Hello,
I am having a little trouble with something. I have almost completed my latest project, but I have run into some problems with my user-submission system.
There are several text boxes where users can submit text from 30 to 600 characters long. Since there are several of them with the same criteria, I decided to make a function.
function check_block($var, $error_num) {
if(IsSet($var) && strlen($var) >= 30 && strlen($var) <= 600) { $error[$error_num] = FALSE; $var = htmlspecialchars($var, ENT_QUOTES); }
elseif(IsSet($var) && strlen($var) < 30 || strlen($var) > 600) { $error[$error_num] = "The information you entered is too long or short. Your submission must be between 30 and 600 characters."; }
}
In addition, these fields are optional. So, with the function I check if the variable is set. I then check the length. If everything looks good, I create the slot in the error array as false. Then, I apply htmlspecialchars(); to the string before it is inserted to the database (later on after the page has been found to contain no errors).
So, for example, this is what I have below the code shown above:
check_block($definition, "1");
check_block($history, "2");
check_block($related, "3");
check_block($credits, "4");
check_block($notes, "5");
So, for example, the first one. If $definition has a value, the function should check if it is >= 30 and <= 600. If it is, $error[1] should evaluate to FALSE. Then I apply htmlspecialchars to it to prepare for database insertion.
If it is set and the lengths are not correct, $error[1] should be set to "The information you entered is too long or short. Your submission must be between 30 and 600 characters."
If it is not set, that is okay. It is an optional field. Only if something is entered does it need to checked for lengths.
However, the function is not working correctly. It does not seem to be setting the values of $error when it should be. It is possible however that it is a problem elsewhere in the code. If anyone has any ideas, I would appreciate it.
Thanks.Simple..you need to use the global scope..eg:
$error = array();
function func()
{
global $error;
$error[] = '....';
}
I might add that it would be better to use mysql_escape_string than htmlspecialchars.
ps: read up on variable scope on php.net...it explains WHY your function doesn't work.Ah, thanks a lot! I was really stumped. I haven't worked much with variable scope, but I read up on it in the manual. That part seems to be working now.
Thanks!I am still having issues with the function. I had to make some revisions to the function since I first made this post, but it is still pretty similar.
The problem, however, is that no matter what $var is, PHP for some reason keeps thinking that it is "". Here is some test code I made to try to find the problem:
<?php
function check_block($var, $error_num) {
global $error, $var;
if($var != "" && strlen($var) >= 30 && strlen($var) <= 600) {
$error[$error_num] = FALSE; $var = htmlspecialchars($var, ENT_QUOTES); }
elseif($var != "" && strlen($var) < 30 || strlen($var) > 600) {
$error[$error_num] = "<br />\n
<span class=\"error\"><strong>Error:</strong> Your input was not within the length guidelines.
Your entry was " . strlen($var) . " character(s). If you enter anything here,
it must be between 30 and 600 characters.</span>"; }
elseif($var == "") {
$error[$error_num] = FALSE; echo "#" . $error_num . " [" . $var . "]
passed this test by evaluating TRUE to equaling \"\"<br /><br />\n"; }
}
$definition = "tooshort";
check_block($definition, "0");
?>
This is what is displayed on the page:
#0 [] passed this test by evaluating TRUE to equaling ""
If you notice, $definition (being inputted as $var) is equal to "tooshort". Yet, it successfully passes under "elseif($var == "")". To find out what PHP thinks the input is, I put brackets around $var. As you can see in the output, PHP thinks it is "".
What is wrong with the function? I have been working at this a while now and I am getting very frustrated.
Thanks.I don't know, but this seems wrong:
function check_block($var, $error_num) {
global $error, $var;
also, it is better practice to bracket each condition in an if statement:
if (($var != "") && (strlen($var) >= 30) && (strlen($var) <= 600))
especially the elseif, as there may be precedence issue in the logic:
elseif(($var != "") && ((strlen($var) < 30) || (strlen($var) > 600)))Ah, yes, the global $var was the problem. I did that because I did this: $var = htmlspecialchars($var, ENT_QUOTES). By defining $var as global, I took it out of the scope of the function so $var was always equal to "" and was not the variable that was put into the function.
I will just use the htmlspecialchars() before I input it into the database, no need to do it in the function.
