Definition of these codes.

xxreenaxx1 · April 1, 2010

<?php
if( isset($_SESSION['ERRMSG_ARR']) && is_array($_SESSION['ERRMSG_ARR']) && count($_SESSION['ERRMSG_ARR']) >0 ) {
	echo '<ul class="err">';
	foreach($_SESSION['ERRMSG_ARR'] as $msg) {
		echo '<li>',$msg,'</li>';
	}
	echo '</ul>';
	unset($_SESSION['ERRMSG_ARR']);
}
?>

What do these codes mean?

jonsjava · April 1, 2010

What I'm getting from it (without having all the code to work with):

If there's are error messages, and they are in array form, display each one in a unordered list, then unset all errors, so we don't display them again

xxreenaxx1 · April 1, 2010

Thank you for the help

now the next code is

	//Function to sanitize values received from the form. Prevents SQL injection
function clean($str) {  // reference http://php.net/manual/en/function.trim.php
	$str = @trim($str); // trim the spaces 
	if(get_magic_quotes_gpc()) {
		$str = stripslashes($str);
	}
	return mysql_real_escape_string($str);
}

Sorry if I am too annoying

ialsoagree · April 1, 2010

Asking questions is what this website is here for!

This code is a function which can be called from elsewhere in your script. If you pass it a string variable it will remove any extra white space at the start and end of the string (IE. extra spaces, returns, tabs etc.), then if the string has been escaped by PHP it will remove the escaping. It then escapes the string for storage into a MySQL database and returns the cleaned up string.

You would use it like so:

$some_string = 'Some string.';
$cleaned_string = clean($some_string);

xxreenaxx1 · April 1, 2010

Thank you once again

Got few more of these codes

if($login == '') {
	$errmsg_arr[] = 'Login field missing';
	$errflag = true;
}
if($password == '') {
	$errmsg_arr[] = 'Password missing';
	$errflag = true;
}

//If there are input validations, redirect back to the login form
if($errflag) {
	$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
	session_write_close();
	header("location: login.php");
	exit();
}

ialsoagree · April 1, 2010

This code checks if the $login variable has information in it and if it doesn't, it adds a message to the next index of $errmsg_arr and sets $errflag to true.

It then checks password as above and takes the same steps if password doesn't have any information in it.

If $errflag is true, $errmsg_arr is stored in the current session, specifically $_SESSION['ERRMSG_ARR'], this data is forcibly saved to the session prior to script end (specifically this is useful if your website has frames, otherwise it's unnecessary but not harmful), the user is redirected to login.php and the script ends immediately.

xxreenaxx1 · April 1, 2010

Thank you

So i am guessing the code below

if($fname == '') {
	$errmsg_arr[] = 'First name missing';
	$errflag = true;

Firstname was empty it wil output the error message and error message will be saved in an array and it will set the error flag to true.

And what would the below code would do, I know its similiar to the first one, but not sure

<?php
//Start session
session_start();

//Check whether the session variable MEMBER_ID is present or not
if(!isset($_SESSION['MEMBER_ID']) || (trim($_SESSION['MEMBER_ID']) == '')) {

	exit();
}
?>

ialsoagree · April 1, 2010

As to the code you guessed at you. You're correct EXCEPT that no error is outputted, the error is saved to be outputted later.

As to the 2nd chunk of code, this code starts a new session (a way of keeping track of people on the website), checks if the MEMBER_ID has been set and isn't just an empty string. If it HASN'T been set, or if it IS an empty string, it stops executing the script immediately with no error message.

xxreenaxx1 · April 1, 2010

Once again thank you

one more and that should be it

	$qry="SELECT * FROM members WHERE login='$login' AND passwd='".md5($_POST['password'])."'";

what does this do

ialsoagree · April 1, 2010

This is an SQL query that tells a databse to return all columns in all rows where the login column is equal to the $login variable, and the passwd column is equal to the md5 encrypted string produced with $_POST['password'].

md5 is a form of one-way encryption (data can be encrypted with md5, but once encrypted, it is very hard or impossible to decrypt) that is often used for the encryption of things like passwords that never need to be decrypted again.

xxreenaxx1 · April 1, 2010

Lets hope this is the last one

$member = mysql_fetch_assoc($result);
		$_SESSION['MEMBER_ID'] = $member['member_id'];

ialsoagree · April 1, 2010

$member becomes an array whose indexes are the names of the columns that were returned in $result, and the values of those indexes are the values that were in the database for the given row.

The session index MEMBER_ID gets set to the member_id that was in the MySQL database.

xxreenaxx1 · April 1, 2010

Thank you very much for the help

Sign In

Definition of these codes.

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Archived

Important Information