Forum Moderators: coopster
The other problem that I have is that if I add another if statement just like the one below (which is currenlty working, but with IP ADDRESS variables) neither the working one or the new one work. Again I just get a blank page.
Here is the code that currently works for searching just for the dates. Like I said ONCE a new if isset statement gets added neither if statement works. So I guess my question is how would I add another if isset statement that works when the $_POST['Src']; variable is set instead of $_POST['Sdate'] like I have below.
THANKS AGAIN FOR ANY HELP OR IDEAS!
<table border="1" width="82%" cellpadding="1" cellspacing="2">
<th align="center">Source_IP</th>
<th align="center">Destination_IP</th>
<th align="center">Source_Port</th>
<th align="center">Destination_Port</th>
<th align="center">Date_Time</th>
<th align="center">Signature</th>
<th align="center">BASE_Link </th>
<?
$host = "";
$user = "";
$pass = "";
$dbname = "";
$Src = $_POST['Src'];
$Sdate = $_POST['Sdate'];
$Edate = $_POST['Edate'];
$connection = mysql_connect($host,$user,$pass) or die (mysql_errno().": ".mysql_error()."<BR>");
mysql_select_db($dbname);
//Query that is being run
if (isset($_POST['Sdate']) && isset($_POST['Edate']))
{
$query = "select inet_ntoa(ip_src), inet_ntoa(ip_dst), layer4_sport, layer4_dport, timestamp, sig_name from acid_event where (timestamp between '" .$Sdate."%' and '" .$Edate."%')";
print_r($query);
$result = mysql_query($query) or die('Query failed: ' . mysql_error());
while ($line = mysql_fetch_row($result) )
{
echo '<tr>';
echo '<td align="center">',$line[0],'</td>';
echo '<td align="center">',$line[1],'</td>';
echo '<td align="center">',$line[2],'</td>';
echo '<td align="center">',$line[3],'</td>';
echo '<td align="center">',$line[4],'</td>';
echo '<td align="center">',$line[5],'</td>';
}
}
?>
From php.net
isset -- Determine whether a variable is set
Sdateor
Edate. However, some general comments may assist...
At a guess, your error_reporting is set at the default, which means that you will not see Notices. I say this because of:
$Src = $_POST['Src'];
$Sdate = $_POST['Sdate'];
$Edate = $_POST['Edate'];
Src,
Sdateor
Edatewere not set a Notice would be issued saying so. Much better--when in development--to set error_reporting at E_ALL, which also shows Notices. Much better also, incidentally, to setup defaults for all user-input, and to treat all such with deep suspicion, which can avoid later hack-attempts:
$Sdate = ( isset( $_POST['Sdate']))? strtotime( $_POST['Sdate']) : 0;(just an illustration - you know now that
$Sdateis a timestamp, no matter what)
A useful alternative to
isset()is
empty()- it is another inbuilt "function" (not actually a function).
My own practice with
if()tests is to introduce masses of (usually redundant) brackets and white-space:
if(( isset($_POST['Sdate'])) and(the lines include tabs, so it all lines up neatly, but this board kindly deletes all the tabs)
(!isset($_POST['Edate']))
) {
As I say, many of the brackets are redundant, but then I never suffer from the problems that you are experiencing!
HTH
if ((isset($_POST['Sdate'])) && (!isset($_POST['Edate'])))
It looks ugly but avoids any unexpected issues as to what gets evaluated and when.
Also just during debug process, before if statement I would echo evaluation of isset($_POST['Sdate']) and!isset($_POST['Edate']), or any other variables that you might have problem with, just to see how they evaluate (true or false). That might give you a clue if the 'if' statement is being evaluated as you want it. Because you are not seeing results, it doesn’t necessarily mean that the statement is not working, but rather that it got evaluated and the conditions have not been met, hence stuff inside if statement is not executed (that’s why I am suggesting echo –ing them before 'if statement' so that you see how they evaluate). Hope this makes sense.
Also (and this is suggestion from PHP novice so take it as such), I would change names of $Src , $Sdate, and $Edate variables to something like $Src1, etc . ie
$Src1 = $_POST['Src'] to help it differentiate from stuff inside post – at least for me it’s very easy to get confused as to what variable is what, plus it makes it easier for debug.
HTH
edit - by the time I wrote this you already got quality responses from people who now more about PHP then me
bool isset ( mixed var [, mixed var [, ...]] )Returns TRUE if var exists; FALSE otherwise.
It will return true whether the variable is blank or contains data. The only time it will return false is if: 1) variable does not exist, or 2) variable is set to NULL.
