ", Country: " . $clubCountry . ", Phone: " . $clubPhone . ", Website: " . $clubWebsite . ", Services: " . $strClubServices . ", Other: " . $clubOther . ", " . $clubListing;
$from = $_POST['clubEmail'];
$headers = "From:" . $from;
mail($to,$subject,$message,$headers);
header("Location: CRcart/dir_ABclub_pic.php");
exit();
}
mysql_close($con)
?>