-
Feb 8th, 2014, 05:02 AM
#1
Thread Starter
Fanatic Member
Strange problem in form submittion
I have a form built in HTML and when this form is submitted by POST method then users are not allowed to blank values to form fields. And it work fine but sometimes blank values are received and they are saved into database as well.
I redirect the user to the previous page when a blank value for any field is found. So why this can happen and blank values are stored into database?
-
Feb 8th, 2014, 06:08 AM
#2
Re: Strange problem in form submittion
So users are not allowed to submit blank values? Can you post your code?
-
Feb 8th, 2014, 06:15 AM
#3
Thread Starter
Fanatic Member
Re: Strange problem in form submittion
Originally Posted by dclamp
So users are not allowed to submit blank values? Can you post your code?
here is the code
Code:
<?php
function isEmpty($method, $control_array, $is_redirect = "no", $redirect_url = "empty")
{
if( $method == "post" )
{
for( $i = 0; $i < sizeof($control_array); $i++ )
{
if( trim( $_POST[$control_array[$i]] ) == "")
{
if(trim($is_redirect) == "yes")
{
$this->redirect($redirect_url."&c_name=".$control_array[$i]);
}
else
{
return $control_array[$i];
}
}
}
}
if( $method == "get" )
{
for( $i = 0; $i < sizeof($control_array); $i++ )
{
if( trim( $_GET[$control_array[$i]] ) == "")
{
if(trim($is_redirect) == "yes")
{
$this->redirect($redirect_url."&c_name=".$control_array[$i]);
}
else
{
return $control_array[$i];
}
}
}
}
return true;
}
?>
-
Feb 8th, 2014, 06:22 AM
#4
Re: Strange problem in form submittion
You have return true at the bottom. So If it doesnt redirect, then it returns the control array, and it returns true. Also im not sure how it works in production as I have not tested it myself, But depending on how large the array you are sending it, it will be returning several times. I believe you are going to want to return an array and not just use return several times.
-
Feb 8th, 2014, 06:37 AM
#5
Thread Starter
Fanatic Member
Re: Strange problem in form submittion
im calling this function with the code below.
And passing whole POST array into it. And all fields are mandatory
Code:
isEmpty("post", $_POST, "no", "register.php?msg=Please fill all fields$queryString");
-
Feb 8th, 2014, 09:21 AM
#6
Re: Strange problem in form submittion
After working the code on my own end, I think this is what you ultimately want. Use of $_POST and $_GET in the function was not necessary since you were passing the array onto the function, its just an array. Also you were using a for loop with a counter instead of just using a foreach loop.
PHP Code:
function isEmpty($method, $control_array, $is_redirect = "no", $redirect_url = "empty") { foreach ($control_array as $value) { if ($value == "") { // Value blank. redirect $this->redirect($redirect_url."&c_name=".$value); } else { // Value is not blank. return $value; } } }
-
Feb 8th, 2014, 09:56 AM
#7
Thread Starter
Fanatic Member
Re: Strange problem in form submittion
you have corrected the code.
My problem the the code you i sent you was working fine... And when i test it im not able to enter blank values just because of validations. But on the LIVE site i don't know some times blank values are stored into database.
In testing it works fine, On live it is also fine but i want to know the reason why sometimes blank values saved into database?
-
Feb 8th, 2014, 10:01 AM
#8
Re: Strange problem in form submittion
I am not really sure why it did that. Hard to say without seeing all of your code and actually debugging myself. A lot of times test servers and live servers will have slightly different settings which could cause weird anomalies.
-
Feb 8th, 2014, 10:08 AM
#9
Thread Starter
Fanatic Member
Re: Strange problem in form submittion
i understand your point.
But when i fill the form and send blank values to it, It works and ask for not to leave fields blank. So how is it possible that someone else is able to post blank data?
all fields blank not a single character is there
but not everytime i get blank data, Only very rare cases once or twice in a week.
