PHP Help

software development

#1

I am trying to have the user enter data via a check box and have it sent to me via email. That data is entered but the email says “The new user ID is requesting access to: Array”

Her is my code. Well some of it at least.

$message.=“

The new user ID is requesting access to: “.$_POST[‘Category’].”

”;

//Then later on in the script

Children's Illustrations: Apparel Graphics: Textile Design: Greeting Cards:

What am I doing wrong? Any help would be greatly apprecited. I can not wait to get my site up and running. So far I have referred 3 people who are thinking about hosting with Dreamhost and I have only been here 4 days myself!


#2

Get rid of the numbers in the brackets. You just need
<INPUT TYPE=“CHECKBOX” name=“Category”

But your main problem is that you are saying they are an array but just treating it like a string.
If you just want it like a string then use

$message.=“

The new user ID is requesting access to: “.implode(”, “, $_POST[‘Category’]).”

”;

#3

As mentioned, the numbers in your html form can go. (They don’t break the code, just more work than is necessary.) However, the [] after Category in each line must stay or only the last checkbox checked will be passed. (As written below, using implode, it will also say “Bad arguments”.

The true problem is that you were referencing the “container” (array) instead of the data elements themselves. That was fixed with implode.

I’ve tested this code and even explicitly bombed the program by removing [] from original html code…leave them in.

Jim

if (empty($_POST[‘Category’]))
{
#If you require at least one box checked, the customer didn’t do it…handle it with your code…
echo “You must select at least one type, etc…”;
}
else
{
$message.=“

The new user ID is requesting access to: “.implode(”, “, $_POST[‘Category’]).”

”;
#Just to test…
echo $message;
}

#4

Would it make a difference if my PHP install has “Register_Globals” turned off? I was thinking this might be causing some headaches as well. I will not be able to test this code until tonight, when I get home, so I want too thank you all in advance.


#5

Regarding register globals, you’re all set.

The fact that you’re checking against the POST forces the value to come via that method as opposed to the old way of simply referring to it as $Category
so then it could be appended to the URL and came in as GET.

It doesn’t stop someone from saving an html form locally to their hard drive, modifying the code and calling the script on your server. Adding Category of Fred Flintstone, etc.

See:
http://us3.php.net/register_globals for the php info about register globals.

Jim


#6

Thanks for correcting my omission of [] from the name. I didn’t mean to and it’s a good job someone got it :).

You should use $_POST because someone could quite easily use GET[‘category’] as have already been mentioned. You are better adding in the lines of code

for($i = 0; $i < count($_POST[‘Category’]); $i++){
if(!is_numeric($_POST[‘Category’][$i])){
$_POST[‘Category’][$i] = 0;
}
}

That will stop people from making their own form and passing in values they want to.
It’s bad practice to change variable directly into/from any of the major variable classes (POST, GET, SESSION) but it’s much easier :stuck_out_tongue:


#7

I’ve not tested this latest code snippet, but let’s say I added Fred Flintstone on a version on my hard drive as an option and checked the box. As coded, wouldn’t it just bump up the count of array elements passed and process it just like an “official” choice?

So then let’s say instead of count being the number of elements you hard code it to 4 since that’s the number of elements we’re expecting. for i = 1 to 4 etc. Now I just move Fred Flintstone to the first option and/or replace one of the good values with one of the bad.

I don’t want to hijack this thread, don’t want to be critical and certainly make mistakes myself, but that’s how I see it. Definitely could be wrong though. The fixes I employ are test the results passed and if they’re not in my database of options, it’s bad input. We’re all here to learn from each other and the only things I know are what I’ve learned from others.

Jim


#8

Using Category[] means that when an option is selected, it is treated in PHP like an addition to the end of an array. So what you end up with is an array in $_POST[‘Category’] with the values a user chose.

$categories = $_POST[‘Category’];
for($i = 0; $i < count($categories); $i++){
echo $categories[$i] . " was selected.
\n";
}

Will loop through all of the user’s choices and print them out (if you chose to use numeric values in your input variables then just printing them out probably won’t make much sense to most people :wink: :slight_smile:


#9

OK. I added the code from the thrd post and viola! It worked!!! Thank you so much! Question though. There is additional code posted by ‘decswaqz’ in the last two posts. Should I use any of this code and if so, where?


#10

The code I provided was more of a ‘in future’ sort of thing. If you are just printing the string back to the user (or just using the chosen option on their own), then you don’t need my code.

The only time you’ll need it is when working through the list of user’s choices and need to check or do some other processing. If it’s just a simple ap you need, or an app only for yourself, then stick with what you’ve got.