Alright, I'm writing a password validation script for entering passworded subforums. To do this, I set a cookie with the forum's name [$forum] encoded [$forum_encoded = urlencode($forum);] with the value "yes". Then, after the cookie is written, I check it with $_COOKIE[$forum_encoded].
This method works just fine for anything such as apostrophes, etc, but whenever I try to use a forum name with spaces in it, it doesn't return a "yes" value.
Does anyone see any problem with what I'm doing? I'm not sure if it affects anything, but the cookie is being evaluated by a function checkAuth(), which I included below.
Thanks in advance.
(By the way, get_contents_of just automatically grabs the results from the query, it was easier for me to remember ;p . It works properly.)
function checkAuth($forum_encoded, $connection)
{
$forum_decoded = urldecode($forum_encoded);
$forum_unstripped = AddSlashes($forum_decoded);
$forum_stripped = StripSlashes($forum_decoded);
$cookie_set = $_COOKIE[$forum_encoded];
$passworded_q = "SELECT passworded FROM forums WHERE name='$forum_unstripped'";
$passworded_r = get_contents_of ($passworded_q, $connection);
$parent_q = "SELECT parent FROM forums WHERE name='$forum_unstripped'";
$parent_r = get_contents_of ($parent_q, $connection);
$parent_encoded = urlencode(StripSlashes($parent_r));
if ($passworded_r == "yes")
{
if (isset($cookie_set) && $cookie_set=="yes")
{
if ($parent_r == "self" || $forum_decoded == "self")
{
}
else
{
checkAuth($parent_encoded, $connection);
}
}
else
{
header ("Location: pwauth.php?forum=$forum_encoded");
}
}
else
{
if ($parent_r == "self" || $forum_decoded == "self")
{
}
else
{
checkAuth($parent_encoded, $connection);
}
}
}
