PHP Execution via Ajax jQuery

4

I'm putting some instructions inside a same PHP file that are executed according to the value of the send variable received, at least that's what I thought. In this code you have two of these instructions, one that receives send == 'buUserBloqueia' and another that receives send == 'cCadSend' but once the first one receives the command, executes the statement and does not end up executing the next ones that has another value of send .

Code

// Função serve para bloquear o usuário do sistema
if((isset($_POST['send']) == "buUserBloqueia") && (isset($_POST['id']) != "")){

// Esta função bloqueia um usuário

exit();
}

// Função serve para cadastrar o usuário no sistema
if ((isset($_POST['send']) == "cCadSend")){

// Esta função cria um usuário

exit();
}

Why does submitting Ajax with a specified value of send and after checking the value of send in PHP, does the script continue to execute all instructions below it?

    
asked by anonymous 02.08.2014 / 15:54

3 answers

1

PHP's isset () function returns true or false .

This means that this isset($_POST['send']) == "buUserBloqueia" comparison is always false because isset($_POST['send']) will not give the value of $_POST['send'] but true or false .

In the background it would be the same as if (true == "buUserBloqueia") . I suggest you re-design your code a bit and do something like:

if(isset($_POST['send']) && $_POST['send'] == "buUserBloqueia") && (isset($_POST['id']) != "")){

Or put a if that does exit earlier, before the code that has:

if(!isset($_POST['send'])) exit();
    
02.08.2014 / 16:01
3

Assuming you literally want to create an HTTP router, this is not the best way to do it. In addition to not being good for code quality, it is not possible to test and it does away with the sanity of the programmers.

I suggest you take a look at components / libraries that are ready to do the work for you, such as Silex which is a mini -Framework very easy to use. Including it has already dealt with security issues for you, allowing you to work with Friendly URLs in an easy way.

See an example of what your two actions would look like with this framework :

 require_once __DIR__.'/../vendor/autoload.php'; 

 $app = new Silex\Application(); 

 $app->post('/usuario/criar', function(){ 
    //aqui cria um usuário e retorna uma resposta 
 }); 

 $app->post('/usuario/bloquear', function(){ 
    //aqui bloqueia um usuário e retorna uma resposta 
 }); 

 $app->run(); 

I have a repository with an application that uses this mini-framework that I did for a college job. Suddenly you can help someone.

    
06.08.2014 / 14:07
2

To check a set of actions I prefer to use the switch, I find it easier to understand and modify the instructions ...

switch ($_POST['send']) {

    case 'buUserBloqueia':
        // Esta função bloqueia um usuário
        exit();
    break;

    case 'cCadSend':
        // Esta função cria um usuário
        exit();
    break;

}
    
02.08.2014 / 19:38