Validating $ _POST Data

Question

Validating $ _POST Data

I do spam check on the form. The code below works the same as on my local host (redirecting to google.com if true), however this does not happen when it is on the production server (it runs the rest of the script and does NOT redirect to Google.com).

    if('POST' == $_SERVER['REQUEST_METHOD']) {
    if ($_POST["bait"]!='' || $_POST["date"] == "12/31/69" || trim($_POST["date"] == "1969-12-31")) {
        header("location: http://www.google.com");
    } else {
       //Process form here

I did var_dumpon $_POSTand this1969-12-31

What am I doing wrong?

+3

php

Paul dessess Apr 30 '12 at 22:28

source share

1 answer

drew010 · Accepted Answer · 2012-04-30T22:31:19+0000

You should exit;after sending the location header to prevent the rest of the script from executing.

eg.

if('POST' == $_SERVER['REQUEST_METHOD']) {
    if ($_POST["bait"]!='' || $_POST["date"] == "12/31/69" || trim($_POST["date"] == "1969-12-31")) {
        header("location: http://www.google.com");
        exit;
    } else {
        // process form here
    }
}

The redirect is sent, but you also continue to output the rest of the request, in which case the behavior may be undefined.

Validating $ _POST Data

More articles: