Error handling PHP function - php

So I want to make a function to display errors instead of saying echo "error message", I want something like $this->errorDisplay('error message');
I currently have this, but it's not doing the job.
function errorDisplay($msg) {
$this->errors[] = $msg;
foreach($this->errors as $error) {
echo $error;
}
}
public function checkFields($username,$password) {
if(!empty($username) && !empty($password)) {
//proceed to validation
} else {
$this->errorDisplay('All fields are required.');
}
}


Instead of trying to do everything in one method, split the process into 2. One method adds messages to an array, and the other shows all the previously saved up messages.
Class xxx
{
public $errors = array();
public function addError($msg) {
$this->errors[] = $msg;
}
public function showErrors() {
foreach($this->errors as $error) {
echo $error;
}
}
public function initErrors() {
$this->errors = array();
}
public function checkFields($username,$password) {
$this->initErrors();
if( empty($username) ) {
$this-addError('Username missing');
}
if ( empty($password) ) {
$this-addError('Password missing');
}
if ( count($this->errors) > 0 ) {
$this->showErrors();
}
}
} //end class

Related

$_SESSION gets unset before accessing value

Code for setting the session message
if($result === true) {
$session->message('The admin was updated successfully');
// $_SESSION['message'] = 'The admin was updated successfully';
redirect_to(url_for('/staff/admins/show.php?id=' . $id));
} else {
// show errors
}
This is the code for displaying the session message
function display_session_message() {
global $session;
$msg = $session->message();
if(isset($msg) && $msg != '') {
$session->clear_message();
return '<div id="message">' . $msg . '</div>';
}
}
Code for getting session message
public function message($msg="") {
if (!empty($msg)) {
$_SESSION['message'] = $msg;
return true;
} else {
return $_SESSION['message'] ?? '';
}
}
Session Class (also included in this class is public function message())
class Session
{
public function __construct() {
session_start();
$this->check_stored_login();
}
public function clear_message() {
unset($_SESSION['message']);
}
}

You have to use:
session_start();
in top of each file you are using for session to work

Error handler function in application

I'm relatively new in programming. I'm trying to catch and display errors in my aplication. With global variable is simple:
$errors = '';
class Name {
/**
* Validate form
*/
public function validate_form() {
global $errors;
(...)
if ( empty($_POST["blabla"]) ) {
$errors = 'Error';
}
(...)
return;
}
/**
* Display errors
*/
public function show_error() {
global $errors;
if(!empty($errors)) return '<div class="error">' . PHP_EOL . htmlspecialchars($errors) .'</div>';
}
}
...but i read that you should not use global variables. How can i do the same thing without global variable?
Sorry for my english ;)

How about not making it global, ie:
<?php
class Name {
public $errors;
/*
* Validate form
*/
public function validate_form() {
(...)
if ( empty($_POST["blabla"]) ) {
$this->errors = 'Error';
}
(...)
return;
}
}
Then everytime you run a fucntion in that class, check if an error was generated:
$obj = new Name()->validate_form();
if(isset($obj->errors)){
//oops, an error occured, do something
}

You can throw Exceptions
<?php
class Name {
/**
* Validate form
*/
public function validate_form() {
(...)
if ( empty($_POST["blabla"]) ) {
throw new RuntimeException( 'Error' );
}
(...)
return;
}
$obj = new Name();
/**
* Display errors
*/
public function show_error($e) {
return '<div class="error">' . PHP_EOL . htmlspecialchars($e->getMessage()) .'</div>';
}
}
// TEST
try {
$obj->validate_form();
}
catch(Exception $e) {
$obj->show_error($e);
}

