Solved: elseif code problem - php

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

knight_47

Thread Starter
Joined
Mar 14, 2006
Messages
941
Ok, i'm having a problem, basically what I'm trying to do is, if the correct 'code' is posted, it gives me, or the admin special prevliges.

PHP:
<?php
$raw_url = $_POST['url']; // converts the post field into a var
$disc = $_POST['disc']; // converts the post field into a var

$clean_url = htmlentities($raw_url, ENT_NOQUOTES); // cleans out the url field, to make sure no malaciose code gets through
$clean_disc = htmlentities($disc, ENT_NOQUOTES); // cleans out the description field, to make sure no malaciose code gets through
$cleaner_url = stripslashes($clean_url); // removes the \ before single and double quotes in the url
$cleaner_disc = stripslashes($clean_disc); // removes the \ before single and double quotes in the url
$no_cache = '<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> <META HTTP-EQUIV="Expires" CONTENT="-1">';

$pass = "test";

$codes = "NG75" || "B1C2" || "DR21" || "KJG4" || "387C" || "HK47" || "K21B" || "92DK" || "H542" || "FJ521"; //these are all the codes used, not very efficient, but it should stop some bots.


$url = "<html>" . $no_cache . "<body><center><FONT FACE=\"sans-serif, Arial, Helvetica, Geneva\" SIZE=\"6\"><a href=\"$clean_url\" target=\"_blank\">$cleaner_url</a></FONT><br /><br /><FONT FACE=\"sans-serif, Arial, 					Helvetica, Geneva\" SIZE=\"4\"><b>Link Description:</b></FONT><br /><FONT FACE=\"sans-serif, Arial, Helvetica, Geneva\">$cleaner_disc</FONT></center></body></html>"; // displays the URL in large text

$no_disc = "<html><body><center><FONT FACE=\"sans-serif, Arial, Helvetica, Geneva\" SIZE=\"6\"><a href=\"$clean_url\" target=\"_blank\">$cleaner_url</a></FONT></body></html>"; // displays the description if one is added

$admin_code = "<html>" . $no_cache . "<body><center><FONT FACE=\"sans-serif, Arial, Helvetica, Geneva\" SIZE=\"6\"><a href=\"$clean_url\" target=\"_blank\">$raw_url</a></FONT><br /><br /><FONT FACE=\"sans-serif, Arial, Helvetica, Geneva\" SIZE=\"4\"><b>Link Description:</b></FONT><br /><FONT FACE=\"sans-serif, Arial, Helvetica, Geneva\">$disc</FONT></center></body></html>"; // this is for an admin posting only!


if ($_POST['Submit'] && $_POST['inc'] == "inc" && $_POST['code'] == $codes) // this is what happens if the user hits submit AND a description is added AND the code is correct
{
$file = "site.html";
    $create = fopen($file, 'w') or die("Hm... There seems to be a problem, I hope you didn't break anything!"); // creates the new file, or gives an error message if something goes wrong
    fwrite($create, $url); // adds $url to the newly created file
    fclose($create); // closes
	echo '<meta HTTP-EQUIV="REFRESH" content="0; url=http://www.knight47.com/link_sharer">'; // redirects back to the home page
}
else if ($_POST['Submit'] && $_POST['code'] == $codes) // this is what happens if the user hits submit, AND the code is correct. notice how no description is added in this
{
$file = "site.html";
    $create = fopen($file, 'w') or die("Hm... There seems to be a problem, I hope you didn't break anything!");
    fwrite($create, $no_disc);
    fclose($create);
	echo '<meta HTTP-EQUIV="REFRESH" content="0; url=http://www.knight47.com/link_sharer">';
}
else if ($_POST['Submit'] && $_POST['inc'] == "inc" && $_POST['code'] == $pass)
{
$file = "site.html";
    $create = fopen($file, 'w') or die("Hm... There seems to be a problem, I hope you didn't break anything!");
    fwrite($create, $admin_code);
    fclose($create);
	echo '<meta HTTP-EQUIV="REFRESH" content="0; url=http://www.knight47.com/link_sharer">';
}
else
{
echo "Sorry, you've entred the wrong code, please go back and try again";
}

?>
the problem is in the last "else if". If I enter test into the code field, it SHOULD include html code in my $disc, and NOT clean it out, like it does by default, but it's not, does anyone know why??

thanks.
 
Joined
Jul 8, 2002
Messages
14,681
What is the last elseif doing right now? Not writing to the file, or writing the wrong values?

Also, $codes is always going to equal true, so your first elseif probably isn't doing what you want either.
 
Joined
Feb 25, 2004
Messages
444
like brendandonhu said fix the $codes problem first.

Change

Code:
$codes = "NG75" || "B1C2" || "DR21" || "KJG4" || "387C" || "HK47" || "K21B" || "92DK" || "H542" || "FJ521");
into

Code:
$codes = array("NG75" ,"B1C2" ,"DR21", "KJG4", "387C", "HK47" , "K21B", "92DK","H542", "FJ521";
and change

Code:
$_POST['code'] == $codes
To

Code:
in_array($_POST['code'], $codes) 
//in_array function desc:  http://ca.php.net/in_array
Try fixing that and see what happens.
 

knight_47

Thread Starter
Joined
Mar 14, 2006
Messages
941
brendandonhu said:
What is the last elseif doing right now? Not writing to the file, or writing the wrong values?

Also, $codes is always going to equal true, so your first elseif probably isn't doing what you want either.
How is $codes always going to equal true???

You can test it out here www.knight47.com/link_sharer ,(click on replace with your link, and test out the code thing), it seems to be working fine. I just don't understand how it's always going to equal true.

All this script does is advertise a given URL, one at a time. So if I come along and submit google.com, then that url link is on the main page, along with a description. To make it safer, I null all html code so nothing bad goes through. But I want to be able to add html to it, in case I want to bold something, or italicize, ONLY if the correct password is given. So if the correct password is given, it does NOT null the html, leaving it in place. And obviously the password would only be known by me or whoever is running the script. So nothing bad would go through.
 
Joined
Jul 8, 2002
Messages
14,681
A non-empty string is always true. Whatever code is entered, it's going to run the first elseif and not the second one. Also, the point of a CAPTCHA is that they have to correctly enter the code displayed in the image. It's not really doing anything if you can enter the same code over and over again.
 

knight_47

Thread Starter
Joined
Mar 14, 2006
Messages
941
I could have sworn that the capatcha was working, I don't know why it's not now... I know it's not the ideal capatcha, but i'm still working on that.

I don't understand what you mean when a string is true, can't you compare a string to another string? and if they don't equal than you do X, and if they equal then you do Y??
 
Joined
Jul 8, 2002
Messages
14,681
$codes isn't a string there, it's a boolean.
This:
Code:
$codes = "NG75" || "B1C2" || "DR21" || "KJG4" || "387C" || "HK47" || "K21B" || "92DK" || "H542" || "FJ521";
is equivalent to:
Code:
$codes = true;
 
Joined
Jul 8, 2002
Messages
14,681
If you put it into an array, then it's an array. I really don't see the point of your CAPTCHA though. It's not going to stop any bots since it doesn't check whether they entered the right code or not.
 

knight_47

Thread Starter
Joined
Mar 14, 2006
Messages
941
how do I check then?

I thought you could just do a simple if X == X then do this.
 
Joined
Jul 8, 2002
Messages
14,681
First you need to store a value for the image that was actually displayed, then you can use == to check if they are the same.

Take a search on google or phpclasses.org, there is lots of sample code for CAPTCHAs.
 

knight_47

Thread Starter
Joined
Mar 14, 2006
Messages
941
Thanks, i know the captcha isn't the greatest, and it's really not supposed to be, I'm just trying to learn, with a bunch of baby steps.. I did turn $codes into an array, and searched it with in_array(), and it did work, thank you both! :)
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Top