GET and Server Validation
Hello,
I got 2 server validations on my page. 1 before page loads to check the $_GET and the 1 to check the from.
But the $_GET check directly goes to the restricted page :-(
<?php
if ("" == "") {
$WAFV_Redirect = "restricted.php";
$_SESSION['WAVT_login_375_Errors'] = "";
if ($WAFV_Redirect == "") {
$WAFV_Redirect = $_SERVER["PHP_SELF"];
}
$WAFV_Errors = "";
$WAFV_Errors .= WAValidateLE($_GET['login'] . "",false . "",false,6);
if ($WAFV_Errors != "") {
PostResult($WAFV_Redirect,$WAFV_Errors,"login_375");
}
}
?>
<?php
if (isset($_POST["buttonLogin"]) || isset($_POST["buttonLogin_x"])) {
$WAFV_Redirect = "login.php";
$_SESSION['WAVT_login_093_Errors'] = "";
if ($WAFV_Redirect == "") {
$WAFV_Redirect = $_SERVER["PHP_SELF"];
}
$WAFV_Errors = "";
$WAFV_Errors .= WAValidateRX(((isset($_POST["title"]))?$_POST["title"]:"") . "","/^$/i",false,1);
$WAFV_Errors .= WAValidateEM(((isset($_POST["username"]))?$_POST["username"]:"") . "",true,2);
$WAFV_Errors .= WAValidateAN(((isset($_POST["password"]))?$_POST["password"]:"") . "",true,true,true,false,"üöäßÜÖÄ_-$§&#*€@",true,3);
$WAFV_Errors .= WAValidateEL(((isset($_POST["password"]))?$_POST["password"]:"") . "",6,50,true,4);
$WAFV_Errors .= WAValidateRX(((isset($_POST["product"]))?$_POST["product"]:"") . "","/^$/i",false,5);
if ($WAFV_Errors != "") {
PostResult($WAFV_Redirect,$WAFV_Errors,"login_093");
}
}
?>
<?php
if(isset($_POST["buttonLogin"]) || isset($_POST["buttonLogin_x"])){
$WA_Auth_Parameter = array(
"connection" => $Localhero,
"database" => $database_Localhero,
"tableName" => "members",
"columns" => explode($WA_Auth_Separator,"username".$WA_Auth_Separator."password".$WA_Auth_Separator."flag"),
"columnValues" => explode($WA_Auth_Separator,"".strtoupper(((isset($_POST["username"]))?$_POST["username"]:"")) ."".$WA_Auth_Separator."".WA_CryptEncryption(((isset($_POST["password"]))?$_POST["password"]:"")) ."".$WA_Auth_Separator."1"),
"columnTypes" => explode($WA_Auth_Separator,"text".$WA_Auth_Separator."text".$WA_Auth_Separator."int"),
"sessionColumns" => explode($WA_Auth_Separator,"id".$WA_Auth_Separator."flag"),
"sessionNames" => explode($WA_Auth_Separator,"memberID".$WA_Auth_Separator."memberLevel"),
"successRedirect" => "members/diver.php",
"failRedirect" => "login.php?login=false",
"gotoPreviousURL" => FALSE,
"keepQueryString" => FALSE
);
WA_AuthenticateUser($WA_Auth_Parameter);
}
?>
I check entry is like = false
But this seems not to work.
Any help/suggestions?
Denis