Jump to content

Left empty control.

LeonLatex

By LeonLatex
in PHP Coding Help

 Share

Recommended Posts

LeonLatex Advanced Member

LeonLatex

Posted
Posted

I got a text box called policy_number. If this is left empty on submission the data won't be sent is the idea.

But this doesn't work. What is wrong here?

        <label>Polisenummer:</label>
        <input type="text" class="w3-input w3-border" name="boat[policy_number]">

This is the PHP script for check:

<?php
$policy_number= $_POST['policy_number'];
$submitbutton= $_POST['submit'];
if ($submitbutton){
if (empty($policy_number)) {
echo 'Du må fylle inn et polisenummer.';
}
else {
echo 'Du har fylt ut polisenummer: ' . $fpolicy_number;
}
}
?>

Link to comment
Share on other sites
benanamen Prolific Member

benanamen

Posted
Posted

Small bit of code but several issues with it.

  1. Do not create variables for nothing. You already have the POST variables, just use them
  2. You need to check the REQUEST METHOD, not the name of a button. This can completely fail in certain cases. Also, in a properly coded form, ALL form elements save for checkboxes will be submitted (true)
  3. A blank space will get past your empty check. You need to trim the entire POST array all at once and THEN check for empty
  4. Never ever trust user supplied data. The code is vulnerable to an XSS Attack

 

Link to comment
Share on other sites
LeonLatex Advanced Member

LeonLatex

Posted
  • Author
Posted
On 8/27/2022 at 1:24 AM, benanamen said:

Small bit of code but several issues with it.

  1. Do not create variables for nothing. You already have the POST variables, just use them
  2. You need to check the REQUEST METHOD, not the name of a button. This can completely fail in certain cases. Also, in a properly coded form, ALL form elements save for checkboxes will be submitted (true)
  3. A blank space will get past your empty check. You need to trim the entire POST array all at once and THEN check for empty
  4. Never ever trust user supplied data. The code is vulnerable to an XSS Attack

 

 

The script was developed by Barand, and this was probably not the way he set it up in the first place when he developed it for me. I managed quite amazingly to sort of wipe it out when I had to familiarize myself with how it worked in relation to where everything was. Long story short. I was a little too smart-ass when I started on this and didn't back up the original files. Therefore, over time I have spent a lot of time getting it back to where I have come with it now. I have restored it from fragments and differently read solutions online and in books. Therefore, such moments of irritation as you experience can occur. I am sorry for that and apologize for it. What's important for me now is to get it 100% back up and running. Next is to clean it up so you don't have to worry about cosmetic errors anymore.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.