Serializable objects disappearing from session, but not on localhost

I have a shopping cart object that implements serializable, and it works fine on my localhost, but when I upload it to the live server it stops working correctly.
When I add a product to the shopping cart and print_r($_SESSION) I can see the products have been added successfully, but when I refresh the page they disappear. This only happens with objects that implement serializable. These same objects work perfectly on my localhost, which has IDENTICAL code, and it's driving me insane.
Could it be a difference in session handling between php version 5.5 and 5.6?
I am using spl_autoload_register to load my classes if that helps at all (none of them appear in the session as incomplete_class or anything like that).
I also noticed that the session save path is blank on the live version, but is set on my localhost - but the rest of the session functions perfectly - it's only when it contains serializable classes that everything disappears.
Please help before I murder someone...
OK here's the code:
shopping cart class:
class shoppingCart implements Serializable
{
private $products, $error;
function __construct()
{
}
function addProduct($productCode, $quantity = 1)
{
include_once ('include/requests.php');
$productInfo = requestPostData('getProductList');
if (in_array(strtoupper($productCode), $productInfo['results']) == true)
{
if (isset($this->products[strtoupper($productCode)]))
{
$this->products[strtoupper($productCode)] = $this->products[strtoupper($productCode)] + $quantity;
return true;
}
else
{
$this->products[strtoupper($productCode)] = $quantity;
return true;
}
}
else
{
$this->error = 'Product '.$productCode.' could not be found.';
}
}
function editProduct($productCode, $quantity)
{
if (isset($this->products[strtoupper($productCode)]))
{
$this->products[strtoupper($productCode)] = $quantity;
}
}
function removeProduct($productCode)
{
if (isset($this->products[strtoupper($productCode)]))
{
unset($this->products[strtoupper($productCode)]);
}
}
public function getProducts()
{
if (count($this->products) >= 1)
{
return $this->products;
}
else
{
return false;
}
}
public function isInCart($productCode)
{
if (isset($this->products[strtoupper($productCode)]))
{
return true;
}
else
{
return false;
}
}
public function getQuantity($productCode)
{
if (isset($this->products[strtoupper($productCode)]))
{
return $this->products[strtoupper($productCode)];
}
else
{
return 0;
}
}
public function getError()
{
$error = $this->error;
return $error;
}
public function resetError()
{
$this->error = '';
}
public function serialize()
{
$dataArray = array('products' => $this->products, 'error' => $this->error);
return serialize($dataArray);
}
public function unserialize($data)
{
$dataArray = unserialize($data);
$this->products = $dataArray['products'];
$this->error = $dataArray['error'];
}
}
And the code on the page:
if (session_status() !== PHP_SESSION_ACTIVE)
{
session_start();
}
if (!isset($_SESSION['shoppingCart']))
{
$_SESSION['shoppingCart'] = new shoppingCart;
}
if (isset($_POST['cart__add_to_cart']))
{
if (isset($_POST['cart__quantity']))
{
if ($_SESSION['shoppingCart']->addProduct($_POST['cart__add_to_cart'], $_POST['cart__quantity']))
{
header('Location: http://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
}
}
else
{
if ($_SESSION['shoppingCart']->addProduct($_POST['cart__add_to_cart']))
{
header('Location: http://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
}
}
}
If I print_r($_SESSION) right at the bottom of the page after a product has been added then it appears in the session as it should... But as soon as I refresh it disappears :'(

PHP Custom Session Management Class

So I have a class I'm working on to manage PHP sessions, here's the class:
class SessionManagement {
public static function sessionStarted() {
if(session_id() == '') {
return false;
} else {
return true;
}
}
public static function sessionExists($session) {
if(sessionStarted() == false) {
session_start();
}
if(isset($_SESSION[$session])) {
return true;
} else {
return false;
}
}
public static function setSession($session, $value) {
if(sessionStarted() != true) {
session_start();
}
$_SESSION[$session] = $value;
if(sessionExists($session) == false) {
throw new Exception('Unable to Create Session');
}
}
public static function getSession($session) {
if(isset($_SESSION[$session])) {
return $_SESSION[$session];
} else {
throw new Exception('Session Does Not Exist');
}
}
}
Now trying this...
try {
SessionManagement::setSession('Foo', 'Bar');
echo SessionManagement::sessionStarted();
echo SessionManagement::getSession('Foo');
echo SessionManagement::sessionExists('Foo');
} catch(Exception $e) {
echo $e->getMessage();
}
...produces no output...I'm not sure where we're breaking here...any helpful eyes is greatly appreciated...

Unlike other OO languages, like C++, in your class PHP needs to know that the static methods called are from this object. For an instantiated class, that would be through $this, and in your case, static methods, this is done via self:
class SessionManagement {
public static function sessionStarted() {
if(session_id() == '') {
return false;
} else {
return true;
}
}
public static function sessionExists($session) {
if(self::sessionStarted() == false) {
session_start();
}
if(isset($_SESSION[$session])) {
return true;
} else {
return false;
}
}
public static function setSession($session, $value) {
if(self::sessionStarted() != true) {
session_start();
}
$_SESSION[$session] = $value;
if(self::sessionExists($session) == false) {
throw new Exception('Unable to Create Session');
}
}
public static function getSession($session) {
if(isset($_SESSION[$session])) {
return $_SESSION[$session];
} else {
throw new Exception('Session Does Not Exist');
}
}
}
Prepending self:: to all internal calls to the SessionManagement static methods should solve your problem.

