On Friday 13 May 2005 02:20 am, Richard Lynch wrote:
> On Thu, May 12, 2005 8:41 pm, Andre Dubuc said:
> > I've had some rather odd intermittent behavior with a select list drawn
> > by a
> > 'require' on my production site. Sometimes, rather than displaying 'In
> > USA/Canada' from the '<option selected>In USA/Canada</option>' code in
> > the required file, it will display a blank. Yet, if I try to duplicate
> > this behavior on the development box, it will display as coded.
> >
> > Since I use this text string as a validator for user input, it really
> > messes
> > up the database/code functions that rely on it.
>
> In that case, your validation routines aren't very good.
>
> You have to assume the data coming from the browser is completely messed
> up in malicious ways. If not providing that item in the menu will break
> your script or hash your data, then that's really a bigger problem than
> the one you think you have.
>
> > <?php require("provcountry.sty"); ?>
> >
> > [snippet of 'require' text (provcountry.sty)]
> > <tr>
> > <td><b>State </b></td>
> > <td><SELECT NAME=selstate>
> > <option selected>In USA/Canada</option>
>
> I'd try using an html entity on the '/' in USA/Canada
>
> > <option value="Alabama">Alabama</option>
> > . . .
> > </SELECT></td>
> > </tr>
> >
> > [snippet of some validating code verifying $selstate that relies on
> > $selstate]
> >
> > <?php
> > if (($_POST['selstate'] != "In USA/Canada")&&($_POST['typstate'] != ""))
> > die ("<h5><br><br>Please choose from 'In USA/Canada' or type in 'Other
> > State'.
> > <br>Do not use both<br><br>Click 'Back' on your browser to
> > re-enter information</h5>");
> > ?>
> >
> > Any ideas why this is happening?
>
> It's quite possible that some sort of php.ini setting with Magic Quotes or
> something is altering the '/' character as well.
>
> What *IS* in $_POST['selstate'] when it breaks? Log it and see what the
> data is.`
Thanks for the info, Richard.
The errant behavior is intermittent and hard to replicate, but it has forced
me to recode this part completly. [This code was my first attempt at PHP two
years ago, and it's a bad mix of html/php - I certainly wouldn't do it that
way again.]
I've replaced the 'In USA/Canada' with 'In USA or Canada' eliminating the
possibility of the slash causing problems.
However, the behavior continues intermittently. I've duplicated it one time.
If I click on the 'State' dropdown list, allow the mouse to scan through it,
but do not choose a value, and then immediately go to the previous or next
field and click on it, the box where 'USA or Canada' appears will be blank
(despite '<option selected value="In USA or Canada">In USA or
Canada</option>'). For the life of me, I cannot figure why it's doing that.
As a hack, I've included a new routine checking for blank or null value for
$selstate that snags problems before they hit the database. However, I'd
rather know why this is happening.
Logging it - $_POST['selstate'] is blank (after it messes up as above) -- no
surprise, since that is what the browser displays.
Any other ideas?
Regards,
Andre
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
