0

Hi everyone, I have a form page where the customer enters their email address to see if they have forms available to download.
Once they submit that I use the following code to see if they do indeed have stuff available:

<?php
$email = $_POST['email'] ;
$directory = "http://nycityliving.com/forms/" . $email ;
if (file_exists($directory)) {
    header("Location: $directory");
} else {
    header("Location: http://nycityliving.com/form2.php");
}
?>

But it does not work and I cannot figure out why? :(
All I get is a 404 error page.
Anyone have any ideas?

Thanks, Ron

2
Contributors
6
Replies
7
Views
7 Years
Discussion Span
Last Post by rondroid
0

I should also mention that the directory being checked is named just like the email address being entered.
In other words, the directory might be name:

myname@mysite.com

So, I'm not sure if that '@' symbol is causing the trouble?

0

More likely the '.'? I dunno.

However, this doesn't seem like a very secure method.

Edited by diafol: n/a

0

More likely the '.'? I dunno.

Actually that's how you add 2 strings or variables together.
In this case you are adding a predetermined path:

http://nycityliving.com/forms/

to whatever email address the customer entered:

myemail@mysite.com

When they are added together you get the full path to check:

http://nycityliving.com/forms/myemail@mysite.com

However, this doesn't seem like a very secure method.

Not really an issue here as these are general forms for the customer to download. Besides that, directory browsing (indexing) is disabled in the forms folder. So the only way you can access anything is if there is a folder named to whatever your email addy is.

Still looking for a solution here, Ron :icon_wink:

0

Actually that's how you add 2 strings or variables together.

*sigh* I am aware of the catenator.

I was referring to the '.' within the email address. :icon_rolleyes:

0

Oh, sorry 'bout that. :$
Hmm, should I be escaping that '.'?

Maybe the folders should not be named like an email address
in the first place?

Ron

0

OK, I solved it myself. The problem was the path I was using. It did not need to be the full web path just the root path.
Here is the code that works:

<?php
$email = $_POST['email'] ;
$directory = "forms/" . $email ;
if(is_dir($directory))
  {
  header("Location: $directory");
  }
else
  {
  header("Location: http://nycityliving.com/notfound.php");
  }
?>

Later, Ron

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.