PHP $_POST issue - php

I've been wrestling with this problem for an hour or so and it seems basic but I just can't seem to get to the bottom of it. What I'm trying to do here is create a block 5 times with contents from within my mysql database.
That works fine, but my real problem is when I try to echo out error messages. I've got an IF right after FOR that checks if $_POST['champ5v5name[1-5]'] is at its default value. If it is, it should echo out an error message saying "Choose your champions!", yet it doesn't (It just goes through to the next page as if it were a success). I've tried various different methods but none of them have worked, can anybody give me a hand?
for($i=1;$i<=5;$i++) {
$result = mysql_query("SELECT name,health,damage,armour,aspeed FROM champions");
$htmltext .= '<label>Champion '.$i.'</label><br/>';
$htmltext .= '<select name="champ5v5name'.$i.'">';
$htmltext .= '<option value="select'.$i.'">Select champion:</option>';
}
while($rowschamp = mysql_fetch_array($result,MYSQL_NUM)) {
$htmltext .= '<option value="'.$rowschamp[0].'">'.$rowschamp[0].' (HP: '.$rowschamp[1].' DMG: '.$rowschamp[2].' ARMOUR: '.$rowschamp[3].' ASPEED: '.$rowschamp[4].')</option>';
}
$htmltext .= '</select><br/><br/>';
if($_POST['champ5v5name1'] != 'Select champion:' || $_POST['champ5v5name2'] != 'Select champion:' || $_POST['champ5v5name3'] != 'Select champion:' || $_POST['champ5v5name4'] != 'Select champion:' || $_POST['champ5v5name5'] != 'Select champion:') {
if($_POST['champ5v5name1'] == $_POST['champ5v5name2'] || $_POST['champ5v5name1'] == $_POST['champ5v5name3'] || $_POST['champ5v5name1'] == $_POST['champ5v5name4'] || $_POST['champ5v5name1'] == $_POST['champ5v5name5']) $error = 'A champion is repeated.';
if($_POST['champ5v5name2'] == $_POST['champ5v5name3'] || $_POST['champ5v5name2'] == $_POST['champ5v5name4'] || $_POST['champ5v5name2'] == $_POST['champ5v5name5'] || $_POST['champ5v5name2'] == $_POST['champ5v5name1']) $error = 'A champion is repeated.';
if($_POST['champ5v5name3'] == $_POST['champ5v5name2'] || $_POST['champ5v5name3'] == $_POST['champ5v5name4'] || $_POST['champ5v5name3'] == $_POST['champ5v5name5'] || $_POST['champ5v5name3'] == $_POST['champ5v5name1']) $error = 'A champion is repeated.';
if($_POST['champ5v5name4'] == $_POST['champ5v5name2'] || $_POST['champ5v5name4'] == $_POST['champ5v5name3'] || $_POST['champ5v5name4'] == $_POST['champ5v5name5'] || $_POST['champ5v5name4'] == $_POST['champ5v5name1']) $error = 'A champion is repeated.';
if($_POST['champ5v5name5'] == $_POST['champ5v5name2'] || $_POST['champ5v5name5'] == $_POST['champ5v5name3'] || $_POST['champ5v5name5'] == $_POST['champ5v5name4'] || $_POST['champ5v5name5'] == $_POST['champ5v5name1']) $error = 'A champion is repeated.';
}
else {
$error = 'Choose your champions!';
}


Well all you're doing is assigning a string to a variable, and you're setting an error regardless if your condition proves true or false. I see no logic to perform any specific task IF there is an error.
That being said, you really need to simplify things:
try {
$champions = array();
$error = null;
for ($i = 1; $i < 6; $i++){
$champions[] = $_POST['champ5v5name' . $i];
}
$dups = array_count_values($champions);
rsort($dups);
// Check for missed assignments, assuming no champions have the word 'select' in their name
if(in_array('select',$champions)){
$error = 'Choose your champions!';
}
// Check for duplicate champs
if($dups[0] != 1){
$error = 'Champion Repeated!';
}
if($error){
throw new Exception($error);
}
}
catch (Exception $e) {
echo $e->getMessage();
exit(); // Probably don't exit, just show the form again.
}
// Do other stuff, everything is ok if the code gets here...


