使用php关联数组检查bool值

时间:2013-03-08 22:14:10

标签: php arrays

我有一个表单,在提交时有两个值,user和pass。

$_POST['submit'] = the name of the submit button is "submit"

当用户提交时,我在php中有以下脚本来验证:

$logins = array(
    'user1' => 'pass1',
    'user2' => 'pass2',
    'user3' => 'pass3'
);

foreach($_POST as $key => $value) {  
    $_POST[$key] = stripslashes($_POST[$key]); 

    $_POST[$key] = htmlspecialchars(strip_tags($_POST[$key])); 
}

/******************************************************************************/
   if (isset($_POST['submit'])){

      $user = isset($_POST['user']) ? strtolower($_POST['user']) : '';
      $pass = isset($_POST['pass']) ? $_POST['pass'] : '';
      $report = $_POST['typereport'];

      if ($logins[$user] != $pass) {
         showForm("Wrong Username/Password");
         exit();     
      }
      else {
    if ($report == "Clinical") {
        $file = $filename;
        $contents = file($file); 
        $string = implode("<br>", $contents);
        echo "<head><title>ScoreViewer: Clinical</title></head>";
        echo "Logged in as: " . strtoupper($user) . "<br>";
        echo "<a href='log2.php'>Sign Out</a>";
        echo "<br><br>";
        echo "<pre>" . $string . "</pre>";
        echo "<br><br>";
    }
    elseif ($report == "Non-Clinical") {
        $file = $filename2;
        $contents = file($file); 
        $string = implode("<br>", $contents);
        echo "<head><title>ScoreViewer: Non-Clinical</title></head>";
        echo "Logged in as: " . strtoupper($user) . "<br>";
        echo "<a href='log2.php'>Sign Out</a>";
        echo "<br><br>";
        echo "<pre>" . $string . "</pre>";
        echo "<br><br>";
    }
      }
   } else {
      showForm();
      exit();
   }

现在将会发生的是,该脚本将比较输入的用户名和密码以查找匹配项。如果找到匹配项并根据报告的类型,将显示该匹配项。但出于某种原因,无论何时按下提交按钮,它都会直接进入IF语句的临床部分。

如果我只使用一个没有数组的用户名/密码,它可以正常工作。如下所示:

$username = "user";
$password = "pass";

foreach($_POST as $key => $value) {  
    $_POST[$key] = stripslashes($_POST[$key]); 

    $_POST[$key] = htmlspecialchars(strip_tags($_POST[$key])); 
}

/******************************************************************************/
   if (isset($_POST['submit'])){

      $user = isset($_POST['user']) ? strtolower($_POST['user']) : '';
      $pass = isset($_POST['pass']) ? $_POST['pass'] : '';
      $report = $_POST['typereport'];

      if ($user != $username && $pass != $password) { #$logins[$user] != $pass) {
         showForm("Wrong Username/Password");
         exit();     
      }
      else {
// decide what to do here if the user and pass is correct, deleted to save space
      }
   } else {
      showForm();
      exit();
   }

我如何实现我想要完成的目标?

完整的HTML代码:Pastbin

1 个答案:

答案 0 :(得分:2)

  if ($logins[$user] != $pass) {// there lies error one... 

$ user可能不是$ logins数组中的键,请先使用 array_key_exists 进行检查。

然后代码显示滥用“其他”...

     showForm("Wrong Username/Password");
     exit();                    // That condition exits  
  }
      else {                    // So you do not need this else and the block.

重写它:

$logins = array(
    'user1' => 'pass1',
    'user2' => 'pass2',
    'user3' => 'pass3'
);

foreach($_POST as $key => $value) {  
    $_POST[$key] = stripslashes($_POST[$key]); 
    $_POST[$key] = htmlspecialchars(strip_tags($_POST[$key])); 
}
/******************************************************************************/
if (isset($_POST['submit'])){
    $user = isset($_POST['user']) ? strtolower($_POST['user']) : '';
    $pass = isset($_POST['pass']) ? $_POST['pass'] : '';
    $report = $_POST['typereport'];
    if ((!array_key_exists($user, $logins))||($logins[$user] != $pass)) {
        showForm("Wrong Username/Password");
        exit();     
    }
    if($report == "Clinical") {
         $file = $filename;
         $contents = file($file); 
         $string = implode("<br>", $contents);
         echo "<head><title>ScoreViewer: Clinical</title></head>";
         echo "Logged in as: " . strtoupper($user) . "<br>";
         echo "<a href='log2.php'>Sign Out</a>";
         echo "<br><br>";
         echo "<pre>" . $string . "</pre>";
         echo "<br><br>";
    } 
             // No need if you only have only clinic and non clinic reports...
             // elseif ($report == "Non-Clinical") {
    else {   // now non clinic
         $file = $filename2;
         $contents = file($file); 
         $string = implode("<br>", $contents);
         echo "<head><title>ScoreViewer: Non-Clinical</title></head>";
         echo "Logged in as: " . strtoupper($user) . "<br>";
         echo "<a href='log2.php'>Sign Out</a>";
         echo "<br><br>";
         echo "<pre>" . $string . "</pre>";
         echo "<br><br>";
    }    // this block ends non clinic - clinic choices...
}        // this ends the if (isset($_POST['submit']))
else {   // and this does if !isset($_POST['submit'])
    showForm();
    exit();
}

希望这有帮助