<?php
include_once("php_includes/check_login_status.php");
if($user_ok != true){
header("location: login.php");
exit();
}
?>
<?php
$result = mysqli_query($db_conx, "SELECT active FROM profilepage WHERE username='$u'") or die(mysqli_error($db_conx));
$row = mysqli_fetch_assoc($result) or die ("$u not found");
$a_check = $row['active'];
if ($u == $log_username && $user_ok == true && $a_check = 1){
echo include_once("videofeedform.php"); }
else ($user_ok != true && $a_check = 1 or $user_ok = true && $a_check = 1);
{ echo "viewers should only see this"; }
exit();
if($u == $log_username && $user_ok == true && $a_check = 0 or $u != $log_username && $user_ok == true && $a_check = 0 or $u != $log_username && $user_ok != true && $a_check = 0)
($a_check = 0); {
echo ' Video is going to be added here'; }
exit();
?>
ok so basically I am trying to make a module work only if it has been activated to work by the user. Only the owner of the pages sees what they is mean to and the viewer only sees what they are meant to so that part works perfect however i need to tell the script to do these IF's only if the data inside the row match 1 and if they do not match 1 (e.g 0) then they do something else. I believe the current search is only looking for a number of rows called active what is owned by the user and if it is then do...... I was wondering how I would make the query look inside the row to find the data it needs to execute as it just seems like it is just executing when it finds 1 row that matches
okay there is a decent amount wrong with this script.
you never show us what $log_username or $user_ok so I cannot help to evaluate whether those contain the correct values in your script. We'll just assume they do.
You must brush up on your usage of Comparison Operators in php.:
http://www.php.net/manual/en/language.operators.comparison.php
throughout the conditionals(if, elseif, etc..) in your script you have things like:
if ( $a_check = 1 )
but with a single '=' you are assigning the integer value 1 to the variable $a_check, this is basically the same thing as saying:
if (1)`
which evaluates to true in your if statement (any integer value other than 0 will always evaluate to true).
similarly the line
if ( $a_check = 2 )
is the same as
if (2)
and would also evaluate to true
as aldanux mentioned in his comment above, if you would like to compare if 2 variables are equal you should use ==.
if ( $var1 == $var2 )
if they are equal this will evaluate to true.
More issues with conditionals:
http://www.php.net/manual/en/control-structures.elseif.php
this block:
if ($u == $log_username && $user_ok == true && $a_check = 1){
echo include_once("videofeedform.php"); }
else ($user_ok != true && $a_check = 1 or $user_ok = true && $a_check = 1);
{ echo "viewers should only see this"; }
exit();
should be more like:
if ($u == $log_username && $user_ok == true && $a_check == 1){
echo include_once("videofeedform.php");
}
else if ($user_ok != true && $a_check == 1 or $user_ok == true && $a_check == 1)
{
echo "viewers should only see this";
exit(); //move exit inside the elseif block
}
fixed conditionals
use elseif since you want to evaluate another expression (e.g. $user_ok != true && $a_check == 1 or $user_ok == true && $a_check == 1),
remove semicolon from the end of your else statements
move exit() inside the elseif block (as you currently have the script would always exit on that line).
also an additional comment. the expression:
else if ($user_ok != true && $a_check == 1 or $user_ok == true && $a_check == 1)
is saying i don't care is $user_ok is true or false as long as $a_check equals one. This is the same thing as doing:
else if ($a_check == 1)
though... now im thinking you just want to exit if your previous if statment false:
if ($u == $log_username && $user_ok == true && $a_check == 1) //if this fails, exit
so your code there would actually look something more like:
if ($u == $log_username && $user_ok == true && $a_check == 1){
echo include_once("videofeedform.php");
}
else{ //just remove the expression from here
echo "viewers should only see this";
exit(); //move exit inside the elseif block
}
these same issues discussed above exist with your last if statement.
Related
I have done an email activation, which is working but am trying to adopt the same concept for my antispam activation. It is working for some people but sometimes, I keep getting that one of the variables is not set, is just just a trial and error thing?
I also read somewhere that I should include a not empty check too after the isset() check.