Accessing $_POST array from objects called on page

I have a page that receives POST data from a form. I also have a form validation class that attempts to access the $_POST array when a FormValidation object is created on the page. However, the FormValidation object does not seem to have access to the $_POST array. Why is this happening, and how can I fix this?
EDIT: Added code :)
This code is from register.php
if($_SERVER['REQUEST_METHOD'] == 'POST')
{
var_dump($_POST);
$errors = validate_form();
if(count($errors) > 0)
{
display($errors);
}
else
{
act();
}
}
else
{
display();
}
function validate_form()
{
$validator = new FormValidation('POST');
$validator->add_field('first_name', 'First Name');
$validator->add_field('last_name', 'Last Name');
$validator->add_field('email_address', 'Email Address');
$validator->add_field('password', 'Password');
$validator->add_field('password_confirmation', 'Password Confirmation');
$validator->add_rule('first_name', 'required');
$validator->add_rule('last_name', 'required');
$validator->add_rule('email_address', 'required');
$validator->add_rule('email_address', 'is_valid_scarsdaleschools_email');
$validator->add_rule('password', 'required');
$validator->add_rule('password_confirmation', 'required');
$validator->add_rule('password_confirmation', 'matches', array('password', 'Password'));
return $validator->validate();
}
The form validation code looks like this
class FormValidation
{
var $fields;
var $rules; //Associative array that maps field_name to array of rules
var $errors;
var $form_method_type;
function FormValidation($form_method_type)
{
$this->form_method_type = strtoupper($form_method_type);
$this->fields = array(); //maps fields to field labels
$this->rules = array();
$this->errors = array();
}
function validate()
{
foreach(array_keys($this->fields) as $field_name)
{
if(!array_key_exists($field_name, $this->rules))
{
continue;
}
foreach(array_keys($this->rules[$field_name]) as $rule_name)
{
call_user_func_array(array($this, $rule_name), $this->rules[$field_name][$rule_name]);
}
}
return $this->errors;
}
function add_field($field_name, $field_label)
{
$this->fields[$field_name] = $field_label;
}
function add_rule($field_name, $rule_name, $parameters=array())
{
if(!isset($this->rules[$field_name]))
{
$this->rules[$field_name] = array();
}
array_unshift($parameters, $field_name, $this->fields[$field_name]);
$this->rules[$field_name][$rule_name] = $parameters;
}
function var_isset($field_name)
{
global ${'$_' . $this->form_method_type};
var_dump(${'$_' . $this->form_method_type}[$field_name]);
return isset(${'$_' . $this->form_method_type}[$field_name]);
}
function get_value($field_name)
{
global ${'$_' . $this->form_method_type};
return ${'$_' . $this->form_method_type}[$field_name];
}
////////////////////////////////////////////////////////////
/////RULES//////////////////////////////////////////////////
////////////////////////////////////////////////////////////
function required($field_name, $field_label)
{
if(!$this->var_isset($field_name))
{
$this->errors[$field_name] = "$field_label is a required field";
}
}
function is_valid_email($field_name, $field_label)
{
if($this->var_isset($field_name))
{
if(!validEmail($this->get_value($field_name)))
{
$this->errors[$field_name] = "$field_label requires a valid email address";
}
}
}
function is_alpha($field_name, $field_label)
{
if($this->var_isset($field_name))
{
if(!ctype_alpha($this->get_value($field_name)))
{
$this->errors[$field_name] = "$field_label requires alphabetical characters only";
}
}
}
function is_alphanumeric($field_name, $field_label)
{
if($this->var_isset($field_name))
{
if(!ctype_alnum($this->get_value($field_name)))
{
$this->errors[$field_name] = "$field_label requires alphanumeric characters only";
}
}
}
function is_integer_number($field_name, $field_label)
{
if($this->var_isset($field_name))
{
if(!is_int($this->get_value($field_name)) || preg_match('[-+]?[0-9]+', $this->get_value($field_name)) == 0)
{
$this->errors[$field_name] = "$field_label must be an integer";
}
}
}
function is_float_number($field_name, $field_label)
{
if($this->var_isset($field_name))
{
if(!is_float($this->get_value($field_name)) || preg_match('[-+]?[0-9]*\.?[0-9]+', $this->get_value($field_name)) == 0)
{
$this->errors[$field_name] = "$field_label must be a number";
}
}
}
function is_valid_scarsdaleschools_email($field_name, $field_label)
{
if($this->var_isset($field_name))
{
if(!validEmail($this->get_value($field_name)))
{
$this->errors[$field_name] = "$field_label requires a valid email address";
}
$email = $this->get_value($field_name);
if(!(endsWith($email, 'scarsdaleschools.org', $case=false) || endsWith($email, 'scarsdaleschools.com', $case=false) || endsWith($email, 'scarsdaleschools.k12.ny.edu', $case=false)))
{
$this->errors[$field_name] = "$field_label requires a Scarsdale Schools email address";
}
}
}
function max_length($field_name, $field_label, $max_length)
{
if($this->var_isset($field_name))
{
if(strlen($this->get_value($field_name)) > $max_length)
{
$this->errors[$field_name] = "$field_label cannot be longer than $max_length characters";
}
}
}
function min_length($field_name, $field_label, $min_length)
{
if($this->var_isset($field_name))
{
if(strlen($this->get_value($field_name)) > $min_length)
{
$this->errors[$field_name] = "$field_label must be at least $min_length characters";
}
}
}
function matches($field_name, $field_label, $match_field_name, $match_field_label)
{
if($this->var_isset($field_name) && !$this->var_isset($match_field_name))
{
$this->errors[$field_name] = "$field_label must match $match_field_label";
}
elseif(!$this->var_isset($field_name) && $this->var_isset($match_field_name))
{
$this->errors[$field_name] = "$field_label must match $match_field_label";
}
if($this->var_isset($field_name) && $this->var_isset($match_field_name))
{
if(strcmp($this->get_value($field_name), $this->get_value($match_field_name)) != 0)
{
$this->errors[$field_name] = "$field_label must match $match_field_label";
}
}
}
}
Thanks for the help!

