Grow your CSS skills. Land your dream job.

Try out my first PHP web app!

  • # August 17, 2014 at 7:23 pm

    Something simple like:

    function error() {
    die();
    header("Location: error.php");
    }
    

    Then in an if statement

    if (!example) {
    error();
    }
    __
    # August 17, 2014 at 7:35 pm

    is there any other ways that stop the script, lets say on the register page, from registering the user and echo out the error message?

    One thing to realize is that, for common error situations, stopping the script is completely unnecessary.

    if( form_is_valid ){
        send_email();
        do_whatever();
        echo "Congrats!";
    }
    else{
        log_error();
        echo "You're a loser!";
    }
    

    For any action that you can do on your site, plan for each case. Things like picking a username that already exists shouldn’t be error-worthy. They should be pick-a-different-name-worthy.

    I was thinking maybe creating a function that uses the die() but brings the user to a universal error page.

    You could implement that quite easily, like so:

    if( something goes horribly wrong ){
        header( "Location: http://your-site.example.com/error.php" );
        exit;  // scripts don't stop on their own
    }
    

    This still doesn’t allow you to handle the error in any way (e.g., log it, or try to recover — by the time your site goes “live,” most errors should be recoverable), but it makes the user experience much better. If you wanted to be able to pass specific content or messages, you could pass that info along (e.g., via $_SESSION).

    what is the difference between die() and another function I have seen around called exit()?

    die and exit are exactly the same thing. I prefer to use exit, because it is more descriptive of what it actually does. I use die when explaining situations where it is used incorrectly.

    __
    # August 17, 2014 at 7:43 pm

    Sorry, didn’t see your follow-up post.

    function error() {
    die();
    header("Location: error.php");
    }
    

    Two problems:

    • In your example, the first thing you do is die.
      which means the second thing you do _won’t happen_.
    • Location headers require absolute URLs. This is part of the HTTP spec. Your example will work in _most_ browsers, but not in all (and not necessarily consistently).
    # August 17, 2014 at 7:47 pm

    You make great points, but there is one thing I don’t understand. Let’s use the “user already exists” example. Sure, I could simply say hey that user already exists. But without using the die function, the query will still run and the duplicate username will be created.

    __
    # August 17, 2014 at 10:27 pm

    But without using the die function, the query will still run and the duplicate username will be created.

    Two things:

    First, yes — if you redirect the user to another page, you probably do want to stop the current script (but maybe not — for example, the original script might continue to do something not-user-output related, such as logging or finishing up other activities in progress.). If you look at my example above, we exit after sending the Location header. This is an example of a good use of exit/die. In fact, for the coding style/approach you’re using right now, it’s probably the only appropriate use.

    Second, no — you’re talking about using die as a control structure. This is not what it is for. Control Structures define conditions, and instructions for what to do in each case. If you’ve got a situation where you something will happen, and you have two possible outcomes, an ifelse structure might be a good solution.

    pseudo-code:

    if( username_already_exists ){
        echo 'This name is already in use. Please choose another.'
    }
    else{
        save_username();
        echo 'Thank you.';
    }
    

    The username_already_exists test would presumably return true if the username already existed, and false if not. The save_username function will only run in the latter case.

    Note; this works well as an example, but BenWalker’s suggestion that you rely on the database to handle this check is the best way to go. Among other reasons, you will never have duplicate usernames, because the database will reject them.

    # August 17, 2014 at 10:40 pm

    That’s down to your logic. Making some functions of your own might be helpful here. For example, a function that verified your data could log an error message and return false if something is wrong. You can then test for that in an if statement:

    if(verify_data()) {
        // Register user
    } else {
        // Output error
    }
    

    Controlling program flow like this is a pretty fundamental concept, so I would recommend you try writing a script that can register a user or produce a useful error message without using die or exit at any point. Bonus points for reporting more than one error at the same time (eg. a blank password and an invalid email).

    # August 18, 2014 at 1:55 am

    I see what you guys are saying. But on my register page the if statements are backwards, the examples you show are looking for “passing” user input, the if statements in my code search for errors, and at the end of the script if none of the errors are triggered, it registers the user.

    # August 18, 2014 at 3:36 pm

    Good point. You might need to change a couple of lines.

    without using the die function, the query will still run and the duplicate username will be created.

    Try to think of a way to make this sentence false.

    If you’re struggling to work out how to implement it, write down in bullet points, in order, what the script ought to be doing in normal language. We can discuss that and then you can code it.

    __
    # August 18, 2014 at 6:15 pm

    But on my register page the if statements are backwards …

    so, this

    if( bad ){ don't do it }
    else{ do it }
    

    vs. this

    if( good ){ do it }
    else{ don't do it }
    

    no problem.

    # August 24, 2014 at 8:37 pm

    Hey guys, its been a while I know. Kind of got lost as to where to go next in this project and ended up not turning on my laptop for almost 4 days. I must say I could not go a minute without thinking of this project though… I did miss it. Was just looking at the site and noticed one of you guys was kindly checking in on me, any may have unknowingly discovered a new bug. Apostrophies will not show in the forum title area. They go into the DB fine, but do not display on the webpage, therefore making the system think that the title does not exist. The string is escaped when it goes into the DB, and I tried escaping the title when displaying it on the page, but that didnt do much. Its late now so I will post the code tomorrow if the problem persists. Hope I can get back into this, dont wanna loose focus Like I did this week. Talk to you guys soon! Thanks.

    # August 25, 2014 at 7:31 am

    Hey guys. Ive stripped out all the mysqli_real_escape_string() from my title because I just couldnt get it to work. Here is the bare bones code. Could someone show me an example of a “Prepared statememnt”? Seems like they would save me a lot of headaches. For anyone that doesnt know, right now for some reason single quotes will not display in the forum title area. Heres the code: http://pastie.org/9501416

    __
    # August 25, 2014 at 7:49 am
    // first, use placeholders in your SQL
    $sql = "INSERT INTO forum ( post,post_title,post_date,posted_by ) VALUES ( ?,?,?,? )";
    
    // prepare a statement from your sql
    $stmt = mysqli_prepare( $con,$sql );
    
    // bind parameters to your placeholders (make sure they're in the correct order)
    mysqli_stmt_bind_param( 
        $stmt,
        'ssss',
        $_POST['posting'],
        $_POST['title'],
        $_SESSION['currentUser'],
        date( 'M-d-y' ) 
    );
    
    // execute the statement
    $success = mysqli_stmt_execute( $stmt );
    if( $success ){ /*  it worked  */ }
    else{ /*  there was an error  */ }
    
    __
    # August 25, 2014 at 7:57 am
    "<input type='submit' class='posttitle' value='".$title."'>"
    

    Say your post title was “You’re the Best”. If you put that $title into your html above, you get this:

    <input type='submit' class='posttitle' value='You're the Best'>
    

    The value is now “You”, there are three nonsense attributes (re, the, and Best), and then there’s an extra trailing quote. See the problem? How could you fix that?

    # August 25, 2014 at 9:25 am

    Yes I see that, good question, how could I fix that??

    # August 25, 2014 at 9:32 am
    value="You're the Best"
    

    works just fine. Unless you get ” in your text.

    Alternativly:
    value='You're the Best'

    EDIT: screw you forum parser! Use this list: http://www.theukwebdesigncompany.com/articles/entity-escape-characters.php.

Viewing 15 posts - 181 through 195 (of 431 total)

You must be logged in to reply to this topic.

*May or may not contain any actual "CSS" or "Tricks".