-4

I have unsub.php code:

<?php 
include("config.inc.php");
$id=$_REQUEST['id'];
$time=$_REQUEST['t'];
$cid=0;
if(isset($_REQUEST['cid']))
$cid=$_REQUEST['cid']

if($cid==0)
mysql_query("update email_advt set unsubstatus=1 where id=$id AND time=$time");
else
{
if($mysql->total(email_advt","id=$id AND time=$time")>0)
mysql_query("delete from ea_em_n_cat where eid=$id AND cid=$cid");
}

?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html>
<head>
<title> Unsubscribe Email</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body>
Your email has been successfully unsubscribed from our mailing list. <br>
</body>
</html>

And this tables:

CREATE TABLE IF NOT EXISTS `email_advt` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `email` varchar(250) NOT NULL DEFAULT '',
  `unsubstatus` int(11) NOT NULL DEFAULT '0',
  `time` int(11) NOT NULL DEFAULT '0',
  PRIMARY KEY (`id`),
  UNIQUE KEY `email` (`email`)
) ENGINE=MyISAM  DEFAULT CHARSET=utf8 AUTO_INCREMENT=4 ;

CREATE TABLE IF NOT EXISTS `ea_em_n_cat` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `eid` int(11) NOT NULL DEFAULT '0',
  `cid` int(11) NOT NULL DEFAULT '0',
  PRIMARY KEY (`id`)
) ENGINE=MyISAM  DEFAULT CHARSET=utf8 AUTO_INCREMENT=7 ;

When access unsub.php?id=1&t=1360306174&cid=0
Not show Your email has been successfully unsubscribed from our mailing list.
What is wrong ? unsubstatus not set to 1 when acces unsub.php?id=1&t=1360306174&cid=0

user1964450
  • 11
  • 1
  • 1
  • 10
  • That's not even valid PHP syntax. – deceze Feb 08 '13 at 09:54
  • 2
    You are using [an **obsolete** database API](http://stackoverflow.com/q/12859942/19068) and should use a [modern replacement](http://php.net/manual/en/mysqlinfo.api.choosing.php). You are also **vulnerable to [SQL injection attacks](http://bobby-tables.com/)** that a modern API would make it easier to [defend](http://stackoverflow.com/questions/60174/best-way-to-prevent-sql-injection-in-php) yourself from. – Quentin Feb 08 '13 at 09:54
  • In your query. mysql_query("update email_advt set unsubstatus=1 where id=$id AND `time`=$time"); add a ` to time, so it will be `time`. You are having this problem because time is a built-in function in MySQL. Sorry, grave accent is not showing well on time. Add a grave accent to your `time` column. – hodl Feb 08 '13 at 09:55
  • Don't ask questions where the problem is described as "It isn't working". Do some debugging. Tell us the error messages you get. Trace data through the code. Tell us where in the code you think it is breaking. – Quentin Feb 08 '13 at 09:56
  • Not show error message! Only blank page ! – user1964450 Feb 08 '13 at 09:59
  • **That's not valid PHP syntax.** A blank page would fit that as a symptom. – deceze Feb 08 '13 at 10:01

3 Answers3

0

use this query, you missed backticks `

mysql_query("update email_advt set `unsubstatus`=1 where `id`=$id AND `time`=$time");
Yogesh Suthar
  • 30,424
  • 18
  • 72
  • 100
0

I think you have the error here:

if($mysql->total(email_advt","id=$id AND time=$time")>0)

try

if($mysql->total("email_advt"," id=$id AND time=$time")>0)

though I'm not really sure what you are trying to get or the arguments of the total() method.

Mark
  • 8,046
  • 15
  • 48
  • 78
0

If you are using a built-in function as a column name you need to enclosed it in a grave accent. i.e in your query you are using a column time which is a built-in function in MySQL.

hodl
  • 1,420
  • 12
  • 21