PHP Code:<?php
//The Variables
$name = $_POST["name"];
$password = $_POST["password"];
$email - $_POST["email"];
$age = $_POST["age"];
$submit = $_POST["submit"];
//The IFs
if ($submit != "")
{
if ($name == "")
{
die ("Whoops! You didn't enter a username. You need that if you want to login!");
}
if ($password == "")
{
die ("Whoops! You didn't enter a password. You need this to login to your account as well as security for your account!");
}
if ($email == "")
{
die ("Whoops! You didn't enter an email. You need this to receive news and updates for the usersystem, as well as to verify your identity.");
}
if ($age == "")
{
die ("Whoops! You didn't enter your age. We need this to verify you are old enough to register!");
}
echo "Heya, $name - Welcome to $site. The details you used to sign up are as follows:<br>
Name: $name<br>
Email: $email<br>
Age: $age<br>
<br>
If the details are incorrect, use the back button and try again. If they are correct, please continue to the installer.";
exit;
}
// The HTML
echo "<form action=\"register2.php\" method=\"post\">
Username: <input type=\"text\" name\"name\"><br>
Password: <input type=\"text\" name\"password\"><br>
Email: <input type=\"text\" name=\"email\"><br>
Age: <input type=\"text\" name=\"age\"><br>
<input type=\"submit\" name=\"submit\" value=\"Submit\">
</form>";
?>
Results 11 to 20 of 41
Thread: My newbish PHP help
-
21-11-2007, 04:46 PM #11
- Join Date
- Jan 2007
- Location
- England, Uk, World, Universe,
- Posts
- 1,012
- Tokens
- 0
Last edited by rh4u; 21-11-2007 at 04:50 PM.
my sig ran away,
-
You should really clean input :S
then doPHP Code:function clean($tobecleaned)
{
$cleaned = strip_tags(addslashes(stripslashes(htmlspecialchars($tobecleaned))));
return $cleaned;
}
instead ofPHP Code:clean($_POST[variablename]);
PHP Code:$_POST[variablename];
Coming and going...
Highers are getting the better of me
-
Ewww, don't use die. Just do an echo, then an exit.
Originally Posted by rh4u
Better clean function: Originally Posted by Cj555
You should really clean input :S
then doPHP Code:function clean($tobecleaned)
{
$cleaned = strip_tags(addslashes(stripslashes(htmlspecialchars($tobecleaned))));
return $cleaned;
}
instead ofPHP Code:clean($_POST[variablename]);
PHP Code:$_POST[variablename];
PHP Code:<?php
function clean($string)
{
$string = htmlspecialchars($string, ENT_QUOTES);
if (get_magic_quotes_gpc())
{
$string = stripslashes($string);
}
$string = str_replace("\"", "", $string);
$string = htmlentities($string);
$string = mysql_real_escape_string($string);
return $string;
}
?>
-
$string = str_replace("\"", "", $string);
is not just the same as stripslashes?
Lol, but use denta's is looks more complicated and probs betterComing and going...
Highers are getting the better of me
-
Fixed everything, used a clean function seen as them lot are raving about it ^^PHP Code:
<?php
//Clean function, comment out if not wanted.
function clean($this){
$this = strip_tags($this);
$this = htmlspecialchars($this, ENT_QUOTES);
$this = mysql_real_escape_string($this);
return $this;
}
if(isset($_POST['submit'])){
//The form was sent, let's do some stuff!
$name = clean($_POST['name']);
$password = clean($_POST['password']);
$email = clean($_POST['email']);
$age = clean($_POST['age']);
if (!isset($name))
{
echo "Whoops! You didn't enter a username. You need that if you want to login!";
exit;
}
if (!isset($password))
{
echo "Whoops! You didn't enter a password. You need this to login to your account as well as security for your account!";
exit;
}
if (!isset($email)
{
echo "Whoops! You didn't enter an email. You need this to receive news and updates for the usersystem, as well as to verify your identity.";
exit;
}
if (!isset($age))
{
echo "Whoops! You didn't enter your age. We need this to verify you are old enough to register!";
exit;
}
echo("Heya, $name - Welcome to $site. The details you used to sign up are as follows:<br>
Name: $name<br />
Email: $email<br />
Age: $age<br />
<br />
If the details are incorrect, use the back button and try again. If they are correct, please continue to the installer.
");
}else{
//The form hasn't yet been sent! Display it.
echo("<form action=\"register2.php\" method=\"post\">
Username: <input type=\"text\" name\"name\"><br>
Password: <input type=\"text\" name\"password\"><br>
Email: <input type=\"text\" name=\"email\"><br>
Age: <input type=\"text\" name=\"age\"><br>
<input type=\"submit\" name=\"submit\" value=\"Submit\">
</form>
");
}
die();
?>Last edited by lolwut; 21-11-2007 at 05:27 PM.
i've been here for over 8 years and i don't know why
-
!isset($age)
Anytime you submit a post..
$age = $_POST["age"];
Thats set, you need to check to see if it is blank, not set.
-
isset() is the same as blank?
PHP assumes if a variable is blank then it is not set.
I.e.
Correct me if I'm wrong.PHP Code:$this = "";
if(!isset($this)){ die('lolnosoz'); }
i've been here for over 8 years and i don't know why
-
Nope:
if you visit filename.php without putting the get, it is unset.PHP Code:<?php
$bla = $_GET["hey"];
if (!isset($bla))
{
echo "Not set";
}
else
{
echo "Word: $bla";
}
?>
If you visit filename.php?hey it is set, but it is blank So it doesn't check to see if it is blank.
-
Er, that code won't work. Unless I'm mistaken, mysql_real_escape_string requires a connection to the database in order to execute.
-
it does, and certainly he will use a DB
Reply With Quote
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts