php switch

ohdang888 · May 30, 2010

ready for a confusing problem! (at least for me :confused: )

i have a form with action="do.php?do=register" method="POST"

i know for a fact that the do.php file is getting the $_GEt attibute correctly because i did this to error check:

if($_GET['do'] == "register"){

echo "gahhh";

}

and it echoed gahhh.

Now, i have a big-a$# switch statement with $_GET['do'] as the parameter.

in it i have this:

case "register":
r("?reg=confirm");
break;

default:
header(Location: index.php?m=undefined&do=".$_GET['do']);
break;

Get this: its redirecting me to "index.php?m=undefined&do="

I never reset a $_GET param or anything like that, but it seems as though its erased $_GET['do']. How messed up is that!

Any ideas how to solve that?

steviez · May 30, 2010

not sure if it will solve it but

header(Location: index.php?m=undefined&do=".$_GET['do']);

Should be

header("Location: index.php?m=undefined&do=".$_GET['do']);

ohdang888 · May 30, 2010

not sure if it will solve it but

header(Location: index.php?m=undefined&do=".$_GET['do']);

Should be

header("Location: index.php?m=undefined&do=".$_GET['do']);

Nope that was a just a typo on my part.

shino · May 31, 2010

would be easier if you posted your whole code.

Also, could be if your using $do somewhere and register globals is on that it's overwriting it.

ohdang888 · May 31, 2010

heres the file. thanks

<?php
require_once('connect.php');

function r($url){
header('Location: '.$url);
die();
}

function pass($pass){
return md5("$39".md5($pass)."*)dP~");
}

function validEmail($email)
{
   $isValid = true;
   $atIndex = strrpos($email, "@");
   if (is_bool($atIndex) && !$atIndex)
   {
      $isValid = false;
   }
   else
   {
      $domain = substr($email, $atIndex+1);
      $local = substr($email, 0, $atIndex);
      $localLen = strlen($local);
      $domainLen = strlen($domain);
      if ($localLen < 1 || $localLen > 64)
      {
         // local part length exceeded
         $isValid = false;
      }
      else if ($domainLen < 1 || $domainLen > 255)
      {
         // domain part length exceeded
         $isValid = false;
      }
      else if ($local[0] == '.' || $local[$localLen-1] == '.')
      {
         // local part starts or ends with '.'
         $isValid = false;
      }
      else if (preg_match('/\\.\\./', $local))
      {
         // local part has two consecutive dots
         $isValid = false;
      }
      else if (!preg_match('/^[A-Za-z0-9\\-\\.]+$/', $domain))
      {
         // character not valid in domain part
         $isValid = false;
      }
      else if (preg_match('/\\.\\./', $domain))
      {
         // domain part has two consecutive dots
         $isValid = false;
      }
      else if
(!preg_match('/^(\\\\.|[A-Za-z0-9!#%&`_=\\/$\'*+?^{}|~.-])+$/',
                 str_replace("\\\\","",$local)))
      {
         // character not valid in local part unless 
         // local part is quoted
         if (!preg_match('/^"(\\\\"|[^"])+"$/',
             str_replace("\\\\","",$local)))
         {
            $isValid = false;
         }
      }
      if ($isValid && !(checkdnsrr($domain,"MX") || 
checkdnsrr($domain,"A")))
      {
         // domain not found in DNS
         $isValid = false;
      }
   }
   return $isValid;
}







$doit = $_GET['do'];

switch($doit){
case "login":
if($_SESSION['user_logged_in']){ r("index.php?m=already logged in"); }
if(empty($_POST['email']) or empty($_POST['password'])){ r("index.php?login=1&m=missing_field&email=".urlencode($_POST['email'])); }

$email = clean($_POST['email']);
$pass = pass($_POST['password']);
$res = mysql_query("SELECT user_id, token FROM users WHERE lower(email)=lower('$email') AND `password`='$pass' LIMIT 1")or die("LOGIN ERROR");
if(mysql_num_rows($res) == 1){
$row = mysql_fetch_array($res);
$_SESSION['user_logged_in'] = true;
$_SESSION['user_id'] = $row['user_id'];
$_SESSION['user_token'] = $row['token'];
r("index.php?logged_in");
}else{
r("index.php?login=1&not_found=1&email=".urlencode($_POST['email']));
}
break;


//END LOGIN


case "logout":
if(!$_SESSION['user_logged_in']){ r("index.php?m=not_logged_in_anyways"); }
session_destroy();
r("index.php?m=logged_out");
break;


