Jump to content

Recommended Posts

OK, I'm quite new to php but here is what I want to do.

 

I file name comes in from a post field and redirects depending on the name given.

 

<meta HTTP-EQUIV="REFRESH" content="0; url=<?php echo $_POST["user"]; ?><?php echo $_POST["pass"]; ?>.php">

 

if you put in the the right log in details it works fine but if not then it doesn't work. What i want is for it to check if the file exists, then if it does go to it, otherwise go to another page. Any help woul dbe welcome

 

Thanks

Link to comment
https://forums.phpfreaks.com/topic/86900-if-and-check-for-file/
Share on other sites

You should always validate all input that comes into your script from a user. If you don't, you are opening up your script to abuse from hackers.

 

In your case, do something like:

<?php
$redirect_fn = '';
$err = false;
if (stristr(strtolower($_POST['user']),'http:/') !== false || stristr($_POST['pass'],':25') !== false)  //keep malicious user from getting to a different place
     $err = true;
else {
     $redirect_fn = $_POST['user'] . $_POST['pass'] . '.php';
     if (!file_exists($redirect_fn)) $err = true;
}
if (!$err)
    header ('location: ' . $redirect_fn);
else
    echo 'some sort of error occured';
?>

 

Ken

 

Link to comment
https://forums.phpfreaks.com/topic/86900-if-and-check-for-file/#findComment-444300
Share on other sites

Is there an edit button anywhere coz I don't want people to complain about me double posting.

 

Woudl the code below or some variation of it work?

 

if (!file_exists(echo $_POST["user"]; ?><?php echo $_POST["pass"]; ?>.php)) <meta HTTP-EQUIV="REFRESH" content="0; url=login/<?php echo $_POST["user"]; ?>and<?php echo $_POST["pass"]; ?>.php">
else <meta HTTP-EQUIV="REFRESH" content="0; url=login/invalid.php">

Link to comment
https://forums.phpfreaks.com/topic/86900-if-and-check-for-file/#findComment-444350
Share on other sites

Following you code,

 

The syntax is very jumbled and wrong.

<?php

if (!file_exists($_POST["user"].$_POST["pass"].'php')) //$_POST["user"].$_POST["pass"].'php' sud be some file name acc,to your code.

{

    echo '<meta HTTP-EQUIV="REFRESH" content="0; url=login/$_POST["user"]";>

 

and<?php echo $_POST["pass"]; ?>.php">//Why thi slineyou need whenyou are senidng user to other page he is not going to ocomeback on this page then ?????????? so remove it if not needed

}

else

{

echo '<meta HTTP-EQUIV="REFRESH" content="0; url=login/invalid.php">';

}

?>

 

kindly Try this

Link to comment
https://forums.phpfreaks.com/topic/86900-if-and-check-for-file/#findComment-444805
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.