There is a small error in your code. What you were writing was essentially $$_POST. You'll need to remove the extra dollar sign from the variable name (corrected methods below). In addition, you needn't worry about calling global $_POST; as $_POST is a superglobal, or automatic global.
Update: Retrieving $_POST via ${'_' . $this->form_method_type} does not seem to work. The code I sent you works OUTSIDE of the class, but not inside. I wanted to make sure you understood my findings, and the distinction. So while ${'_' . $formMethodType} works outside of the class, inside you'll have to use something like this:
const TYPE_POST = 'POST';
const TYPE_GET = 'GET';
const TYPE_SESSION = 'SESSION';
const TYPE_SERVER = 'SERVER';
const TYPE_REQUEST = 'REQUEST';
public $fields = array();
public $rules = array();
public $errors = array();
public function __construct($formMethodType)
{
$r = new ReflectionClass($this);
$constants = $r->getConstants();
$formMethodType = strtoupper($formMethodType);
if (!array_key_exists('TYPE_' . $formMethodType, $constants)) {
throw new InvalidArgumentException('Could not find type matching $formMethodType : ' . $formMethodType);
}
$this->form_method_type = $formMethodType;
}
public function var_isset($field_name)
{
$values = $this->get_values();
var_dump($values[$field_name]);
return isset($values[$field_name]);
}
public function get_value($field_name)
{
$values = $this->get_values();
return $values[$field_name];
}
public function get_values()
{
switch ($this->form_method_type) {
case self::TYPE_POST:
$values = $_POST;
break;
case self::TYPE_GET:
$values = $_GET;
break;
case self::TYPE_REQUEST:
$values = $_REQUEST;
break;
case self::TYPE_SERVER:
$values = $_SERVER;
break;
case self::TYPE_SESSION:
$values = $_SESSION;
break;
}
return $values;
}

We haven't yet seen any code posted, but I'll make a recommendation about using dependency injection to get the $_POST data into your form validation class, rather than accessing the superglobal from inside the class.
Since you can't always rely on $_POST being populated correctly when you are testing your code, it is advisable to inject the contents of $_POST as a parameter to the constructor of a class where it will be used. This makes it easier to debug later on.
class MyClass {
// Public property to hold post array data
public $postdata;
// constructor receives $_POST as a parameter
function __construct($param1, $param2, $postdata) {
//
$this->postdata = $postdata;
}
}
// Instantiate the class with $_POST injected
$x = new MyClass($a, $b, $_POST);
ADDENDUM after code posted
I don't see any method in your class that actually calls the get_value() method when validating. It's unclear if you are ever accessing the contents of $_POST in that class at all other than in the var_isset() and get_value() methods.

/**
* This should work for $_REQUEST and $_POST the mysql_real_escape_string
* was added to escape urls. It is best not to allow URLs as parameters.
*/
foreach( $_POST as $key=> $val)
{
${$key} = mysql_real_escape_string($val);
}

Categories