check for directory

Question

rondroid 0 Newbie Poster

14 Years Ago

Hi everyone, I have a form page where the customer enters their email address to see if they have forms available to download.
Once they submit that I use the following code to see if they do indeed have stuff available:

<?php
$email = $_POST['email'] ;
$directory = "http://nycityliving.com/forms/" . $email ;
if (file_exists($directory)) {
    header("Location: $directory");
} else {
    header("Location: http://nycityliving.com/form2.php");
}
?>

But it does not work and I cannot figure out why? :(
All I get is a 404 error page.
Anyone have any ideas?

Thanks, Ron

php

2 Contributors
6 Replies
90 Views
9 Hours Discussion Span
Latest Post 14 Years Ago Latest Post by rondroid

diafol

14 Years Ago

More likely the '.'? I dunno.

However, this doesn't seem like a very secure method.

Edited 14 Years Ago by diafol because: n/a

diafol

14 Years Ago

Actually that's how you add 2 strings or variables together.

*sigh* I am aware of the catenator.

I was referring to the '.' within the email address. :icon_rolleyes:

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

rondroid 0 Newbie Poster · Answer 1 · 2010-02-15T03:57:39+00:00

I should also mention that the directory being checked is named just like the email address being entered.
In other words, the directory might be name:

myname@mysite.com

So, I'm not sure if that '@' symbol is causing the trouble?

rondroid 0 Newbie Poster · Answer 2 · 2010-02-15T04:52:59+00:00

More likely the '.'? I dunno.

Actually that's how you add 2 strings or variables together.
In this case you are adding a predetermined path:

http://nycityliving.com/forms/

to whatever email address the customer entered:

myemail@mysite.com

When they are added together you get the full path to check:

http://nycityliving.com/forms/myemail@mysite.com

However, this doesn't seem like a very secure method.

Not really an issue here as these are general forms for the customer to download. Besides that, directory browsing (indexing) is disabled in the forms folder. So the only way you can access anything is if there is a folder named to whatever your email addy is.

Still looking for a solution here, Ron :icon_wink:

rondroid 0 Newbie Poster · Answer 3 · 2010-02-15T05:05:55+00:00

Oh, sorry 'bout that. :$
Hmm, should I be escaping that '.'?

Maybe the folders should not be named like an email address
in the first place?

Ron

rondroid 0 Newbie Poster · Answer 4 · 2010-02-15T06:47:17+00:00

OK, I solved it myself. The problem was the path I was using. It did not need to be the full web path just the root path.
Here is the code that works:

<?php
$email = $_POST['email'] ;
$directory = "forms/" . $email ;
if(is_dir($directory))
  {
  header("Location: $directory");
  }
else
  {
  header("Location: http://nycityliving.com/notfound.php");
  }
?>

Later, Ron