|
PHP - Problem With Unset() And Exit()
I have a script that allows a User to create a new password as part of a password re-set flow.
In my script, I store the $memberID in the Session so that when I redirect from "create_password.php" to "results.php" I still have the $memberID and can store it in the transaction log in my database. The problem is that even though I have unset() after the redirect, it is somehow erasing the value in $_SESSION['memberID'] before the redirect, and thus I get "0" in the database when "results.php" runs?! // Temp Password expires in 1 hour (3600 seconds). if ((time() - $tempResetOn)>10){ // Temp Password Expired. $_SESSION['resultsCode'] = 'PASSWORD_TEMP_PASSWORD_EXPIRED_2112'; // Set Error Source. $_SESSION['errorPage'] = $_SERVER['SCRIPT_NAME']; // Redirect to Outcome Page. header("Location: " . BASE_URL . "/members/results.php"); unset($_SESSION['memberID']); // End script. exit(); }//End of CHECK FOR EXPIRED TEMP PASSWORD How do I unset the Session variable - in the "create_password.php" script above - AFTER I successfully redirect and store the $memberID in the database? Thanks, Debbie Similar TutorialsI have 3 php's home.php createStep1.php createCheckPass.php createStep2.php home.php unsets some $_SESSION variables if they still exist from previous pages: Code: [Select] if(!empty($_SESSION['ame'])) { unset($_SESSION['ame']); } if(!empty($_SESSION['ject'])) { unset($_SESSION['ject']); } if(!empty($_SESSION['ports'])) { unset($_SESSION['ports']); } if(!empty($_SESSION['session_age_range'])) { unset($_SESSION['range']); } createCheckPass.php gets some posted information from createStep1.php, checks everything is ok and if so sets the above session variables createStep2.php gets the session data set by createCheckPass.php and then gets to work with the user inputting data into the db. The odd problem If createCheckPass.php finds any problems with the posted data it redirects the user back to createStep1.php with the sessions set, createStep1.php then displays the errors with the info set in the sessions to the user and everything works ok. If however the user sends the form from createStep1.php with no problems and the createCheckPass.php passes the user onto createStep2.php, something strange happens... The sessions set by the createCheckPass.php are only ever unset at the home.php, yet somehow createStep2.php loses the sessions and therefore doesn't run. What is even stranger is if i comment out the unsetting of the sessions from the home.php, everything works fine and none of the sessions are lost. Really really odd Summary: createStep2.php is reading the unset session lines of code from home.php when never asked to. Has anyone ever come across anything like this before? hi guys.. im not sure if im in the right section but. i have this script below and it exits BUT i would like it to exit After it applies the CSS to my Error. i want it to display nothing except the error if there is an error.. the php is being included on the index.php page which links to the css. this works IF i put the include after the CSS link but wondering if theres a better way. PHP <?php $host = 'localhost'; $user = 'user'; $pass = 'password'; $db = 'upload'; $link = @mysqli_connect( $host, $user, $pass, $db); if(!$link){?> <div id='conn_error'> <?php echo 'There was an Error Connecting to the Server'; ?> </div><?php } ?> Css Code: [Select] #conn_error{ background: red; font-size: 24px; font-family: arial; color: white; width: 500px; text-align: center; border: solid 2px black; position: absolute; top: 150px; left: 30%; padding: 2px; } The code seems to cear debug until I attempt to exit after doing a while loop. PHP Parse error: syntax error, unexpected T_ELSE in C:\Users\Bob\Desktop\TAFT WEB\test\login.php on line 46 Here's the code: <?php /* -----------------------NOVEMBER 2010-------------------- */ // User has 3 trys to enter correct username and password // increment by one $num_log = ($num_logs + 1); if ($_POST['username']) { //Connect to the database through our include include_once "connect_to_mysql.php"; $username = stripslashes($_POST['username']); $username = strip_tags($username); $username = mysql_real_escape_string($username); $password = ereg_replace("[^A-Za-z0-9]", "", $_POST['password']); // filter