Mysql Table records deleted automaticly

[JamesCliff]

Hi all,

Ok ive started having a problem with my mysql database. Within the database gbplantandmachinery i have a table called sales. This holds all the sales items that are currently been sold on the site. Now for some rease everything is been deleted out of the table. Its as if the table has been wiped clean. I know the user hasnt done it because within the table i have related to certain images that are uploaded to a directory on the server and there path stored in the mysql table. The images are still there in the folder, however everything in the Sales table has gone. This has happened twise now, i made a backup but it is corrupt, therefore i cannot reload the table. I need to sort this problem out as quickly as possible as its a client site and this should not be happening as theyve paid for a reliable and professional site. I cannot understand why this is happening, i really cant. There was 36 items in the table if this helps. Im not sure how many items there where the first time, i think it was 36 as well.

This is the code below i am using on the sales page to display everything from the sales table:

<?

$server = "127.0.0.1"; 
$user = "jim11"; 
$pass = ""; 
$databasename = "gbplantandmachinery"; 
$db = mysql_connect($server, $user, $pass); 
      mysql_select_db($databasename,$db); 	
	
	
echo "<table>";
echo "<tr>

      <td width='120'><strong>Photo</strong></td>
	  <td width='130'><strong>Make / Model</strong></td>
	  <td width='260'><strong>Description</strong></td>
	  <td width='120'><strong>Date Posted</strong></td>
	  <td width='110'><strong>Price</strong></td>
	  
	  </tr>";
	  
echo "<tr>";
	 
echo '<td colspan="5"><hr /></td>
		   
	  </tr>';
	  
echo "<tr>";
	 
echo '<td colspan="5">&nbsp;</td>
		   
	  </tr>';
	  
echo "</table>";

	

$sql = "select `Image_Ref`, `Title`, `Description`, `Date`, `Price` from sales"; 
        $query = mysql_query($sql,$db); 
        $total_results = mysql_num_rows($query); 
        $limit = "5"; //limit of archived results per page. 
        $total_pages = ceil($total_results / $limit); //total number of pages 
if (!isset($_GET['p']) || empty($_GET['p']))
    {
        $p = "1"; //default page if none is selected
    }
else
    {
        $p = addslashes($_GET['p']); 
    }
$offset = ($p - 1) * $limit; //starting number for displaying results out of DB 

    $query = "select `Image_Ref`, `Title`, `Description`, `Date`, `Price` from sales ORDER BY SaleID DESC LIMIT $offset, $limit"; 
    $rslt = mysql_query($query); 
//This is the start of the normal results... 

    while ($result = mysql_fetch_array($rslt)) 
        { 
		
	 echo "<table>";

     echo "<tr>";
	 
     echo '<td><img src="photos/' . $result['Image_Ref'] . '" width="100" height="75"></td> ';
     echo '<td width="175">' . $result['Title'] . '</td>
	       <td width="250">' . $result['Description'] . '</td>
		   <td width="175">' . $result['Date'] . '</td>
		   <td width="100">' . $result['Price'] . '</td>
		   
		   </tr>';
		   
	 echo "<tr>";
	 
	 echo "<td><a href=\"photos/" . $result['Image_Ref'] . "\" target=\"_blank\">Full Size Picture</a></td>"; 
		   
	 echo "</tr>";
	 		   
	 echo "<tr>";
	 
     echo '<td colspan="5"><hr /></td>
		   
		   </tr>';



echo "</table>";

 
        } 
        mysql_close(); 


// This is the Previous/Next Navigation 
echo "<br><br><br>";
echo "<font face=Verdana>"; 
if ($page != 1) 
{ 
echo "<a href=index.php?page=sales&p=1><-- First</a>&nbsp;&nbsp;&nbsp;&nbsp;"; // First Page Link 
$prevpage = $p - 1; 
echo "&nbsp;<a href=index.php?page=sales&p=$prevpage><<</a>&nbsp;&nbsp;"; // Previous Page Link 
} 
        if ($p == $total_pages) 
            { 
                  $to = $total_pages; 
            } 
        elseif ($p == $total_pages-1) 
            { 
                  $to = $p+1; 
            } 
        elseif ($p == $total_pages-2) 
            { 
                  $to = $p+2; 
            } 
        else 
            { 
                  $to = $p+3; 
            } 
        if ($p == 1 || $p == 2 || $p == 3) 
            { 
                  $from = 1; 
            } 
        else 
            { 
                  $from = $p-3; 
            } 
             
for ($i = $from; $i <= $to; $i++) 

    { 
    if ($i == $total_results) $to=$total_results; 
    if ($i != $p) 
        { 
        echo "<a href=index.php?page=sales&showold=yes&p=$i>$i</a>"; 
        } 
    else 
        { 
        echo "<b><font color=red face=Verdana>[$i]</font></b>"; 
        } 
    if ($i != $total_pages) 
        echo "&nbsp;"; 
    } 
if ($p != $total_pages) 
{ 
$nextpage = $p + 1; 
echo "&nbsp;&nbsp;<a href=index.php?page=sales&p=$nextpage>>></a>&nbsp;&nbsp;"; // Next Page Link 
echo "&nbsp;&nbsp;&nbsp;<a href=index.php?page=sales&p=$total_pages>Last --></a>"; // Last Page Link 
} 
echo "<br>&nbsp;<br>&nbsp;<br>&nbsp;<br>";
echo "Total Pages:($total_pages)"; // total pages 
echo "</font>"; 

echo "<br><br><br>";

// This is the end of the Previous/Next Navigation 


?>

You can view the code aboves page at:

http://www.gbplantandmachinery.com/index.php?page=sales

Any help on this subject would be greatly appriciated as i really need it sorting straight away!

Thanks so much

James

 

[litton1]

I would hazard a guess that you have been hacked. Have you checked your logs? You should not have the connection
script in the webpage it should be included from a folder outside your document root. That way if someone downloads your site they don’t get passwords to your database. You MUST change the passwords NOW. I suspect that this database allows access from anywhere :-(

A problem with no solution is a problem viewed from the wrong angle

 

[litton1]

Just reading your code. Why does the “secure database” not have a password!!

A problem with no solution is a problem viewed from the wrong angle