WEB php question v.trying to learn php

Discussion in 'OT Technology' started by drpepper, Jul 11, 2008.

  1. drpepper

    drpepper Active Member

    Joined:
    Nov 13, 2006
    Messages:
    38,076
    Likes Received:
    2
    Location:
    San Antonio
    i found some pdf books on this and wondering why this wont work.

    my index.html

    Code:
    <html>
    <head>
    <title> login form</title>
    </head>
    <body>
    <h2>Admin login page</h2>
    
    <form method="POST" action="post.php">
    
    <h2>Enter Password:</h2> <input type="password" name="password"><br /><br />
    <input type="submit" value="Submit">
    
    </body>
    </html>
    




    my post.php

    Code:
    <?php 
    
    $goodpassword = '123';
    
    if ($password == $goodpassword){
     print "<b>Password is correct!</b>\n";
    }
    else {
     print "<b>Password is incorrect! Please try again!</b>\n";
    }
    
    ?>
    everything parses right, but it just keeps throwing out the incorrect password

    i also realise that the $password fucntion isnt defined anywhere, and the pdf book doesnt define it anywhere either. im thinking it automatically makes it from the 'name' field on the form?
     
  2. Limp_Brisket

    Limp_Brisket New Member

    Joined:
    Jan 2, 2006
    Messages:
    48,422
    Likes Received:
    0
    Location:
    Utah
    In order for that to work you'd have to have regsiter_globals on, which is highly discouraged and is deprecated in php 6.

    in your post.php change $pasword to $_POST['password']

    p.s. you're missing a closing </form> tag, and your input's aren't self closing.
     
  3. drpepper

    drpepper Active Member

    Joined:
    Nov 13, 2006
    Messages:
    38,076
    Likes Received:
    2
    Location:
    San Antonio
    well fuck me in the ass and call me susie...

    is it done like this for all form based functions?
     
  4. Limp_Brisket

    Limp_Brisket New Member

    Joined:
    Jan 2, 2006
    Messages:
    48,422
    Likes Received:
    0
    Location:
    Utah
    anything sent through post ends up in $_POST, anything through GET (query string) ends up in $_GET, or you can use $_REQUEST which will access both POST and GET.

    here's a list: http://us.php.net/reserved.variables
     
  5. retorq

    retorq What up bitch??

    Joined:
    Dec 14, 2006
    Messages:
    6,061
    Likes Received:
    0
    Location:
    Mohave Desert
    Interesting ... I didn't know about $_REQUEST .... :big grin:
     
  6. Slid.

    Slid. I'm a guy.

    Joined:
    Oct 25, 2001
    Messages:
    1,928
    Likes Received:
    0
    Location:
    NH
    You can also use extract($_REQUEST); and it'll create a variable for each key/value pair in the array.

    But using $_REQUEST['password'] or $_POST['password'] would be best.

    Code:
    <?
    
    print $_REQUEST['password'];
    // output: [password]
    
    print $password;
    // output: nothing
    
    extract($_REQUEST);
    
    print $password
    // output: [password]
    
    ?>
    
     
  7. intrktevo

    intrktevo New Member

    Joined:
    Oct 18, 2004
    Messages:
    5,781
    Likes Received:
    0
    Location:
    UCF
    Because you can doesn't mean you should. If he's just starting, I would recommend not taking this approach.
     
  8. EkriirkE

    EkriirkE Zika Xenu OT Supporter

    Joined:
    Jan 11, 2004
    Messages:
    14,799
    Likes Received:
    0
    Location:
    Dublin & San Francisco, CA
    there' a flag in php.ini to automatically $_REQUEST['blah'] -> $blah
     
  9. Limp_Brisket

    Limp_Brisket New Member

    Joined:
    Jan 2, 2006
    Messages:
    48,422
    Likes Received:
    0
    Location:
    Utah
    ya, that's register_globals, which you shouldn't do.

    in fact it says that right in the ini file:
    Code:
    ; You should do your best to write your scripts so that they do not require
    ; register_globals to be on;  Using form variables as globals can easily lead
    ; to possible security problems, if the code is not very well thought of.
    register_globals = Off
     
  10. Ender0910

    Ender0910 woot!

    Joined:
    Jun 1, 2004
    Messages:
    3,039
    Likes Received:
    0
    Location:
    Redmond/Bay Area
    also does cookies :cool:

    remember to check isset($_REQUEST['blah']) before trying to read from it.
     
  11. ge0

    ge0 New Member

    Joined:
    Oct 31, 2005
    Messages:
    8,398
    Likes Received:
    0
    Location:
    JERSEY
    i was going to say, wheres your $_REQUEST
     

Share This Page