Remove this Irem



  • I've given my two weeks notice, so, why not?

     

    I found this in the HTML output of a package I will not miss maintaining:

    			<p><input name="products_id[0][14485][][quantity]" type="text" value="2" size="2" class="inline" /> <strong>x $0.00</strong></p>
    <p><strong>Price: $0.00</strong></p>
    <p><input name="button" type="submit" title="Update Cart" value="Update Cart" class="button" alt="Update" /><br />
    <input name="cart_delete[NDEzJnJldmlldz1bY3BhdGhdMTQ0ODU=]" type="submit" title="Remove this Irem" value="Remove Item" class="submit" alt="Remove this Item" /></p>
    </div>
     Here's the associated PHP that parses it (Oh, BTW, it's required that register_globals=ON)
                                    for ($i=0, $n=sizeof( $products ); $i<$n; $i++) {
    $pid = $products[$i][id];
    $man = $products[$i][attributes][manufacturers_id];
    $cp = $products[$i][attributes][cpath];
    $image = $products[$i][image];
    $new_q = $_POST[products_id][0][$cp][$image][quantity];
    if (tep_not_null($new_q) && is_numeric($new_q)) cart_update($pid, $new_q, $products[$i][attributes]); 
                                    } 



  • Interesting use of POST data, apparently they know how to send arrays over POST but don't know how to iterate over them. I assume $products is an array of all available products?

    Another one is using unquoted strings for array keys, which seems to be common enough for it to have become standard (even though it's wrong).



  • Rails does this automatically, I think. Productive!

    Wait... what exactly is that doing?

    Explodes
     


Log in to reply
 

Looks like your connection to What the Daily WTF? was lost, please wait while we try to reconnect.