Empty string returns negative value with a check

Web directory - Myspace Images - Shopping news - Synchronize your Files - Mailboxes

View Full Version : Empty string returns negative value with a check

lampie1978

Jun 8th 2007, 5:09 am

Hi all,

I am stuck on this stupid problem and i don't know how to solve the problem :confused:

What did I create:
I created a form that posts several variables, each variable that the form posts needs to be checked to protect the DB. After the check turns out ok then the DB is updated with the value of the variable.

The problem is that the variables that are optional and have no data are returned false and thus i cann't update the DB. I tried to skip the check when the variable is empty, but that doesn't work correctly.

Who can help, since the form has many optional variables I'll just post one.

Before i start the form:

if ($_POST[voorvoegsel] == '') { $voorvoegsel = ' '; } else { $voorvoegsel = $_POST[voorvoegsel]; }

The form:

<form name="persoonlijk" method="post" action="persoonlijk.php">
<input type="text" name="voorvoegsel" maxsize="10">
<input type='submit' name='updaten' value='Updaten'>
</form>

After the button update:

function anti_injection($voorvoegsel)
{
$verboden = array("bla", "bla");

if ($voorvoegsel != ' ')
{
if (eregi("[a-zA-Z0-9]+", $voorvoegsel)) { $voorvoegsel = trim(str_replace($verboden, '', strtolower($voorvoegsel))); } else { $voorvoegsel = HACK; echo "voorvoegsel:" .$voorvoegsel. "<br>"; }
}

$array = array('voorvoegsel'=>$voorvoegsel);

if (in_array(HACK, $array)) { die ('Sorrij uw hackpoging is mislukt.'); } else { return $array; }
}

After this the array continously returns the HACK for this variable.
Who knows what to do because i'm nearing the state of becoming crazy

Thanx

donteatchicken

Jun 8th 2007, 9:29 am

Put this at the top:

$voorvoegsel = $_REQUEST["voorvoegsel"];

lampie1978

Jun 8th 2007, 9:58 am

Nope, still the same old song

donteatchicken

Jun 8th 2007, 11:03 am

is register globals enabled?

have u tried with session variables?

lampie1978

Jun 8th 2007, 12:59 pm

Jip globals work, I allready used them on other pages.

Didn't try session, but can't use it either. I am allready using them for other purposes, for login and abstracting user data from DB for the different pages.

Nefarious

Jun 8th 2007, 1:43 pm

I'm not sure but shouldn't there be quotes on the post var?
$_POST['voorvoegsel']

not sure if this will solve it but was something that stood out to me.

SeLfkiLL

Jun 8th 2007, 4:44 pm

Make sure you check that the variable is set first:

isset($_POST['var']) //if the variable isn't set, this will return false

Then you can make sure it's not empty:

empty($_POST['var']) //if the variable is empty, this will return true

Free Directory

Jun 8th 2007, 4:54 pm

Simple ways are always the best.
Advice of other functionalities of php array functions:
array_key_exists, strlen;)
But, the problem it's in the in_array(HACK,$array)
As HACK it's a constant, you must define it somewhere, no?
Your function will return the array if $voorvoegsel != HACK.
be sure you call the function with proper parameter: anti_injection(@$_POST['voorvoegsel ']);

fsmedia

Jun 8th 2007, 4:55 pm

or you could try using if ( !empty ($_POST['blah blahb lah')) { .. }