Page 1 of 1

little problem with script ...

Posted: Wed Aug 27, 2003 1:14 pm
by zick
ok ... i am not sure what's going on but i can't get my script to work. if somebody can tell me what i'm doing wrong, that'd be awesome. i tried everything ...

here's the sitch ... i am redirecting the output of a form to the originating page. that page then processes the form info and rewrites a new page, based on that info. try it for yourself. it won't adjust the variable $p even if the password & user name are correct (which is "space" and "steve" respectively ... hard-coded for now, it will later be tied to a database).

heres the code ... (also when you run it in a browser be sure to add the following to the end the url: "?a=1&b=1" w/o quotes)

Code: Select all

<?php $a = $_GET["a"];
$b = $_GET["b"];
$n = $_POST["n"];
$c = $_POST["c"];
$p = 0;


if ($c == "steve" && $n == "space") {
$p = $p + 2;
echo "Correct ...";
}

if ($b == 0) {
$s = inx;
} elseif ($b == 1) {
$s = moz;
} elseif ($b == 2) {
$s = gen;
} else {
$a = 2;
$e = "error #";
}


if ($a == 1) {
if ($p == 0) { //default (initial) output
echo "<html><head><link href="../inc/stl" rel="stylesheet" type="text/css"><script src="../inc/jvs/", $s ,""></script></head><body><!-- onContextMenu="return false" --><br><table border="0" cellpadding="0" cellspacing="0" width="100%"><tr><td width="5">&nbsp;</td><td width="*"><b class="dbm">Member login:</b></td><td align="right" width="72"><b class="dns">(Register?)&nbsp;</b></td></tr></table><table border="0" cellpadding="1" cellspacing="0" width="100%"><form action="", $PHP_SELF, "?a=1&b=", $b, "" method="post" target="sd"><tr><td width="5">&nbsp;</td><td align="right" width="*"><b class="dnm">User:</b></td><td width="126">&nbsp;<input class="ntb" name="n" size="15" type="text"></td></tr><tr><td width="5">&nbsp;</td><td align="right" width="*"><b class="dnm">Password:</b></td><td width="126">&nbsp;<input class="ntb" name="c" size="15" type="password"></td></tr></table><table border="0" cellpadding="4" cellspacing="0" width="100%"><tr><td align="right" colspan="3" width="*"><input class="nsb" size="15" type="submit" value="Login"></td></tr></form></table>

<table border="0" cellpadding="0" cellspacing="0" width="100%"><tr><td colspan="2">&nbsp;</td></tr><tr><td width="5">&nbsp;</td><td width="*"><b class="dnm">Link tree", $p, "</b></td></tr></table>", $n, "<br>", $c, "</body></html>";

} elseif ($p == 1) { //session already started
echo "<html><head><link href="../inc/stl" rel="stylesheet" type="text/css"><script src="../inc/jvs/", $s ,""></script></head><body><!-- onContextMenu="return false" --><br><table border="0" cellpadding="0" cellspacing="0" width="100%"><tr><td width="5">&nbsp;</td><td width="*"><b class="dbm">Welcome back <i>username</i>!</b></td></tr><tr><td align="center" colspan="2" width="*"><b class="dns">[Account Info&nbsp;|&nbsp;View Cart&nbsp;|&nbsp;Logout]</b></td></tr></table>

<table border="0" cellpadding="0" cellspacing="0" width="100%"><tr><td colspan="2">&nbsp;</td></tr><tr><td width="5">&nbsp;</td><td width="*"><b class="dnm">Link tree", $p, "</b></td></tr></table>", $n, "<br>", $c, "</body></html>";

} elseif ($p == 2) { //new session
echo "<html><head><link href="../inc/stl" rel="stylesheet" type="text/css"><script src="../inc/jvs/", $s ,""></script></head><body><!-- onContextMenu="return false" --><br><table border="0" cellpadding="0" cellspacing="0" width="100%"><tr><td width="5">&nbsp;</td><td width="*"><b class="dbm">Welcome <i>username</i>!</b></td></tr><tr><td align="center" colspan="2" width="*"><b class="dns">[Account Info&nbsp;|&nbsp;View Cart&nbsp;|&nbsp;Logout]</b></td></tr></table>

<table border="0" cellpadding="0" cellspacing="0" width="100%"><tr><td colspan="2">&nbsp;</td></tr><tr><td width="5">&nbsp;</td><td width="*"><b class="dnm">Link tree", $p, "</b></td></tr>

</table>", $n, "<br>", $c, "</body></html>";

} elseif ($p == 3) { //administration toolbar

echo "<html><head><link href="../inc/stl" rel="stylesheet" type="text/css"><script src="../inc/jvs/", $s ,""></script></head><body><!-- onContextMenu="return false" --><br><table border="0" cellpadding="0" cellspacing="0" width="100%"><tr><td width="5">&nbsp;</td><td width="*"><b class="dbm">Welcome <i>username</i>!</b></td></tr></table>

