Re: isset(), empty(), $_GET and $_POST problem

• Previous message: Alex Hunsley: "what is the correct/nice way to exit php CGI script running on a web server?"
• In reply to: Dan: "isset(), empty(), $_GET and $_POST problem"
• Next in thread: Michael Austin: "Re: isset(), empty(), $_GET and $_POST problem"
• Reply: Michael Austin: "Re: isset(), empty(), $_GET and $_POST problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Sun, 25 Jul 2004 20:46:39 -0400

"Dan" <agent@thwackspam.fathom.org> wrote in message
news:5c08g0lv9te7dhhahudb4605la13rums13@4ax.com...
> I was trying to troubleshoot a login page that doesn't work - it keeps
> saying the login/password is missing - when my tracing discovered this
> peculiar behavior.
>
> register_globals is off, so at the top of my script I assign a few
> variables to incoming GET and POST values.
>
> $login = clean($_POST['login'], 30);
> $passwd = clean($_POST['passwd'], 30);
>
> $message = $_GET['message'];
>
> clean() is simply a function that trims to the specified length and
> applies EscapeShellCmd().
>
> Now, below that I have an if statement to check for whether a
> login/password has been supplied or if an error message exists.
>
> if (isset($message) || empty($login) || empty($passwd))
> {
> // render the html page showing the form
> } else {
> // do some php/mysql stuff and redirect to another page
> }
>
> Yet when I fill out those form fields and submit, it always redisplays
> the form with my tracing errors stating that those fields are empty.
>
> When I echo out all $_GET and $_POST variables, indeed they are empty,
> and strangely there is a $_GET['message'] that has no value, but
> nevertheless is on the end of the url. (/index.php?message=) I can't
> figure out how it got there. The form action is just "index.php" and
> it uses the POST method, so what could be adding that GET variable?
>
> Now here's the weird part. If I simply add "1 ||" to the beginning of
> that if statement, so basically it will always evaluate to true, then
> suddenly the $_POST['login'] and $_POST['passwd'] are properly defined
> and $_GET['message'] goes away!
>
> So this makes me wonder, are the isset() and empty() functions
> actually modifying the variables passed to them somehow? And when I
> put a true value in front of them, the if statement stops parsing
> before it gets to those functions?

Bet you a banana cupcake that your HTML is screwed up.

-- 
Obey the Clown - http://www.conradish.net/bobo/

• Previous message: Alex Hunsley: "what is the correct/nice way to exit php CGI script running on a web server?"
• In reply to: Dan: "isset(), empty(), $_GET and $_POST problem"
• Next in thread: Michael Austin: "Re: isset(), empty(), $_GET and $_POST problem"
• Reply: Michael Austin: "Re: isset(), empty(), $_GET and $_POST problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]