Are you checking to see if all the champions are at the default, or if any are at the default?
Your condition is:
$_POST['champ5v5name1'] != 'Select champion:' ||
$_POST['champ5v5name2'] != 'Select champion:' ||
$_POST['champ5v5name3'] != 'Select champion:' ||
$_POST['champ5v5name4'] != 'Select champion:' ||
$_POST['champ5v5name5'] != 'Select champion:'
If you're going for any, it should be
$_POST['champ5v5name1'] != 'Select champion:' &&
$_POST['champ5v5name2'] != 'Select champion:' &&
$_POST['champ5v5name3'] != 'Select champion:' &&
$_POST['champ5v5name4'] != 'Select champion:' &&
$_POST['champ5v5name5'] != 'Select champion:'
EDIT:
The issue is that the form submits a value of select$i, not Select champion:
EDIT 2:
You should use the form array feature of PHP:
for($i = 1; $i <= 5; $i++) {
$result = mysql_query("SELECT name,health,damage,armour,aspeed FROM champions");
$htmltext .= '<label>Champion '.$i.'</label><br/>';
$htmltext .= '<select name="champ5v5name[]">';
#Field names ending in `[]` turn into arrays!
$htmltext .= '<option value="">Select champion:</option>';
while($rowschamp = mysql_fetch_array($result, MYSQL_NUM)) {
$htmltext .= '<option value="'.$rowschamp[0].'">'.$rowschamp[0].' (HP: '.$rowschamp[1].' DMG: '.$rowschamp[2].' ARMOUR: '.$rowschamp[3].' ASPEED: '.$rowschamp[4].')</option>';
}
$htmltext .= '</select><br /><br />';
}
$champions = $_POST['champ5v5name'];
$error = "No champions chosen!";
for($champions as $champion) {
if($champion) {
$error = "";
break;
}
}
if(!$error && count($array) != count(array_unique($champions))) {
$error = "A champion is repeated"
}

Related

Filtering the page with xml

I want to filter websites using xml depending on whether the values are contained in it or not. I have such a script and I don't know why, but it filters well once, not, can anyone advise me something?
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE note SYSTEM "Note.dtd">
<filter>
<min_szerokosc>111</min_szerokosc>
<min_wysokosc>111</min_wysokosc>
<min_glebokosc>111</min_glebokosc>
<max_szerokosc>1111</max_szerokosc>
<max_wysokosc>1111</max_wysokosc>
<max_glebokosc>1111</max_glebokosc>
<typ>power&free</typ>
<myjnia_automat>1</myjnia_automat>
<kabina_automat>1</kabina_automat>
<transport_gorny>1</transport_gorny>
<extra></extra>
</filter>
<?php
$cat=new Kategoria;
$kat=array(205,233,234,206,204,203,202);
//$kat=array(206);
foreach($_POST as $k => $v){
if($v=="on"){
$_POST[$k]=1;
}
}
foreach($kat as $a => $b){
$result=$cat->getKategoria($b);
//print_r($_POST);
foreach($result as $res => $val){
if(preg_match("/tab_[0-9]{1,2}_filter/i",$res)>0){
//print_r($val);
$xml = simplexml_load_string($val);
if($xml){
if($_POST['typ'] == $xml->typ){
if($_POST['min_szerokosc'] <= $xml->min_szerokosc &&
$_POST['min_wysokosc'] <= $xml->min_wysokosc &&
$_POST['min_glebokosc'] <= $xml->min_glebokosc &&
$_POST['max_szerokosc'] <= $xml->max_szerokosc &&
$_POST['max_wysokosc'] <= $xml->max_wysokosc &&
$_POST['max_glebokosc'] <= $xml->max_glebokosc &&
$_POST['myjnia_automat'] == $xml->myjnia_automat ||
$_POST['myjnia_reczna'] == $xml->myjnia_reczna ||
$_POST['wanna'] == $xml->wanna &&
$_POST['kabina_automat'] == $xml->kabina_automat ||
$_POST['kabina_jedno_stanowiskowa'] == $xml->kabina_jedno_stanowiskowa ||
$_POST['kabina_dwu_stanowiskowa'] == $xml->kabina_dwu_stanowiskowa &&
$_POST['transport_gorny'] == $xml->transport_gorny ||
$_POST['transport_dolny'] == $xml->transport_dolny){
print "true:{$b}:{$res} \n";
}else{
//print "false\n";
//print("{$_POST['typ']} == $xml->typ");
}
}
}
//print($res."\n");
}
}
}
?>
How do I compose an if statement to be able to refer to each of the values of the xml file ?
How can I filter this simple xml?