Thanks!
I am having a little trouble with something. I have almost completed my latest project, but I have run into some problems with my user-submission system.
There are several text boxes where users can submit text from 30 to 600 characters long. Since there are several of them with the same criteria, I decided to make a function.
function check_block($var, $error_num) {
if(IsSet($var) && strlen($var) >= 30 && strlen($var) <= 600) { $error[$error_num] = FALSE; $var = htmlspecialchars($var, ENT_QUOTES); }
elseif(IsSet($var) && strlen($var) < 30 || strlen($var) > 600) { $error[$error_num] = "The information you entered is too long or short. Your submission must be between 30 and 600 characters."; }
}
In addition, these fields are optional. So, with the function I check if the variable is set. I then check the length. If everything looks good, I create the slot in the error array as false. Then, I apply htmlspecialchars(); to the string before it is inserted to the database (later on after the page has been found to contain no errors).
So, for example, this is what I have below the code shown above:
check_block($definition, "1");
check_block($history, "2");
check_block($related, "3");
check_block($credits, "4");
check_block($notes, "5");
So, for example, the first one. If $definition has a value, the function should check if it is >= 30 and <= 600. If it is, $error[1] should evaluate to FALSE. Then I apply htmlspecialchars to it to prepare for database insertion.
If it is set and the lengths are not correct, $error[1] should be set to "The information you entered is too long or short. Your submission must be between 30 and 600 characters."
If it is not set, that is okay. It is an optional field. Only if something is entered does it need to checked for lengths.
However, the function is not working correctly. It does not seem to be setting the values of $error when it should be. It is possible however that it is a problem elsewhere in the code. If anyone has any ideas, I would appreciate it.
Thanks.Simple..you need to use the global scope..eg:
$error = array();
function func()
{
global $error;
$error[] = '....';
}
I might add that it would be better to use mysql_escape_string than htmlspecialchars.
ps: read up on variable scope on php.net...it explains WHY your function doesn't work.Ah, thanks a lot! I was really stumped. I haven't worked much with variable scope, but I read up on it in the manual. That part seems to be working now.
Thanks!I am still having issues with the function. I had to make some revisions to the function since I first made this post, but it is still pretty similar.
The problem, however, is that no matter what $var is, PHP for some reason keeps thinking that it is "". Here is some test code I made to try to find the problem:
<?php
function check_block($var, $error_num) {
global $error, $var;
if($var != "" && strlen($var) >= 30 && strlen($var) <= 600) {
$error[$error_num] = FALSE; $var = htmlspecialchars($var, ENT_QUOTES); }
elseif($var != "" && strlen($var) < 30 || strlen($var) > 600) {
$error[$error_num] = "<br />\n
<span class=\"error\"><strong>Error:</strong> Your input was not within the length guidelines.
Your entry was " . strlen($var) . " character(s). If you enter anything here,
it must be between 30 and 600 characters.</span>"; }
elseif($var == "") {
$error[$error_num] = FALSE; echo "#" . $error_num . " [" . $var . "]
passed this test by evaluating TRUE to equaling \"\"<br /><br />\n"; }
}
$definition = "tooshort";
check_block($definition, "0");
?>
This is what is displayed on the page:
#0 [] passed this test by evaluating TRUE to equaling ""
If you notice, $definition (being inputted as $var) is equal to "tooshort". Yet, it successfully passes under "elseif($var == "")". To find out what PHP thinks the input is, I put brackets around $var. As you can see in the output, PHP thinks it is "".
What is wrong with the function? I have been working at this a while now and I am getting very frustrated.
Thanks.I don't know, but this seems wrong:
function check_block($var, $error_num) {
global $error, $var;
also, it is better practice to bracket each condition in an if statement:
if (($var != "") && (strlen($var) >= 30) && (strlen($var) <= 600))
especially the elseif, as there may be precedence issue in the logic:
elseif(($var != "") && ((strlen($var) < 30) || (strlen($var) > 600)))Ah, yes, the global $var was the problem. I did that because I did this: $var = htmlspecialchars($var, ENT_QUOTES). By defining $var as global, I took it out of the scope of the function so $var was always equal to "" and was not the variable that was put into the function.
I will just use the htmlspecialchars() before I input it into the database, no need to do it in the function.
Thanks!