473,573 Members | 2,812 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Do I need to escape this code?

Hi!

After you all gave me some good advice recently, I'm back for more :o)

On my web site, I want to display a 'log out' icon with some text
underneath, ("Log out"), which, when clicked, will end a session.

This is the simple code I'm using for the icon:

<a href="<?php echo $_SERVER['PHP_SELF']; ?>?action=log_o ut">
<img border="0" src="images/logout.gif" width="74" height="74"><p
style="text-align: center">

This all works fine and, when clicked, the session is ended and the
user returns to my web site's home page.

Now's the complicated, (Well for me, anyway), bit; I only want to show
the 'log out' icon when the user is actually logged in.

So, I've been using isset to determine the session state:

<?php if (isset($_SESSIO N['user'])) {?>
<a href="<?php echo $_SERVER['PHP_SELF']; ?>?action=log_o ut">
<img border="0" src="images/greenround.PNG" width="74" height="74"><p
style="text-align: center">
<?php }?>

Now - this only partially works; yes, the icon is only shown when the
user is logged in - which is cool. However, when clicked it doesn't do
anything!

I think I should be escaping some code somewhere but I can't work it
out. And it's frustrating me!!

Any guidance on where this newbie is going wrong?

Thanks!

Rod.
Jul 17 '05 #1
14 1741
Rod Carrol wrote:
So, I've been using isset to determine the session state:

<?php if (isset($_SESSIO N['user'])) {?>
<a href="<?php echo $_SERVER['PHP_SELF']; ?>?action=log_o ut">
<img border="0" src="images/greenround.PNG" width="74" height="74"><p
style="text-align: center">
<?php }?>

Now - this only partially works; yes, the icon is only shown when the
user is logged in - which is cool. However, when clicked it doesn't do
anything!
What does "doesn't do anything" mean?

Does the browser not follow the link?

Does the newly loaded page return a blank result?

Does it not perform the logout operation you expected? (If so, what does
it do instead?)

Does it perform the logout operation, but continue to display the logout
link?

How does your logout operation work? Has the logout operation already
run at the time this link is output? Does it explicitly clear
$_SESSION['user'] in a way that would cause isset() to return false?

Have you stepped through thte code to see what's being run and what the
values are?
I think I should be escaping some code somewhere but I can't work it
out. And it's frustrating me!!


What kind of thing do you think you would escape? It wouldn't hurt to
use htmlspecialchar s() on $_SERVER['PHP_SELF'], but that isn't likely to
make a difference between the code snippets you posted.

Has any other part of your code changed?

-- brion vibber (brion @ pobox.com)
Jul 17 '05 #2
>>What does "doesn't do anything" mean?
Does the browser not follow the link?
Apologies - let me clarify. It doesn't follow the link. The user is not
logged out and the session is not ended.
What kind of thing do you think you would escape?


Well - I'm not sure! (I've only been learning php for the last couple
of months :o). The only reason I thought I may have an 'escape' issue
is because I found I had to escape the html code inside the php isset()
function in order to get the icon to display properly.

If I remove this isset() check then the icon is displayed and clicking
it logs me out successfully...

Rod.

Jul 17 '05 #3
Rod Carrol wrote:
This is the simple code I'm using for the icon:

<a href="<?php echo $_SERVER['PHP_SELF']; ?>?action=log_o ut">
<img border="0" src="images/logout.gif" width="74" height="74"><p
style="text-align: center">


If this is the actual statement the markup syntax is wrong. Where is
the closing tag for the anchor. The para cannot sit within the anchor
(block element in line element is wrong. So perhaps something like

<a href="<?php echo $_SERVER['PHP_SELF']; ?>?action=log_o ut"><img
border="0" src="images/logout.gif" width="74" height="74"></a>

<p style="text-align: center">....</p>

Louise
Jul 17 '05 #4
>>If this is the actual statement the markup syntax is wrong. Where is
the closing tag for the anchor. The para cannot sit within the anchor(block element in line element is wrong. So perhaps something like


Thanks for the reply Louise!

Well - this section of code actually works for me! I did however make
the change you suggested...

....the code continues to work when used 'as-is' - however, when I
combine it with isset(), it fails to follow the link and terminate the
session.

I do apologise if I'm not being very clear about the problem. I thnk I
need to do a bit more reading of my PHP manual!

:o)

Rod.

Jul 17 '05 #5
Try this.
if (isset($_SESSIO N['user'])) {
echo "<a href=\"$PHP_SEL F?action=log_ou t\"><img border=\"0\" src=\"\"
width=\"74\" height=\"74\">< p style=\"text-align: center\"></p></a>";
}
Brent Palmer.


"Rod Carrol" <ro***********@ yahoo.co.uk> wrote in message
news:11******** **************@ l41g2000cwc.goo glegroups.com.. .
If this is the actual statement the markup syntax is wrong. Where isthe closing tag for the anchor. The para cannot sit within the anchor(block element in line element is wrong. So perhaps something like


Thanks for the reply Louise!

Well - this section of code actually works for me! I did however make
the change you suggested...

...the code continues to work when used 'as-is' - however, when I
combine it with isset(), it fails to follow the link and terminate the
session.

I do apologise if I'm not being very clear about the problem. I thnk I
need to do a bit more reading of my PHP manual!

:o)

Rod.