everything but numbers and letters $password = md5($password); } // Make query and then register all database data that - // cannot be changed by member into SESSION variables. // Data that you want member to be able to change - // should never be set into a SESSION variable. $sql = mysql_query("SELECT * FROM register WHERE username='$username' AND password='$password'"); $login_check = mysql_num_rows($sql); if($login_check > 0); { while($row = mysql_fetch_array($sql)){ // Get member ID into a session variable $id = $row["id"]; session_register('id'); $_SESSION['id'] = $id; // Get member username into a session variable $username = $row["username"]; session_register('username'); $_SESSION['username'] = $username; // Update last_log_date field for this member now mysql_query("UPDATE user_log SET log_on=now() WHERE id='$id'"); // Print success message here if all went well then exit the script header("location: memPage.shtml php?id=$id"); exit(); } // close while ERROR ---> else { exit() } // Print login failure message to the user and link them back to your login page print '<br><br> <font color="#FF0000"> No match was found in our member records, try again. </font> <br><br> <a href="login.php">Click here</a> to go back to the login page.'; exit(); // close if post ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Login to your profile</title> <script type="text/javascript"> <!-- Form Validation --> function validate_form ( ) { valid = true; if ( document.logform.email.value == "" ) { alert ( "Please enter your User Name" ); valid = false; } if ( document.logform.pass.value == "" ) { alert ( "Please enter your password" ); valid = false; } return valid; } <!-- Form Validation --> </script> </head> <body> <div align="center"> <h3 style="test-align:center;font-weight:bold; color:blue;padding-top:25px;padding-bottom;15px;"> Log in to your account here </h3> </div> <table align="center" cellpadding="5"> <form action="login.php" method="post" enctype="multipart/form-data" name="logform" id="logform" onsubmit="return validate_form ( );"> <tr> <td class="style7"><div align="right">Username:</div></td> <td><input name="username" type="varchar" id="username" size="30" maxlength="50" /></td> </tr> <tr> <td class="style7"><div align="right">Password:</div></td> <td><input name="password" type="password" id="password" size="50" maxlength="24" /></td> </tr> <tr> <td> </td> <td><input name="Submit" type="submit" value="Login" /></td> </tr> </form> </table> </body> </html> I'm new to php and I created a user registration form. But whenever I submit the form, part of my page doesn't load. I see the "successful registration" message, but I don't see my right sidebar, footer, or my wrapper div. After searching the internet all day, I concluded it was the exit() function. But if I leave in the exit function and submit the form, all of my page loads, but the original registration form is still shown below my "successful registration" message. Can someone please help? Code: [Select] <?php require_once('_includes/connectvars.php'); if (isset($_POST['submitted'])) { $firstname = mysql_real_escape_string(trim($_POST['firstname'])); $lastname = mysql_real_escape_string(trim($_POST['lastname'])); $email = mysql_real_escape_string(trim($_POST['email'])); $birthdate = mysql_real_escape_string(trim($_POST['birthdate'])); $zipcode = mysql_real_escape_string(trim($_POST['zipcode'])); $gender = $_POST['gender']; $username = mysql_real_escape_string(trim($_POST['username'])); $password1 = mysql_real_escape_string(trim($_POST['password1'])); $password2 = mysql_real_escape_string(trim($_POST['password2'])); $terms = $_POST['terms']; $newsletter = $_POST['newsletter']; $activationkey = mt_rand() . mt_rand() . mt_rand() . mt_rand() . mt_rand(); $captchchk = 1; require_once('_includes/recaptchalib.php'); $privatekey = "some#"; $resp = recaptcha_check_answer ($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (preg_match ('%^[A-Za-z\.\' \-]{2,15}$%', stripslashes(trim($_POST['firstname'])))) { $firstname = escape_data($_POST['firstname']); } else { $firstname = FALSE; echo '<p class="error">Please enter a valid first name!</p>'; } if (preg_match ('%^[A-Za-z\.\' \-]{2,30}$%', stripslashes(trim($_POST['lastname'])))) { $lastname = escape_data($_POST['lastname']); } else { $lastname = FALSE; echo '<p class="error">Please enter a valid last name!