Go4Expert

Go4Expert (http://www.go4expert.com/)
-   PHP (http://www.go4expert.com/forumdisplay.php?f=26)
-   -   $_server['request_uri'] (http://www.go4expert.com/showthread.php?t=1982)

W3C 24Nov2006 06:35
$_server['request_uri']
 
I got this code off another forum(yes it was posted) and I am not really sure what the $_SERVER['REQUEST_URI'] means. It's part of a membership system

Here is code(its called register.php):
PHP Code:
<?php
include ("config.php");
# include the config file

if ($_POST['Submit']){
# check to see if the form was submitted
# if so...

$username clean($_POST['username']);
# post the form fields and clean the strings

$password clean($_POST['password']);

$password_con clean($_POST['password_con']);

$email clean($_POST['email']);

$ip clean($_SERVER['REMOTE_ADDR']);
# get the IP of the browsing computer

$signup time();
# get the timestamp of the signup

if (!$username | !$password | !$password_con | !$email){
# if any of the strings form the form are empty
echo 'You must fill in every field. <a href="'.$_SERVER['REQUEST_URI'].'">Back</a>.';
}
else {

if ($password != $password_con){
# if the passwords do not match
echo 'Password fields did not match. <a href="'.$_SERVER['REQUEST_URI'].'">Back</a>.';
}
else {

$username_test "SELECT * FROM `users` WHERE username = '$username'";
$username_test mysql_query($username_test);
# check if the username is already in use

if (mysql_num_rows($username_test) == 1){
# if the username is being used
echo 'Username is already being used. <a href="'.$_SERVER['REQUEST_URI'].'">Back</a>.';
}
else {

$md5pass md5($password);
# change the password to an md5 hash

$add "INSERT INTO `users` VALUES ('', '$username', '$md5pass', '$email', '$ip', '$signup')";
# setup a query to insert the data into the table.

if ( mysql_query($add) ){
# run the query

echo 'Success. You are now registered.<br />';
echo 'Login using the following informationbr />';
echo 'Username: '.$username.'<br />';
echo 'Password: '.$password;
}
else {
echo 'Error, user not added.';
}

}

}

}

}
else {
# else the form was not submitted
?>
<form method="post" action="<?php=[COLOR=Red]$_SERVER['REQUEST_URI'][/COLOR]?>">
Usernamebr />
<input type="text" name="username">
<br />
Passwordbr />
<input type="password" name="password">
<br />
Confirm Passwordbr />
<input type="password" name="password_con">
<br />
E-mailbr />
<input type="text" name="email">
<br />
<input type="submit" name="Submit" value="Register">
</form>
<?php
}
?>
when I try and sign-up with the apache server it gives me a 403 Forbidden Error.
I'm kinda new at php anyway.

If you can tell me what the $_SERVER['REQUEST_URI'] means in somewhat detail, I would appreciate that too.

Thanks in advance,
W3C

pradeep 24Nov2006 10:58
Re: $_server['request_uri']
 
The $_SERVER is a global variable, which contains serveral server variables and their values. The $_SERVER['REQUEST_URI'] hold the value of the URI requested not the URL though. For example when you visit http://go4expert.com/forums/index.php the $_SERVER['REQUEST_URI'] contains /forums/index.php.
If you want to print all the server variables and their values use the following code:
Code: PHP
<?
 foreach($_SERVER as $k=>$v)
 {
     print("$k = $v <br/>\n");
 }
 ?>

Finally, the 403 error might be because of your web server configuration, check your web server's documentation for details.

W3C 25Nov2006 05:32
Re: $_server['request_uri']
 
I can't find anything under the documentations.
But when I click register button on the form it takes me to the 403 Forbidden.
The Address is:
http://localhost/KRZY%20Space/%3C?php=$_SERVER['REQUEST_URI']?%3E

Error says:
Forbidden

You don't have permission to access /KRZY Space/< on this server.
Apache/2.0.59 (Win32) PHP/5.1.6 Server at localhost Port 80

Don't know if this helps. But tell me if you need more info.

And for the $_SERVER['REQUEST_URI'], is it used in forms like when you register at the site stargatewars.com? or is it different?

pradeep 25Nov2006 10:51
Re: $_server['request_uri']
 
Looks like you dont have a filename for the PHP script in the URL, and also there are lot of special characters in the URL.

W3C 30Nov2006 04:44
Re: $_server['request_uri']
 
So do you any suggestion on what to do?
Do I make a folder/file? If so what should it be called?
And for the specail characters how do I get rid of those?

pradeep 30Nov2006 21:23
Re: $_server['request_uri']
 
See, the folder and file should be limited to these characters [a-z,A-Z,0-9,_,-], this would elimniate the problems, try making a new folder and make new files there.


All times are GMT +5.5. The time now is 16:32.