Jul 17 '05 #6

Brent Palmer wrote:
Try this.
if (isset($_SESSIO N['user'])) {
echo "<a href=\"$PHP_SEL F?action=log_ou t\"><img border=\"0\" src=\"\" width=\"74\" height=\"74\">< p style=\"text-align: center\"></p></a>";
}


Give that man a drink!

It's working. After looking at your suggestion and fiddling here and
there :o)

Thanks for all the suggestions!

Rod.

Jul 17 '05 #7

Brent Palmer wrote:
Try this.
if (isset($_SESSIO N['user'])) {
echo "<a href=\"$PHP_SEL F?action=log_ou t\"><img border=\"0\" src=\"\" width=\"74\" height=\"74\">< p style=\"text-align: center\"></p></a>";
}


Give that man a drink!

It's working. After looking at your suggestion and fiddling here and
there :o)

Thanks for all the suggestions!

Rod.

Jul 17 '05 #8
Rod Carrol wrote:

Brent Palmer wrote:
Try this.
if (isset($_SESSIO N['user'])) {
echo "<a href=\"$PHP_SEL F?action=log_ou t\"><img border=\"0\"

src=\"\"
width=\"74\" height=\"74\">< p style=\"text-align: center\"></p></a>";
}


Give that man a drink!


And a tip:

echo <<<LOGOUT;
<a href="$PHP_SELF ?action=log_out "><img border="0" src=""
width="74" height="74"><p style="text-align: center"></p></a>
LOGOUT

--
John MexIT: http://johnbokma.com/mexit/
personal page: http://johnbokma.com/
Experienced programmer available: http://castleamber.com/
Happy Customers: http://castleamber.com/testimonials.html
Jul 17 '05 #9
.oO(John Bokma)
And a tip:

echo <<<LOGOUT;
<a href="$PHP_SELF ?action=log_out "><img border="0" src=""
width="74" height="74"><p style="text-align: center"></p></a>
LOGOUT


It should still be $_SERVER['PHP_SELF']. And the HTML is invalid (no
paragraphs allowed inside an anchor element).

Micha
Jul 17 '05 #10

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

3
4921
by: Phil Schmidt | last post by:
I'm trying to make a custom entry widget, as in the code that follows. There are two problems I'm trying to fix: 1) I would like the widget to behave as myEntry.Escape() does now, except that it happens on loss of focus, not when pressing Esc. 2) TABbing between multiple entry fields does undesired things with the selection, and with...
3
2972
by: Yaqian | last post by:
Hi, I want to open a new window without tool bar, address bar and status bar. then inside the page, there are a few links, i want, when clicking a link, a new window opens, but still without tool bar, address bar and status bar. My code can open the first new window properly, but it cannot open the second one at all. Could anyone please help...
3
4600
by: Paul | last post by:
I have an Access 2000 database with a form that is giving me some major headaches. When you open the form, it displays all records and allows editing, but has AllowAdditions set to False so that the user has to use my New Record button. When you click the New Record button, the form presents a new record for editing. My client wants to use...
18
7163
by: Steve Litvack | last post by:
Hello, I have built an XMLDocument object instance and I get the following string when I examine the InnerXml property: <?xml version=\"1.0\"?><ROOT><UserData UserID=\"2282\"><Tag1 QID=\"55111\"><Tag2 AID=\"5511101\"></Tag2></Tag1><Tag1 QID=\"55112\"><Tag2 AID=\"5511217\"></Tag2></Tag1><Tag1 QID=\"5512282\"><Tag2...
3
2228
by: Guadala Harry | last post by:
I'd like to know the answer to the following question so I can know what to expect with regard to other similar uses of escape characters and strings. While everything works fine - I'd like to know specifically why: I am building a simple HTML table in my C# code-behind by concatenating strings that contain different parts of the table and...
16
3328
by: sudhir | last post by:
hi how to check escape key is pressed when accepting the string as input. Because I do not want to receive a string if user presses the ESCAPE key.. I used ascii code for comparision but I didn't get any fruitful results. Please help me.
15
18302
by: pkaeowic | last post by:
I am having a problem with the "escape" character \e. This code is in my Windows form KeyPress event. The compiler gives me "unrecognized escape sequence" even though this is documented in MSDN. Any idea if this is a bug? if (e.KeyChar == '\e') { this.Close(); }
131
9199
by: Lawrence D'Oliveiro | last post by:
The "escape" function in the "cgi" module escapes characters with special meanings in HTML. The ones that need escaping are '<', '&' and '"'. However, cgi.escape only escapes the quote character if you pass a second argument of True (the default is False): 'the "quick" &amp; &lt;brown&gt; fox' 'the &quot;quick&quot; &amp; &lt;brown&gt; fox' This seems to me to be...
5
15664
by: vlsidesign | last post by:
The printf function returns "warning: unknown escape sequence: \040" for a backslash-space combination. If the ascii decimal number for space is 32 and the backslash is 92, why this particular number 040? Is it a decimal number from the ASCII code chart? (compiling using gcc on SunOS 5.8, Sparc, Ultra-80) Just curious. Thanks.
0
7784
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main...
0
7705
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language...
0
8032
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. ...
0
8205
jinu1996
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that...
0
8074
tracyyun
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the...
0
6424
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then...
1
5601
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes...
1
2223
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
0
1044
bsmnconsultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.