1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 3:13 am Apr 28, 2026

Forum Moderators: coopster

Message Too Old, No Replies

Wrong redirect to the page

function account_namevalid()

         

bethesda

10:50 pm on Dec 13, 2011 (gmt 0)

10+ Year Member



Hello again.
Below I put the code.
My problem is a bad diversion - when I type in the form allowed string: 


<input type = "text" name = "something" value = "<? php echo" $ var ";?>" size = "50" maxlength = "50" class = "clx">


receives the correct redirect to page (allok.hp).
The problem arises when i want to use my function (account_namevalid ()).
I will put in the form illegal characters - then receives a redirect page (test.php). 


<?php
if ($_POST[something] <= 6) {
if (account_namevalid($_POST['something'])) {
$db = new mysqli('x', 'x', 'x', 'x');
$db -> query("SET NAMES 'latin2'");
$stmt = $db->stmt_init(); 
if($stmt->prepare("UPDATE `database` SET `table1` = ? WHERE `something` = ? AND `something` = ?")) {
$stmt->bind_param('sis', $a,$b,$c); 
$a = "$var1";
$b = "$var2";
$c = "$var3";
$stmt->execute();
if ($stmt) {
$stmt->close(); 
$db->close(); 
header("Location: ../allok.php?id=".$id."");
exit();
} else {
printf("<p>Error message</p><br /><p> %s\n", $db->error);
$stmt->close(); 
$db->close(); 
}}}}

function account_namevalid() {
// Must be minimum = 1
if (strspn($_POST['something'],"a±bcædeêfghijkl³mnñoópqrs¶tuvwxyz¼¿A¡BCÆDEÊFGHIJKL£MNÑOÓPQRS¦TUVWXYZ¬¯01234567890-/ ") == 0) {
header("Location: ../myscript2.php?id=".$id."");
return false;
exit();
}

// Check insert data
if (strspn($_POST['something'],"a±bcædeêfghijkl³mnñoópqrs¶tuvwxyz¼¿A¡BCÆDEÊFGHIJKL£MNÑOÓPQRS¦TUVWXYZ¬¯01234567890-/ ") != strlen($_POST['something'])) {
header("Location: ../myscript2.php?id=".$id."");
return false;
exit();
}
return true;
}

header("Location: ../test.php");
exit();
?>


Redirect to a page (test.php) is the last lines of code.
Why script does not transfer me to the page (myscript2.php). Function account_namevalid should work.

Thanks for advice.

enigma1

4:00 pm on Dec 14, 2011 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Maybe it does executed but then you return false. You need to exit the script after you output the location header.

You could add a print_r and exit statements under the if clauses to make sure the appropriate part of the script is executed.

rocknbil

4:41 pm on Dec 14, 2011 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



First, the variable "$id" is not going to be available within the function unless you declare it as a global. Which is not a "good use" of functions.

Think of a function as a "black box". It's self contained. You send values to it, and it returns values. In your case, it's reading the global $_POST, which is "sort of" okay, but a better use would be to send that value as a parameter. This allows you to send different parameters for different results. Secondly you already do a check against post -

if ($_POST[something] <= 6) {

(Also I'm a bit confused, it's saying the value is less than or equal to 6, but your function checks for length 0 and strlen <= 6 . . .huh?)

That should be part of your function, like so.

$comp = 'a±bcædeêfghijkl³mnñoópqrs¶tuvwxyz¼¿A¡BCÆDEÊFGHIJKL£MNÑOÓPQRS¦TUVWXYZ¬¯01234567890-/ ';

// Pass the value to check, comparison string, and maximum length as a parameter
if (account_namevalid($_POST['something'],$comp,6)) {
// Do your "something is OK" code here
}
else {
header("Location: ../myscript2.php?id=$id"); // No need to concatenate with double quotes!
} 

function account_namevalid($val,$compstring,$len) { // note the parameters 
 // Must be minimum = 1 
 $ok=true; 
 if ( 
 ($val > 6) or  
 (strspn($val,"$compstring") == 0) or 
 (strspn($val,"$compstring") != strlen($val) 
 ) { 
 $ok=false; 
 } 
 return $ok; 
}