</p>'; } if (preg_match('%^(0?[1-9]|1[012])[/](0?[1-9]|[12][0-9]|3[01])[/](19|20)?[0-9]{2}$%', stripslashes(trim($_POST['birthdate'])))) { $birthdate = escape_data($_POST['birthdate']); } else { $birthdate = FALSE; echo '<p class="error">Please enter a valid date of birth in the format of MM/DD/YYYY</p>'; } if (preg_match ('%^[0-9]{5}$%', stripslashes(trim($_POST['zipcode'])))) { $zipcode = escape_data($_POST['zipcode']); } else { $zipcode = FALSE; echo '<p class="error">Please enter a valid 5 digit zip code!</p>'; } if ($gender !== 'M') { if ($gender !== 'F') { echo '<p class="error">Please select your gender!</p>'; } } if (preg_match ('%^[A-Za-z][A-Za-z0-9]*(?:_[A-Za-z0-9]+)*(\S{4,75})$%', stripslashes(trim($_POST['username'])))) { $username = escape_data($_POST['username']); } else { $username = FALSE; echo '<p class="error">Please enter a valid username!</p>'; } if (preg_match ('%^[A-Za-z0-9]{6,15}$%', stripslashes(trim($_POST['password1'])))) { $password1 = escape_data($_POST['password1']); if (($_POST['password1'] == $_POST['password2']) && ($_POST['password1'] != $_POST['username'])) { $password1 = escape_data($_POST['password1']); } elseif ($_POST['password1'] == $_POST['username']) { $password1 = FALSE; echo '<p class="error">Your password cannot be the same as the username!</p>'; } else { $password1 = FALSE; echo '<p class="error">Your password did not match the confirmed password!</p>'; } } else { $password1 = FALSE; echo '<p class="error">Please enter a valid password!</p>'; } if ($terms !== 'Y') { echo '<p class="error">You must agree to the terms of use!</p>'; } if (!$resp->is_valid) { echo '<p class="error">The CAPTCHA Code wasn\'t entered correctly!</p>'; $captchchk = 0; } if ($firstname && $lastname && $email && $birthdate && $zipcode && $gender && $username && $password1 && $terms && $captchchk) { $query = "SELECT * FROM members WHERE username = '$username'"; $result = mysql_query($query) or trigger_error(mysql_error().$query); if(mysql_num_rows($result) == 1) { echo '<br><br><p class="error">An account already exists for this username. Please select a different username.</p>'; $username = ""; } else { if(mysql_num_rows($result) == 0) { $query = "INSERT INTO members (first_name, last_name, email, dob, zip_code, gender, username, password, join_date, newsletter, active, terms, status) VALUES ('$firstname', '$lastname', '$email', STR_TO_DATE('$birthdate', '%m/%d/%Y'), '$zipcode', '$gender', '$username', SHA('$password1'), NOW(), '$newsletter', '$activationkey', '$terms', 'verify')"; $result = mysql_query($query) or trigger_error(mysql_error().$query); if (mysql_affected_rows() == 1) { $to = $_POST['email']; $subject = "Registration"; $message = "Welcome to Mysite.com!\n\nYou, or someone using your email address, has completed registration at Mysite.com. You can complete registration by clicking the following link:\n\nhttp://www.mysite.com/verify.php?$activationkey\n\nIf this is an error, ignore this email and you will be removed from our mailing list.\n\nRegards,\n\nThe Mysite.com Team"; $headers = 'From: noreply@ Mysite.com' . "\r\n" . 'Reply-To: noreply@ Mysite.com' . "\r\n" . 'X-Mailer: PHP/' . phpversion(); mail($to, $subject, $message, $headers); echo '<br /><br /><p>Thank you for registering! A confirmation email has been sent to your email. Please click on the link in that email in order to activate your account.</p>'; } else { $queryString = $_SERVER['QUERY_STRING']; $query = "SELECT * FROM members"; $result = mysql_query($query) or trigger_error(mysql_error().$query); while($row = mysql_fetch_array($result)){ if ($queryString == $row["active"]){ echo "Congratulations!" . $row["username"] . " is now a member of Mysite.com!"; $query="UPDATE members SET active = '', status='activated' WHERE (user_id = $row[user_id])"; if (!mysql_query($query)) { die('Error: ' . mysql_error()); } } } } } } } exit(); mysql_close(); } HI, I have a foreach loop but after some execution it begins to show me this:Invalid argument supplied for foreach() ... so I want to exit from it.how can I do that? Thanks There is a function (that cannot be changed) which has an include:
<?php
function a() {
include 'file.php';
echo 'work';
}
?>
==file.php==
<?php
echo 'play';
