Hello. I've got a single page that calls itself to check for data integrity submitted in a form, i.e. passwords match, emails match, legitimate email, etc.
The document calls itself and walks through the if/elseif statements comparing variables to see if they match or not. When it gets to the email section, my $email and $emailconf variables are lost. All of my other variables are there. In fact, the code is set up to compare the two and skip the subroutine if they match, and if they do, it still goes ahead as if they didn't match. This is driving me crazy. Thanks for any help. I can provide more information if needed. I'm using php5.
Every time the page reloads, it calls session_start() and picks up the variables again using (($REQUEST_METHOD=='POST'))
<?
session_start();
?>
<?
if (($REQUEST_METHOD=='POST')) {
for(reset($HTTP_POST_VARS);
$key=key($HTTP_POST_VARS);
next($HTTP_POST_VARS)) {
$foo = addslashes($HTTP_POST_VARS[$key]);
$foo = strtr($foo, ">", " ");
$foo = strtr($foo, "<", " ");
$foo = strtr($foo, "|", " ");
$$key = $foo;
}}
$zip = $_POST["zip"];
..
$email = $_POST["email"];
$emailconf = $_POST["emailconf"];
$pw = $_POST["pw"];
$pwconf = $_POST["pwconf"];
$zipflag= $_POST["zipflag"];
if($zipflag!=1){
echo "
<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"
\"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">
<head><title>Confirm Page</title>
</head>
<body>
{
$db_name = "db";
$table_name = "zips";
$connection = mysql_connect("localhost", "root", "") or die("Couldn't connect.");
$db = mysql_select_db($db_name, $connection) or die("Couldn't select database.");
$sql = "SELECT * FROM $table_name WHERE zip='$zip'";
$result = mysql_query($sql) or die ("Can't execute zipquery.");
$myrow = mysql_fetch_row($result);
if($myrow){
$city=$myrow[1];
$state=$myrow[2];
$zipflag=1;
}
else {
$city="Not Found";
$state="Not Found";
$zipflag=1;}
echo "<FORM ACTION=\"./confirm_adduser.php\" METHOD=\"POST\">
<input type=\"hidden\" name=\"name1\" value=\"$name1\">
<input type=\"hidden\" name=\"city\" value=\"$city\">
<input type=\"hidden\" name=\"state\" value=\"$state\">
<input type=\"hidden\" name=\"email\" value=\"$email\">
<input type=\"hidden\" name=\"emailconf\" value=\"$emailconf\">
<input type=\"hidden\" name=\"pw\" value=\"$pw\">
<input type=\"hidden\" name=\"pwconf\" value=\"$pwconf\">
<input type=\"hidden\" name=\"zipflag\" value=\"$zipflag\">
<input type=\"image\" src=\"./images/continue.gif\">
</form>";
</html
}
}
elseif(('$email'!='$emailconf')||(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$",$email))) {
echo" Registration Confirmation
<FORM ACTION=\"./confirm_adduser.php\" METHOD=\"POST\">
<td>The email addresses you entered either don't match or are invalid. Please re-enter and confirm your e-mail address.
"?>
<? echo "<td>E-mail: </td><td>Confirm E-mail:</td><tr>
<td><input type=\"text\" name=\"email\" maxlength=50 value=\"$email\"></td>
<td><input type=\"text\" name=\"emailconf\" maxlength=50 VALUE=\"$emailconf\" >
<input type=\"hidden\" name=\"name1\" value=\"$name1\">
<input type=\"hidden\" name=\"name2\" value=\"$name2\">
<input type=\"hidden\" name=\"add1\" value=\"$add1\">
<input type=\"hidden\" name=\"add2\" value=\"$add2\">
<input type=\"hidden\" name=\"zip\" value=\"$zip\">
<input type=\"hidden\" name=\"city\" value=\"$city\">
<input type=\"hidden\" name=\"state\" value=\"$state\">
<input type=\"hidden\" name=\"tel1\" value=\"$tel1\">
<input type=\"hidden\" name=\"tel2\" value=\"$tel2\">
<input type=\"hidden\" name=\"tel3\" value=\"$tel3\">
<input type=\"hidden\" name=\"email\" value=\"$email\">
<input type=\"hidden\" name=\"emailconf\" value=\"$emailconf\">
<input type=\"hidden\" name=\"pw\" value=\"$pw\">
<input type=\"hidden\" name=\"pwconf\" value=\"$pwconf\">
<input type=\"hidden\" name=\"zipflag\" value=\"$zipflag\">
<input type=\"image\" src=\"./images/continue.gif\"></table>
</form>";
include("./foot_all.txt");
}
else {
//everything's OK
}
