So you are allowing 0 now instead of “Leave entry blank”?
So you are going to use one or the other values to check against… For example;
$_POST['set_p_v'] == ""
or
$_POST['set_p_v'] == 0
much thanks again for your message, but neither of those require a 0 in the Price field. Both appear to allow empty field to proceed.
Any other suggestions are appreciated
Maybe I am not understanding what happened when you tested the code and your #20 and #22 post. Can you give me some examples of what you tried and expected and actual result.
If you want a zero version then try this one.
if (!empty($_POST['set_p_v']) || (empty($_POST['set_p_v']) && $_POST['set_p_v'] == 0)){
if (($pt->config->sell_videos_system == 'on' && $pt->config->who_sell == 'pro_users' && $pt->user->is_pro) || ($pt->config->sell_videos_system == 'on' && $pt->config->who_sell == 'users') || ($pt->config->sell_videos_system == 'on' && $pt->user->admin)) {
// is_numeric error
if ((!is_numeric($_POST['set_p_v']) && $_POST['set_p_v'] !== 0) || ($pt->config->com_type == 0 && $_POST['set_p_v'] <= $pt->config->admin_com_sell_videos)){
$error = $lang->video_price_error;
}
// lack of funds error
if (empty($error) && empty($_POST['set_p_v']) && $_POST['set_p_v'] == 0 && $wallet <1){
$error = "lack of funds error"
}
}
}
After I replaced my originally posted code with your ‘something like this’’ code in #16, I then populated the corresponding html Form, and left the form field “Price” (set p_v) blank and Submited was successfully.
However, I’m trying to mod it so it doesn’t proceed if form field “Price” (set p_v) is left blank, but instead show an error if the entry is not 0 or 1 or some number.
Next, I’d like the user wallet checked if 0 is the entry.
Let me know when you try #24 that accepts 0 as a value.
Thanks again.
All code posted in this thread “accepts 0 as a value” and proceeds upon Submit.
First, I’m trying to mod it so it doesn’t proceed if the form field “Price” (set p_v), is left blank (and display a error message).
And then I’m trying to check the users wallet if the entry is 0.
Any additional suggestions are helpful, thanks
The idea is to create a meaningful name. Developers have their own style. Some prefer cryptic compressed code. Some prefer very much whitespace with long meaningful names. Developers will always say that their way is better and have ample reason to justify it…
1 Like
I added || $_POST['set_p_v'] == "" to the is_numeric IF condition. This is the modified version.
if (!empty($_POST['set_p_v']) || (empty($_POST['set_p_v']) && $_POST['set_p_v'] == 0)){
if (($pt->config->sell_videos_system == 'on' && $pt->config->who_sell == 'pro_users' && $pt->user->is_pro) || ($pt->config->sell_videos_system == 'on' && $pt->config->who_sell == 'users') || ($pt->config->sell_videos_system == 'on' && $pt->user->admin)) {
// is_numeric error
if ((!is_numeric($_POST['set_p_v']) && $_POST['set_p_v'] !== 0) || ($pt->config->com_type == 0 && $_POST['set_p_v'] <= $pt->config->admin_com_sell_videos) || $_POST['set_p_v'] == ""){
$error = $lang->video_price_error;
}
// lack of funds error
if (empty($error) && empty($_POST['set_p_v']) && $_POST['set_p_v'] == 0 && $wallet <1){
$error = "lack of funds error"
}
}
}
Also feel free to write the $lang-> message for the “lack of funds error” and replace that error line. Post the version you are using.
