On Wednesday 06 August 2003 01:06, anders thoresson wrote:
> I'm having problem with a function that I'll use to validate user input
> before passing it to MySQL. For strings, I want to make sure that they
> aren't to long, so I have written this function:
What is this mess that you have here :-)
> function secure_string($unsafe_string, $max_length = -1, $errormessage =
> "Too many characters." ) { // verify that string isn't longer then
> $max_length, if $max_length is set if ($max_length > -1) { if
> (!is_int($max_length)) { error("Variable max_length is not an integer." );
> } if (strlen($unsafe_string) > $max_length) { error($errormessage); } }
> [... and the validation will continue here.]
> When I want to use the max length check I pass a value to the function
> like this:
> $a_header = secure_string($_POST['a_header'], 60, "Header must not be more
> then 60 characters." );
> But I having to problems:
> 1) If no max length is passed, and $max_length gets the value -1, the if-
> loop if ($max_length > -1) is still run.
How exactly are you calling the function when "no $max_length is passed"? If
you're doing something like:
secure_string($string, '', 'error msg');
Then inside your function $max_length will be equivalent to 0 (zero) and hence
your comparison:
if ($max_length > -1)
will be true.
--
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
------------------------------------------
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
------------------------------------------
/*
When one burns one's bridges, what a very nice fire it makes.
-- Dylan Thomas
*/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