-
Feb 8th, 2014, 10:21 AM
#10
Re: Strange problem in form submittion
Perhaps the $_GET or $_POST were actually picking up on things being Posted or added to the query string, so it would parse that and add it to the database on accident along with things that were blank.
It could also be possible that for some reason redirect didnt work so it continued parsing the rest of the fields?
-
Feb 8th, 2014, 11:52 AM
#11
Thread Starter
Fanatic Member
Re: Strange problem in form submittion
so shall i exit() after redirect?
so if redirect does not work then script will die and won't go ahead.
-
Feb 8th, 2014, 09:32 PM
#12
Re: Strange problem in form submittion
You don't want your script to die. However i would suggest you dont redirect from the class function. Your function should either return TRUE or FALSE. then let the other part of your code decide what to do.
TRUE would mean everything is OK
FALSE would mean there is a blank field.
PHP Code:
//Notice I removed the first argument: form method if ($class->isEmpty($_POST, "no", "register.php?msg=Please fill all fields$queryString") == false) { //REDIRECT HERE } else { //Do something else }
-
Feb 10th, 2014, 09:13 AM
#13
Thread Starter
Fanatic Member
Re: Strange problem in form submittion
thanks for your replies, But i really want you to have a look at the code i have and let me know does it allow in any condition to bypass "isEmpty" function and go ahead of this line?
here is sample three files small code. Please test it for me and check if this isEmpty can be bypassed and script go ahead in any condition?
form.php
Code:
<form action="act.php" method="post">
Country Name: <input type="text" name="country" /><br />
Enter URL: <input type="text" size="80" name="url" /><br />
<input type="submit" />
</form>
act.php
Code:
<?php
include("validation.php");
?>
<?php
$ct = array("country","url");
$obj = new validation();
$r = $obj->isEmpty("post", $ct, "yes", "form.php?msg=Please fill all fields");
echo "More code here";
?>
validation.php
Code:
<?php
class validation
{
function isEmpty($method, $control_array, $is_redirect = "no", $redirect_url = "empty")
{
if( $method == "post" )
{
for( $i = 0; $i < sizeof($control_array); $i++ )
{
if( trim( $_POST[$control_array[$i]] ) == "")
{
if(trim($is_redirect) == "yes")
{
$this->redirect($redirect_url."&c_name=".$control_array[$i]);
}
else
{
return $control_array[$i];
}
}
}
}
if( $method == "get" )
{
for( $i = 0; $i < sizeof($control_array); $i++ )
{
if( trim( $_GET[$control_array[$i]] ) == "")
{
if(trim($is_redirect) == "yes")
{
$this->redirect($redirect_url."&c_name=".$control_array[$i]);
}
else
{
return $control_array[$i];
}
}
}
}
return true;
}
function redirect($url)
{
echo "<script> location.href='$url' </script>";
exit(0);
}
}
?>
Last edited by chunk; Feb 10th, 2014 at 09:31 AM.
-
Feb 10th, 2014, 09:55 AM
#14
Re: Strange problem in form submittion
Just looking at it, I noticed you did not make any of the changes to your class that I suggested. The $_POST and $_GET in the function are not doing anything and are probably the reason your code is giving false negatives and false positives.
Your function cannot return multiple values. According to your code, if its empty it calls the redirect function. If its not empty then it returns the array to the string and it returns true. It will return the first value and stop. Your function should return TRUE or FALSE only. Then your act.php script should decide what to do with that return.
-
Feb 10th, 2014, 10:09 AM
#15
Thread Starter
Fanatic Member
Re: Strange problem in form submittion
Yes, i did not make any change into it yet that you suggested.
Reason behind it that this code is used in almost 10 websites. So i will have to do it in all the website. But this problem never occured in past one year.
this function is written to act like this only. to redirect or return the control name that is empty.
Yes i understand POST and GET has nothing to do with this function. But still i want you to just check with the example i have posted. If with current code isEmpty function can be bypassed or not.
Please just save these three files and submit form.php form with empty data and filled data.
I just want to know if isEmpty can be bypassed or not with current code
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|