Than ks for your effort. I used your code, same unsuccessful result which is if the corresponding html Form, leaves the form field “Price” (set p_v) blank it Submits successfully.
if (!empty($_POST['set_p_v']) || (empty($_POST['set_p_v']) && $_POST['set_p_v'] == 0)){
if (($pt->config->sell_videos_system == 'on' && $pt->config->who_sell == 'pro_users' && $pt->user->is_pro) || ($pt->config->sell_videos_system == 'on' && $pt->config->who_sell == 'users') || ($pt->config->sell_videos_system == 'on' && $pt->user->admin)) {
// is_numeric error
if ((!is_numeric($_POST['set_p_v']) && $_POST['set_p_v'] !== 0) || ($pt->config->com_type == 0 && $_POST['set_p_v'] <= $pt->config->admin_com_sell_videos)){
$error = $lang->video_price_error;
}
// lack of funds error
if (empty($error) && empty($_POST['set_p_v']) && $_POST['set_p_v'] == 0 && $wallet <1){
$error = $lang->lack of funds error;
}
}
}
The code you posted is NOT from post #29 where || $_POST['set_p_v'] == "" was added.
You can see this condition says, if ‘set_p_v’ is blank throw error.
Yes, this should accept 0 or higher with error on blank and 0 is checked against wallet.
if (!empty($_POST['set_p_v']) || (empty($_POST['set_p_v']) && $_POST['set_p_v'] == 0)){
if (($pt->config->sell_videos_system == 'on' && $pt->config->who_sell == 'pro_users' && $pt->user->is_pro) || ($pt->config->sell_videos_system == 'on' && $pt->config->who_sell == 'users') || ($pt->config->sell_videos_system == 'on' && $pt->user->admin)) {
// is_numeric error
if ((!is_numeric($_POST['set_p_v']) && $_POST['set_p_v'] !== 0) || ($pt->config->com_type == 0 && $_POST['set_p_v'] <= $pt->config->admin_com_sell_videos) || $_POST['set_p_v'] == ""){
$error = $lang->video_price_error;
}
// lack of funds error
if (empty($error) && empty($_POST['set_p_v']) && $_POST['set_p_v'] == 0 && $wallet <1){
$error = $lang->lack of funds error;
}
}
}
The second IF condition has some repetitive code and could be reduced to this (if I’ve done it correctly).
if ($pt->config->sell_videos_system == 'on' && (($pt->config->who_sell == 'pro_users' && $pt->user->is_pro) || $pt->config->who_sell == 'users' || $pt->user->admin)) {
Thanks again for your efforts/replies. I have applied your code:
if (!empty($_POST['set_p_v']) || (empty($_POST['set_p_v']) && $_POST['set_p_v'] == 0)){
if (($pt->config->sell_videos_system == 'on' && $pt->config->who_sell == 'pro_users' && $pt->user->is_pro) || ($pt->config->sell_videos_system == 'on' && $pt->config->who_sell == 'users') || ($pt->config->sell_videos_system == 'on' && $pt->user->admin)) {
// is_numeric error
if ((!is_numeric($_POST['set_p_v']) && $_POST['set_p_v'] !== 0) || ($pt->config->com_type == 0 && $_POST['set_p_v'] <= $pt->config->admin_com_sell_videos) || $_POST['set_p_v'] == ""){
$error = $lang->video_price_error;
}
// lack of funds error
if (empty($error) && empty($_POST['set_p_v']) && $_POST['set_p_v'] == 0 && $wallet <1){
$error = $lang->lack of funds error;
}
}
}
which still allows a blank Price Form Field to proceed/submit and no error on blank.
But, as I’m sure you know that if the Price Form field html code line, has type=“number” and min=“0” and “required”, a blank field cannot proceed. But isn’t the html Form vulnerable to manipulation?
any additional guidance is welcomed
OK. blank input not making it past first IF condition.
You can jump straight into the system setting line but you need to have an error defined if the system is offline or other conditions do not pass.
// Sell video system settings
if ($pt->config->sell_videos_system == 'on' && (($pt->config->who_sell == 'pro_users' && $pt->user->is_pro) || $pt->config->who_sell == 'users' || $pt->user->admin)) {
// is_numeric error
if ((!is_numeric($_POST['set_p_v']) && $_POST['set_p_v'] !== 0) || $_POST['set_p_v'] == ""){
$error = $lang->video_price_error;
}
// lack of funds error
if (empty($error) && $_POST['set_p_v'] == 0 && $wallet <1){
$error = $lang->lack of funds error;
}
}else{
$error = "Sell video system turned off";
}
Thank you again. I removed the html ‘required’ and min=0 to test your code.
