Page 2 of 2

Posted: Sun Jun 11, 2006 8:42 am
by derchris
I think it should be elseif instead of if for the blacklist.

Say, I type in this blacklisted serial, it first checks if it valid, it is not and goes to the next else.
But it will never reach the next if.

Posted: Sun Jun 11, 2006 9:06 am
by m0u53m4t

Posted: Sun Jun 11, 2006 9:34 am
by derchris
But not correct.
According to your script, one should be redirected to Altavista if the Serial is wrong,
but I got redirected to Google

Posted: Sun Jun 11, 2006 9:55 am
by m0u53m4t
Wierd... Can you test my vb application for me to see if it works ok. http://cardiffhigh.cardiff.sch.uk/~jami ... /Login.exe I recommend you scan it for viruses first just in case. Use this key: 7JKD-F982-J894-NH7I-8KDF this password: "Yoda" and this password "anewhope".

Posted: Sun Jun 11, 2006 10:25 am
by derchris
I don't have the .NET Framework installed on my machine

Posted: Sun Jun 11, 2006 10:54 am
by m0u53m4t
Ah... how do people get that?

Posted: Sun Jun 11, 2006 11:11 am
by derchris
You can download it from the MS website

Posted: Sun Jun 11, 2006 11:22 am
by m0u53m4t
Ah. That will be part of a program I plan on selling... I think I'll mention they need that... :lol:

Posted: Sun Jun 11, 2006 12:11 pm
by SKDevelopment
m0u53m4t wrote: and if the serial is right, it goes to google, if its black listed it goes to Yahoo.
No. In your case it always goes to Google. It is because '43T7-9H2O-348Y-UVH2-80VN' and '79EU-IDJH-J09F-UAWE-HRF9' are not empty strings and always evaluated to TRUE.

I think what you meant is:

Code: Select all

$serial = $_GET["serial"]; 
if (($serial == '7JKD-F982-J894-NH7I-8KDF' || $serial == '43T7-9H2O-348Y-UVH2-80VN' || $serial == '79EU-IDJH-J09F-UAWE-HRF9')) { // Valid serial keys 
header( 'Location: http://www.google.com' ) ; 
} 
else { 
header( 'Location: http://www.altavista.com' ) ; 
}

// Attention !!! This condition is never checked !!!
if (($serial == '7K7D-SGF7-J894-NH7I-J8G5')) { // Blacklisted serials 
header( 'Location: http://www.yahoo.com' ) ; 
}
Even in this case your 2nd condition is never checked. Because by the 1st condition you will be redirected either to Google or to Altavista. You will be never redirected to Yahoo.

Edit: I see the last has been mentioned already.
--
Best Regards,
Sergey Korolev
www.SKDevelopment.com

Posted: Sun Jun 11, 2006 12:52 pm
by m0u53m4t
Then why does it work? http://juniorfiles.t35.com/reg.php?seri ... -NH7I-J8G5 should take you to yahoo.

Posted: Sun Jun 11, 2006 12:56 pm
by SKDevelopment
I think I should add this to my previous post. I said the 2nd condition will never be checked. Formally speaking it will be checked. The PHP Parser will parse the script to the end no matter which headers have been sent to the browser already. But anyway because of the 1st condition the browser will be redirected either to Google or to Altavista. And though the 2nd "if" will be parsed by the PHP parser anyway, the redirect to Yahoo will have no effect. Just as if the 2nd "if" was not parsed at all.

Posted: Sun Jun 11, 2006 1:31 pm
by SKDevelopment
m0u53m4t wrote:Then why does it work? http://juniorfiles.t35.com/reg.php?seri ... -NH7I-J8G5 should take you to yahoo.
Very interesting. Never checked it like that. This means the 2nd "Location" header takes precedence if 2 "Location" headers are sent.

But I think it would be better for you to corrected your script. Such behavior does not look very reliable to me.

I tried to look at it with FireFox with LiveHTTPHeaders. Only 1 "Location" header is shown in each case. I did not explore the situation any further.

Edit: Gave a wrong example. Removed it. Sorry.

Posted: Sun Jun 11, 2006 1:38 pm
by John Cartwright
m0u53m4t wrote:Then why does it work? http://juniorfiles.t35.com/reg.php?seri ... -NH7I-J8G5 should take you to yahoo.
Just because you send a header redirect does not mean the script will terminate at taht point. You'll notice nearly everytime anyone uses header redirect it is proceeded by an exit() call so no other code is called.

Posted: Sun Jun 11, 2006 1:44 pm
by SKDevelopment
I think your script could look something like this:

Code: Select all

<?php
$serial = $_GET["serial"]; 
if (in_array($serial,array('7JKD-F982-J894-NH7I-8KDF','43T7-9H2O-348Y-UVH2-80VN','79EU-IDJH-J09F-UAWE-HRF9'))) { // Valid serial keys 
 header( 'Location: http://www.google.com' ) ; 
} elseif($serial == '7K7D-SGF7-J894-NH7I-J8G5') { // Blacklisted serials 
 header( 'Location: http://www.yahoo.com' ) ;    
} else { 
 header( 'Location: http://www.altavista.com' ) ; 
} 
?>

Posted: Sun Jun 11, 2006 2:33 pm
by m0u53m4t
Jcart wrote:
m0u53m4t wrote:Then why does it work? http://juniorfiles.t35.com/reg.php?seri ... -NH7I-J8G5 should take you to yahoo.
Just because you send a header redirect does not mean the script will terminate at taht point. You'll notice nearly everytime anyone uses header redirect it is proceeded by an exit() call so no other code is called.
But if, like here, I do want the rest done then isn't that ok not to call exit()?