<?php
include_once __DIR__.'/header2.php';
if(isset($_SESSION['u_uid'])) {
echo "<meta http-equiv='refresh' content='0;url=../header2.php?reply=mustloggedoutfirst'>";
exit();
} else {
if(!isset($_GET['email']) && $_GET['email'] !== '' || !isset($_GET['userid']) && $_GET['userid'] !== '' || !isset($_GET['id']) && $_GET['id'] !== '' || !isset($_GET['reply_registration_expirydate']) && $_GET['reply_registration_expirydate'] !== '') {
echo "<meta http-equiv='refresh' content='0;url=../index.php?reply=missinglink'>";
exit();
} else {
$email = strip_tags($_GET['email']);
$username = strip_tags($_GET['userid']);
$id = strip_tags($_GET['id']);
$reply_registration_expirydate = strip_tags($_GET['reply_registration_expirydate']);
if (empty($_SESSION['key'])) {
$_SESSION['key'] = base64_encode(openssl_random_pseudo_bytes(32));
}
}
}
I forgot to add to my previous question that initially, I had the following code, which seems to work for most people for not for some...
if (!isset($_GET['email']) || !isset($_GET['activatetoken']) || !isset($_GET['reply_registration_expirydate'])) {
echo "<meta http-equiv='refresh' content='0;url=../index.php?reply=missinglink'>";
exit();
Update your IF-clause and remove the negation of "isset".
With "!isset($_GET['email']) && $_GET['email'] !== ''" you're checking if the variable is NOT set and then (being not set) if it's NOT unequal to an empty string, this must run into a "variable not set"-error.
The logical order of your if statement is probably incorrect. By "missing link errors" you probably mean this part of the if-statement is executed:
if(!isset($_GET['email']) && $_GET['email'] !== '' || !isset($_GET['userid']) && $_GET['userid'] !== '' || !isset($_GET['id']) && $_GET['id'] !== '' || !isset($_GET['reply_registration_expirydate']) && $_GET['reply_registration_expirydate'] !== '') {
formatted:
if (! isset($_GET['email']) // IS NOT SET email
&& $_GET['email'] !== '' // and IS NOT EMPTY email
|| !isset($_GET['userid']) // or IS NOT SET userid
&& $_GET['userid'] !== '' // and IS NOT EMPTY userid
|| !isset($_GET['id']) // or IS NOT SET id
&& $_GET['id'] !== '' // and IS NOT EMPTY id
|| !isset($_GET['reply_registration_expirydate']) // or IS NOT SET reply_registration_expirydate
&& $_GET['reply_registration_expirydate'] !== '') { // and IS NOT EMPTY reply_registration_expirydate
Due to the precedence of the operators, your statement might evaluate to true earlier than you want. You need to use parentheses to group operands.
if ((! isset($_GET['email']) // (IS NOT SET email
&& $_GET['email'] !== '') // and IS NOT EMPTY email)
|| (!isset($_GET['userid']) // or (IS NOT SET userid
&& $_GET['userid'] !== '') // and IS NOT EMPTY userid)
|| (!isset($_GET['id']) // or (IS NOT SET id
&& $_GET['id'] !== '') // and IS NOT EMPTY id)
|| (!isset($_GET['reply_registration_expirydate']) // or (IS NOT SET reply_registration_expirydate
&& $_GET['reply_registration_expirydate'] !== '')) { // and IS NOT EMPTY reply_registration_expirydate)
I have been making stuff in PHP for a while, everything is always fine. But today I don't get this statement. Why is it always true?
if ($action != 1 || $action != 2) echo true; // TRUE for 0, 1, 2, 3
But the reverse logic
if ($action == 1 || $action == 2) echo true; // FALSE for 0, 3 TRUE for 1, 2
The first expression blows my mind. I guess I don't understand something very very basic, not in PHP but in the Universe, so I don't get it here. I thought that if (FALSE || TRUE) == FALSE, but it isn't a case for second example. It works as expected.
So, where is the answer how to say that: "If the variable is not 1 OR 2 - echo true". I don't understand why my if ($var != 1 OR $var != 2) echo true; doesn't work as I expect.
Negation of ($action != 1 || $action != 2) is ($action == 1 && $action == 2). You can see for yourself that the latter is always false because variable can not be both 1 and 2 at the same time. Therefore the original condition is bound to be always true.
It is working as it has to work. See the doc http://php.net/manual/en/language.operators.logical.php
$a || $b returns TRUE if either $a or $b is TRUE.
If you try like this, hope it will make sense, see the comment on every line
$action = 0;
var_dump($action != 1 || $action != 2); //here (true || true)
$action = 1;
var_dump($action != 1 || $action != 2); //here (false || true)
$action = 2;
var_dump($action != 1 || $action != 2); //here (true || false)
$action = 3;
var_dump($action != 1 || $action != 2); //here (true || true)
Condition OR will search for first TRUE result, your code will give TRUE all the time as any value will be even not 1 or 2.
From you example if $action = 1 then the condition $action != 2 will give true, also if $action = 2 then $action != 1 will give TRUE.
For (If the variable is not 1 OR 2 - echo true) use this:
if(!in_array($action, array(1,2)) echo "true";
EDIT:
You can also check it like this:
if(!($action == 1 || $action == 2)) echo "true";
if ($action == 2 || $action == 1) echo true; // FALSE for 0, 3 TRUE for 1, 2
Works as intended. Its basically "echo true if $action is either 1 or 2".
I have three different conditions used to display specific content on the page. However the second condition seems to invalidate the third one. I'm wondering how I can fix this. Whether I put false or true first the third condition seems to be ignored. I have tried many different combinations and it's always the same thing. Whatever condition I put first after <?php if(isset($_GET['viewinbox']) == 'inboxmessages' && $resultm == TRUE OR $resultm == FALSE) :?> the third condition is ignored. I wonder why.
<?php if(isset($_GET['viewinbox']) == 'inboxmessages' && $resultm == TRUE OR $resultm == FALSE) :?>
//show main page
<?php elseif($_GET['view'] == 'inboxmessage' && $resultm == TRUE) :?>
//show my inbox
<?php elseif($_GET['view'] == 'inboxmessage' && $resultm != TRUE) :?>//whatever condition is placed here gets ignored
//show something else
<?php endif;?>
I may regret this, but this seems to be the intent if you are using actual boolean TRUE and FALSE and $resultm will be one of those:
<?php if(isset($_GET['viewinbox']) && $_GET['viewinbox'] == 'inboxmessages') :?>
//show main page
<?php elseif(isset($_GET['view']) && $_GET['view'] == 'inboxmessage' && $resultm === TRUE) :?>
//show my inbox
<?php elseif(isset($_GET['view']) && $_GET['view'] == 'inboxmessage' && $resultm !== TRUE) :?>
//show something else
<?php endif;?>
isset() returns true or false so it will never == 'inboxmessages'. Also, the $resultm == TRUE OR $resultm == FALSE is ambiguous and not needed.
This is probably because you are loosely comparing the result of isset with a string. I guess this is in error.
isset returns a boolean, that is either true or false.
because you use == you are doing a loose comparison ( === would be a strict comparison)
when you compare different types of data loosely (i.e. a string and a boolean) php will convert the types - this generally makes life easier, but can lead to confusing scenarios if you do not understand the concept.
In this case php will basically convert your string to a boolean, and for this it will convert to true so if your variable isset and therefore isset returns true, what you basically are saying is if(true==true)
See: http://php.net/manual/en/types.comparisons.php
You also then check the same variable for both true and false, again loosely - so one of them will always be the case, if you had used === then there are lots of scenarios where neither would.
So ignoring the $resultm issue what I think you meant was:
<?php if($_GET['viewinbox'] == 'inboxmessages' && $resultm == TRUE OR $resultm == FALSE) :?>
//show main page
<?php elseif($_GET['view'] == 'inboxmessage' && $resultm != TRUE) :?>
//show my inbox
<?php elseif($_GET['view'] == 'inboxmessage' && $resultm == TRUE) :?>
//show something else
<?php endif;?>
You may have then found that you got errors when you ran this because sometimes you get warnings about $_GET['viewinbox'] not being set. so what you should do is:
<?php if(isset($_GET['viewinbox']) && $_GET['viewinbox'] == 'inboxmessages' && $resultm == TRUE OR $resultm == FALSE) :?>
//show main page
<?php elseif(isset($_GET['view']) && $_GET['view'] == 'inboxmessage' && $resultm != TRUE) :?>
//show my inbox
<?php elseif(isset($_GET['view']) && $_GET['view'] == 'inboxmessage' && $resultm == TRUE) :?>
//show something else
<?php endif;?>
To fix the $resultm issue - and I am guessing what you mean here, what you probably want is:
<?php if(isset($_GET['viewinbox']) && $_GET['viewinbox'] == 'inboxmessages') :?>
//show main page
<?php elseif(isset($_GET['view']) && $_GET['view'] == 'inboxmessage' && !$resultm) :?>
//show my inbox
<?php elseif(isset($_GET['view']) && $_GET['view'] == 'inboxmessage' && $resultm) :?>
//show something else
<?php endif;?>
I have removed the first pointless check of both true and false and simplified the subsequent checks, as you can do a loose comparison to check if something is true just with if($var) and to check false if(!$var)
I haven't been able to find a solution to this issue and hope that a another set of eyes may pick up on something. The else $confirm = line is not executed when the first "if" is not true and I can't figure out why.
