Hi all, Please forgive me if this is not the forum for this, but I had to ask... I am working on my site with a e-ticket program on it (joomla based) I have a barcode scanner and I have gotten a script from the maker of the e-ticked program to try, but without support for it. The script keeps telling me that the barcode is not good, but if I look at the DB the barcode is in there.. I did a search on the www and I think the problem that it doesn't work is that it is not compatible with the mariadb i have installed on my server? The script connects fine to the DB ( because if I fill in the wrong pass it gives me a warning that it doesn't connect) So I think the problem is in the select tag from the script.. Because if i fill that in as an sql query it doesn't work... But hee this totaly new for me... so forgive me if i am wrong. Here is the script: PHP: <?php $image = 'scanner.png';$color = 'black'; if(isset($_POST['barcode'])){ $con = mysqli_connect('localhost', 'USER', 'PASS', 'DATABASE'); if (mysqli_connect_errno($con)){ echo "Failed to connect to MySQL: " . mysqli_connect_error(); } // Select the information from the database and perform some checks. $query = mysqli_query($con, 'SELECT * FROM mfhnl_ticketmaster_orders WHERE barcode = '.$_POST['barcode'].''); $result = mysqli_fetch_assoc($query); // Check if the scan amount is smaller then the maximum amount scans. if($result['scanned'] < $result['scan_maximum']) { // Updating the scan amount with one scan. $sql = 'UPDATE mfhnl_ticketmaster_orders SET scanned = scanned+1 WHERE barcode = '.$_POST['barcode'].''; if ($con->query($sql) === false) { exit('Something went wrong during thescanning.'); } $image = 'tick.png'; $color = 'green'; $text = 'GELDIGE'; } else { $image = 'cross.png'; $color = '#d72828'; $text = 'ONGELDIGE'; } }?> <!DOCTYPE html><html><head> <title>Ticket Scanner</title> <style> .center_div { width: 600px; height: 600px; position: absolute; top:0; bottom: 0; left: 0; right: 0; margin: auto; } input { width: 100%; height:50px; font-size:40px; border:2px solid #c0c0c0; } .scan_image { width: 128px; } .scan_text { width: 100%; float:left; padding:10px; text-align: center; font-family: sans-serif; font-size: 20px; } .title-page{ font-family: sans-serif; font-size: 35px; } </style></head> <body> <div class="center_div"> <div align="center"> <h1 class="title-page">WELKOM</h1> <img src="<?php echo $image; ?>" alt="" width="128"/> </div> <div class="scan_text" style="color:<?php echo $color; ?>;"> <?php if(isset($_POST['barcode'])) : ?> <h1><?php echo $text; ?> BARCODE<br/><?php echo $_POST['barcode']; ?></h1> <?php endif; ?> </div> <form action="scanner.php" method="post"> <input type="text" id="scan" name="barcode" onblur="this.focus()" autofocus> </form> </div> </body></html> A long story for hopefully a short answer... and thanks in advance if someone wants to help me out here.. Appie
I don't think that the problem is MariaDB, the sql queries used in that script seem to be compatible with MySQL and MariaDB. But this script seems to be insecure, at least I don't see where the developer quotes (escapes) the strings, so anyone with access to this script would be able to delete the whole database or query any data inside. But beside that, USER, PASS and DATABASE have been replaced with the correct values? The database table that you want to query is named mfhnl_ticketmaster_orders (check with phpmyadmin) and the barcode value is in the field 'barcode' in that table?
Till, thanks for the help.. Yes i fill in the correct db pass, user and db name.. i just removed them.. the table is the corect one, i copied the name directly from phpmyadmin, and yes the barcode is in barcode in that table.... As for security planning to use it ofline only anyway. Appie
Then the SQL query should be ok. Did you try this in phpmyadmin within that database: SELECT * FROM mfhnl_ticketmaster_orders WHERE barcode = 12345; where 12345 is the bardcode number?
Just home from work so first thing I did was that.. it works. I atached a screenshot. screenshot is from local xammp but I tested also on live server and same result both works
