Compare Strings given in $_POST with php
https://stackoverflow.com/questions/184703
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I have a form that is sending in sizes of things, and I need to see what the strings are equal to so that I can set the price accordingly. When i try to do this, it says that they are not equal, and i get no prices. This is the code i'm using:
if ($_POST['sizes'] == "Small ($30)"){$total = "30";}
if ($_POST['sizes'] == "Medium ($40)"){$total = "40";}
if ($_POST['sizes'] == "Large ($50)"){$total = "50";}
else {$total = $_POST['price'];}
What am i doing wrong here? I can echo $_POST['sizes'] and it gives me exactly one of those things.
Solution
What Paul Dixon said is correct. Might I also recommend using a switch statement instead of that clunky chunk of if statements (which actually has a logic bug in it, I might add - $total will always equal $_POST['price'] when not 'Large ($50)')
<?php
switch ( $_POST['sizes'] )
{
case 'Small ($30)' :
$total = 30;
break;
case 'Medium ($40)' :
$total = 40;
break;
case 'Large ($50)' :
$total = 50;
break;
default:
$total = $_POST['price'];
break;
}
?>
OTHER TIPS
That's a good candidate for a switch/case statement, with your 'else' being a default.
Also, without using elseif's on Medium and Large, if your $_POST['sizes'] is not Large, then your $total will always be $_POST['price']. This could be throwing you off as well.
So you know, the problem with your if/else's is that the last else is always happening. A switch is still better, but here is what your code should be:
if ($_POST['sizes'] == "Small ($30)") { $total = "30";
} else if ($_POST['sizes'] == "Medium ($40)") { $total = "40";
} else if ($_POST['sizes'] == "Large ($50)") { $total = "50";
} else { $total = $_POST['price']; }
To everyone that says the problem is the $30, $40, etc, it's not. Variables can't start with a number so PHP will ignore the $40, etc.
Or, even better than the clunky switch, you can take advantage of this simple logic and practise 'data-driven programming':
$vals = array(
'Small ($30)' => 30,
'Medium ($40)' => 40,
'Large ($50)' => 50
);
$total = array_key_exists($_POST['sizes'], $vals)
? $vals[$_POST['sizes']]
: $_POST['price'];
Apart from the actual cause of this error, it could have been avoided if you had used other values than the labels, e.g.:
<select name="sizes">
<option value="small">Small ($30)</option>
<option value="meduim">Medium ($40)</option>
<option value="large">Large ($50)</option>
</select>
Try using single quotes
if ($_POST['sizes'] == 'Small ($30)'){$total = "30";}
elseif ($_POST['sizes'] == 'Medium ($40)'){$total = "40";}
elseif ($_POST['sizes'] == 'Large ($50)'){$total = "50";}
else {$total = $_POST['price'];}
Double quoted strings use variable interpolation, so the $ symbol becomes significant! See this manual page for the differences in how you can declare string literals in PHP.
(Edited to correct the logic error - as others noted, a switch would be much clearer here)
Is $total a string?
$total = "30"; is the syntax for a string. $total = 30; would be correct for Numeric.
Isn't there a security hole here? What if someone just submits whatever price they want for the default clause?
// remove any non-decimal characters from the front, then extract your value,
// then remove any trailing characters and cast to an integer
$total = (integer)preg_replace("/^\D*(\d+)\D.*/", "$1", $_POST['sizes']);
if (!$total) $total = $_POST['price'];
