preg_match / strpos

@DJRobThaManFeb 06.2006

Hi again,

Does anybody know why I get this error message:

~~[QUOTE]~~

Warning: preg_match(): Delimiter must not be alphanumeric or backslash in /home/content/f/l/f/flfaccountmngr/html/crew/login.php on line 21

[/QUOTE]

for this code:

[CODE] $template = fopen(“template.txt”, “r”);

while(!feof($template)) { echo fgetc($template); line 21—> if(preg_match(“main”, fgetc($template))) { echo “test”; } }

fclose($template); [/CODE]

I originally wanted to have it as “id=”main”” and got the same message. And if I use strpos instead of preg_match it just prints “test” on every line in the oddest of places so that I get a load of junk spitted back at me????

I’ve also tried single quotes and single quotes with backslashes (‘/main/’)

Any ideas?

Thanks,
Douglas

to post a comment

PHP

3 Comments(s) _↴

@NogDogFeb 06.2006 — #You need to use regexp delimiters:

<i>
 </i>if(preg_match("[color=red]/[/color]main[color=red]/[/color]", fgetc($template)))

@DJRobThaManauthorFeb 06.2006 — #Okay... I'm pulling my hair out here.

Something has to be wrong somehwere with my code but I just don't know where and I think it has to do with the preg_match references I have in there.

I have a file auth.php which consists of the following:

[CODE]
 <?php
 
 function authenticate($user, $pass)
 {
 
  if(preg_match("/W/", $pass) || preg_match("/select/", strtolower($pass)) || preg_match("/insert/", strtolower($pass)) || preg_match("/where/", strtolower($pass)) || preg_match("/from/", strtolower($pass)))
  {
   $i = 1;
  }
  else
  {
   $hostname = "mysql.server.com";
   $username = "username";
   $password = "password";
   $dbname = "dbname";
   $usertable = "passwordlist";
   mysql_connect($hostname, $username, $password) OR DIE (" ");
   mysql_select_db($dbname);
 
   $query = "SELECT admin_password FROM $usertable WHERE admin_name = '$user'";
 
   $result = mysql_query($query);
 
   if($result)
   {
   $row = mysql_fetch_array($result);
   $ans = $row["admin_password"];
 
   if($ans == $pass)
   {
   return true;
   }
   else
   {
   $i = 1;
   }
   }
   else
   {
   $i = 1;
   }
  }
 
  if($i == 1)
  {
   $login = fopen("index.html", "r");
 
   while(!feof($login))
   {
   echo fgetc($login);
   }
 
   fclose($login);
   exit();
  }
 }
 
 ?>
 [/CODE]

Then login.php that references this file like so:

[CODE]
 <?php
 require("auth.php");
 if($_POST["password"])
 {
 $password = $_POST["password"];
 }
 else
 {
 $password = "false";
 }
 
 if(authenticate("username", $password))
 {
 setcookie("password", $_POST["password"], time()+1800);
 
  $template = fopen("template.txt", "r");
 
  while(!feof($template))
  {
   echo fgetc($template);
  }
 
  fclose($template);
 }
 ?>
 [/CODE]

This is the file where I had that preg_match("main"... rubish. Anyway, I have the form in an html file... with the action attribute set to login.php and method set to post.

I know that this code accesses the db correctly because I tested the code in a separate file and it printed out the password correctly. So why can I not get to the login page even if I type in the correct password?

@DJRobThaManauthorFeb 06.2006 — #I just took out the first if statement in auth.php and just have it automatically do the query and then compare the password with the user's input. This works fine now but doesn't it make the page susceptible to sql injection and such?

Can I make it more secure or no?

I know I've been asking loads of questions and I really appreciate all the help I've been getting from everybody. Thanks a lot,

Douglas

Also in #PHP _↴

MySQL blank records problem Rename an uploaded file Site search code issue

Success!

Help @DJRobThaMan spread the word by sharing this article on Twitter...

Tweet This

about: ({
version: 0.1.9 — BETA 6.17,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});

changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...

recent_tips: (
tipper: @nearjob,
tipped: article
amount: 1000 SATS,

tipper: @meenaratha,
tipped: article
amount: 1000 SATS,

tipper: @meenaratha,
tipped: article
amount: 1000 SATS,
)...

preg_match / strpos

3 Comments(s) _↴

Also in #PHP _↴

Success!

Social

Version

preg_match / strpos

3 Comments(s) ↴

Also in #PHP ↴

Success!

The web is an endless sea of information. Don't miss the boat... Subscribe!

Social

Version

3 Comments(s) _↴

Also in #PHP _↴