Hi,
My website is live on the internet if anybody has time to look at it, it is greatly appreciated. mickshotels.com. I am getting an error about undefined index and access denied, but I cannot find the root of the problem, because when I use a basic script to test the database connection and basic queries, everything works fine. Below is the code from the privacy policy page. The other thing I noticed is when you click view source, it gives my username and password to the database, which obviously seems like a major risk for me. Any help is greatly appreciated.
[code]<?php
require(“includes/z_db.php”);
require(“includes/session.php”);
$userid = $_SESSION[‘view_userid’];
$hotelname = $_REQUEST[‘hotel_name’];
$city = $_REQUEST[‘city’];
/* http://www.hydraxil-de.com/order_now.php /
/if (($_POST[‘search’]) || ($_POST[‘back_btn’])){/
/ $hotelname = $_POST[‘hotel_name’];
$city = $_POST[‘city’];/
// $venue = $_POST[‘venue’];
$get_city_id = mysql_fetch_array(mysql_query(“select id from city where title =’$city’”));
$res_cityid=$get_city_id[‘id’];
/ $get_location_type_id = mysql_fetch_array(mysql_query(“select id from location_type where (title like ‘%$venue%’)”));
$res_location_type_id=$get_location_type_id[‘id’];*/
if (($hotelname) && ($city))
$get_category = mysql_query("select distinct * from hotel where (title like ‘%$hotelname%’) and (city_id =’$res_cityid’) ");
else if ($hotelname)
$get_category = mysql_query("select distinct * from hotel where (title like ‘%$hotelname%’) ");
else if ($city)
$get_category = mysql_query("select distinct * from hotel where (city_id =’$res_cityid’) ");
/*$get_category = mysql_query("select distinct * from hotel where (city_id in (select city_id from location where location_type_id = '$res_location_type_id')) and (city_id ='$res_cityid') "); */
/}/
?>
<div id="search_top">
<form name="search_form" action="land.php" method="post">
<table>
<tr>
<td> Enter Hotel Name:<? echo $hotelname; ?></td>
<td> Enter City: <? echo $city; ?></td>
</tr>
<tr>
<td><input name="hotel_name" type="text" value="<? echo $hotelname; ?>"/></td>
<td><input name="city" type="text" value="<? echo $city; ?>"/></td>
</tr>
<td><input name="search" type="submit" value="Search" /></td>
<td></td>
</tr>
</table>
</form>
</div>
</div>
PRIVACY POLICY
<? $no_rows = mysql_num_rows($get_category); ?> <?
while($row = mysql_fetch_assoc($get_category)) { ?>
This Privacy Policy governs the manner in which
mickshotels.com collects, uses, maintains and discloses information
collected from users (each, a "User") of the www.mickshotels.com website
("Site"). This privacy policy applies to the Site and all products and
services offered by mickshotels.com.
Personal identification information
We may collect personal identification information from Users in a variety of ways, including, but not limited to, when Users visit our site, place an order, subscribe to the newsletter, respond to a survey, fill out a form, and in connection with other activities, services, features or resources we make available on our Site. Users may be asked for, as appropriate, name, email address, mailing address, phone number, credit card information. Users may, however, visit our Site anonymously. We will collect personal identification information from Users only if they voluntarily submit such information to us. Users can always refuse to supply personally identification information, except that it may prevent them from engaging in certain Site related activities.
Non-personal identification information
We may collect non-personal identification information about Users whenever they interact with our Site. Non-personal identification information may include the browser name, the type of computer and technical information about Users means of connection to our Site, such as the operating system and the Internet service providers utilized and other similar information.
Web browser cookies
Our Site may use "cookies" to enhance User experience. User's web browser places cookies on their hard drive for record-keeping purposes and sometimes to track information about them. User may choose to set their web browser to refuse cookies, or to alert you when cookies are being sent. If they do so, note that some parts of the Site may not function properly.
How we use collected information
mickshotels.com may collect and use Users personal information for the following purposes:
- To improve customer service
Information you provide helps us respond to your customer service requests and support needs more efficiently.
- To personalize user experience
We may use information in the aggregate to understand how our Users as a group use the services and resources provided on our Site.
- To process payments
We may use the information Users provide about themselves when placing an order only to provide service to that order. We do not share this information with outside parties except to the extent necessary to provide the service.
- To share your information with third parties
We may share or sell information with third parties for marketing or other purposes.
- To send periodic emails
We may use the email address to send User information and updates pertaining to their order. It may also be used to respond to their inquiries, questions, and/or other requests. If User decides to opt-in to our mailing list, they will receive emails that may include company news, updates, related product or service information, etc. If at any time the User would like to unsubscribe from receiving future emails, we include detailed unsubscribe instructions at the bottom of each email or User may contact us via our Site.
How we protect your information
We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our Site.
Sensitive and private data exchange between the Site and its Users happens over a SSL secured communication channel and is encrypted and protected with digital signatures.
Sharing your personal information
We may use third party service providers to help us operate our business and the Site or administer activities on our behalf, such as sending out newsletters or surveys. We may share your information with these third parties for those limited purposes provided that you have given us your permission.
Third party websites
Users may find advertising or other content on our Site that link to the sites and services of our partners, suppliers, advertisers, sponsors, licensors and other third parties. We do not control the content or links that appear on these sites and are not responsible for the practices employed by websites linked to or from our Site. In addition, these sites or services, including their content and links, may be constantly changing. These sites and services may have their own privacy policies and customer service policies. Browsing and interaction on any other website, including websites which have a link to our Site, is subject to that website's own terms and policies.
