All geek questions in one place

Comparing strings given in $ _POST with php

I have a form that sends the sizes of things, and I need to see that the lines are equal so that I can set the price accordingly. When I try to do this, he says that they are not equal, and I do not get any prices. This is the code I'm using:

if ($_POST['sizes'] == "Small ($30)"){$total = "30";} if ($_POST['sizes'] == "Medium ($40)"){$total = "40";} if ($_POST['sizes'] == "Large ($50)"){$total = "50";} else {$total = $_POST['price'];}

What am I doing wrong here? I can repeat $ _POST ['sizes'] and this gives me one of these things.

+4
source share
9 answers

What Paul Dixon said correctly. Can I also recommend using the switch statement instead of a clumsy piece of if statements (it actually has a logical error, I can add - $total will always be $_POST['price'] , if not 'Large ($50)' )

 <?php switch ( $_POST['sizes'] ) { case 'Small ($30)' : $total = 30; break; case 'Medium ($40)' : $total = 40; break; case 'Large ($50)' : $total = 50; break; default: $total = $_POST['price']; break; } ?>
+8
source

This is a good candidate for the switch / case statement, and your "else" is the default.

Also, without using elseif on Medium and Large, if your $ _POST ['sizes'] is not large, then your $ total will always be $ _POST ['price']. It may also drop you.

+3
source

So, you know, the problem with your if / else is that the latter always happens. The switch is still better, but here is what your code should do:

 if ($_POST['sizes'] == "Small ($30)") { $total = "30"; } else if ($_POST['sizes'] == "Medium ($40)") { $total = "40"; } else if ($_POST['sizes'] == "Large ($50)") { $total = "50"; } else { $total = $_POST['price']; }

For everyone who says that the problem is $ 30, $ 40, etc., it is not. Variables cannot start with a number, so PHP ignores $ 40, etc.

+2
source

Try using single quotes

 if ($_POST['sizes'] == 'Small ($30)'){$total = "30";} elseif ($_POST['sizes'] == 'Medium ($40)'){$total = "40";} elseif ($_POST['sizes'] == 'Large ($50)'){$total = "50";} else {$total = $_POST['price'];}

Double quotes use variable interpolation, so the $ character becomes significant! See this manual page for differences on how you can declare string literals in PHP.

(Edited to correct a logical error - as others have noted, the switch will be much clearer here)

+1
source

Or, even better than a clumsy switch, you can take advantage of this simple logic and practice β€œdata driven”:

 $vals = array( 'Small ($30)' => 30, 'Medium ($40)' => 40, 'Large ($50)' => 50 ); $total = array_key_exists($_POST['sizes'], $vals) ? $vals[$_POST['sizes']] : $_POST['price'];
+1
source

Besides the actual cause of this error, it could have been avoided if you had used values ​​other than labels, for example:

 <select name="sizes"> <option value="small">Small ($30)</option> <option value="meduim">Medium ($40)</option> <option value="large">Large ($50)</option> </select>
+1
source

Is $ total string?

$ total = "30"; is the syntax for the string. $ total = 30; will be correct for Numeric.

0
source

Is there a security hole here? What if someone just passes whatever price they want for the default offer?

0
source 
 // remove any non-decimal characters from the front, then extract your value, // then remove any trailing characters and cast to an integer $total = (integer)preg_replace("/^\D*(\d+)\D.*/", "$1", $_POST['sizes']); if (!$total) $total = $_POST['price'];
0
source

Source: https://habr.com/ru/post/1277579/

More articles:


All Articles