I wasn’t sure what you meant by “jump…etc,” so I tried these two codes (same result: blank shows no error and proceeds):
// Sell video system settings
if ($pt->config->sell_videos_system == 'on' && (($pt->config->who_sell == 'pro_users' && $pt->user->is_pro) || $pt->config->who_sell == 'users' || $pt->user->admin)) {
// is_numeric error
if ((!is_numeric($_POST['set_p_v']) && $_POST['set_p_v'] !== 0) || $_POST['set_p_v'] == ""){
$error = $lang->video_price_error;
}
// lack of funds error
if (empty($error) && $_POST['set_p_v'] == 0 && $wallet <1){
$error = $lang->lack of funds error;
}
}else{
$error = "Sell video system turned off";
}
and
if (!empty($_POST['set_p_v'])) {
// Sell video system settings
if ($pt->config->sell_videos_system == 'on' && (($pt->config->who_sell == 'pro_users' && $pt->user->is_pro) || $pt->config->who_sell == 'users' || $pt->user->admin)) {
// is_numeric error
if ((!is_numeric($_POST['set_p_v']) && $_POST['set_p_v'] !== 0) || $_POST['set_p_v'] == ""){
$error = $lang->video_price_error;
}
// lack of funds error
if (empty($error) && $_POST['set_p_v'] == 0 && $wallet <1){
$error = $lang->lack of funds error;
}
}else{
$error = "Sell video system turned off";
}
}
I look forward to any comments
It is the first one as !empty($_POST['set_p_v'] would exclude an empty input.
The fact that you did not see Sell video system turned off means processing made it past the first IF condition.
I am very surprised processing is getting past $_POST['set_p_v'] == "" when you say you have not entered anything into the set_p_v input. I will simplify the IF condition more.
// Sell video system settings
if ($pt->config->sell_videos_system == 'on' && (($pt->config->who_sell == 'pro_users' && $pt->user->is_pro) || $pt->config->who_sell == 'users' || $pt->user->admin)) {
// is_numeric error
if (!is_numeric($_POST['set_p_v']) || $_POST['set_p_v'] == ""){
$error = $lang->video_price_error;
}
// lack of funds error
if (empty($error) && $_POST['set_p_v'] == 0 && $wallet <1){
$error = $lang->lack of funds error;
}
}else{
$error = "Sell video system turned off";
}
You can even place these checks on different lines.
// Sell video system settings
if ($pt->config->sell_videos_system == 'on' && (($pt->config->who_sell == 'pro_users' && $pt->user->is_pro) || $pt->config->who_sell == 'users' || $pt->user->admin)) {
// Blank input error
if($_POST['set_p_v'] == ""){
$error = "Blank input error";
}
// is_numeric error
if (empty($error) && !is_numeric($_POST['set_p_v'])){
$error = $lang->video_price_error;
}
// lack of funds error
if (empty($error) && $_POST['set_p_v'] == 0 && $wallet <1){
$error = $lang->lack of funds error;
}
}else{
$error = "Sell video system turned off";
}
Thanks again for your efforts. I’ve tried those without success.