//END LOGOUT


case "register":
if(empty($_POST['email']) or empty($_POST['password'])){ r("index.php?reg=1&m=missing_field&email=".urlencode($_POST['email'])); }
if(!validEmail($_POST['email'])){r("?reg=1&m=invalid_email");}
if(count($_POST['password']) < 6){r("?reg=1&m=pass must have more than 6 characters&email=".urlencode($_POST['email']));}

$email = clean($_POST['email']);
$res = mysql_query("SELECT user_id FROM users WHERE lower(email)=lower('$email') LIMIT 1")or die("REGSITER ERROR");
if(mysql_num_rows($res) == 1){
r("?reg=1&m=That+email+already+exists+in+our+system");
}
$pass = pass($_POST['password']);


$to = $_POST['email'];
$from = "[email protected]";
$subject = "Confirm this email to activate your  account";

    //begin of HTML message
    $message = "<html>
  <body bgcolor=\"#DCEEFC\">
    <center>
        Please click <a href='http://www.googe.com/do.php?do=confirm_email&token='>here</a> to confirm your email address.<br/>
        If you cannot click that link, copy and paste this url into your browser: <br>
         http://www.googe.com/javascript_projects/blogAPI/site/do.php?do=confirm_email&token=
    </center>
      </body>
</html>";
   //end of message

    // To send the HTML mail we need to set the Content-type header.
    $headers = "MIME-Version: 1.0rn";
    $headers .= "Content-type: text/html; charset=iso-8859-1rn";
    $headers  .= "From: [email protected]\r\n";
    //options to send to cc+bcc
    //$headers .= "Cc: [email][email protected][/email]";
    //$headers .= "Bcc: [email][email protected][/email]";
    
    // now lets send the email.
    mail($to, $subject, $message, $headers); 
r("?reg=confirm");
break;


default:
r("index.php?m=undefined&do=".$_GET['do']);
break;
}


//FUNCTIONS 


?>

riwan · May 31, 2010

see this thread which I've given the solution

http://www.phpfreaks.com/forums/index.php/topic,299702.0.html

I would think the solution is the same

form action should not contain ?do=register

instead just use do.php in form action

and then use

<input type="hidden" name="do" value="register"/>

retrieve the value with $_POST["do"]

ohdang888 · May 31, 2010

just tried it. and same redirection.

then i added this before the switch statement:

if($_POST['do'] == "register"){
echo "gahhhhhhhhhhhh";
}

And guess what! IT FREIKING ECHOS gahhhhhhhhhhhh

i know the variable in the switch statement is right (and set), and the "case" is right... so WTF!

gah. any other ideas?!

PFMaBiSmAd · May 31, 2010

Your code in the 'register' section is redirecting back to that same page upon an error, but is not setting do= in the URL.

Is there some reason you have so many redirects in that code instead of just displaying the information you want?

ohdang888 · May 31, 2010

Is there some reason you have so many redirects in that code instead of just displaying the information you want?

Ya, do.php is a backend file that has functions that are done and then the user is sent back to the index.php page with the results.

I set it up this way cause i thought it'd be nice to have all those types of functions in one folder rather than make like 10 extra files

riwan · May 31, 2010

And guess what! IT FREIKING ECHOS gahhhhhhhhhhhh

i know the variable in the switch statement is right (and set), and the "case" is right... so WTF!

What do you expect the script to do ?

Ok, now that you are sure that you get the $_POST['do'] contain register before the switch.

For the redirect to work, you need to comment the echo ?

ohdang888 · May 31, 2010

you need to comment the echo

Ya i already did that. Its back to the file thats posted (except $_GET is now $_POST)

riwan · May 31, 2010

you need to separate two type of things.

for redirection you need method get, so you must include ?do=register

but for form submit with method POST do not include ?do=register in the action but set it as hidden field

Basically you need to store the value in $_POST['do'] to $doit

if its empty then you need to store $_GET['do'] to $doit

So what's the problem you're having now ?

ohdang888 · May 31, 2010

you need to separate two type of things.

for redirection you need method get, so you must include ?do=register

but for form submit with method POST do not include ?do=register in the action but set it as hidden field

Basically you need to store the value in $_POST['do'] to $doit

if its empty then you need to store $_GET['do'] to $doit

So what's the problem you're having now ?

I already had all this done, yet revised it a tad and now its working. Still does not make ANY sense to me but whatever.

Thanks!

Sign In

php switch

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Join the conversation

Important Information