little problem with script ...

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
zick
Forum Commoner
Posts: 33
Joined: Thu Aug 14, 2003 3:18 pm

little problem with script ...

Post by zick »

ok ... i am not sure what's going on but i can't get my script to work. if somebody can tell me what i'm doing wrong, that'd be awesome. i tried everything ...

here's the sitch ... i am redirecting the output of a form to the originating page. that page then processes the form info and rewrites a new page, based on that info. try it for yourself. it won't adjust the variable $p even if the password & user name are correct (which is "space" and "steve" respectively ... hard-coded for now, it will later be tied to a database).

heres the code ... (also when you run it in a browser be sure to add the following to the end the url: "?a=1&b=1" w/o quotes)

Code: Select all

<?php $a = $_GET["a"];
$b = $_GET["b"];
$n = $_POST["n"];
$c = $_POST["c"];
$p = 0;


if ($c == "steve" && $n == "space") {
$p = $p + 2;
echo "Correct ...";
}

if ($b == 0) {
$s = inx;
} elseif ($b == 1) {
$s = moz;
} elseif ($b == 2) {
$s = gen;
} else {
$a = 2;
$e = "error #";
}


if ($a == 1) {
if ($p == 0) { //default (initial) output
echo "<html><head><link href="../inc/stl" rel="stylesheet" type="text/css"><script src="../inc/jvs/", $s ,""></script></head><body><!-- onContextMenu="return false" --><br><table border="0" cellpadding="0" cellspacing="0" width="100%"><tr><td width="5">&nbsp;</td><td width="*"><b class="dbm">Member login:</b></td><td align="right" width="72"><b class="dns">(Register?)&nbsp;</b></td></tr></table><table border="0" cellpadding="1" cellspacing="0" width="100%"><form action="", $PHP_SELF, "?a=1&b=", $b, "" method="post" target="sd"><tr><td width="5">&nbsp;</td><td align="right" width="*"><b class="dnm">User:</b></td><td width="126">&nbsp;<input class="ntb" name="n" size="15" type="text"></td></tr><tr><td width="5">&nbsp;</td><td align="right" width="*"><b class="dnm">Password:</b></td><td width="126">&nbsp;<input class="ntb" name="c" size="15" type="password"></td></tr></table><table border="0" cellpadding="4" cellspacing="0" width="100%"><tr><td align="right" colspan="3" width="*"><input class="nsb" size="15" type="submit" value="Login"></td></tr></form></table>

<table border="0" cellpadding="0" cellspacing="0" width="100%"><tr><td colspan="2">&nbsp;</td></tr><tr><td width="5">&nbsp;</td><td width="*"><b class="dnm">Link tree", $p, "</b></td></tr></table>", $n, "<br>", $c, "</body></html>";

} elseif ($p == 1) { //session already started
echo "<html><head><link href="../inc/stl" rel="stylesheet" type="text/css"><script src="../inc/jvs/", $s ,""></script></head><body><!-- onContextMenu="return false" --><br><table border="0" cellpadding="0" cellspacing="0" width="100%"><tr><td width="5">&nbsp;</td><td width="*"><b class="dbm">Welcome back <i>username</i>!</b></td></tr><tr><td align="center" colspan="2" width="*"><b class="dns">[Account Info&nbsp;|&nbsp;View Cart&nbsp;|&nbsp;Logout]</b></td></tr></table>

<table border="0" cellpadding="0" cellspacing="0" width="100%"><tr><td colspan="2">&nbsp;</td></tr><tr><td width="5">&nbsp;</td><td width="*"><b class="dnm">Link tree", $p, "</b></td></tr></table>", $n, "<br>", $c, "</body></html>";

} elseif ($p == 2) { //new session
echo "<html><head><link href="../inc/stl" rel="stylesheet" type="text/css"><script src="../inc/jvs/", $s ,""></script></head><body><!-- onContextMenu="return false" --><br><table border="0" cellpadding="0" cellspacing="0" width="100%"><tr><td width="5">&nbsp;</td><td width="*"><b class="dbm">Welcome <i>username</i>!</b></td></tr><tr><td align="center" colspan="2" width="*"><b class="dns">[Account Info&nbsp;|&nbsp;View Cart&nbsp;|&nbsp;Logout]</b></td></tr></table>

<table border="0" cellpadding="0" cellspacing="0" width="100%"><tr><td colspan="2">&nbsp;</td></tr><tr><td width="5">&nbsp;</td><td width="*"><b class="dnm">Link tree", $p, "</b></td></tr>

</table>", $n, "<br>", $c, "</body></html>";

} elseif ($p == 3) { //administration toolbar

echo "<html><head><link href="../inc/stl" rel="stylesheet" type="text/css"><script src="../inc/jvs/", $s ,""></script></head><body><!-- onContextMenu="return false" --><br><table border="0" cellpadding="0" cellspacing="0" width="100%"><tr><td width="5">&nbsp;</td><td width="*"><b class="dbm">Welcome <i>username</i>!</b></td></tr></table>

<table border="0" cellpadding="0" cellspacing="0" width="100%"><tr><td colspan="2">&nbsp;</td></tr><tr><td width="5">&nbsp;</td><td width="*"><b class="dnm">Admin toolbar", $p, "</b></td></tr>