I found a solution to my problem - and these are weights for the searched values - thanks to this I can precisely filter the list from the xml file
$resx=0;
if($_POST['typ'] == $xml->typ){
$resx=$resx+100;
}else{
$resx=$resx-100;
}
if($_POST['min_szerokosc'] <= $xml->max_szerokosc && $_POST['min_wysokosc'] <= $xml->max_wysokosc && $_POST['min_glebokosc'] <= $xml->max_glebokosc ){
$resx=$resx+600;
}else{
$resx=$resx-600;
}
if($_POST['max_szerokosc'] <= $xml->max_szerokosc && $_POST['max_wysokosc'] <= $xml->max_wysokosc && $_POST['max_glebokosc'] <= $xml->max_glebokosc ){
$resx=$resx+5000;
}else{
$resx=$resx-5000;
}
if($_POST['myjnia_automat'] == $xml->myjnia_automat || $_POST['myjnia_reczna'] == $xml->myjnia_reczna || $_POST['wanna'] == $xml->wanna){
$resx=$resx+40000;
}else{
$resx=$resx-40000;
}
if($_POST['kabina_automat'] == $xml->kabina_automat || $_POST['kabina_jedno_stanowiskowa'] == $xml->kabina_jedno_stanowiskowa || $_POST['kabina_dwu_stanowiskowa'] == $xml->kabina_dwu_stanowiskowa){
$resx=$resx+30000;
}else{
$resx=$resx-30000;
}
if($_POST['transport_gorny'] == $xml->transport_gorny || $_POST['transport_dolny'] == $xml->transport_dolny){
$resx=$resx+200;
}else{
$resx=$resx-200;
}
//print $resx."+";
if($resx >= 75900 || $_POST['czysc']==1){
//some code;
}

Solution for eval

I am doing custom search for table. I have three search parameters: from, to and status. I have used eval() to filter result according to received parameter. Below is my code:
$search = ($from != "" || $to != "" || $status != "" );
if ($search) {
if ($from != '') {
$condition[] = '$from == $res["from_number"]';
}
if ($to != '') {
$condition[] = '$to == $res["to_number"]';
}
if ($status != '') {
$condition[] = '$status == $log["status"]';
}
$search = "if(" . implode(' && ', $condition) . '){ return false; } else { return true; }';
}
After getting the conditions I am using eval
if (eval($search)) {
}
My problem is I don't want to use eval(). It may cause security issues. Ladder if else is not possible, it would be very lengthy. Any other solution?
e.g. If i have passed value for status then i want check like
if($status == $log["status"]) {
}
if i have passed to & from number then it should be like:
if($from == $res["from_number"] && $to == $res["to_number"]) {
}

Don't use eval - it is potentially dangerous and not recommended to use.
Your code can be like this:
$result = false;
if ($from != "" || $to != "" || $status != "") {
if ($from != '' && $from != $res["from_number"]) $result = true;
if ($to != '' && $to != $res["to_number"]) $result = true;
if ($status != '' && $status != $log["status"]) $result = true;
}
if ($result) {
// ........
}

Function always returning true no matter input

I trying to create a function that matches the first number in a string to a state. For example if the user inputs a number that starts with 3, and the state 'vic', then the form should not present any errors. However no matter what is entered the function always returns true. Any help would be appreciated.
$state = array('Please Select', 'VIC', 'NSW', 'QLD', 'NT', 'WA', 'SA', 'TAS', 'ACT'); //In the form this is a drop down menu
$selected_key = $_POST['state'];
$postcode = $_POST["postcode"]; //The full number entered by the user
$errMsg .= validatePS($postcode, $selected_key);
function validatePS($ps, $state) {
$errMsg ="";
$digit = $ps[0]; //Takes the first number from full postcode
$valid = false;
if (($digit == 3) or ($digit == 8) && ($state == 'vic'))
{
$post = true;
}
if (($digit == 1) or ($digit == 2) && ($state == 'nsw'))
{
$post = true;
}
if (($digit == 4) or ($digit == 9) && ($state == 'qld'))
{
$post = true;
}
if ($valid == false) {
$errMsg .= "<p>Match the correct postcode to state</p>";
}
return $errMsg;
}
if ($errMsg !=""){
echo "<p>Please correct the following errors...</p>"; //Prints out errors
echo "<p>$errMsg</p>";
}

