Form validate - trouble with zero

leothelion · December 18, 2008

0 (zero) is slipping through the following test - can't solve - please offer solution

if (!empty($_POST['ipaddr'])) {

if ($ipaddr < 1 || $ipaddr > 254) {

$msg = "IP # must be in range 1-254<br>";

send_error($msg);

}

tia

premiso · December 18, 2008

if (!empty($_POST['ipaddr']) && $_POST['ipaddr'] != 0) {
      if ($ipaddr < 1 || $ipaddr > 254) {
         $msg = "IP # must be in range 1-254<br>";
         send_error($msg);
         }
      }

leothelion · December 18, 2008

premiso-

that is one way to look at it but...

it doesn't offer an error message if zero is entered as intended - it simply bypasses the test

and..

i still wonder why zero is not considered < 1. I believe it has something to do with boolean values but I can't figure a way around it.

premiso · December 18, 2008

Eh sorry my mistake...

if (!empty($_POST['ipaddr'])) {
      $ipaddr = $_POST['ipaddr'];
      if ($ipaddr < 1 || $ipaddr > 254) {
         $msg = "IP # must be in range 1-254<br>";
         send_error($msg);
         }
      }

You were never setting $ipaddr to the post data.

It is just one of those forgetful, quick to post days =)

leothelion · December 18, 2008

sorry to say but that is not the case.

should have posted everything but there's a lot.

I have the following before the if

$ipaddr = $_POST['ipaddr'];

and....

-1 spits out the error as well as 999 but not zero - there is something special about zero that I am missing.......

premiso · December 18, 2008

What value is suppose to be held in the $ipaddr? The full IP? If so, the issue here is the IP is actually a string time, and you are trying to use an int to check against a string value. If the string value is = "0" this is of course > 0 due to that.

You can always try using (int) if it is just part of the IP...

if (!empty($_POST['ipaddr'])) {
      $ipaddr = intval($_POST['ipaddr']);
      if ($ipaddr < 1 || $ipaddr > 254) {
         $msg = "IP # must be in range 1-254<br>";
         send_error($msg);
         }
      }

That assume $_POST will contain "xxx" and not "xxx.xxx.xxx.xxx"

If that does not solve your problem please post more code, such as where you define $ipaddr and what $ipaddr should contain.

leothelion · December 18, 2008

still not working.

i thought of intval earlier but it didn't help.

here's the code

if (isset($_POST['add'])) {
   $user = $_SERVER['REMOTE_USER'];
   $hostname = $_POST['hostname'];
   $ipaddr = intval($_POST['ipaddr']);
   $comments = $_POST['comments'];
   $alias = $_POST['alias'];
     
   // sanitize input
   echo "test 1<br>";
   if (empty($_POST['hostname'])) {
      $msg = "You forgot to supply a hostname $user<br>";
      send_error($msg);
      }
   echo "test 2<br>";
   if (!eregi('[0-9|a-z|-]', $hostname)) {
      $msg = "Sorry - alphanumeric or hyphen only!<br>";
      send_error($msg);
      }
   echo "test 3<br>";
   if (!ereg('[0-9|a-z|-]{3,63}', $hostname)) {
      $msg = "Must be at least three but not more than 63 characters!<br>";
      send_error($msg);
      }
   echo "test 4<br>";
   if (ereg('^[-]', $hostname)) {
      $msg = "Sorry, cannot start with hyphen!<br>";
      send_error($msg);
      }
   echo "test 5<br>";
   if (ereg('[-]$', $hostname)) {
      $msg = "Sorry, cannot end with hyphen!<br>";
      send_error($msg);
      }
   echo "test 6<br>";
   if (ereg('^[pc|nb]', $hostname)) {
      $msg = "Do not use asset tag for host name!<br>
      If you must use asset tag specify it as an alias.<br>";
      send_error($msg);
      }
   echo "test 7<br>";
   echo "$ipaddr<br>";
   if (is_int($ipaddr)) {
      echo "$ipaddr is an integer<br>";
      }
   if (!empty($_POST['ipaddr'])) {
      if ($ipaddr < 1 || $ipaddr > 254) {
         $msg = "IP # must be in range 1-254<br>";
         send_error($msg);
         }
      }
   // update DNS
   echo "look's good updating...!<br>";
--More--(27%)

here's what i see on the browser

test 1

test 2

test 3

test 4

test 5

test 6

test 7

0

0 is an integer

look's good updating...!

as you can see zero is slipping through the test

the first three bytes of the ip address are fixed so the user is allowed to enter only the last byte 1...254

here's what happens if -2 is entered

test 1

test 2

test 3

test 4

test 5

test 6

test 7

-2

-2 is an integer

IP # must be in range 1-254

Click your back button and try again

thanks for the help

Psycho · December 18, 2008

-1 spits out the error as well as 999 but not zero - there is something special about zero that I am missing.......

That's because '0' is considered an "empty" value so it fails the very first test of

if (!empty($_POST['ipaddr'])) {

So it will never get to the value test of

if ($ipaddr < 1 || $ipaddr > 254) {

See the manual for all the values that are determined to be "empty": http://us2.php.net/manual/en/function.empty.php

You could try this:

if (isset($_POST['ipaddr']) && strlen(trim($_POST['ipaddr'])))
{
    $ipaddr = intval(trim($_POST['ipaddr']));
    if ($ipaddr < 1 || $ipaddr > 254)
    {
        $msg = "IP # must be in range 1-254<br>";
        send_error($msg);
    }
}

leothelion · December 18, 2008

thanks

i will try later but i'm sure thats the answer.

Sign In

Form validate - trouble with zero

Recommended Posts

leothelion

Link to comment

Share on other sites

premiso

Link to comment

Share on other sites

leothelion

Link to comment

Share on other sites

premiso

Link to comment

Share on other sites

leothelion

Link to comment

Share on other sites

premiso

Link to comment

Share on other sites

leothelion

Link to comment

Share on other sites

Psycho

Link to comment

Share on other sites

leothelion

Link to comment

Share on other sites

Join the conversation

Browse

Activity

Important Information