...

View Full Version : can't get isset to work right...



Dee2934
08-21-2010, 09:25 PM
the redirect url keeps having 'none' in the ref subid, even though I am putting the ref in this page.


else if(isset($_SESSION['regsuccess'])){
/* Registration was successful */
if($_SESSION['regsuccess']){
$redr= "step2.php";
if (isset($_GET['ref'])) {
$ref = $_GET['ref'];
} else {
$ref = 'none';
}
$newurl= $redr.'?ref='.$ref;
header( 'Location: '.$newurl );
return;
}

note: this page submits a form, and when it comes back as successful it redirects to the new page

Fou-Lu
08-21-2010, 09:29 PM
Is your form action declared as POST or GET?
If you don't have an action (though you should) it will default to GET.
Otherwise, we don't have enough information to draw a conclusion. If the method is correct, then ensure that your form is submitting either a hidden or available field called 'ref' in order to retrieve it.

Dee2934
08-21-2010, 09:32 PM
Is your form action declared as POST or GET?
If you don't have an action (though you should) it will default to GET.
Otherwise, we don't have enough information to draw a conclusion. If the method is correct, then ensure that your form is submitting either a hidden or available field called 'ref' in order to retrieve it.


so the get ref comes from the form?

I though it was coming from this page. like index.php?ref=2

you're saying that this is not the case?

Fou-Lu
08-21-2010, 09:36 PM
Sorry I may be mistaken. I was under the impression that the form submitted to this page.
Can you post more code for this please, or a location to see it in action? The code itself is fine, as long as the 'regsuccess' is not false, it should fetch the 'ref' from the querystring. Sounds like the regsuccess is true since you said the redirection is happening but ending up with 'none'.

Dee2934
08-21-2010, 09:38 PM
the form submits as post to process.php

heres code from process.php


/* Registration Successful */
if($retval == 0){
$_SESSION['reguname'] = $_POST['user'];
$_SESSION['regsuccess'] = true;
header("Location: ".$session->referrer);
}

Dee2934
08-21-2010, 09:39 PM
the page I posted first is the form page itself

Dee2934
08-21-2010, 09:41 PM
Sorry I may be mistaken. I was under the impression that the form submitted to this page.
Can you post more code for this please, or a location to see it in action? The code itself is fine, as long as the 'regsuccess' is not false, it should fetch the 'ref' from the querystring. Sounds like the regsuccess is true since you said the redirection is happening but ending up with 'none'.

thats right, it is redirecting to the right page... just ending in 'none' for some reason..

Fou-Lu
08-21-2010, 09:46 PM
Can you post the code for the first page? I assume its called step1.php.

Dee2934
08-21-2010, 09:49 PM
<?php
include("include/session.php");

/* if (@$_GET['ref'])
{*/
$refref = @$_GET['ref'];
/*
}
else {
$refref = 'something';
}
*/

echo $refref;

?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Something</title>
<link href="css/stylesheet.css"
rel="stylesheet" type="text/css">
</head>
<body>
<div align="center"> <br />
<img src="images/28930.gif" /> </div>
<div id="Tabs">
<ul>
<?php
if($session->logged_in){
if($session->isAdmin() ){
echo "<li><a href=\"admin/admin.php\">Admin Center</a></li>";
echo "<li style='float: right;' ><a href='contributors/process.php' >Logout</a></li>";
?>

<?php
}
else
{
echo "<li><a href='contributors/index.php' class='current'>News</a></li>";
echo"<li><a href='contributors/editacc.php'>Edit Account</a></li>";
echo "<li><a href='contributors/editgift.php'>Edit Gift</a></li>";
echo "<li><a href='contributors/stats.php'>Stats</a></li>";
echo "<li><a href='contributors/promote.php'>Promote</a></li>";
echo "<li><a href='contributors/lboard.php'>LeaderBoard</a></li>";
echo "<li style='float: right;' ><a href='include/process.php' >Logout</a></li>";
echo "<li style='float: right;'><a href='contributors/help.php'>Help</a></li>";
?>

<?php
}
}
else
{
?>
<li class="with_space"><a href="index.php" class="current">Home</a></li>

