what should i avoid while coding in php

33
February 11, 2019, at 5:20 PM

I just start learning php, while I was learning I stopped for a minute and I said: Why don't I write my own php script before I move on to the PHP-SQL?

I wrote this php code and it's working. That is the good news, the bad news, I don't know what could be wrong with it.

This is the php code:

<?php
session_start();
$valide = 0;
$a = ['user' => "Nothing", 'pwd' => "Nothing", "email" => "Nothing", "fullname" => "Nothing"];
// redirect
function valide()
{
    global $a;
    $ok = False;
    try {
        foreach($a as $key => $val) {
            if (!empty($_POST[$key])) {
                $stat = True;
                $a[$key] = $_POST[$key];
                continue;
            }
            else {
                $stat = False;
                break;
            }
        }
        if ($stat == True) {
            $user = $a['user'];
            $pwd = $a['pwd'];
            $email = $a['email'];
            $fullname = $a['fullname'];
            filter($email, $pwd, $user, $fullname);
        }
    }
    catch(Exception $e) {
        print "God , Deamn It ;(";
    }
}
// filter function
function filter($email, $pwd, $user, $fullname)
{
    global $valide;
    // EMAIL VALIDATNG
    // valid
    if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
        $valide+= 1;
        print "email OK !<br />";
    }
    // invalide
    else {
        print "Invalide email<br />";
    }
    // PASSWORD SANITIZING
    // valide
    if ($vpwd = filter_var($pwd, FILTER_SANITIZE_STRING) and $vpwd <= 25) {
        $valide+= 1;
        print "password OK<br />";
    }
    // invalide
    else {
        echo 'Password must maximum 25 chars and numbs<br />';
    }
    // USERNAME SANITIZING
    // valide
    if ($vuser = filter_var($user, FILTER_SANITIZE_FULL_SPECIAL_CHARS, FILTER_FLAG_NO_ENCODE_QUOTES) and $vuser <= 25) {
        $valide+= 1;
        print 'user name cheked<br />';
    }
    // invalide
    else {
        print "maximum 25 chars and numbs<br />";
    }
    // DESCRIPTION VALIDATING
    // valide
    if (preg_match("/^[a-zA-Z 0-9]*$/", $fullname)) {
        $valide+= 1;
        print "Description cheked<br />";
    }
    // invalide
    else {
        print "just a simple chars and numbs<br />";
    }
    store($vuser, $vpwd, $email, $fullname);
    ses($vuser, $vpwd);
}
function ses($u, $p)
{
    $_SESSION['username'] = $u; //should be encrypted to
    $_SESSION['password'] = $p; //should be encrypted
}
function store($user, $pwd, $email, $fullname)
{
    global $valide;
    $data = "
    User : $user;Password : $pwd;Email : $email;Fullname : $fullname;";
    switch ($valide) {
    case 4:
        $f = fopen('databse_exapmle.txt', 'a') or die('PLease try egain latter');
        fwrite($f, $data);
        fread($f);
        fclose($f);
        break;
    default:
        //
        break;
    }
}
valide();
?>
READ ALSO
How to redirect users to their specific subfolders?

How to redirect users to their specific subfolders?

Ok, so I tried to Google it, make it by myself, but I just messed up my website, so after days of trying, I'm here to ask

48
How to use chr() function in an array for cleaning strings from dangereous characters in PHP?

How to use chr() function in an array for cleaning strings from dangereous characters in PHP?

Hi everyone i was working on some php formsI am a newbie so i might used a really annoying way to solve my problem

30