<table border="0" cellpadding="0" cellspacing="0" width="100%"><tr><td colspan="2">&nbsp;</td></tr><tr><td width="5">&nbsp;</td><td width="*"><b class="dnm">Admin toolbar", $p, "</b></td></tr>

</table>", $n, "<br>", $c, "</body></html>";

}} else {
echo "<html><head><link rel="stylesheet" type="text/css" href="css"><title>SmartMart :: error</title></head><frameset rows="100%" frameborder="0" framespacing="0" border="0"><frame name="rt" src="../err/?a=1&e=" noresize><noframes>this website uses frames ... please turn frames on or download an updated browser that supports frames</noframes></frameset></html>";
}
?>
thanks for any feedback ...
?>

Posted: Wed Aug 27, 2003 1:42 pm
by JAM
Try changing:
$X = $_GET["X"];
to:
$X = $_GET['X'];

(double vs. single quotes)

Also, I'm not sure that ", $s ," is the way to use it...

Code: Select all

echo "foo $var bar"; // double quotes, not
// or
echo 'foo ' . $var . ' bar'; // dots (works with double quotes also)

Posted: Wed Aug 27, 2003 1:45 pm
by Unipus
First things first: it really looks like you could do with some better variable names. I try to make my variable names as long and descriptive as possible. I've done projects with variables similar to what you have here, and when I have to update or look back on them a few months or years later, it's very difficult. What the hell is $b? I don't know, and I'm betting that down the road, you won't remember.

At first glance, I don't see anything that would prevent your code from working. Is it giving you an error or warning?

Posted: Wed Aug 27, 2003 2:57 pm
by zick
no ... it just doesn't display what it's supposed to.

Posted: Wed Aug 27, 2003 3:20 pm
by zick
maybe i should be a little more descript ...
the problem (my guess) lies in the following:

$p is set to 0 at the top of the script ...
within that same chunk o' code it catches $n and $c from the $_POST headers ...

the next if statement is supposed to check if the name is "steve" and the password is "space" and if it is it's supposed to update $p so that it writes the page differently ...

ok it grabs $n and $c correctly ... because part of the script writes it on the new page (for debug purposes) ... the problem is in the if statement, it doesn't compare and it doesn't update $p, because $p is also written below.

is something wrong with my syntax or what ... i know what it supposed to do and my code does look correct ... but why the @#!% doesn't it work.

if someone could run it off their own server and see it action and you'll be baffled to.

Posted: Wed Aug 27, 2003 3:43 pm
by JAM
It worked here. Oh, I did correct something.

Code: Select all

// bad
$s = moz;
// better x2
$s = 'moz';
$s = "moz";

Posted: Thu Aug 28, 2003 7:58 am
by zick
i was under the impression that when you use integer type variables (that you might later use in arithmetic operations) that you don't use quotes ... am i wrong here ... i'm just starting into php, but i come from a background in other languages and that seems to be the case in other languages.

Posted: Thu Aug 28, 2003 8:24 am
by zick
i think you're lying (no offense :)) or don't know what it's supposed to do ... pay attention to the text "link tree" at the bottom. you'll notice when the page fires up there's a "0" at the end of that. that is the current value of $p. if the script worked properly, if you you typed "steve" in the username box and hit enter ... "link tree" would have a "2" at the end of it. also "steve" would be written under that ... and the form with the two text boxes wouldn't be there any more, but a welcome message would now appear ...
again try it and see that it doesn't work although the code appears to be correct. i don't know why ... thanks again guys for any feedback/help.

Posted: Thu Aug 28, 2003 8:57 am
by volka
you REALLY should use speaking names for variables.
try space as username and steve as password

Posted: Thu Aug 28, 2003 9:18 am
by timj
This won't change anything, but I'd recommend to use the extract( ) function to get all your variables if you're going to name them the same anyway.
eg
extract($_POST); or something
should set $c and $n correctly.
This will save you some trouble afterwards, when you're adding vars or changing var names.

Posted: Thu Aug 28, 2003 10:55 am
by zick
MOTHER OF CHOCOLATE SQUIRRELS !!!
thanks volka for the tip ... maybe i'll start spelling out variables. i can't believe that i fell into that one. well it works now. thanks everyone who helped me. i appreciate it alot.

Posted: Thu Aug 28, 2003 12:12 pm
by McGruff
timj wrote:This won't change anything, but I'd recommend to use the extract( ) function to get all your variables if you're going to name them the same anyway.
eg
extract($_POST); or something
should set $c and $n correctly.
This will save you some trouble afterwards, when you're adding vars or changing var names.
Be VERY careful if you extract the $_POST array: form forgers can supply any variable name with any value and hence the extract line can potentially overwrite any previously defined variable which exists in the same scope as the extract line and has the same name as a (forged) POST var. You can automatically add a prefix to extract()'d vars if this could be a problem in your script - see manual.