Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 5 of 5
  1. #1
    New Coder
    Join Date
    Jan 2009
    Posts
    80
    Thanks
    1
    Thanked 0 Times in 0 Posts

    if and else statments

    i was given the majority of this code from someone who told me they new what they was doing.
    ive started to disect it and add bits to suit my needs
    looking through the whole script ive raised questions about the confusion of the whole if and else statements.
    Heres my code im using
    Code:
    <?php
    include 'Connect.php'; // The conection file connects to database which also includes the functions page.
    
    if(isset($_POST[submit])) // 1 
    {
       	 include 'index.php'; // 2 
       	 exit;
    }
    else  // 3
    {
    //CHECKS FORM
    	if (empty($_POST['username']) || empty($_POST['email']) || empty($_POST['password']) || empty($_POST['confirmpassword']))// 4
    	{	
        	$missing_error = 'One or more fields missing';
        	include 'index.php';
        	exit;
    	}
    //CHECKS USERNAME
    	if(preg_match("/^[a-z\d]{5,12}$/i", $_POST[username])) // 5
    	{}
    	else
    	{  
    		// Reshow the form with an error
        	$username_error = "Your username must only contain letter and numbers and be at least 5 characters but no longer than 12 characters in length!<br />";
    		include 'index.php';
        	exit;  
    	}
    //CHECKS EMAIL
    	if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $_POST[email])) // 6
    	{  
        	$email_error = "The e-mail you entered was not in the proper format!"; 
            include 'index.php';
        	exit; 
        }
    //CHECKS PASSOWORD		 
    	if (preg_match('/^[a-z\d]{6,12}$/i', $_POST[password]))  // 7
    	{}
    	else
    	{ 
        	$password_error = "Your password must only contain letter and numbers and be at least 6 characters but no longer than 12 characters in length!<br />";
    		include 'index.php';
        	exit;  
    	}
    // CHECKS CONFIRMPASSWORD	
    	if ($_POST['password'] != $_POST['confirmpassword'])// 8
    	{
        	$confirmpassword_error = 'Your passwords do not match';
        	include 'index.php';
        	exit;
    	}
    	
    	// 9
        user_register ($_POST['username'], $_POST['email'], $_POST['dobday'], $_POST['dobmonth'], $_POST['dobyear'], $_POST['password']);
    	echo "registered";
    }
    ?>
    1 - this checks if the data was posted from the form submitted right?
    anyone know of a secure way check that it came from my form and not someone submitting there own form.

    after reading lots of tutorials i came to understand this is basic principle of using if and else statments.
    Code:
    if (condition)
      {code to be executed if condition is true;}
    else
     { code to be executed if condition is false;}
    2 - This seems to tell the script what to do if it fails. shouldnt this be what it returns true? hence the basic principle is wrong?
    3 - This seems to tell script what to do if it true. shouldnt this be what it returns false?
    4 - shouldnt this statement have if and else statments?
    currently if feild is empty it shows the error message
    but if someone enters something in the feild it continues to check next statement so does seem to work the way it is
    i need to understand why and how it works in this format.
    5 - This is in the format i have come to understand and believe to be true
    6 - same question as 4
    7 - This is again the format i have come to understand and believe to be true
    8 - This again doesnt have both else and if statments why?
    9 - This what happens if all checks have been successful...
    but with it been in the else part of the statement shouldnt this be what happens if there was a error

    if the basic principle is correct what would be my process to display all errors once all checks have been made.
    currently it does a check, and, if error displays the page with just the first error it encounters
    logic tells me that the current way is only gonna frustrate users exspcially if they make a mistake on each input feild

    im guessing i just need to remove the following code for each error statement, am i right?
    Code:
    include 'index.php';
        	exit;
    if you see any mistakes or problems that i will encounter in future by using this script feel free to point them out

    im not asking for someone to do the code but more to explain in depth but feel free to show me examples

  • #2
    New to the CF scene
    Join Date
    Nov 2009
    Posts
    4
    Thanks
    1
    Thanked 0 Times in 0 Posts
    I'm confused?
    Code:
    if($login == true){
    echo 'Invalid username or password';
    } else {
    echo 'Thanks for logging in.';
    }

  • #3
    New Coder
    Join Date
    Jan 2009
    Posts
    80
    Thanks
    1
    Thanked 0 Times in 0 Posts
    thx do the sk8
    Code:
    if($login == true){
    echo 'Invalid username or password';
    } else {
    echo 'Thanks for logging in.';
    }
    not what i was hoping for in a response
    i understand the basic principle like you sent

    if you read my code some statement only contain if statements without having a else but the if contains the error

    for example
    Code:
    //CHECKS FORM
    	if (empty($_POST['username']) || empty($_POST['email']) || empty($_POST['password']) || empty($_POST['confirmpassword']))
    	{	
        	$missing_error = 'One or more fields missing';
        	include 'index.php';
        	exit;
    	}
    notice this only has if statement and contains the error message
    the code work as it is just i need to understand why it works without having both if and else
    for example i would of believed the correct code should look like this
    Code:
    //CHECKS FORM
    	if (empty($_POST['username']) || empty($_POST['email']) || empty($_POST['password']) || empty($_POST['confirmpassword']))
    	{   return true;       }     
                 else
                 {	
        	$missing_error = 'One or more fields missing';
        	include 'index.php';
        	exit;
    	}

  • #4
    Senior Coder tomws's Avatar
    Join Date
    Nov 2007
    Location
    Arkansas
    Posts
    2,644
    Thanks
    29
    Thanked 330 Times in 326 Posts
    1. That's checking whether a POST variable named 'submit' has been passed. Nothing more; nothing less. This is a common test, but easily "faked".

    2. That says, "If the variable is set, load the index page and stop processing this script." I suspect you rather want a !isset().

    3. See #2.

    4. That just checks whether any field is empty. In other words, all of those fields are required to have some characters. You can use if/else if wanted. This is a group test, whereas if/else is an individual test.

    5. No need for an empty block (under the if, so I'd use !preg_match and move the else code into the if. Will work either way.

    6. An else is unnecessary because it's exiting if the condition matches, which is an email address not matching that format. Note: the ereg functions are deprecated as of PHP 5.3.0, so this will generate a warning.

    7,8,9. See previous answers.
    Are you a Help Vampire?

  • #5
    Regular Coder
    Join Date
    Apr 2005
    Location
    Ohio
    Posts
    254
    Thanks
    1
    Thanked 63 Times in 63 Posts
    PHP Code:
    //CHECKS FORM
        
    if (empty($_POST['username']) || empty($_POST['email']) || empty($_POST['password']) || empty($_POST['confirmpassword']))
        {   return 
    true;       }     
                 else
                 {    
            
    $missing_error 'One or more fields missing';
            include 
    'index.php';
            exit;
        } 
    Depending on how the code is structured, an if statement does not necessarily have to be followed by an else if and/or and else statement.
    Your problem is that you're so focused on asking why it works without an else statement that you're not even considering the expression being evaluated i.e.
    PHP Code:
    empty($_POST['username']) || empty($_POST['email']) || empty($_POST['password']) || empty($_POST['confirmpassword']) 
    Basically what's going on is: the if statement checks
    1) is the username field empty?
    2) or is the email field empty?
    3) or is the password field empty?
    4) or is the confirmpassword field empty?
    Note that it's checking if the aforementioned fields are empty or not. If indeed, any of the 1) - 4) items listed above are empty, then the expression will be true and the statement will be executed.


    Code:
    //CHECKS FORM
    /* 
    is username or email or password or confirmpassword empty?
    if either of the above is empty, then statement is true; print error message
    */
    	if(empty($_POST['username']) || empty($_POST['email']) || empty($_POST['password']) || empty($_POST['confirmpassword']))
    	{	
    /* this is the error message to be printed */
        	$missing_error = 'One or more fields missing';
    
    /*
    index.php is the page to be displayed and somewhere within index.php,
    $missing_error variable is being used to display the error message
    */
        	include 'index.php';
    
    /*
    done! Don't do anything else beyond this point
    lookup 'exit' in the php manual
    */
        	exit;
    	}

    If you insist on having an if-else, the code will be:
    Code:
    //CHECKS FORM
    if (!empty($_POST['username']) && !empty($_POST['email']) && !empty($_POST['password']) && !empty($_POST['confirmpassword']))
    {   
    /*
    do nothing
    you don't want to return true here as it'll have the same effect as an 'exit'
    and you'll basically end up with a blank white page. This assumption is based on the provided code.
    */
    }     
    else
    {	
        $missing_error = 'One or more fields missing';
        include 'index.php';
        exit;
    }
    Note the "!" before the empty functions for the if expression and the use of '&&' (logical AND) as opposed to '||' (logical OR).
    Basically, the if statement checks to make sure that username, and email, and password, and confirmpassword are ALL provided and not empty.
    If such is the case, do nothing (continue on with the rest of the code) else, print error message and quit.

    Edit: someone beat me to it


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •