Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Page 1 of 2 12 LastLast
Results 1 to 15 of 17
  1. #1
    Regular Coder
    Join Date
    Nov 2002
    Posts
    104
    Thanks
    13
    Thanked 0 Times in 0 Posts

    Function to check checkbox

    Hello Guys,

    I have a question here.. I am trying to write a function that will kick off a notification and log some one out if they try to bypass my check box with something other than the value of "1". I can't get it to work right..

    Just not sure how to write the code to check for a "1" if the check box isn't checked then it doesn't pass any post vars..

    Please advise..


    PHP Code:
    function check_Cboxes($display_email,$display_name,$member_id,$description,$ip){
    if(isset(
    $display_email,$display_name ))
    {
        
        if (
    $display_email!='1' || $display_name!='1') {
            
        }
           
    $t_error="9";
           
    $member_id $member_id;
            
    notify_Admin($t_error,$member_id,$ip);                
            
    logOut ($t_error);
            exit;    
    }



  • #2
    Master Coder
    Join Date
    Jun 2003
    Location
    Cottage Grove, Minnesota
    Posts
    9,549
    Thanks
    8
    Thanked 1,095 Times in 1,086 Posts
    How are you getting the checkboxes from the form, and how do you call the function?
    Show us that part of the script too.

  • #3
    Regular Coder
    Join Date
    Nov 2002
    Posts
    104
    Thanks
    13
    Thanked 0 Times in 0 Posts
    Hi,

    Here is my html in the form

    PHP Code:
        <input type="checkbox" class="Checkbox1" name="display_name" value="1"><span class="dnametxt">Display name in Ad?</span>   

        <
    input type="checkbox" class="Checkbox1" name="display_email" value="1"><span class="dnametxt">Display Email address in Ad?</span

    I call the function like this

    PHP Code:

    check_Cboxes
    ($display_email,$display_name,$member_id,$description,$ip); // Checks check boxes 

  • #4
    Master Coder
    Join Date
    Jun 2003
    Location
    Cottage Grove, Minnesota
    Posts
    9,549
    Thanks
    8
    Thanked 1,095 Times in 1,086 Posts
    You are requiring BOTH to be checked ... I assume you know that.

    PHP Code:
    <?php

    // example of how to check the checkboxes...

    // you really don't need a function for this ...
    // it's not something that should be a function.

    // check for BOTH checkboxes from form.
    if(isset($display_email) && isset($display_name)){
    // they are both set, so everything is OK.
    }
    else{
    // they are NOT both set, so display error and exit.
           
    $t_error="9"
           
    $member_id $member_id
            
    notify_Admin($t_error,$member_id,$ip);                 
            
    logOut ($t_error); 
            exit;     
    }

    // the rest of your script here ...


    ?>


    .

  • #5
    Regular Coder
    Join Date
    Nov 2002
    Posts
    104
    Thanks
    13
    Thanked 0 Times in 0 Posts
    Hi Thanks for the response..

    The thing is I dont want to require them to be set. I just want it to check the $_POST var to make sure it is "1" and nothing else. Thats only if the user checks the checkbox..

    The reason behind this is if a hacker tried to pass any thing else but "1" (Example XSS code) that the function with the if stmt will catch it and do what it needs to do..

    Logic

    1. Check to see if user checked the checkbox
    No? then don't do anything
    Yes? Go on to step 2

    2. User checked check box, does the $_Post var have the value of "1"
    Yes? Don't do anything because $_POST var is fine
    No? $_Post var is !="1" so proceed with Notification and log out procedure.

    That's what I am trying to do but for some reason I can write the code to get it to work..

    what ya think?

  • #6
    Master Coder
    Join Date
    Dec 2007
    Posts
    6,682
    Thanks
    436
    Thanked 890 Times in 879 Posts
    Quote Originally Posted by dk4210 View Post
    Hi Thanks for the response..

    The thing is I dont want to require them to be set. I just want it to check the $_POST var to make sure it is "1" and nothing else. Thats only if the user checks the checkbox..

    The reason behind this is if a hacker tried to pass any thing else but "1" (Example XSS code) that the function with the if stmt will catch it and do what it needs to do..

    Logic

    1. Check to see if user checked the checkbox
    No? then don't do anything
    Yes? Go on to step 2

    2. User checked check box, does the $_Post var have the value of "1"
    Yes? Don't do anything because $_POST var is fine
    No? $_Post var is !="1" so proceed with Notification and log out procedure.

    That's what I am trying to do but for some reason I can write the code to get it to work..

    what ya think?
    try this:
    PHP Code:
    // the values will be default to what you have in $checkboxs
    $checkboxs = array('display_name' => 0'display_email' => 0);

    foreach(
    $_POST as $name => $value){
       if(
    in_array($name,array_keys($check_boxs)){
          
    // is in $_POST and have a value? then is checked
          
    if(intval($_POST[$name]) != 1){
             
    // notify, logout, kill the bad guy here
          
    }else{
             
    // if you want to be 'nice', :)
             
    $checkboxs[$name] = 1;
          }
       }
    }

    // use $checkboxs['whatever'] here 
    Edit: i didn't read last part with notification and logout, so i corrected the code

    best regards
    Last edited by oesxyl; 04-20-2011 at 05:28 PM.

  • #7
    Regular Coder
    Join Date
    Nov 2002
    Posts
    104
    Thanks
    13
    Thanked 0 Times in 0 Posts
    How would I add that to this function though

    Code:
    function check_Cboxes($display_email,$display_name,$member_id,$description,$ip){
    $checkboxs = array('display_name' => 0, 'display_email' => 0);
    
    foreach($_POST as $name => $value){
       if(in_array($name,array_keys($check_boxs)){
          // is in $_POST and have a value? then is checked
          if(intval($_POST[$name]) != 1){
             // notify, logout, kill the bad guy here
          }else{
             // if you want to be 'nice', :)
             $checkboxs[$name] = 1;
          }
       }
    }}
    
    Showing syntax error

  • #8
    Master Coder
    Join Date
    Dec 2007
    Posts
    6,682
    Thanks
    436
    Thanked 890 Times in 879 Posts
    Quote Originally Posted by dk4210 View Post
    How would I add that to this function though

    Code:
    function check_Cboxes($display_email,$display_name,$member_id,$description,$ip){
    $checkboxs = array('display_name' => 0, 'display_email' => 0);
    
    foreach($_POST as $name => $value){
       if(in_array($name,array_keys($check_boxs)){
          // is in $_POST and have a value? then is checked
          if(intval($_POST[$name]) != 1){
             // notify, logout, kill the bad guy here
          }else{
             // if you want to be 'nice', :)
             $checkboxs[$name] = 1;
          }
       }
    }}
    
    Showing syntax error
    i didn't test it, probably are some typos or i miss somesthing. What error show?

    you don't need anymore $display_email and $display_name, are hardcoded in $checkboxs

    Code:
       if(in_array($name,array_keys($check_boxs)){
    should be:
    Code:
       if(in_array($name,array_keys($checkboxs)){
    best regards

  • #9
    Regular Coder
    Join Date
    Nov 2002
    Posts
    104
    Thanks
    13
    Thanked 0 Times in 0 Posts
    I removed the "_" and its still showing the error

    http://screencast.com/t/lIurtmDITY

  • #10
    Master Coder
    Join Date
    Dec 2007
    Posts
    6,682
    Thanks
    436
    Thanked 890 Times in 879 Posts
    Quote Originally Posted by dk4210 View Post
    I removed the "_" and its still showing the error

    http://screencast.com/t/lIurtmDITY
    forget to close a (,

    Code:
    if(in_array($name,array_keys($checkboxs))){
    best regards

  • #11
    Regular Coder
    Join Date
    Nov 2002
    Posts
    104
    Thanks
    13
    Thanked 0 Times in 0 Posts
    Hey thanks so much for the help man..

    The only hang up I have here is with this

    foreach($_POST as $name => $value){

    and

    if(intval($_POST[$name]) != 1){

    I dont want to grab all the post vars because I've already done that and ran them through the filter.

    I already have the two vars here - $display_email & $display_name

    How would I write the for each with that in mind?

    Thanks!

  • #12
    Master Coder
    Join Date
    Dec 2007
    Posts
    6,682
    Thanks
    436
    Thanked 890 Times in 879 Posts
    Quote Originally Posted by dk4210 View Post
    Hey thanks so much for the help man..

    The only hang up I have here is with this

    foreach($_POST as $name => $value){

    and

    if(intval($_POST[$name]) != 1){

    I dont want to grab all the post vars because I've already done that and ran them through the filter.

    I already have the two vars here - $display_email & $display_name

    How would I write the for each with that in mind?

    Thanks!
    passing $display_email & $display_name is useless since you never use them.
    I agree that is better to avoid to useless iterate all values from $_POST but the difference is small, except if you pass hundred of parameters.
    Anyway this is same thing changed to not iterate $_POST:

    Code:
    function check_Cboxes($member_id,$description,$ip){
    $checkboxs = array('display_name' => 0, 'display_email' => 0);
    
    // check only what is in $checkboxs, grab 2 values
    foreach($checkboxs as $name => $value){
       if(in_array($name,array_keys($_POST))){
          // is in $_POST and have a value? then is checked
          if(intval($_POST[$name]) != 1){
             // notify, logout, kill the bad guy here
          }else{
             // if you want to be 'nice', :)
             $checkboxs[$name] = 1;
          }
       }
    }}
    best regards

  • Users who have thanked oesxyl for this post:

    dk4210 (04-20-2011)

  • #13
    Master Coder
    Join Date
    Dec 2007
    Posts
    6,682
    Thanks
    436
    Thanked 890 Times in 879 Posts
    something like this?
    PHP Code:
    function check_Cboxes($display_email,$display_name,$member_id,$description,$ip){
        if((isset(
    $display_email) && $display_email != '1') ||
           (isset(
    $display_name) && $display_name != '1')){

           
    $t_error="9";
           
    $member_id $member_id;
           
    notify_Admin($t_error,$member_id,$ip);                
           
    logOut ($t_error);
           exit;
       }

    what you do when both are unchecked?

    best regards

  • #14
    Regular Coder
    Join Date
    Nov 2002
    Posts
    104
    Thanks
    13
    Thanked 0 Times in 0 Posts
    You Rock!!! It works great... I should be able to use this for site wide check boxes right?

    I will just have to add the vars like this correct?

    $checkboxs = array('display_name' => 0, 'display_email' => 0, 'display_num2' => 0, 'display_num3' => 0, 'display_num4' => 0, 'display_num5' => 0);

  • #15
    Master Coder
    Join Date
    Dec 2007
    Posts
    6,682
    Thanks
    436
    Thanked 890 Times in 879 Posts
    Quote Originally Posted by dk4210 View Post
    You Rock!!! It works great... I should be able to use this for site wide check boxes right?

    I will just have to add the vars like this correct?

    $checkboxs = array('display_name' => 0, 'display_email' => 0, 'display_num2' => 0, 'display_num3' => 0, 'display_num4' => 0, 'display_num5' => 0);
    , yes and you could make it more general by passing $checkboxs as argument of the functions instead of hardcoding it inside. Should also work with radioboxes, both have the habit to not fill $_POST if are unchecked.

    best regards

  • Users who have thanked oesxyl for this post:

    dk4210 (04-20-2011)


  •  
    Page 1 of 2 12 LastLast

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •