Why is it saying that this variable is set?

[aeroswat]

Here is a little snippet of code that this problem pertains to.

 

	function clean($str) {
	$str = @trim($str);
	$str = str_replace('"',"", strip_tags($str));
	$str = str_replace("'","", strip_tags($str));
	if(get_magic_quotes_gpc()) {
		$str = stripslashes($str);
	}
	return mysql_real_escape_string($str);
}
if(isset($_POST['FName'])) {$studentFName = clean($_POST['FName']);}
$qry.= (isset($studentFName) ? "StudentFName LIKE '%" . $studentFName . "%' AND " : '');

 

so basically the previous form has a text box named FName. When I submit the form I leave FName unfilled. When it gets to the next page the $qry string has the "StudentFName LIKE '%%' AND" string included in it. If I'm right this shouldn't happen because FName was not set in the form. Am I missing something?

[PFMaBiSmAd]

Except for check-boxes and radio-buttons, all form fields defined in a form are set, even if they are empty. Try the empty function instead. You would typically use isset to test if the form itself was submitted by checking if the submit button's name is set.

[Pikachu2000]

Try if( !empty($student_FName']) ) instead. If I'm not mistaken a text field in a submitted form will be set, but with an empty string as the value.

 

 

EDIT: Changed to show correct variable . . .  (Duh)

[kenrbnsn]

The field is set even when you leave it emtpy. If you do a

<?php
echo '<pre>' . print_r($_POST,true) . '</pre>';
?>

at the start of your script, you will see that.

 

What you need to do is to check that the field actually contains something:

<?php
if(isset($_POST['FName']) && strlen(trim($_POST['FName'])) > 0) {
     $studentFName = clean($_POST['FName']);
     $qry.= "StudentFName LIKE '%" . $studentFName . "%' AND ";
}
?>

 

BTW, using the empty function to test can return a false positive if the field contains the number zero ("0").

 

Ken

[aeroswat]

Thanks guys that worked out for me.