I've been studying PHP using only the internet, so I've been experiencing errors.
<?php
$name = $_POST['name'];
$lg = $_POST['lg'];
if (is_string($name) && is_numeric($lg)) {
header( "Location: portal.php?ejhbusbhdubr=nennuncuiecbdhbcvhebchebcdjebcdsjhbcebhfcvebhdchebhcvhervbhecbvecveh" ) ;
}
if (empty($name) && is_numeric($lg)) {
echo "Please enter your name.";
}
else {
header ("Location: index.php?invalid=true");
}
?>
I'm having problems with the second if statement. What I'm trying to do is that I'm trying to make an error message appear when the $name variable is left empty, and the $lg variable isn't. I think the is_string variable handler's the problem here. Perhaps a string can be empty. But as I said, since I don't have a book, I don't know what to change it too.
In case you still don't get what I mean,
Name: ""
LG: "1234"
I want the above to return as error. Help would be appreciated.
Try to write you condition like this:
if (empty($name) && !empty($lg))
Try it like this, I just moved your if over the first one, and changed it a bit. You have to test if the string is empty before testing, if it is a string. I mean is_string will return true even if the string is empty.
<?php
$name = $_POST['name'];
$lg = $_POST['lg'];
if (empty(trim($name)) && is_numeric($lg)) {
echo "Please enter your name.";
}
elseif(is_numeric($lg)) {
header( "Location: portal.php?ejhbusbhdubr=nennuncuiecbdhbcvhebchebcdjebcdsjhbcebhfcvebhdchebhcvhervbhecbvecveh" ) ;
die();
}
else {
header ("Location: index.php?invalid=true");
die();
}
Related
I have a form which posts variables through to a PHP processing script.
Before the processing script begins I would like to sanitize the posted variables:
$Contact_Name = filter_var($_POST['contactName'], FILTER_SANITIZE_STRING);
$Company = filter_var($_POST['company'], FILTER_SANITIZE_STRING);
$Telephone = filter_var($_POST['telephone'],FILTER_SANITIZE_NUMBER_INT);
So far. So good.
But sanitizing and validating the email is a real pain.
$Email = $_POST['email'];
$Sanitised_Email = filter_var($Email, FILTER_SANITIZE_EMAIL);
$Email_is_valid = filter_var($Email, FILTER_VALIDATE_EMAIL);
If $Sanitised_Email isn't the same as $Email, I want to go back to the form page:
if ($Sanitised_Email != $Email) {
header('Location: http://'.$_SERVER['HTTP_HOST'].'/form.php');
}
If $Email_is_valid is false, I want to go back to the form page:
if ($Email_is_valid == FALSE) {
header('Location: http://'.$_SERVER['HTTP_HOST'].'/form.php');
}
Neither of these two if statements work when I enter an email which is both invalid and in need of sanitisation such as:
i.am.(totally)invalid#asanemailaddress
What am I doing wrong? Have I messed up my syntax somewhere?
Syntax seems good. I think your problem is that you are not ending your script after setting header. Change it to:
if (condition) {
header('Location: www.example.com');
exit();
}
Learn how to debug your code, you can simply echo something to know if you are entering a structure or not. A good practice is also to create a function to redirect pages, it's quick, clean and save some lines:
function redirect($page){
header('Location: http://'.$_SERVER['HTTP_HOST']."/$page.php");
exit();
}
i'm working on a php assignment for log in function using .txt file instead of db, but i'm facing with some sort of problem here. supposedly the "invalid email or password" to be shown after a non exist details key in, but when the page load, the msg showed by default, below is my code
<?php
$lines= file("customers.txt");
$matchFound=false;
$errmsg = 'Invalid email or password';
for($i=0;$i<count($lines);$i++)
{
if ($i!=0)
{
$line=trim($lines[$i]);
$cells=explode("\t",$line);
$_SESSION['email'] = isset($_POST['email'])? $_POST['email'] : null;
$_SESSION['password'] = isset($_POST['password']) ? $_POST['password'] : null;
if ($_SESSION['email']==$cells[2] && $_SESSION['password']==$cells[3])
{
$matchFound=true;
break;
}
}
}
if ($matchFound == true)
{
header('Location: login2.php');
}
else
{
echo $errmsg;
}
?>
This is because you're not checking if the user submitted the form input correctly. The value of $matchFound is FALSE by default, and the error message will always be displayed when the script is ran.
Specify a name attribute for your form submit button, and then add an if block to make sure the form was correctly submitted:
if (isset( $_POST['submitButton'] )) {
# code...
}
That way, the code inside the if block won't be run if the user input wasn't received and you could avoid the error being displayed every time you load the page.
Also, you're missing the session_start() statement at the top of your script. This is required if you want the sessions to work properly.
Try:
if ($matchFound == true)
{
header('Location: login2.php');
}
else if(isset($_POST['email']))
{
echo $errmsg;
}
Also you need session_start to use $_SESSION array
I made login.php file by following video tutorial and I am trying to make so that the page will show exist instead of blank page. I know that user exists because I made user with my name on phpMyAdmin.
Her is the code
<?php
include 'core/init.php';
if (user_exists('Denis') === true) {
echo 'exists';
}
die();
if(empty($_POST) === false) {
$username = $_POST['username'];
$password = $_POST['password'];
if (empty($username) === true || empty($password) === true) {
$errors[] = 'You need to enter a username and password';
} else if (user_exists($username) === false) {
$errors[] = 'We can\'t find that username. Have you registered?';
}
}
?>
Init.php
<?php
session_start();
error_reporting(0);
require 'database/connect.php';
require 'functions/general.php';
require 'functions/users.php';
$errors = array();
?>
you are calling the die() function at line 7
this function terminates the running script
Clearly user_exists('Denis') is returning false, since it's getting past the echo 'exists'; line and hitting the die() call.
