Page 1 of 1

header string problem

Posted: Fri Dec 25, 2009 4:18 am
by omerfarooq123
i have just created a form to test string function.. i created this func.html
<form method="post" action="func.php" />
<p> <textarea name="text" cols="50" rows="5" wrap="virtual"></textarea>
<br />
<input type="radio" name="func" value="md5" /> MD5 <br />
<input type="radio" name="func" value="strlen" /> String Length <br />
<input type="radio" name="func" value="strrev" /> String Reverse<br />
<input type ="radio" name="func" value="strtoupper" /> String to Upper<br />
<input type="radio" name="func" value="strtolower" /> String to lower<br />
<input type="radio" name="func" value="ucwords" /> First Word to Uper Case<br />
<input type="submit" name="submit" value="Go" />
And then created php file "func.php"
<?
if (($_POST[text] == "") || $_POST[func] == ""))
{
header("Location: func.html");
exit;
}

$result = $_POST[func] ($_POST[text]);
?>

<b>The Result is <b><? echo $result ?>
Every thing is working fine when i remove this function
if (($_POST[text] == "") || $_POST[func] == "")) {
{
header("Location: func.html");
exit;
}
i use this function because if user donot put text or select radio button then header function again bring user to main page..
Help me out why header function is not working even on other scripts i made.. THANKS

Re: header string problem

Posted: Fri Dec 25, 2009 5:12 am
by Darhazer
You have 2 times { and only 1 }, which leads to a parse error
By the way, your code can be used to run any PHP function, including system()
This is a huge security issue.

Re: header string problem

Posted: Fri Dec 25, 2009 8:15 am
by omerfarooq123
well its not working.. can someone help me?? again it give errors

Re: header string problem

Posted: Fri Dec 25, 2009 8:36 am
by omerfarooq123
Darhazer wrote:You have 2 times { and only 1 }, which leads to a parse error
By the way, your code can be used to run any PHP function, including system()
This is a huge security issue.

hey Darhazer thanks for your help.. actually the problem is i use the header function after the html tag which is totally wrong.. i have to use before html tag or no html tag is used on the page.. THANKS Sir

Re: header string problem

Posted: Fri Dec 25, 2009 3:11 pm
by manohoo
I notice that most people make this syntax mistake:

incorrect: $_POST[text]

correct: $_POST["text"]
correct: $_POST['text']