Help need with some php code

[FXSniperGuy]

Hello,

I have this php file 

 

<?php
$account_no = empty($_POST['account_no']) ? : $_POST['account_no'];
$valid_accounts = array(501412195);

$result = in_array((int)$account_no,$valid_accounts);
if($result) {
	echo('Success');
} else {
	echo('Failed! - no account where found... ');
}

?>

It print out "Failed! - no account where found..." no matter what account number im using.

If i change
$result = in_array((int)$account_no,$valid_accounts); 
to $result = in_array($account_no,$valid_accounts);
it print out "Success" not matter what  account number i use.

What is wrong with the code i have?

Edited 11 hours ago by FXSniperGuy

[FXSniperGuy]

Admin please delete the post above thx. 

Edited 10 hours ago by FXSniperGuy
It make no sense, i need to make a new question with more explanation

[gizmola]

You didn't provide the form that targets this script, but often the issue with people new to PHP superglobals, is that $_POST only gets set to data that is in an actual POST request.  

<form action="url/to/yourscript.php" method="POST">

 

If the form includes a file input, you also need to set the enctype to multipart/form-data.

<form method="post" action="url/to/yourscript.php" enctype="multipart/form-data">

 

Your code has this:

$account_no = empty($_POST['account_no']) ? : $_POST['account_no'];

 

A cleaner way to handle this would be to use the null coalescing operator "??"

$account_no = $_POST['account_no'] ?? 0;

 

One last piece of advice:  Leave off the PHP end tag.  You don't need it, and in some cases it can cause trouble.   This and other formatting standards and advice can be reviewed in https://www.php-fig.org/per/coding-style/

[mac_gyver]

the reason for unusual operation is the ternary operator without a middle term, that the input is probably not what you expect, and php's type casting.

when you leave out the middle term in the ternary operator, when the first term evaluates to true, the value used is whatever the first term is, which will be a boolean true due to the empty() statement.

instead, your post method form processing code should -

1. detect if a post method form was submitted before referencing any of the form data.
2. detect if there is $_POST data (in case the post_max_size setting has been exceeded.)
3. keep the form data as a set in a php array variable, then operate on elements in this array variable throughout the rest of the code.
4. trim all the input data, mainly so that you can detect if all white-space characters were entered.
5. validate all inputs, storing user/validation errors in an array using the field name as the array index.
6. after the end of the validation logic, if there are no user/validation errors, use the form data.
7. after using the form data, if there are no user/validation errors, perform a redirect to the exact same url of the current page to cause a get request for that page. this will prevent the browser from trying to resubmit the form data should that page get browsed back to or reloaded. if you want to display a one-time success message, store it or a flag value in a session variable, then test for, display the success message, and clear the session variable at the appropriate location in the html document.
8. if there are user/validation errors, the code will continue on to display the html document, where you will test for and display any errors, redisplay the form, populating fields with existing data, so that the user only needs to correct the invalid input(s) and can resubmit the form.