isset(), empty(), $_GET and $_POST problem

Re: isset(), empty(), $_GET and $_POST problem

On Sun, 25 Jul 2004 19:12:10 GMT, Dan <agent@thwacksp am.fathom.org>
wrote:
[color=blue]
>So this makes me wonder, are the isset() and empty() functions
>actually modifying the variables passed to them somehow? And when I
>put a true value in front of them, the if statement stops parsing
>before it gets to those functions?[/color]

Well I just disproved that part by putting "|| 1" on the end of the if
statement instead of at the beginning. So now I'm even more baffled.

What could be causing this?

Re: isset(), empty(), $_GET and $_POST problem

"Dan" <agent@thwacksp am.fathom.org> wrote in message
news:5c08g0lv9t e7dhhahudb4605l a13rums13@4ax.c om...[color=blue]
> I was trying to troubleshoot a login page that doesn't work - it keeps
> saying the login/password is missing - when my tracing discovered this
> peculiar behavior.
>
> register_global s is off, so at the top of my script I assign a few
> variables to incoming GET and POST values.
>
> $login = clean($_POST['login'], 30);
> $passwd = clean($_POST['passwd'], 30);
>
> $message = $_GET['message'];
>
> clean() is simply a function that trims to the specified length and
> applies EscapeShellCmd( ).
>
> Now, below that I have an if statement to check for whether a
> login/password has been supplied or if an error message exists.
>
> if (isset($message ) || empty($login) || empty($passwd))
> {
> // render the html page showing the form
> } else {
> // do some php/mysql stuff and redirect to another page
> }
>
> Yet when I fill out those form fields and submit, it always redisplays
> the form with my tracing errors stating that those fields are empty.
>
> When I echo out all $_GET and $_POST variables, indeed they are empty,
> and strangely there is a $_GET['message'] that has no value, but
> nevertheless is on the end of the url. (/index.php?messa ge=) I can't
> figure out how it got there. The form action is just "index.php" and
> it uses the POST method, so what could be adding that GET variable?
>
> Now here's the weird part. If I simply add "1 ||" to the beginning of
> that if statement, so basically it will always evaluate to true, then
> suddenly the $_POST['login'] and $_POST['passwd'] are properly defined
> and $_GET['message'] goes away!
>
> So this makes me wonder, are the isset() and empty() functions
> actually modifying the variables passed to them somehow? And when I
> put a true value in front of them, the if statement stops parsing
> before it gets to those functions?[/color]

Bet you a banana cupcake that your HTML is screwed up.


--
Obey the Clown - http://www.conradish.net/bobo/

Re: isset(), empty(), $_GET and $_POST problem

Chung Leong wrote:[color=blue]
> "Dan" <agent@thwacksp am.fathom.org> wrote in message
> news:5c08g0lv9t e7dhhahudb4605l a13rums13@4ax.c om...
>[color=green]
>>I was trying to troubleshoot a login page that doesn't work - it keeps
>>saying the login/password is missing - when my tracing discovered this
>>peculiar behavior.
>>
>>register_glob als is off, so at the top of my script I assign a few
>>variables to incoming GET and POST values.
>>
>> $login = clean($_POST['login'], 30);
>> $passwd = clean($_POST['passwd'], 30);
>>
>> $message = $_GET['message'];
>>
>>clean() is simply a function that trims to the specified length and
>>applies EscapeShellCmd( ).
>>
>>Now, below that I have an if statement to check for whether a
>>login/password has been supplied or if an error message exists.
>>
>> if (isset($message ) || empty($login) || empty($passwd))
>> {
>> // render the html page showing the form
>> } else {
>> // do some php/mysql stuff and redirect to another page
>> }
>>
>>Yet when I fill out those form fields and submit, it always redisplays
>>the form with my tracing errors stating that those fields are empty.
>>
>>When I echo out all $_GET and $_POST variables, indeed they are empty,
>>and strangely there is a $_GET['message'] that has no value, but
>>nevertheles s is on the end of the url. (/index.php?messa ge=) I can't
>>figure out how it got there. The form action is just "index.php" and
>>it uses the POST method, so what could be adding that GET variable?
>>
>>Now here's the weird part. If I simply add "1 ||" to the beginning of
>>that if statement, so basically it will always evaluate to true, then
>>suddenly the $_POST['login'] and $_POST['passwd'] are properly defined
>>and $_GET['message'] goes away!
>>
>>So this makes me wonder, are the isset() and empty() functions
>>actually modifying the variables passed to them somehow? And when I
>>put a true value in front of them, the if statement stops parsing
>>before it gets to those functions?[/color]
>
>
> Bet you a banana cupcake that your HTML is screwed up.
>
>[/color]

