PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
Hi, I'm making a function to parse a packet, where there is the possibility that the packet might not be in the format that the script is exepecting, and cause errors. Therefore, I've made this function that I want to return false on error, without showing any errors. For now I've set it to return "test" on error for debugging. But I need the error() function to cause parse_packet to also return false. At the moment only error() returns false. How is this possible?
<?php
function parse_packet ( ) {
// Call this function if there is an error parsing the packet
function error ( ) {
return "test";
}
set_error_handler ( "error" );
trigger_error ( "blah" );
restore_error_handler ( );
}
echo parse_packet ( );
?>
Well I havn't written the real code yet because I want to make sure that this method will work before I start, but basically the packet should look something like this: "102username|password". But if somebody sends something like this: "102", missing the arguments, it will generate errors. So I would simply want to to return false in this case.
<?php
function parse_packet ( $packet ) {
// Call this function if there is an error parsing the packet
function error ( ) {
return false;
}
set_error_handler ( "error" );
$new_packet["head"] = substr ( $packet, 0, 3 ); // Define the head part of the packet
$new_packet["body"] = substr ( $packet, 3 ); // Define the body part of the packet
$new_packet["body"] = explode ( $new_packet["body"], "|" ); // Separate the body into arguments
restore_error_handler ( );
return $new_packet;
}
print_r ( parse_packet ( "102" ) );
?>
Ok. So apparently the lead is always three characters followed by one or more characters, a pipe, and finally one or more characters. That's a minimum of 6 characters. I may use strlen() to determine if the input is even remotely valid. I may also use strpos() to determine if there is a pipe and where it sits -- it must be the fifth or higher character.
What happens if username or password contain a pipe?
Well actually that username|password thing was just an example. There can be an unlimited ammount of arguments, meaning unlimited pipes. It just depends on the packet, so there is really no way to check it like that. Also, the pipe is always going to be chr ( 2 ). When I used "|" as the pipe, that was wrong. Sorry. But your idea to validate it before parsing it might work. I will have to think hard about how to validate it though.
Very well. The same question still applies however, given that there could be one or more of the separated elements, what happens if one of those elements has chr(2) in it? If you have control over the data before the call to this function it may be best to transform the separate items such that they cannot have chr(2) in them, but can easily be transformed back to their original state. One option is something similar to urlencode() for instance.
Really I'm not that worried about it having chr(2) in it because the client that I'm developing to go with this server will never put a chr(2) into the data, and any standard charset will not have a chr(2). In addition, the client will check that only alphanumeric characters are submitted in this case.
The real concern I have is when someone trying to connect their own programs to the server for whatever reason they might have, whether it is to hack, or to macro, and they send a messed up packet. I just don't want such people to send bogus packets and cause the server to either get massive errors, or to crash.