I think that might always fail though, because you're checking if the value is <= 6, which could be say, 5, and the strlen of 5 is 1. As I said, confused, but this will sort out the function use for you. :-)

bethesda

6:46 pm on Dec 15, 2011 (gmt 0)

10+ Year Member



First, the variable "$id" is not going to be available within the function unless you declare it as a global. Which is not a "good use" of functions.


I try send user to page index.php but no success.

(Also I'm a bit confused, it's saying the value is less than or equal to 6, but your function checks for length 0 and strlen <= 6 . . .huh?)


No. This function checks that entered character are allowed. If == 0 that means nothing is entered and function should move as to the designated site.

That should be part of your function, like so.
$comp = 'a±bcædeêfghijkl³mnñoópqrs¶tuvwxyz¼¿A¡BCÆDEÊFGHIJKL£MNÑOÓPQRS¦TUVWXYZ¬¯01234567890-/ ';


Ok, but what is $comp, what is $compstring, what is $len ?

Can you show me example. Thanks in advence ..

bethesda

6:56 pm on Dec 15, 2011 (gmt 0)

10+ Year Member



engma1

I did as you wrote.
It grabs the contents of function and print it.
After entering invalid characters - receive print what I wrote, the code below: 


if (strspn($_POST['something'],"a±bcædeêfghijkl³mnñoópqrs¶tuvwxyz¼¿A¡BCÆDEÊFGHIJKL£MNÑOÓPQRS¦TUVWXYZ¬¯01234567890-/ ") == 0) {
$my_var = mysql_real_escape_string($_POST['something']);
print_r ($my_var);
exit();
}

if (strspn($_POST['something'],"a±bcædeêfghijkl³mnñoópqrs¶tuvwxyz¼¿A¡BCÆDEÊFGHIJKL£MNÑOÓPQRS¦TUVWXYZ¬¯01234567890-/ ") != strlen($_POST['something'])) {
$my_var= mysql_real_escape_string($_POST['something']);
print_r ($my_var);
exit();
}
return true;
}


So i don't know why script wan't to transfer user to another page. :-/

Anyone ?

enigma1

7:49 pm on Dec 15, 2011 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Maybe it does redirect but you don't exit the script right away. You let the code continue because you return false. Can you comment out the return false statements so the script exits right away and see where it redirects.

bethesda

10:01 pm on Dec 15, 2011 (gmt 0)

10+ Year Member



it works !
So the main problem was (return false)?
What exactly happens when there is (return false) - stop the script?

enigma1

9:18 am on Dec 16, 2011 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Well kind of. When you output a location header it doesn't mean the php script terminates. It continues execution. So it will return to the caller and continue. The next header is also a location and by default with the later php versions will override the first one. As long as you're aware of it you can terminate the script at the right place.

bethesda

10:08 am on Dec 16, 2011 (gmt 0)

10+ Year Member



Big Thanks !

rocknbil

4:35 pm on Dec 16, 2011 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Can you show me example.


I did!

Ok, but what is $comp, what is $compstring, what is $len ?


$comp is your match string moved out of the function and passed to the function as a parameter, here. That way you put all your configurations in a common location, at the top of your script, easy to find, instead of buried in (possibly) thousands of lines of code.

if (account_namevalid($_POST['something'],$comp,6))

$_post['something'] passed as $val
$comp passed as $compstring parameter
6 passed as $len parameter

function account_namevalid($val,$compstring,$len) {


You validate for <= 6 outside the function, and there's no reason you shouldn't do all your validations inside the functions.

bethesda

4:39 pm on Dec 16, 2011 (gmt 0)

10+ Year Member



I try to make it that way.
Thanks.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 3:13 am Apr 28, 2026