You have two "flag" variables - $post which you are updating and $valid which you rely on. If you reduce them to one variable, you should get the behavior you want:
function validatePS($ps, $state) {
$errMsg ="";
$digit = $ps[0]; //Takes the first number from full postcode
$valid = false;
if (($digit == 3) or ($digit == 8) && ($state == 'vic'))
{
$valid = true;
}
if (($digit == 1) or ($digit == 2) && ($state == 'nsw'))
{
$valid = true;
}
if (($digit == 4) or ($digit == 9) && ($state == 'qld'))
{
$valid = true;
}
if ($valid == false) {
$errMsg .= "<p>Match the correct postcode to state</p>";
}
return $errMsg;
}
Note that you could clean up this code considerably by using logical operators instead of multiple if statements:
function validatePS($ps, $state) {
$errMsg ="";
$digit = $ps[0]; //Takes the first number from full postcode
$valid = false;
if ((($digit == 3) or ($digit == 8) && ($state == 'vic')) ||
(($digit == 1) or ($digit == 2) && ($state == 'nsw')) ||
(($digit == 4) or ($digit == 9) && ($state == 'qld'))) {
$errMsg .= "<p>Match the correct postcode to state</p>";
}
return $errMsg;
}

Code executed despite false if statement

I have the following code:
if ($Type != "DEA" and $VA != "Allowed" and $VolSess != 1) {
$max_rows = max($CMSReg_num_rows);
if ($max_rows == 0) {
mail($to, $subject, $body);
header('Location: '.bloginfo('home_url').'/profile');
}
}
The problem I have is that that an email is sent despite the if-statement being false, and only an email is sent. The rest of the code is not executed, i.e. no redirect. And when I comment out the mail() function, it does not send the email.
And when I add this code:
if ($VA == "Allowed") {
echo "VA = " . $VA;
}
if ($VolSess == 1) {
echo "VolSess = " . $VolSess;
}
I get this output:
VA = Allowed VolSess = 1
So I know that the condition in the if statement is false.

AND has a different order of precedence compared to &&. So your expression does not evaluate as you expect it to.
("$Type" != "DEA" and $VA != "Allowed" and $VolSess != 1)
should be
(("$Type" != "DEA") and ($VA != "Allowed") and ($VolSess != 1))
or
("$Type" != "DEA" && $VA != "Allowed" && $VolSess != 1)
for it to work as you expect it. This is one of those tiny mistakes/bugs that's easy to overlook.

try do an else after...
elseif($VA == "Allowed"){}

Try using the WordPress wp_mail().
die; after header() and also add 302 as a second argument to the header() function.
Enable error reporting with ini_set('display_errors', true); error_reporting(-1); on top of your PHP code.
Tell us what you see after making these changes.

Try:
if ($Type != 'DEA' && $VA != 'Allowed' && $VolSess != 1)
{
$max_rows = max($CMSReg_num_rows);
if ($max_rows === 0)
{
mail($to, $subject, $body);
header('Location: ' . bloginfo('home_url') . '/profile');
}
}
EDIT
The above works, but so does the oringal question code... The problem is elsewhere.
<?php
$Type = 'foo';
$VA = 'Allowed';
$VolSess = 1;
if ($Type != 'DEA' and $VA != 'Allowed' and $VolSess != 1)
{
$max_rows = 0;
if ($max_rows === 0)
{
echo 'Orig True';
}
}
else
{
echo 'fine?';
}
if ($Type != 'DEA' && $VA != 'Allowed' && $VolSess != 1)
{
$max_rows = 0;
if ($max_rows === 0)
{
echo 'Second True';
}
}
else
{
echo 'fine?';
}
?>
Both print 'fine?' Implying your error is elsewhere in your code.

Creating Function using array_merge

It is not checking is that the mentioned field is there or not. Both of the version
First Version:
$error = array();
$field_sets = array('username','password','fullname','repeatpass','email');
foreach($field_sets as $fieldname){
if (!isset($_POST[$fieldname]) || (empty($_POST[$fieldname]) && $_POST[$fieldname] != 0)) {
$error[] = $fieldname;
}
}
Second Version:
(in the includes file)
function check_required_fields ($required_array){
$error = array();
foreach($required_array as $fieldname){
if (!isset($_POST[$fieldname]) || (empty($_POST[$fieldname]) && $_POST[$fieldname] != 0)) {
$error[] = $fieldname;
}
}
return $error;
}
In the Source File:
$error = array();
$required_field = array('username','password','fullname','repeatpass','email');
$error = array_merge($error , check_required_fields($required_field , $_POST));

I found the problem. I accidentally put && in the logic. It should be || instead of &&.
if (!isset($_POST[$fieldname]) || (empty($_POST[$fieldname]) || $_POST[$fieldname] != 0))

Categories