and how exactly are you sending both a _GET and _POST at the same time. A form
action can be EITHER GET or POST but not both. show us the complete <form> tag.

if you are POSTing your login/pass with a message then shouldn't you be looking
for _POST['message'] not _GET['message']


--
Michael Austin.
Consultant - Available.
Donations welcomed. Http://www.firstdbasource.com/donations.html
:)

Re: isset(), empty(), $_GET and $_POST problem

On Mon, 26 Jul 2004 02:32:34 GMT, Michael Austin
<maustin@firstd basource.com> wrote:
[color=blue]
>Chung Leong wrote:[color=green]
>> "Dan" <agent@thwacksp am.fathom.org> wrote in message
>> news:5c08g0lv9t e7dhhahudb4605l a13rums13@4ax.c om...
>>[color=darkred]
>>>I was trying to troubleshoot a login page that doesn't work - it keeps
>>>saying the login/password is missing - when my tracing discovered this
>>>peculiar behavior.
>>>
>>>register_glo bals is off, so at the top of my script I assign a few
>>>variables to incoming GET and POST values.
>>>
>>> $login = clean($_POST['login'], 30);
>>> $passwd = clean($_POST['passwd'], 30);
>>>
>>> $message = $_GET['message'];
>>>
>>>clean() is simply a function that trims to the specified length and
>>>applies EscapeShellCmd( ).
>>>
>>>Now, below that I have an if statement to check for whether a
>>>login/password has been supplied or if an error message exists.
>>>
>>> if (isset($message ) || empty($login) || empty($passwd))
>>> {
>>> // render the html page showing the form
>>> } else {
>>> // do some php/mysql stuff and redirect to another page
>>> }
>>>
>>>Yet when I fill out those form fields and submit, it always redisplays
>>>the form with my tracing errors stating that those fields are empty.
>>>
>>>When I echo out all $_GET and $_POST variables, indeed they are empty,
>>>and strangely there is a $_GET['message'] that has no value, but
>>>neverthele ss is on the end of the url. (/index.php?messa ge=) I can't
>>>figure out how it got there. The form action is just "index.php" and
>>>it uses the POST method, so what could be adding that GET variable?
>>>
>>>Now here's the weird part. If I simply add "1 ||" to the beginning of
>>>that if statement, so basically it will always evaluate to true, then
>>>suddenly the $_POST['login'] and $_POST['passwd'] are properly defined
>>>and $_GET['message'] goes away!
>>>
>>>So this makes me wonder, are the isset() and empty() functions
>>>actually modifying the variables passed to them somehow? And when I
>>>put a true value in front of them, the if statement stops parsing
>>>before it gets to those functions?[/color]
>>
>>
>> Bet you a banana cupcake that your HTML is screwed up.
>>
>>[/color]
>
>and how exactly are you sending both a _GET and _POST at the same time. A form
>action can be EITHER GET or POST but not both. show us the complete <form> tag.
>
>if you are POSTing your login/pass with a message then shouldn't you be looking
>for _POST['message'] not _GET['message'][/color]

First let me say I've solved the problem. Some code in an included
php file looked like this:

if (!isset($_SESSI ON['user']))
// redirect to the login page
$message = "There was a problem logging in.";
header("Locatio n: index.php?messa ge=" . urlencode($mess age));

Originally, the if statement was only followed by a single statement,
and as such, it was not enclosed in code block {brackets}. A second
line was later added, but I didn't notice the brackets were missing.
(I was modifying code that wasn't mine. I would only leave out the
brackets if the entire if statement is all on one line to avoid
exactly this confusion.) As a result, the second line was executed
because it's outside of the control structure, but the first line was
not. (And since my login code was otherwise working, the if always
evaluated to false and left $message undefined.)

To answer the question about sending both _GET and _POST at the same
time, it's possible. If the form uses the POST method, but the action
includes ?var=value stuff in the url, you get both.

However, in my case, I wasn't trying to do that, which is why I was
confused as to where the _GET message was coming from. I also
couldn't figure out where my POST login/password values were
disappearing to. Alas, all the code I was messing with and putting
trace calls into was working fine all along, and it was this included
file that was redirecting with the empty ?message=.

Since this was not screwed up HTML, I believe someone owes me a banana
cupcake. :)

$cupcake = irradiate($_GET['cupcake']); //just to be safe ;)

Re: isset(), empty(), $_GET and $_POST problem

On Mon, 26 Jul 2004 02:32:34 GMT
Michael Austin <maustin@firstd basource.com> wrote:

[snipt][color=blue]
>
> and how exactly are you sending both a _GET and _POST at the same
> time. A form action can be EITHER GET or POST but not both. show us
> the complete <form> tag.
>[/color]

Uhm... I suggest you think again, or try this.

<?php
// Please bare with syntax-errors... I've been coding Ruby
// the last 20 hours...

if (!empty($_POST['submit'])) {
echo "<pre>";
echo "PHP says: REQUEST_METHOD: " . $_SERVER['REQUEST_METHOD '];
echo "\n\nBut we get:"

echo "\n\n_POST: ";
print_r($_POST) ;

echo "\n\n_GET: ";
print_r($_GET);
echo "</pre>";
}

$self = $_SERVER['PHP_SELF'];
print <<<EOHTML
<form action="$self?w hat=you_see&aaa nd=this" method="POST" />
<input type="text" name="something " value="type something and submit"
/><br />
<input type="submit" name="submit" value=" Submit it! " />
</form>
EOHTML
?>

Might enlighten you a little. ;)

Best regards,
Madsen

--
Anders K. Madsen --- http://lillesvin.linux.dk

"There are 10 types of people in the world.
Those who understand binary - and those who don't."

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFBBUSNlNH Je/JASHcRAgw3AJ0X2 04q0/hiKw5+NSTVj38o6 jl6bQCfVRUG
R3wXw56MCoCOynK Vwu0SSH8=
=PbuL
-----END PGP SIGNATURE-----

Re: isset(), empty(), $_GET and $_POST problem

"Dan" <agent@thwacksp am.fathom.org> wrote in message
news:nnt8g09ir6 4pt73756l5irava i8l3fhfab@4ax.c om...[color=blue]
>
> Since this was not screwed up HTML, I believe someone owes me a banana
> cupcake. :)
>
> $cupcake = irradiate($_GET['cupcake']); //just to be safe ;)
>[/color]

[) <- there!


--
Obey the Clown - http://www.conradish.net/bobo/

Re: isset(), empty(), $_GET and $_POST problem

I noticed that Message-ID: <jfmdne45QNizSJ jcRVn-rQ@comcast.com> from
Chung Leong contained the following:
[color=blue][color=green]
>> $cupcake = irradiate($_GET['cupcake']); //just to be safe ;)
>>[/color]
>
>[) <- there![/color]

It's a bit small. You should have made it a class so that he could have
as many instances as he wants. :)

--
Geoff Berrow (put thecat out to email)
It's only Usenet, no one dies.
My opinions, not the committee's, mine.
Simple RFDs http://www.ckdog.co.uk/rfdmaker/