Advertising
Ads appearing on our site may be delivered to Users by advertising partners, who may set cookies. These cookies allow the ad server to recognize your computer each time they send you an online advertisement to compile non personal identification information about you or others who use your computer. This information allows ad networks to, among other things, deliver targeted advertisements that they believe will be of most interest to you. This privacy policy does not cover the use of cookies by any advertisers.
Google Adsense
Some of the ads may be served by Google. Google's use of the DART cookie enables it to serve ads to Users based on their visit to our Site and other sites on the Internet. DART uses "non personally identifiable information" and does NOT track personal information about you, such as your name, email address, physical address, etc. You may opt out of the use of the DART cookie by visiting the Google ad and content network privacy policy at http://www.google.com/privacy_ads.html
Changes to this privacy policy
mickshotels.com has the discretion to update this privacy policy at any time. When we do, we will revise the updated date at the bottom of this page. We encourage Users to frequently check this page for any changes to stay informed about how we are helping to protect the personal information we collect. You acknowledge and agree that it is your responsibility to review this privacy policy periodically and become aware of modifications.
Your acceptance of these terms
By using this Site, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our Site. Your continued use of the Site following the posting of changes to this policy will be deemed your acceptance of those changes.
Contacting us
If you have any questions about this Privacy Policy, the practices of this site, or your dealings with this site, please contact us at:
mickshotels.com
www.mickshotels.com
613-558-9338
[email protected]
This document was last updated on December 18, 2012
Privacy policy created by http://www.generateprivacypolicy.com
Personal identification information
We may collect personal identification information from Users in a variety of ways, including, but not limited to, when Users visit our site, place an order, subscribe to the newsletter, respond to a survey, fill out a form, and in connection with other activities, services, features or resources we make available on our Site. Users may be asked for, as appropriate, name, email address, mailing address, phone number, credit card information. Users may, however, visit our Site anonymously. We will collect personal identification information from Users only if they voluntarily submit such information to us. Users can always refuse to supply personally identification information, except that it may prevent them from engaging in certain Site related activities.
Non-personal identification information
We may collect non-personal identification information about Users whenever they interact with our Site. Non-personal identification information may include the browser name, the type of computer and technical information about Users means of connection to our Site, such as the operating system and the Internet service providers utilized and other similar information.
Web browser cookies
Our Site may use "cookies" to enhance User experience. User's web browser places cookies on their hard drive for record-keeping purposes and sometimes to track information about them. User may choose to set their web browser to refuse cookies, or to alert you when cookies are being sent. If they do so, note that some parts of the Site may not function properly.
How we use collected information
mickshotels.com may collect and use Users personal information for the following purposes:
- To improve customer service
Information you provide helps us respond to your customer service requests and support needs more efficiently.
- To personalize user experience
We may use information in the aggregate to understand how our Users as a group use the services and resources provided on our Site.
- To process payments
We may use the information Users provide about themselves when placing an order only to provide service to that order. We do not share this information with outside parties except to the extent necessary to provide the service.
- To share your information with third parties
We may share or sell information with third parties for marketing or other purposes.
- To send periodic emails
We may use the email address to send User information and updates pertaining to their order. It may also be used to respond to their inquiries, questions, and/or other requests. If User decides to opt-in to our mailing list, they will receive emails that may include company news, updates, related product or service information, etc. If at any time the User would like to unsubscribe from receiving future emails, we include detailed unsubscribe instructions at the bottom of each email or User may contact us via our Site.
How we protect your information
We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our Site.
Sensitive and private data exchange between the Site and its Users happens over a SSL secured communication channel and is encrypted and protected with digital signatures.
Sharing your personal information
We may use third party service providers to help us operate our business and the Site or administer activities on our behalf, such as sending out newsletters or surveys. We may share your information with these third parties for those limited purposes provided that you have given us your permission.
Third party websites
Users may find advertising or other content on our Site that link to the sites and services of our partners, suppliers, advertisers, sponsors, licensors and other third parties. We do not control the content or links that appear on these sites and are not responsible for the practices employed by websites linked to or from our Site. In addition, these sites or services, including their content and links, may be constantly changing. These sites and services may have their own privacy policies and customer service policies. Browsing and interaction on any other website, including websites which have a link to our Site, is subject to that website's own terms and policies.
Advertising
Ads appearing on our site may be delivered to Users by advertising partners, who may set cookies. These cookies allow the ad server to recognize your computer each time they send you an online advertisement to compile non personal identification information about you or others who use your computer. This information allows ad networks to, among other things, deliver targeted advertisements that they believe will be of most interest to you. This privacy policy does not cover the use of cookies by any advertisers.
Google Adsense
Some of the ads may be served by Google. Google's use of the DART cookie enables it to serve ads to Users based on their visit to our Site and other sites on the Internet. DART uses "non personally identifiable information" and does NOT track personal information about you, such as your name, email address, physical address, etc. You may opt out of the use of the DART cookie by visiting the Google ad and content network privacy policy at http://www.google.com/privacy_ads.html
Changes to this privacy policy
mickshotels.com has the discretion to update this privacy policy at any time. When we do, we will revise the updated date at the bottom of this page. We encourage Users to frequently check this page for any changes to stay informed about how we are helping to protect the personal information we collect. You acknowledge and agree that it is your responsibility to review this privacy policy periodically and become aware of modifications.
Your acceptance of these terms
By using this Site, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our Site. Your continued use of the Site following the posting of changes to this policy will be deemed your acceptance of those changes.
Contacting us
If you have any questions about this Privacy Policy, the practices of this site, or your dealings with this site, please contact us at:
mickshotels.com
www.mickshotels.com
613-558-9338
[email protected]
This document was last updated on December 18, 2012
Privacy policy created by http://www.generateprivacypolicy.com
@2012 MicksHotels.com. Privacy | Terms and Conditions | Contact Us