Execution problem

Problems with the Windows version of XAMPP, questions, comments, and anything related.

Execution problem

Postby sharavi79 » 04. January 2013 05:47

Hi all,
I am new to PHP. Please see the below code, there is no error but i can not get the output:

<?php
session_start();
if(isset($_SESSION['username'])){
echo "you are already registered $_SESSION[username]";
}
else if($_SERVER['REQUEST_METHOD']=='POST'){
if(!empty(trim($_POST['username']))
&& !empty(trim($_POST['email']))){
$uname=htmlentities($_POST['username']);
$email=htmlentities($_POST['email']);
$_SESSION['username']=$uname;
echo "thanks", "username: $uname <br />", "email: $email <br />";
}
else {
echo "pleaes fil both fields";
}
}
else {
?>
<form action="sessn.php" method="post">
<label for="username">username:</label>
<input type="text" name="username"/>
<label for="email">email:</label>
<input type="text" name="email"/>
<input type="submit" value="register"/>
</form>
<?php }
?>
sharavi79
 
Posts: 7
Joined: 23. December 2012 05:02
XAMPP Version: 5.6.3
Operating System: Windows 7

Re: Execution problem

Postby Altrea » 04. January 2013 07:37

Hi sharavi79,

sharavi79 wrote:if(!empty(trim($_POST['username']))
&& !empty(trim($_POST['email']))){

even if empty() looks like a function with its brackets, it is just a language construct, which means it has some limitations.
You can't use any functions (trim() for example) to use its return parameter with empty().

best wishes,
Altrea
We don't provide any support via personal channels like PM, email, Skype, TeamViewer!

It's like porn for programmers 8)
User avatar
Altrea
AF Moderator
 
Posts: 6482
Joined: 17. August 2009 13:05
XAMPP Version: 5.5.19
Operating System: W7Ux64

Re: Execution problem

Postby sharavi79 » 09. January 2013 06:42

Hi Altrea,
I am new to PHP, I cant understand how to fix this problem. Could you explain me little more.

thanks,
Ravi
sharavi79
 
Posts: 7
Joined: 23. December 2012 05:02
XAMPP Version: 5.6.3
Operating System: Windows 7

Re: Execution problem

Postby Altrea » 09. January 2013 17:57

Hi Ravi,

sharavi79 wrote:I am new to PHP, I cant understand how to fix this problem. Could you explain me little more.

Sure, i can :)

If you don't need the trim() function, you can simply get rid of it:
Code: Select all
[...]
elseif( 'POST' == $_SERVER['REQUEST_METHOD'] ) {
    if( ! empty( $_POST['username'] ) && ! empty( $_POST['email'] ) ) {
        $uname = htmlentities( $_POST['username'] );
        $email = htmlentities( $_POST['email'] );
        $_SESSION['username'] = $uname;
[...]


If you need trim() i would use it later on in combination with htmlentities:
Code: Select all
[...]
elseif( 'POST' == $_SERVER['REQUEST_METHOD'] ) {
    if( ! empty( $_POST['username'] ) && ! empty( $_POST['email'] ) ) {
        $uname = htmlentities( trim( $_POST['username'] ) );
        $email = htmlentities( trim( $_POST['email'] ) );
        $_SESSION['username'] = $uname;
[...]


best wishes,
Altrea
We don't provide any support via personal channels like PM, email, Skype, TeamViewer!

It's like porn for programmers 8)
User avatar
Altrea
AF Moderator
 
Posts: 6482
Joined: 17. August 2009 13:05
XAMPP Version: 5.5.19
Operating System: W7Ux64

Re: Execution problem

Postby hackattack142 » 09. January 2013 19:24

Hello,

I am going to throw in my 2 cents.

My advice would be to consult the documentation regarding functions when you are not sure about something. For example, the empty() construct (http://php.net/manual/en/function.empty.php) considers the following to be empty
Code: Select all
"" (an empty string)
0 (0 as an integer)
0.0 (0 as a float)
"0" (0 as a string)
NULL
FALSE
array() (an empty array)
$var; (a variable declared, but without a value)

If you want to prevent your users from getting past your checks by inserting a space or other whitespace (would not be considered empty), you would need to perform the trim and assign the return values to a temporary variable before your empty checks.
For example:
Code: Select all
[...]
elseif( 'POST' == $_SERVER['REQUEST_METHOD'] ) {
    $tmp_uname =  trim( $_POST['username'] );
    $tmp_email = trim( $_POST['email'] );
    if( ! empty( $tmp_uname ) && ! empty( $tmp_email ) ) {
        $uname = htmlentities( $tmp_uname );
        $email = htmlentities( $tmp_email );
        $_SESSION['username'] = $uname;
[...]
XAMPP Control Panel Developer
Latest CP: viewtopic.php?f=16&t=48932
hackattack142
 
Posts: 701
Joined: 20. May 2011 23:29
XAMPP Version: 5.6.3
Operating System: Windows 7 Ultimate SP1 64-Bit

Re: Execution problem

Postby sharavi79 » 10. January 2013 06:07

Thanks Altrea, now its working.

Regards,
Ravi
sharavi79
 
Posts: 7
Joined: 23. December 2012 05:02
XAMPP Version: 5.6.3
Operating System: Windows 7


Return to XAMPP for Windows

Who is online

Users browsing this forum: No registered users and 53 guests