0

Whats wrong with how this is coded to were it is allowing anything to be inputted without recognizing errors?

$errors=0;
$error="The following errors occured while processing your form input.<ul>";
pt_register('POST','ip');
pt_register('POST','date');
pt_register('POST','Text');
pt_register('POST','URL');

$healthy = array("$", "%", "!", "<", ">");
$yummy   = array("", "", "", "", "");

$Text = str_replace($healthy, $yummy, $Text);
$URL = str_replace($healthy, $yummy, $URL);

if($URL=="http://www.")
{
die ("<center><br><br>Please enter a valid URL. Please go back and try again</center>");
}
else
{
// yay
}

if($Text=="My awesome site!")
{
die ("<center><br><br>Please enter something besides 'My awesome site!' for your URL text. Go back and try again.</center>");
}
else
{
// yay
}


if($Text=="My awesome site" || $URL=="http://www." ){
$errors=1;
$error.="<li>You forgot your text ad or URL to link the text ad to, please go back and try again.";
}
2
Contributors
1
Reply
2
Views
6 Years
Discussion Span
Last Post by Dragonbaki
0

Yeah.. It's special... pt_register() function which is especially used to access the register global variables.. We obviously know that, all variables in php should begin with '$' sign... Here, they are replacing those special characters with null values at registered area... So only, this code shows the output without showning any errors....

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.