## Need to leave a() now!
?>
The included file can be changed.
I would like a way for file.php to cause PHP to return out of the function a(). A return; statement in file.php has PHP pick up execution with the statement following include.
What is there in PHP that will allow returning out of a() at some point in file.php?
hey all; I have a member.php page filled with html and some php, at the top the first thing it does is check for a session if it's not present it displays Sorry you must be logged in to view this page if it's there is says welcome blah blah blah problem is even if it's not present it's showing all the rest the content under the sorry you must be logged in to view this page.. tried adding an exit; did the same thing showed content and tried die; did the same thing showed content? I have a link that sets a get variable that then performs a search based on that get variable. How after I the page has reloaded with the new search results how can I removed the $GET from the end of the url? Thanks for any help. I am trying to protect my queries to check the user's ip address to make sure they are not banned... When I comment out the if statement in $db->query the error goes away... The checkIp function works in other instances, I am just trying to call it so nobody can inject things by trying to go around the actual pages... my db function class looks like this: Code: [Select] class dblib { function query($sql) { if ($this->checkIp($_SERVER['REMOTE_ADDR']) == true) { die("GH".$ip); // Used to see if I can get that far... $result = mysql_query($sql) or die("Database error: " . mysql_error() . "<br /><br /><h2>SQL</h2><p>$sql</p>"); return $result; } else { die("<h1>Banned</h1>"); } } /// .......some other functions function checkIp($ip) { $sql = "SELECT * FROM block WHERE ip='$ip' LIMIT 1 "; $result = $this->query($sql); if (mysql_num_rows($result) == 0) return true; else return false; } Hi, I have been working on an application where when the user logs in, the status field in the database isset to 1 (online), and when logging off set to 0 (offline). I was wondering if there is a way, using PHP or otherwise, of accomodating for when the user closes the browser manually? I have been looking at other forums who say that it is possible to set a timer which automatically logs the user off after a set amount of time but I dont know how to actually do this or where to start; will the code go on every page of the site? Thanks in advance for any replies Hi All I was wondering how important it is to unset() all your variables once used? Most of my code is object oriented so the functions discard any variables created within them. But do I have to unset() all the objects that I instantiate? Also how much will it improve on speed if I do so? Regards, Magnetica Afternoon, I've hit a brick wall, and I'd like someone to point out where I'm going wrong here as I can't for the life of me think of whats amiss. As it is, I'm trying to set a message to the user in session form, so the function is called passing the error ID. As you can see below, it finds it and assigns it to the private variable within the class. Code: [Select] <?php public function set($name){ // Check if the message is available... if(array_key_exists($name, $this->errors)){ // Set it. $_SESSION['cM'] = $this->errors[$name][0]; } else { $_SESSION['cM'] = 'TEST'; } } ?> To then return the message, the function is simply called using the below function which should return the error? Now, when I don't unset the session in anyway shape or form the message is displayed but when I do unset it, no message appears. I was under the impression that as I had already assigned the contents of the session to the $message variable that the session itself was then useless and as such I could then unset it for later use. But apparently not? Code: [Select] <?php public function get(){ // Is something set? if(isset($_SESSION['cM'])){ // Yes, into a variable! $message = $_SESSION['cM']; // Unset the session for later use. //unset($GLOBALS['cM']); - Doesnt make any difference. //$_SESSION['cM'] = false; - Doesnt make any difference. //unset($_SESSION['cM']); - Doesnt make any difference. // Return the message. $f = "<p style=\"color:green\">"; $f.