If Empty - Header

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
donny
Forum Contributor
Posts: 179
Joined: Mon Aug 11, 2014 11:18 am

If Empty - Header

Post by donny »

hello,

i have a order form process page that if someone goes to it on accident it will enter useless info in my db. i want to be able to protect this page so if one of the variables that the form posts is empty then it'll header them to another page.

Code: Select all

if (empty($_POST['name'])) {
   header('Location: form.php');
}
i had this at the top of my code so if name wasn't set then it'd header them to the form so it don't execute the rest of the code and post stuff into my db but this isn't working. can someone tell me a code that'll work?

thank you
User avatar
Celauran
Moderator
Posts: 6427
Joined: Tue Nov 09, 2010 2:39 pm
Location: Montreal, Canada

Re: If Empty - Header

Post by Celauran »

You definitely want to address that problem with things being entered into the database like that, but that's a separate issue.

The snippet you posted looks like it should be working fine. Can you elaborate on not working? Is it not redirecting? Is it throwing an error? Both? Is the header being called before everything else? Headers need to be sent before any output, so even a blank line in an include could be tripping you up.
donny
Forum Contributor
Posts: 179
Joined: Mon Aug 11, 2014 11:18 am

Re: If Empty - Header

Post by donny »

You definitely want to address that problem with things being entered into the database like that, but that's a separate issue.
can you tell me what you mean by this? i am trying to fix the problem by doing this?


also the code above that i tried doesn't produce any error it just simply acts like its not there. if i go to the url manually it doesn't header me back to the form. it doesn't do anything
User avatar
Celauran
Moderator
Posts: 6427
Joined: Tue Nov 09, 2010 2:39 pm
Location: Montreal, Canada

Re: If Empty - Header

Post by Celauran »

donny wrote:
You definitely want to address that problem with things being entered into the database like that, but that's a separate issue.
can you tell me what you mean by this? i am trying to fix the problem by doing this?
Sounds like there's no validation on form submission. Redirecting an empty form (or a page hit with no submission at all) makes sense. It's a good idea, just not sufficient. In addition to that, you want to check that all required fields have been filled and that they have been filled with data of the expected type. If I submit an order for t-shirts and specify 'tomato' as the quantity, that shouldn't hit your DB.

donny wrote:also the code above that i tried doesn't produce any error it just simply acts like its not there. if i go to the url manually it doesn't header me back to the form. it doesn't do anything
Did you check that you have error reporting enabled? Checked that it's being executed before any output is sent to the browser?
donny
Forum Contributor
Posts: 179
Joined: Mon Aug 11, 2014 11:18 am

Re: If Empty - Header

Post by donny »

i am using a bootstrap validator on the form itself to make sure I'm getting what i want and it works just fine. i am not checking data on the processing page again if thats what you mean.

here is the top of the code I'm having trouble with

Code: Select all

<?php
session_start();
if (empty($_POST['name'])) {
   header('Location: /form.php');
}
//rest of code
?>

//rest of page
i do have error reporting enabled. it just completely acts as if the code isn't there.
User avatar
Celauran
Moderator
Posts: 6427
Joined: Tue Nov 09, 2010 2:39 pm
Location: Montreal, Canada

Re: If Empty - Header

Post by Celauran »

I wouldn't rely solely on client-side validation; it can be disabled. Never trust user data. Have you done a var_dump of $_POST['name'] after your header block? Are you certain it's empty?
donny
Forum Contributor
Posts: 179
Joined: Mon Aug 11, 2014 11:18 am

Re: If Empty - Header

Post by donny »

you are right thats something i will work on next.
is this still a good way to send someone back to the form in this case? (accidentally go to process page)

i found out what the problem was this is a example of my code

Code: Select all

<?php
session_start();
if(empty($POST['name'])) {
   header('Location: GO_TO_FORM');
exit();
}
//CODE
//ADD INFO TO DB
header('Location: GO_TO_NEXT_PAGE');
?>
i have 2 headers in the code. one was the one i was adding the if empty one that will send them back to the form.
the second one i have is for at the end of my code after it posts the data into db it sends them to the next page.
to make it work right i had to add the exit() function in. i thought the header would act as the exit here, i don't know why it still reads the rest of the code when its being told to redirect.

can i use something like this then?

Code: Select all

if(empty($_POST['name'])) {
exit(header('Location: back_to_form'));
}
any input? how would you protect the pages in my case? i have a few pages i need to protect
donny
Forum Contributor
Posts: 179
Joined: Mon Aug 11, 2014 11:18 am

Re: If Empty - Header

Post by donny »

anybody have a better way of doing this?
Post Reply