So, I have replaced back to the original code and looked above that code in the file. Which looks like this:
$request = array();
$request[] = (empty($_POST['title']) || empty($_POST['description']));
$request[] = (empty($_POST['tags']) || empty($_POST['video-thumbnail']));
if (in_array(true, $request)) {
$error = $lang->please_check_details;
} else if (empty($_POST['video-location'])) {
$error = $lang->video_not_found_please_try_again;
}
else {
$request = array();
$request[] = (!in_array($_POST['video-location'], $_SESSION['uploads']['videos']));
$request[] = (!in_array($_POST['video-thumbnail'], (!empty($_SESSION['ffempg_uploads']) && is_array($_SESSION['ffempg_uploads'])) ? $_SESSION['ffempg_uploads'] : []));
$request[] = (!file_exists($_POST['video-location']));
if (in_array(true, $request)) {
$error = $lang->error_msg;
}
}
if (!empty($_POST['set_p_v'])) {
if (($pt->config->sell_videos_system == 'on' && $pt->config->who_sell == 'pro_users' && $pt->user->is_pro) || ($pt->config->sell_videos_system == 'on' && $pt->config->who_sell == 'users') || ($pt->config->sell_videos_system == 'on' && $pt->user->admin) && !empty($_POST['set_p_v'])) {
if (!empty($_POST['set_p_v']) || $_POST['set_p_v'] < 0) {
if (!is_numeric($_POST['set_p_v']) || $_POST['set_p_v'] < 0 || (($pt->config->com_type == 0 && $_POST['set_p_v'] <= $pt->config->admin_com_sell_videos)) ) {
$error = $lang->video_price_error." ".($pt->config->com_type == 0 ? $pt->config->admin_com_sell_videos : 0);
}
}
}
}
I added in this:
|| empty($_POST['set_p_v'])
to the third line, and the code now looks like this:
$request = array();
$request[] = (empty($_POST['title']) || empty($_POST['description']));
$request[] = (empty($_POST['tags']) || empty($_POST['set_p_v']) || empty($_POST['video-thumnail']));
if (in_array(true, $request)) {
$error = $lang->please_check_details;
} else if (empty($_POST['video-location'])) {
$error = $lang->video_not_found_please_try_again;
}
else {
$request = array();
$request[] = (!in_array($_POST['video-location'], $_SESSION['uploads']['videos']));
$request[] = (!in_array($_POST['video-thumnail'], (!empty($_SESSION['ffempg_uploads']) && is_array($_SESSION['ffempg_uploads'])) ? $_SESSION['ffempg_uploads'] : []));
$request[] = (!file_exists($_POST['video-location']));
if (in_array(true, $request)) {
$error = $lang->error_msg;
}
}
if (!empty($_POST['set_p_v'])) {
if (($pt->config->sell_videos_system == 'on' && $pt->config->who_sell == 'pro_users' && $pt->user->is_pro) || ($pt->config->sell_videos_system == 'on' && $pt->config->who_sell == 'users') || ($pt->config->sell_videos_system == 'on' && $pt->user->admin) && !empty($_POST['set_p_v'])) {
if (!empty($_POST['set_p_v']) || $_POST['set_p_v'] < 0) {
if (!is_numeric($_POST['set_p_v']) || $_POST['set_p_v'] < 0 || (($pt->config->com_type == 0 && $_POST['set_p_v'] <= $pt->config->admin_com_sell_videos)) ) {
$error = $lang->video_price_error." ".($pt->config->com_type == 0 ? $pt->config->admin_com_sell_videos : 0);
}
}
}
}
when I go to the Form, all messages related to empty Form fields display the appropriate message: “please_check_details”. And when I enter -1 into the Price (set_p_v) field it correctly displays the ‘video_price_error’, and if I enter text into the Price (set_p_v) field it displays the correct message ‘video_price_error’, but when I enter a 0 instead of correctly displaying the ‘video_price_error’ it displays ‘please check details’ (and if I enter a 1, it correctly Submits).
And ideas as to how I can get the 0 entry to display the ‘video_price_error’? Any help is welcomed. Thanks again.
I wouldn’t add || empty($_POST['set_p_v']) to the top request error section as ‘set_p_v’ is not being handled in that code. Also because both zero and blank are “empty” and we are handling both values differently we can’t use a blanket empty($_POST['set_p_v']) condition anywhere in this processing. Instead we check the values of $_POST['set_p_v'] in the different IF conditions.
Note: To avoid T_STRING error, change name of message to have underscore for spaces , e.g. lack_of_funds_error
I added a primary IF condition of $_SERVER["REQUEST_METHOD"] which should wrap any processing.