= $message; $f.= "</p>"; return $f; } // No, Return false then to stop an error appearing. return false; } ?> As you can see I have tried unsetting the global variable, just session itself and clearing the session but to no avail. Any ideas? I have one entity: $_SESSION['order']['content']['lol'] I then unset this entity: unset($_SESSION['order']['content']['lol']); I then try to unset the following as it is now empty (because I removed "lol"), buts its not working: if (empty($_SESSION['order']['content'])) { unset($_SESSION['order']['content']); } Does anyone know why and how I can go about getting it to unset? Code: [Select] $age = 18; //$age =___; //not working say error. unset($age); //working whats wrong? thanks hi i have an array that returns the longitude, latitude and timestamp of multiple users. then i use a for each loop to echo the details to add markers to google maps. the problem is that if one of the users has no gps position i dont want to include it it my foreach loop. Code: [Select] foreach($positions as $name => $status) { echo 'add(jQuery(this), number += 1, "' . $name . '", "map_post.php?n=' . $name . '&u=' . $status['user_id']. '", "' . date("d-m-Y @ h:i:s",$status['timestamp']) . '", "' . $status['latitude'] . '", "' . $status['longitude'] . '", "' . $status['user_id']. '");'; } how can i get the foreach to ignore the users with no data? Hello, Am writing a script with lots of variables and its called by require() into the main file. But I probably have an interference in variable values because I get incorrect results. I have to unset all variables first before I enter the new script but there are lots of them. Is there a way I can unset all variables with a simple line of code or function? Thanks in advance I am using an if statement. If the user has a credit value of 1 or more it echos a variable thats a form. When the user submits the form, it takes a credit away, so the credit value is -1. I need the form to dissapear, because the form has a button that will execute a query that I dont want to execute. So, usually unset() fixes this, but its not in my case. Heres the code Code: [Select] $a='<strong></strong>'; if ($hintcredit<1) $a.='<font style="color: #cc0000;">You have already requested a hint! Once you guess the correct number, you will be able to get another hint. </font>'; else $form= "<form action='blablabla' method='post'>blablablabla</form>"; $a.=$form; $a.='<strong></strong>'; echo $a; if ($_POST['request'] == "Retrieve Hint") { unset($form); $form= '<b>One of the digits in your number is '.substr($num, -1).'</b>'; $newquery= "UPDATE userinfo SET hint_credits = '-1' WHERE username = '".$_SESSION['login_name']."'"; echo $form; mysql_query($newquery,$link); } In this case, the form is still being shown. I need the form completely removed after the form has been submitted. This is simple and idk why its not working for me!? In C, when you dynamically allocate memory, you have to free it, otherwise you face memory leaks:
char *str; str = (char *) malloc(10); free(str);But in most other languages you do not need to worry about this. PHP has a function called unset, which unsets the variable's value. But why would you want to do this, if PHP has a garbage collector that will free variables once they leave scope anyway? I see no point of unset in a scripting language with garbage collection. Is it possible to unset a submit button? <?PHP if(isset($_POST['Submit'])) { $date = $_POST['date']; if ($date = '1966-10-03'){ //Do Something } else { //Possible to unset? unset($date); unset($_POST['Submit']); } } else { ?> <form action="" method="post"> <input type="text" name="date" /> <input type="Submit" name="Submit" value="Submit" /> </form> <?PHP } ?> What I'm wondering is if it's possible to unset after submitting in the event of condition x. Should this not in turn echo out the form as it has been unset? Code: [Select] $itemlisted = $_POST['itemlisted']; if ($itemlisted) { unset($_SESSION['items'][$itemlisted]); } it should work i don't get it. $itemlisted is 1... so it should delete [1] in the array. any idea why it's not working? |
|||||||