I purchased and installed Vote! Pro 4.0. LINK (http://www.vote-pro.com/)

I have php 4 with IIS windows web server. Are some of these functions used with php5?


$prefix = @explode("/", $REQUEST_URI);
@array_pop($prefix);
$prefix = @array_pop($prefix);


I doesn't find the root folder as specified in the code, it goes to the main site address. Is this a windows or my php version?

Try using $_SERVER['REQUEST_URI'] instead of $REQUEST_URI (your server probably has register_globals off, which is the default mode since PHP 4.1.0).

Here is my php & server info:

PHP Version 4.3.6
Microsoft-IIS/5.0

------------------------------------
It still didn't work...my script is below
------------------------------------

admin_top.php


<?

if($db_host != "" and $db_user != "" and $db_pass != "" and $db_name != "")
{$
$prefix = @explode("/", $REQUEST_URI);
@array_pop($prefix);
$prefix = @array_pop($prefix);

$config_file = "<?\n\n// connection to MySQL:\n\n\$dbhost = \"$db_host\"; // host\n\$dbuser = \"$db_user\"; // user name\n\$dbpass = \"$db_pass\"; // password\n\$dbname = \"$db_name\"; // DB name\n\n\$db = @mysql_connect(\"\$dbhost\",\"\$dbuser\",\"\$dbpass\");\n@mysql_select_db(\$dbname,\$db);\n\ndefine(_PREFIX, \"$prefix\");\n\n\$expire_cookies = time()+60*60*24*3650;\n\$expire_pass_cookies = time()+10*60*60;\n\n?>";

$file = $DOCUMENT_ROOT ."/". $prefix."/config.php";
$fh = @fopen ($file, "w");
@fputs ($fh, $config_file);
@fclose ($fh);

@include("config.php");
@mysql_query("delete from `"._PREFIX."admin` where id=1 ");
}
else
{
@include("config.php");
include("admin_cookies.php");

$result = @mysql_query("select * from `"._PREFIX."admin` where active=1 and adminuser='$admlogin' and adminpass='$admpass'");
$num_rows = @mysql_num_rows($result);
}

if($result == "" and $admlogin != "" and $admpass != "" and $admemail != "" and $db)
{
include("db.php");
include("admin_cookies.php");
?>

<HTML>
<head><META HTTP-EQUIV="Refresh" CONTENT="0; URL=polls.php"></head>
<BODY>
<script language="JavaScript">
location.href='polls.php'
</script>
</BODY>
</HTML>

<?
}
if(($num_rows == "") or ($num_rows == 0))
{
$where_to = @explode("/", $REQUEST_URI);
@array_pop($where_to);
$where_to = @implode("/", $where_to);

if(!$db)
{
echo "<html>";
echo "<head>";
echo "<meta http-equiv=\"Content-Language\" content=\"en-us\">";
echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1252\">";
echo "<link REL=\"stylesheet\" TYPE=\"text/css\" HREF=\"tags.css\">";
echo "<title>Vote! Pro 4.0</title><center>";

echo "
<br>
<br>
<center>
<table width=300 cellpadding=0 cellspacing=1 border=0>
<tr>
<td>
<center>
<table width=100%>
<tr>
<td>
<table border=\"0\" width=\"100%\" cellpadding=\"5\">
<tr>
<td width=\"10\"><img border=\"0\" src=\"img/arrow1.gif\" width=\"9\" height=\"15\"></td>
<td class=\"title2\">Connection to MySQL</td>
</tr>
</table></td>
</tr>
</table>
</center>
<table width=100% cellpadding=5 cellspacing=1 border=0>
<tr>
<form action=lostpw.php method=post>
<td><img border=\"0\" src=\"img/pixel.gif\" width=\"9\" height=\"1\"></td>
<td><br>
<table>
<tr><td colspan=2><span class=text><b><font color=red><b>Can't connect to MySQL DataBase.</td></tr>
</table>
</td>
</form>
</tr>
</table>
</center>
</td>
</tr>
</table>
</center>
<br><br><center><a href=index.php class=nav1>Go back to Enter page!</a></center><br><br>
";

exit;
}

header("Location: http://".$HTTP_HOST.$where_to);
$adm_wellcome = 0;
}
else
{
$get_admin = @mysql_fetch_array($result);
$admin_id = $get_admin[id];
$admin_status = $get_admin[status];
$admin_see = $get_admin[all];

if($admin_status == 1 and $admin_see == 1) $db_add_including = "";
elseif($admin_status == 1 and $admin_see == 0) $db_add_including = " and id='$admin_id' ";
elseif($admin_status == 0 and $admin_see == 1) $db_add_including = "";
elseif($admin_status == 0 and $admin_see == 0) $db_add_including = " and id='$admin_id' ";
$db_add_including_polls = str_replace("id=", "admin_id=", $db_add_including);


echo "
<html>

<head>
<meta http-equiv=\"Content-Language\" content=\"en-us\">

<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1251\">
<title>Vote! Pro 4.0</title>
<meta http-equiv=\"pragma\" content=\"no-cache\">
<meta name=\"robots\" content=\"ALL, FOLLOW\">
<meta name=\"rating\" content=\"General\">
<link REL=\"stylesheet\" TYPE=\"text/css\" HREF=\"tags.css\">
</head>";

if($no_top == "")
{
echo "
<body marginwidth=\"0\" marginheight=\"0\" topmargin=\"0\" leftmargin=\"0\" bgcolor=\"#FFFFFF\" link=\"#0033CC\" vlink=\"#0033CC\">
<table border=\"0\" style=\"border-collapse: collapse\" width=\"750\" id=\"table1\" cellpadding=\"0\">
<tr>
<td width=\"30\"><img src=\"img/pixel.gif\" height=\"7\"></td>
<td bgcolor=\"#F5F5F5\"><img src=\"img/pixel.gif\" height=\"7\"></td>
<td><img src=\"img/pixel.gif\" height=\"7\"></td>
<td bgcolor=\"#F5F5F5\"><img src=\"img/pixel.gif\" height=\"7\"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td width=\"130\">
<img border=\"0\" src=\"img/logo.gif\" width=\"130\" height=\"52\" alt=\"Vote! Pro 4.0\"></td>
<td >&nbsp;</td>
<td width=\"160\" align=\"center\" class=\"url1\"><nobr></nobr><b><a href=\"admin.php?wanna_exit=1\" class=\"url1\">Sign-In</a></b> as another user</nobr></td>
</tr>
</table>
<table border=\"0\" style=\"border-collapse: collapse\" width=\"750\" id=\"table2\" cellpadding=\"0\">
<tr>
<td bgcolor=\"#D9D9D9\"><img border=\"0\" src=\"img/pixel.gif\" width=\"1\" height=\"3\"></td>
</tr>
<tr>
<td bgcolor=\"#FFFFFF\">
<img border=\"0\" src=\"img/pixel.gif\" width=\"1\" height=\"1\"></td>
</tr>
</table>
<table border=\"0\" style=\"border-collapse: collapse\" width=\"750\" id=\"table3\" cellpadding=\"0\" bgcolor=\"#349F00\" background=\"img/bg_menu.gif\">
<tr>
<td align=\"center\" class=\"menu\" width=\"10%\"><b>
<a class=\"menu\" href=\"polls.php?$hrefauthorization\">POLLS</a></b></td>
<td align=\"center\" class=\"menu\" width=\"1\" ><b>
<img border=\"0\" src=\"img/div1.gif\" width=\"1\" height=\"24\"></b></td>
<td align=\"center\" class=\"menu\" width=\"20%\"><b>
<a class=\"menu\" href=\"profiles.php?$hrefauthorization\">DESIGN PROFILES</a></b></td>
<td align=\"center\" class=\"menu\" width=\"1\" ><b>
<img border=\"0\" src=\"img/div1.gif\" width=\"1\" height=\"24\"></b></td>
<td align=\"center\" class=\"menu\" width=\"22%\"><b>
<a class=\"menu\" href=\"admins.php?$hrefauthorization\">ADMINISTRATORS</a></b></td>
<td align=\"center\" class=\"menu\" width=\"1\" ><b>
<img border=\"0\" src=\"img/div1.gif\" width=\"1\" height=\"24\"></b></td>
<td align=\"center\" class=\"menu\">&nbsp;</td>
<td align=\"center\" class=\"menu\" width=\"8%\"><b><a class=\"menu\" href=\"admin.php?wanna_exit=1\">LOGOUT</a></b></td>
</tr>
</table>
<table border=\"0\" style=\"border-collapse: collapse\" width=\"750\" id=\"table4\" cellpadding=\"0\" height=\"2\">
<tr>
<td><img border=\"0\" src=\"img/pixel.gif\" width=\"1\" height=\"2\"></td>
</tr>
</table>
<table border=\"0\" style=\"border-collapse: collapse\" width=\"750\" id=\"table5\" cellpadding=\"0\">
<tr>
<td width=\"180\" bgcolor=\"#CCCCCC\" height=\"2\">
<img border=\"0\" src=\"img/pixel.gif\" width=\"1\" height=\"2\"></td>
<td width=\"1\" bgcolor=\"#cccccc\" rowspan=\"5\"><img border=\"0\" src=\"img/pixel.gif\" width=\"1\" height=\"1\"></td>
<td width=\"9\" rowspan=\"5\">&nbsp;</td>
<td width=\"560\" rowspan=\"5\" valign=\"top\">
";
}
$adm_wellcome = "Y";
}
?>

grr... nothing pisses me off more than amateurs making and selling third rate scripts

you will basically have to go through the entire script an convert it to php4, replace <? to <?php, and convert all the register globals on garbage over to $_GET, $_POST, $_SERVER, etc. (which is very difficult)

I figured there were more problems than I needed.

Thanks.

Also, all those function and/or variable names preceded by an "@" sign will not generate any error messages if they fail (the "@" sign suppresses error-reporting), which adds to the difficulty of debugging. If you decide to go forward with this script, I'd suggest making a backup copy of it, then deleting all the "@" signs (or start one at a time from the top) and run the script, and see what error messages start popping up.

PS: As far as I'm concerned, the "@" should never be used that way unless you put in your own error-checking for that function (or check to see if that variable exists).