<li style="float: right;"><a href="contributors/index.php">Login</a></li>
<li style="float: right;"><a href="help.php">Help</a></li>
<?php
}
?>

</ul>
</div>
<div id="contentbg">



<?php
/**
* The user is already logged in, not allowed to register.
*/
if($session->logged_in){
echo "<h1>Registered</h1>";
echo "<p>We're sorry <b>$session->username</b>, but you've already registered. "
."<a href=\"main.php\">Main</a>.</p>";
}
/**
* The user has submitted the registration form and the
* results have been processed.
*/
else if(isset($_SESSION['regsuccess'])){
/* Registration was successful */
if($_SESSION['regsuccess']){
$redr= "step2.php";
if (isset($_GET['ref'])) {
$ref = $_GET['ref'];
} else {
$ref = 'none';
}
$newurl= $redr.'?ref='.$ref;
header( 'Location: '.$newurl );
return;
}
/* Registration failed */
else{
header("Location: error.php");
return;
}
unset($_SESSION['regsuccess']);
unset($_SESSION['reguname']);
}
/**
* The user has not filled out the registration form yet.
* Below is the page with the sign-up form, the names
* of the input fields are important and should not
* be changed.
*/
else{
?>

<br />
<br />

<h2>Register for the event!</h2>
<?php
if($form->num_errors > 0){
echo "<td><font size=\"2\" color=\"#ff0000\">".$form->num_errors." error(s) found</font></td>";
}
?>
<div align="center">
<form action="include/process.php" method="POST" style="margin:auto">
<table border="0" cellspacing="0" cellpadding="3">
<tr><td>First Name:</td><td><input type="text" name="fname" maxlength="30" value="<?php echo $form->value("fname"); ?>"></td><td><?php echo $form->error("fname"); ?></td></tr>
<tr><td>Last Name:</td><td><input type="text" name="lname" maxlength="30" value="<?php echo $form->value("lname"); ?>"></td><td><?php echo $form->error("lname"); ?></td></tr>
<tr><td>Username:</td><td><input type="text" name="user" maxlength="30" value="<?php echo $form->value("user"); ?>"></td><td><?php echo $form->error("user"); ?></td></tr>
<tr><td>Password:</td><td><input type="password" name="pass" maxlength="30" value="<?php echo $form->value("pass"); ?>"></td><td><?php echo $form->error("pass"); ?></td></tr>
<tr><td>Email:</td><td><input type="text" name="email" maxlength="50" value="<?php echo $form->value("email"); ?>"></td><td><?php echo $form->error("email"); ?></td></tr>
<tr><td colspan="2" align="right">
<input type="hidden" name="subjoin" value="1">
<input type="hidden" name="ref" value="<?php echo $refref; ?>">
<input type="submit" value="Register"></td></tr>
</table>
</form>
</div>
<div style="clear:both"></div>
<?php
}
?><br />
<br />
</div>
</body>
</html>

Fou-Lu
08-21-2010, 10:00 PM
Looks ok, how are you getting to this page?
The echo of the $refref at the top, does that show anything?

Dee2934
08-21-2010, 10:04 PM
yes it shows what it should show

im getting to the page directly, using wamp on win7

Fou-Lu
08-21-2010, 10:12 PM
I'm a little at a loss.
step2.php should be provided the querystring based on what you have here. The only thing you can do at this point is to comment out the redirection header itself, and use a print of $newurl to make sure its populated properly at this point. Since the $refref is showing data, the $_GET['ref'] is fine, and would be isset at this point.