Depending on how you are returning your boolean, you might try two "==" signs rather than three. It might not be able to type cast.
You can try:
if (user_exists('Denis')) {
echo 'exists';
}
As long as user_exists('Denis') evaluates to true (i.e. is not empty or 0), you will "exists" will be echoed.
If that doesn't work, try to figure out why user_exists() is getting a falsy value. There may be something wrong with the logic to check if a user exists.
Ive got this register script that puts the information into a mysql database. now it all works fine and when someone does something wrong its says the error (e.g. "Username not defined")
but when it goes wrong it does not look very good because it just displays the message on an empty page, so i thought i would make it redirect to the form page and display the message there.
here is the working script
$forename = $_POST['forename'];
$surname = $_POST['surname'];
$email = $_POST['email'];
$password = $_POST['password'];
$username = $_POST['username'];
$errors = array();
if(!$username) {
$errors[] = "Username is not defined";
}
if(!$password) {
$errors[] = "Password is not defined";
}
and it continues.
now i just thought i could do this
$errors = array();
if(!$username) {
$errors[] = header( 'Location: http://localhost/muiltabledistractions/#!/page_register_error-Username-is-not-defined' ) ;
}
if(!$password) {
$errors[] = "Password is not defined";
}
but no, all it does is ignore it.
could someone please help me
please feel free to ask for more of the script if you need it
many thanks connor
You cannot wrap a header in a array like that.
You just call the function, then it redirects.
header( 'Location: http://localhost/muiltabledistractions/#!/page_register_error-Username-is-not-defined' ) ;
it does not look very good because it just displays the message on an empty page,
What's the problem?
Why not to show the form again? with fields already filled.
This is going to be a user-friendly interface.
Just include your form in the same page with fields populated.
That's more common way than your redirects to blank form.
This is called POST/Redirect/GET pattern and here goes a short example of it:
the code
<?
if ($_SERVER['REQUEST_METHOD']=='POST') {
$err = array();
//performing all validations and raising corresponding errors
if (empty($_POST['name']) $err[] = "Username field is required";
if (empty($_POST['text']) $err[] = "Comments field is required";
if (!$err) {
// if no errors - saving data
// and then redirect:
header("Location: ".$_SERVER['PHP_SELF']);
exit;
} else {
// all field values should be escaped according to HTML standard
foreach ($_POST as $key => $val) {
$form[$key] = htmlspecialchars($val);
}
} else {
$form['name'] = $form['comments'] = '';
}
include 'form.tpl.php';
?>
the template
<? if ($err): ?>
<? foreach($err as $e): ?>
<div class="err"><?=$e?></div>
<? endforeach ?>
<? endif ?>
<form>
<input type="text" name="name" value="<?=$form['name']?>">
<textarea name="comments"><?=$form['comments']?></textarea>
<input type="submit">
</form>
You are placing the return value of the header function in an array, then continuing with your page execution.
If you don't care about anything that would normally happen below that redirection, which I believe is what you're implying, you should just set the header and then immediately exit. Do not try to place the return value of the header function into the errors array like that, as there's no point.
if(!$username) {
header('Location: http://localhost/muiltabledistractions/#!/page_register_error-Username-is-not-defined');
exit;
}
I don't if this is the problem, but it's important to include the status code in header too. Like:
header("Location: /foo.php",TRUE,302);
307 for Temporary Redirect, 302 for permanently moved. Chrome, a while ago, didn't accepted headers redirect without status code (i don't know nowadays).
try this after filling your error array:
if (count($errors) > 0)
{
header( 'Location: http://localhost/muiltabledistractions/#!/page_register_error-Username-is-not-defined' );
exit;
}
Keep in mind there should be no html output before this part!
Having issues with verifying that my form fields are not empty. I thought I used isset in the past but I am having issues with it below. I know I can do it with =="" but want to figure it out this way.
if(isset($_POST['submit'])){
$error= false;
if (isset($_POST['name'])){$name=$_POST['name'];}else{$error=true; $error_message="enter a name"; echo "no name";};
if(!$error){
//SUBMIT TO DATABASE
}else{ echo $error_message;
}
}
But I keep getting the error that error_message is not set.
Isset() just test if the variable exists. It's almost always the case in a POST form (even if variable is empty). To be sure they're not, use the empty() test.
Here is the code :
if(count($_POST) > 0){
$error = false;
if (!empty($_POST['name']))
$name = $_POST['name'];
else{
$error = true;
$error_message = "enter a name";
echo "no name";
}
if(!$error)
//SUBMIT TO DATABASE
else
echo $error_message;
}
you also had a syntax error with the semicolon after your first else.
Be careful, a variable set to 0 is detected as being empty. Check http://php.net/manual/en/function.empty.php
First, I'd recommend -not- using this method to determine if there was a post. I generally use one of the following:
if($_POST)
OR
if(count($_POST) > 0)
The second isset() call (to check for the name) is fine. Try using full caps to set TRUE or FALSE to the $error variable. You can also use 0 and 1 for TRUE and FALSE respectively; they work fine with if($error) and if(!$error). I believe this is where your problem lies. That is, $error was never set properly, so it is in fact not TRUE, but 'false'. However, because $_POST['name'] wasn't set, and $error_message was not either. Let me know if this works for you. I'll look into it further if it doesn't.
An empty PHP string is not null:
$a = '';
echo isset($a); //true
echo $a == ''; //true
use == instead
You could also use empty($var) function