if($_POST['zip'] && $_POST['country']=='USA' && !empty($fax)){
$plus4 = substr($_POST["zip"],6,4);
if (empty($plus4)) {
$link = 'Zip + 4';
$msg = "Your Zip + 4 was not provided! We cannot fax your Representative without your Zip+4.<br/>Click here to find your ".$link ;
print "<p style=\"color: red;\"><b>$msg<br/><br/></b></p>";
}
if (empty($_POST['state']) || empty($_POST['zip'])) $statezip = false ; // Check for State & Zip Required
else $statezip = true ;
//if (empty($state) || empty($zip) || empty($plus4)) $statezip = false ; // Check for State & Zip Required
$confirm = !empty($_POST['name']) && !empty($_POST['from']) && !empty($_POST['address']) && !empty($_POST['city']) && !empty($_POST['country']) && $statezip == true ; // Verify required fields
}
else $confirm = !empty($_POST['name']) && !empty($_POST['from']) && !empty($address) && !empty($city) && !empty($country) && $statezip == true ; // Verify required fields
Your else statement will always return false for $confirm due to the last condition:
&& $statezip == true
You are setting that value in the if statement, so it is undefined in the else statement.
Add your curly braces to the ELSE statement. Since you use them in the defining IF, the parser is expecting them.
else {
$confirm = !empty($_POST['name']) && !empty($_POST['from']) && !empty($address) && !empty($city) && !empty($country) && $statezip == true ; // Verify required fields
}
use isset to check that variable exist,
function empty return true even if it contain 0 ,
when you are using else use brackets { too
else{do something}
This may be the way my server is set up, but I'm banging my head against the wall. I'm trying to say that if $action has no value or has a value that is not "add" or "delete" then have an error, else keep running the script. However, I get an error no matter what $action is.
$action = $_GET['a'];
if((!isset($action)) || ($action != "add" || $action != "delete")){
//header("location:index.php");
echo "error <br>";
}
$action is being set properly and if run something like if($action =="add") it works. This is on my local host, so it could be a settings issue.
Your logic is slightly off. The second || should be &&:
if ((!isset($action)) || ($action != "add" && $action != "delete"))
You can see why your original line fails by trying out a sample value. Let's say $action is "delete". Here's how the condition reduces down step by step:
// $action == "delete"
if ((!isset($action)) || ($action != "add" || $action != "delete"))
if ((!true) || ($action != "add" || $action != "delete"))
if (false || ($action != "add" || $action != "delete"))
if ($action != "add" || $action != "delete")
if (true || $action != "delete")
if (true || false)
if (true)
Oops! The condition just succeeded and printed "error", but it was supposed to fail. In fact, if you think about it, no matter what the value of $action is, one of the two != tests will return true. Switch the || to && and then the second to last line becomes if (true && false), which properly reduces to if (false).
There is a way to use || and have the test work, by the way. You have to negate everything else using De Morgan's law, i.e.:
if ((!isset($action)) || !($action == "add" || $action == "delete"))
You can read that in English as "if action is not (either add or remove), then".
No matter what $action is, it will always either not be "add" OR not be "delete", which is why the if condition always passes. What you want is to use && instead of ||:
(!isset($action)) || ($action !="add" && $action !="delete"))
You're saying "if it's not set or it's different from add or it's different from delete". You realize that a != x && a != y, with x != y is necessarily false since a cannot be simultaneously two different values.
You could also try:
if ((!isset($action)) || !($action == "add" || $action == "delete")) {
// Do your stuff
}
For future reference, you can quickly create a truth table to check if it evaluates the way you want... it's kind of like Sudoku.
(!isset($action)) && ($action != "add" && $action != "delete"))
Example:
column 1 is issetaction, column 2 and 3 evaluates !="add","delete" respectively
if($a=add) T && (F && T) => T && F => FALSE
if($a=delete) T && (T && F) => T && F => FALSE
if($a=nothing) T && (T && T) => T && T => TRUE
I think this is the best and easiest way to do it:
if (!(isset($action) && ($action == "add" || $action == "delete")))
Not an answer, but just for the sake of code formatting
if((isset($_GET['a'])) $action=$_GET['a']; else $action ="";
if(!($action === "add" OR $action === "delete")){
header("location: /index.php");
exit;
}
Note the exit; statement after header(). That's the important thing. header() does not terminate script execution.