Dee2934
08-21-2010, 10:14 PM
heres step2.php


<?php
include("include/session.php");
if (@$_GET['ref'] && @$_GET['ref'] != 'none')
{
$refref = @$_GET['ref'];
$ip = $_SERVER['REMOTE_ADDR'];


$q4 = "SELECT type FROM contips WHERE ip = '$ip'";
$result = mysql_query ($q4, $database->connection);
$result2= mysql_result($result,0);
if(!$result2 || (mysql_numrows($result2) < 1))
{
$q5 = "SELECT username FROM points WHERE id = '$refref'";
$user1 = mysql_query ($q5, $database->connection);
$username= mysql_result($user1,0);

$qcont = "INSERT INTO contips (username, type, ip) VALUES('$username', '1', '$ip')";
mysql_query ($qcont, $database->connection);

$q3= "UPDATE points SET contsignups=contsignups+1 WHERE id = '$refref'";
mysql_query ($q3, $database->connection);


}
}

?>

Dee2934
08-21-2010, 10:18 PM
it does echo/print right

step2.php?ref=3

ive left out the full http url to hide my site domain

Fou-Lu
08-21-2010, 10:26 PM
The problem has nothing to do with your initial page then. The problem is here:


if(!$result2 || (mysql_numrows($result2) < 1))

$result2 is the result of a mysql_result call. It will always be a scalar value. Calling mysql_numrows throws an undefined function exception, but if you use mysql_num_rows($result2) it will always return false for failure since $result2 is not a resource recordset. Therefore, your if block is always false and will never proceed from there. The correct check would be mysql_num_rows($result) < 1, assuming you want it to have a count of 0 or less.

Also look into mysql_real_escape_string to prevent SQL injection against the $_GET['ref'] and $_SERVER['REMOTE_ADDR'].

Dee2934
08-21-2010, 10:39 PM
I changed the code to:


if(!$result2 || (mysql_num_rows($result) < 1))


and it does the same thing.. :(

Dee2934
08-21-2010, 10:40 PM
also, step2 is after the initial page so the fact that it shows ?ref=none in the url shows that its the first page which is the problem... right?

Dee2934
08-21-2010, 10:46 PM
just to make sure you know... the way the ref gets transfered is through a subid..

so the person would go to

index.php?ref=3

Im sure you probably know, but just to make sure

Fou-Lu
08-21-2010, 10:52 PM
You said this does print right:

it does echo/print right

step2.php?ref=3

ive left out the full http url to hide my site domain

Does it not redirect to step2.php with a querystring of ref=3? There is no reason why the header would botch it and the print would be correct.

Print out the $_GET['ref'] on the step2.php page on the first line. Does it say none?

Dee2934
08-22-2010, 12:31 AM
it says none

and it redirects to step2.php with ?ref=none

Dee2934
08-22-2010, 12:40 AM
should I give you the session.php database.php files?

Dee2934
08-22-2010, 12:42 AM
process.php

<?php
/**
* Process.php
*
* The Process class is meant to simplify the task of processing
* user submitted forms, redirecting the user to the correct
* pages if errors are found, or if form is successful, either
* way. Also handles the logout procedure.
*
* Written by: Jpmaster77 a.k.a. The Grandmaster of C++ (GMC)
* Last Updated: August 19, 2004
*/
include("session.php");

class Process
{
/* Class constructor */
function Process(){
global $session;
/* User submitted login form */
if(isset($_POST['sublogin'])){
$this->procLogin();
}
/* User submitted registration form */
else if(isset($_POST['subjoin'])){
$this->procRegister();
}
/* User submitted forgot password form */
else if(isset($_POST['subforgot'])){
$this->procForgotPass();
}
/* User submitted edit account form */
else if(isset($_POST['subedit'])){
$this->procEditAccount();
}
/**
* The only other reason user should be directed here
* is if he wants to logout, which means user is
* logged in currently.
*/
else if($session->logged_in){
$this->procLogout();
}
/**
* Should not get here, which means user is viewing this page
* by mistake and therefore is redirected.
*/
else{
header("Location: ../contributors/index.php");
}
}

/**
* procLogin - Processes the user submitted login form, if errors
* are found, the user is redirected to correct the information,
* if not, the user is effectively logged in to the system.
*/
function procLogin(){
global $session, $form;
/* Login attempt */
$retval = $session->login($_POST['user'], $_POST['pass'], isset($_POST['remember']));

/* Login successful */
if($retval){
header("Location: ".$session->referrer);
}
/* Login failed */
else{
$_SESSION['value_array'] = $_POST;
$_SESSION['error_array'] = $form->getErrorArray();
header("Location: ".$session->referrer);
}
}