</table>", $n, "<br>", $c, "</body></html>";

}} else {
echo "<html><head><link rel="stylesheet" type="text/css" href="css"><title>SmartMart :: error</title></head><frameset rows="100%" frameborder="0" framespacing="0" border="0"><frame name="rt" src="../err/?a=1&e=" noresize><noframes>this website uses frames ... please turn frames on or download an updated browser that supports frames</noframes></frameset></html>";
}
?>
thanks for any feedback ...
?>
User avatar
JAM
DevNet Resident
Posts: 2101
Joined: Fri Aug 08, 2003 6:53 pm
Location: Sweden
Contact:

Post by JAM »

Try changing:
$X = $_GET["X"];
to:
$X = $_GET['X'];

(double vs. single quotes)

Also, I'm not sure that ", $s ," is the way to use it...

Code: Select all

echo "foo $var bar"; // double quotes, not
// or
echo 'foo ' . $var . ' bar'; // dots (works with double quotes also)
Unipus
Forum Contributor
Posts: 409
Joined: Tue Aug 26, 2003 2:06 pm
Location: Los Angeles, CA

Post by Unipus »

First things first: it really looks like you could do with some better variable names. I try to make my variable names as long and descriptive as possible. I've done projects with variables similar to what you have here, and when I have to update or look back on them a few months or years later, it's very difficult. What the hell is $b? I don't know, and I'm betting that down the road, you won't remember.

At first glance, I don't see anything that would prevent your code from working. Is it giving you an error or warning?
zick
Forum Commoner
Posts: 33
Joined: Thu Aug 14, 2003 3:18 pm

Post by zick »

no ... it just doesn't display what it's supposed to.
zick
Forum Commoner
Posts: 33
Joined: Thu Aug 14, 2003 3:18 pm

Post by zick »

maybe i should be a little more descript ...
the problem (my guess) lies in the following:

$p is set to 0 at the top of the script ...
within that same chunk o' code it catches $n and $c from the $_POST headers ...

the next if statement is supposed to check if the name is "steve" and the password is "space" and if it is it's supposed to update $p so that it writes the page differently ...

ok it grabs $n and $c correctly ... because part of the script writes it on the new page (for debug purposes) ... the problem is in the if statement, it doesn't compare and it doesn't update $p, because $p is also written below.

is something wrong with my syntax or what ... i know what it supposed to do and my code does look correct ... but why the @#!% doesn't it work.

if someone could run it off their own server and see it action and you'll be baffled to.
User avatar
JAM
DevNet Resident
Posts: 2101
Joined: Fri Aug 08, 2003 6:53 pm
Location: Sweden
Contact:

Post by JAM »

It worked here. Oh, I did correct something.

Code: Select all

// bad
$s = moz;
// better x2
$s = 'moz';
$s = "moz";
zick
Forum Commoner
Posts: 33
Joined: Thu Aug 14, 2003 3:18 pm

Post by zick »

i was under the impression that when you use integer type variables (that you might later use in arithmetic operations) that you don't use quotes ... am i wrong here ... i'm just starting into php, but i come from a background in other languages and that seems to be the case in other languages.
zick
Forum Commoner
Posts: 33
Joined: Thu Aug 14, 2003 3:18 pm

Post by zick »

i think you're lying (no offense :)) or don't know what it's supposed to do ... pay attention to the text "link tree" at the bottom. you'll notice when the page fires up there's a "0" at the end of that. that is the current value of $p. if the script worked properly, if you you typed "steve" in the username box and hit enter ... "link tree" would have a "2" at the end of it. also "steve" would be written under that ... and the form with the two text boxes wouldn't be there any more, but a welcome message would now appear ...
again try it and see that it doesn't work although the code appears to be correct. i don't know why ... thanks again guys for any feedback/help.
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

you REALLY should use speaking names for variables.
try space as username and steve as password
timj
Forum Newbie
Posts: 14
Joined: Tue Aug 26, 2003 8:00 am
Location: Belgium

Post by timj »

This won't change anything, but I'd recommend to use the extract( ) function to get all your variables if you're going to name them the same anyway.
eg
extract($_POST); or something
should set $c and $n correctly.
This will save you some trouble afterwards, when you're adding vars or changing var names.
zick
Forum Commoner
Posts: 33
Joined: Thu Aug 14, 2003 3:18 pm

Post by zick »

MOTHER OF CHOCOLATE SQUIRRELS !!!
thanks volka for the tip ... maybe i'll start spelling out variables. i can't believe that i fell into that one. well it works now. thanks everyone who helped me. i appreciate it alot.
McGruff
DevNet Master
Posts: 2893
Joined: Thu Jan 30, 2003 8:26 pm
Location: Glasgow, Scotland

Post by McGruff »

timj wrote:This won't change anything, but I'd recommend to use the extract( ) function to get all your variables if you're going to name them the same anyway.
eg
extract($_POST); or something
should set $c and $n correctly.
This will save you some trouble afterwards, when you're adding vars or changing var names.
Be VERY careful if you extract the $_POST array: form forgers can supply any variable name with any value and hence the extract line can potentially overwrite any previously defined variable which exists in the same scope as the extract line and has the same name as a (forged) POST var. You can automatically add a prefix to extract()'d vars if this could be a problem in your script - see manual.
Post Reply