470,864 Members | 2,015 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 470,864 developers. It's quick & easy.

Problems with function return value

Hi all,

Help, I'm stuck! I've written the below function as part of my form data
filtering steps and for some reason It won't return the right value!

Can someone take a little look and tell me if you can spot any errors?

regards Tobierre

PHP Code:
function Stop_Form_Injection($post, $length)
{
$post = strtolower($post); //change input to lower case for search
purposes

//Check form input is allowable length
$length = strlen($post) - $length;
($length > 0) ? $filter[] = $length: $filter[] = false; //if form input
too long set false

$filter[] = strpos('to:', $post);
$filter[] = strpos('cc:', $post);
$filter[] = strpos('content-type:', $post);
$filter[] = strpos('\r', $post);
$filter[] = strpos('\n', $post);
$filter[] = strpos('charset=', $post);
$filter[] = strpos('mime-version:', $post);
$filter[] = strpos(',', $post);
$filter[] = strpos(':', $post);
$filter[] = strpos(';', $post);

if(isset($filter['0']))
{
$post = 'alert';
}
return $post;
}

//Should return "alert"
$Test1 = 'hello cc:';
$Test1 = Stop_Form_Injection($Test1, '15');
print "$Test1 . '<br>'";

//Should return "hello Joe"
$Test2 = 'hello Joe';
$Test2 = Stop_Form_Injection($Test2, '15');
print "$Test2" . '<br>';

Oct 25 '05 #1
3 3057
Help, I'm stuck! I've written the below function as part of my form data
filtering steps and for some reason It won't return the right value!


All of these lines:

$filter[] = strpos('to:', $post);

will add another array entry even if the function returns nothing, so
your end test is always true. Recode.

---
Steve

Oct 25 '05 #2
Hi,

I tried rewriting with this and still not working any tips?

(strpos('bcc:', $post) === false) ? $filter[] = false: $filter[] = true;

if($filter[0] === true)
{
$post = 'alert';
}

return $post;
Thanks Tobierre
"Tobierre" <No******@hotmail.com> wrote in message
news:11*************@corp.supernews.com...
Hi all,

Help, I'm stuck! I've written the below function as part of my form data
filtering steps and for some reason It won't return the right value!

Can someone take a little look and tell me if you can spot any errors?

regards Tobierre

PHP Code:
function Stop_Form_Injection($post, $length)
{
$post = strtolower($post); //change input to lower case for search
purposes

//Check form input is allowable length
$length = strlen($post) - $length;
($length > 0) ? $filter[] = $length: $filter[] = false; //if form input
too long set false

$filter[] = strpos('to:', $post);
$filter[] = strpos('cc:', $post);
$filter[] = strpos('content-type:', $post);
$filter[] = strpos('\r', $post);
$filter[] = strpos('\n', $post);
$filter[] = strpos('charset=', $post);
$filter[] = strpos('mime-version:', $post);
$filter[] = strpos(',', $post);
$filter[] = strpos(':', $post);
$filter[] = strpos(';', $post);

if(isset($filter['0']))
{
$post = 'alert';
}
return $post;
}

//Should return "alert"
$Test1 = 'hello cc:';
$Test1 = Stop_Form_Injection($Test1, '15');
print "$Test1 . '<br>'";

//Should return "hello Joe"
$Test2 = 'hello Joe';
$Test2 = Stop_Form_Injection($Test2, '15');
print "$Test2" . '<br>';

Oct 25 '05 #3
I tried rewriting with this and still not working any tips?


Look up the arguments for <http://www.php.net/strpos>.

(Maybe the people arguing over in the IDE thread should look at this)

---
Steve

Oct 25 '05 #4

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

3 posts views Thread by daveland | last post: by
11 posts views Thread by brian.newman | last post: by
6 posts views Thread by Rabel | last post: by
3 posts views Thread by Richard Ryerson | last post: by
2 posts views Thread by mosesdinakaran | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.