I also wrapped the code we’ve been looking at in an if (empty($error)) { condition so once it gets past the top request error section we check ‘set_p_v’.
if($_SERVER["REQUEST_METHOD"] == "POST"){
$request = array();
$request[] = (empty($_POST['title']) || empty($_POST['description']));
$request[] = (empty($_POST['tags']) || empty($_POST['video-thumnail']));
if (in_array(true, $request)) {
$error = $lang->please_check_details;
} else if (empty($_POST['video-location'])) {
$error = $lang->video_not_found_please_try_again;
}
else {
$request = array();
$request[] = (!in_array($_POST['video-location'], $_SESSION['uploads']['videos']));
$request[] = (!in_array($_POST['video-thumnail'], (!empty($_SESSION['ffempg_uploads']) && is_array($_SESSION['ffempg_uploads'])) ? $_SESSION['ffempg_uploads'] : []));
$request[] = (!file_exists($_POST['video-location']));
if (in_array(true, $request)) {
$error = $lang->error_msg;
}
}
if (empty($error)) {
// Sell video system settings
if ($pt->config->sell_videos_system == 'on' && (($pt->config->who_sell == 'pro_users' && $pt->user->is_pro) || $pt->config->who_sell == 'users' || $pt->user->admin)) {
// Blank input error
if($_POST['set_p_v'] == ""){
$error = "Blank input error";
}
// is_numeric error
if (empty($error) && !is_numeric($_POST['set_p_v'])){
$error = $lang->video_price_error;
}
// lack of funds error
if (empty($error) && $_POST['set_p_v'] == 0 && $wallet <1){
//$error = $lang->lack_of_funds_error;
$error = "lack of funds error";
}
}else{
$error = "Sell video system turned off";
}
}
}
Many thanks again for your guidance.
The Form works successfully in all aspects except in the Price (set_p_v) form field a negative number aloows the Form to Submit instead of displaying ‘video_price_error’ which displays "“The video price should be numeric and greater than 0”. Any additional help with that is appreciated.
Also, regarding your code I don’t see these included from the original code:
$pt->config->admin_com_sell_videos
and
$pt->config->com_type == 0
I would imagine the script might need those included somewhere. I look forward to your comments.
Ah yes. I didn’t have $pt->config so had removed those lines to test IF conditions.
I added those conditions back into the price error IF condition.
if($_SERVER["REQUEST_METHOD"] == "POST"){
$request = array();
$request[] = (empty($_POST['title']) || empty($_POST['description']));
$request[] = (empty($_POST['tags']) || empty($_POST['video-thumnail']));
if (in_array(true, $request)) {
$error = $lang->please_check_details;
} else if (empty($_POST['video-location'])) {
$error = $lang->video_not_found_please_try_again;
}
else {
$request = array();
$request[] = (!in_array($_POST['video-location'], $_SESSION['uploads']['videos']));
$request[] = (!in_array($_POST['video-thumnail'], (!empty($_SESSION['ffempg_uploads']) && is_array($_SESSION['ffempg_uploads'])) ? $_SESSION['ffempg_uploads'] : []));
$request[] = (!file_exists($_POST['video-location']));
if (in_array(true, $request)) {
$error = $lang->error_msg;
}
}
if (empty($error)) {
// Sell video system settings
if ($pt->config->sell_videos_system == 'on' && (($pt->config->who_sell == 'pro_users' && $pt->user->is_pro) || $pt->config->who_sell == 'users' || $pt->user->admin)) {
// Blank input error
if($_POST['set_p_v'] == ""){
$error = "Blank input error";
}
// is_numeric error
if (empty($error) && (!is_numeric($_POST['set_p_v']) || $_POST['set_p_v'] < 0) || ($pt->config->com_type == 0 && $_POST['set_p_v'] <= $pt->config->admin_com_sell_videos)){
$error = $lang->video_price_error;
}
// lack of funds error
if (empty($error) && $_POST['set_p_v'] == 0 && $wallet <1){
//$error = $lang->lack_of_funds_error;
$error = "lack of funds error";
}
}else{
$error = "Sell video system turned off";
}
}
}