/**
* procLogout - Simply attempts to log the user out of the system
* given that there is no logout form to process.
*/
function procLogout(){
global $session;
$retval = $session->logout();
header("Location: ../contributors/index.php");
}

/**
* procRegister - Processes the user submitted registration form,
* if errors are found, the user is redirected to correct the
* information, if not, the user is effectively registered with
* the system and an email is (optionally) sent to the newly
* created user.
*/
function procRegister(){
global $session, $form;
/* Convert username to all lowercase (by option) */
if(ALL_LOWERCASE){
$_POST['user'] = strtolower($_POST['user']);
}
/*edit here*/
/* Registration attempt */
$retval = $session->register($_POST['user'], $_POST['pass'], $_POST['email'] , $_POST['ref'], $_POST['fname'], $_POST['lname']);

/* Registration Successful */
if($retval == 0){
$_SESSION['reguname'] = $_POST['user'];
$_SESSION['regsuccess'] = true;
header("Location: ".$session->referrer);
}
/* Error found with form */
else if($retval == 1){
$_SESSION['value_array'] = $_POST;
$_SESSION['error_array'] = $form->getErrorArray();
header("Location: ".$session->referrer);
}
/* Registration attempt failed */
else if($retval == 2){
$_SESSION['reguname'] = $_POST['user'];
$_SESSION['regsuccess'] = false;
header("Location: ".$session->referrer);
}
}

/**
* procForgotPass - Validates the given username then if
* everything is fine, a new password is generated and
* emailed to the address the user gave on sign up.
*/
function procForgotPass(){
global $database, $session, $mailer, $form;
/* Username error checking */
$subuser = $_POST['user'];
$field = "user"; //Use field name for username
if(!$subuser || strlen($subuser = trim($subuser)) == 0){
$form->setError($field, "* Username not entered<br>");
}
else{
/* Make sure username is in database */
$subuser = stripslashes($subuser);
if(strlen($subuser) < 5 || strlen($subuser) > 30 ||
!eregi("^([0-9a-z])+$", $subuser) ||
(!$database->usernameTaken($subuser))){
$form->setError($field, "* Username does not exist<br>");
}
}

/* Errors exist, have user correct them */
if($form->num_errors > 0){
$_SESSION['value_array'] = $_POST;
$_SESSION['error_array'] = $form->getErrorArray();
}
/* Generate new password and email it to user */
else{
/* Generate new password */
$newpass = $session->generateRandStr(8);

/* Get email of user */
$usrinf = $database->getUserInfo($subuser);
$email = $usrinf['email'];

/* Attempt to send the email with new password */
if($mailer->sendNewPass($subuser,$email,$newpass)){
/* Email sent, update database */
$database->updateUserField($subuser, "password", md5($newpass));
$_SESSION['forgotpass'] = true;
}
/* Email failure, do not change password */
else{
$_SESSION['forgotpass'] = false;
}
}

header("Location: ".$session->referrer);
}

/**
* procEditAccount - Attempts to edit the user's account
* information, including the password, which must be verified
* before a change is made.
*/
function procEditAccount(){
global $session, $form;
/* Account edit attempt */
$retval = $session->editAccount($_POST['curpass'], $_POST['newpass'], $_POST['email']);

/* Account edit successful */
if($retval){
$_SESSION['useredit'] = true;
header("Location: ".$session->referrer);
}
/* Error found with form */
else{
$_SESSION['value_array'] = $_POST;
$_SESSION['error_array'] = $form->getErrorArray();
header("Location: ".$session->referrer);
}
}
};

/* Initialize process */
$process = new Process;

?>

Dee2934
08-22-2010, 02:27 AM
this is really getting on my nerves!

why is isset not working?

Fou-Lu
08-23-2010, 04:41 PM
Ok, I'll go over this process.php page and compare it to the other page. I may need information about session after as well since these are dealing with two different types ($_SESSION builtin, and $session external).
I'll modify my post to update it unless you reply back first in which case I'll reply.



Ok, I'll need the session.php file. I need to know what is in $session->referrer when run.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum