Jump to content
MakeWebGames

0 = Invalid Input


Samurai Legend

Recommended Posts

So when I add 0 in the input boxes in staff files my outcomes is invalid input or something like that

 

 if (!$price || !$will || !$_POST['id']) 
       {
           echo 'Sorry, invalid input.
           <br />> <a href="staff_houses.php?action=edithouse">Go Back</a>';
           die($h->endpage());
       }

 

I realised it is something to do with

!$_POST['id']

however I thought it will show only if it is a empty field however it includes 0s to. How can I go around this?

Link to comment
Share on other sites

I had the same problem and was the reason stopped with my mccodes project. The code style in the files was disgusting to me.

There are parts that have

Empty($var)

If $var = 0 ; then that empty will return true telling you you haven't filled the form out right.

So I would change the !$price to !isset($price) etc

Link to comment
Share on other sites

$id = array_key_exists('id', $_POST) && (ctype_digit($_POST['id']) || is_int($_POST['id'])) ? $_POST['id'] : FALSE ;
if (!$id) {
   exit('Nooooooooooooooooooooo');
}

 

That is all.

No neat enough

 

$id = array_key_exists('id', $_POST) && (ctype_digit($_POST['id']) || is_int($_POST['id'])) ? $_POST['id'] : FALSE ; if (!$id) exit('Nooooooooooooooooooooo');}

 

Gotta 1 line it! haha

Link to comment
Share on other sites

No neat enough

$id = array_key_exists('id', $_POST) && (ctype_digit($_POST['id']) || is_int($_POST['id'])) ? $_POST['id'] : FALSE ; if (!$id) exit('Nooooooooooooooooooooo');}

Gotta 1 line it! haha

Never 1 line anything! Makes it super hard to read.

Spread it out, let it be free, other developers will like you more ;)

Link to comment
Share on other sites

$id = array_key_exists('id', $_POST) && (ctype_digit($_POST['id']) || is_int($_POST['id'])) ? $_POST['id'] : FALSE ;
if (!$id) {
exit('Nooooooooooooooooooooo');
}

But surely, as both $_GET and $_POST variables are passed as strings or arrays, unless god forbid you modify them, there is no need for the is_int my random friend.

$id = array_key_exists('id', $_POST) && ctype_digit($_POST['id'])
   ? $_POST['id']
   : false;

# note the === to detect ONLY false, and not zero
if ($id === false) { 
   header('HTTP/1.1 400 Bad Request');
   exit;
}

array_key_exists() is a sensible option as isset() or empty() can produce unexpected results. ctype_digit() will type check first; it expects a string before checking the contents and only returning true if the value is a string of possibly 0 leading digits. Of course, you still have to range check, and blindly casting to an int can yield unusual albeit edge case results. Using the more correct in this case === rather than ! allows the use to pass zero without the script terminating early.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...