0

I have used some code from this blackjack game to build my own full version.

Everything works perfectly locally using Xampp, but when I uploaded the full version I get: expects parameter to be array, boolean given.

I'm very new to PHP, but from what I understand, I have defined the array. Why is it giving me a boolean online, and array offline?

Here is the full game I wrote.(the site is a little NSFWish, but the page is clean)

The problem seems to be from here:

function evaluateHand($hand) {
$Ace=0;
global $faces;
$value = 0;
foreach ($hand as $card) {
    if ($card['face'] == 'Ace') 
        $Ace++;

 $value = intval($value) + intval($faces[$card['face']]);

   while ($Ace>0 && $value >21)
        {
            $value = intval($value) - 10;
            $Ace--;
        }

}

specifically the - foreach ($hand as $card) { part.

I do remember reading someone else having the same problem, and the solution seemed to be switiching from double to single quotations here.

<input type='hidden' name='handstr' value = '<?php echo $handstr ?>' />

but I already have single quotations.

What really confuses me, is the guy who wrote the script seems to have it running fine.

If you change the .PHP to .txt you can see the full game code (from link above... sorry 2 link max)

Anyone know why offline would be different from online, and how to fix the problem?

user2067101
  • 103
  • 7
  • 1
    Since the only thing that caused the issue was going from the development machine to a production environment, I would suggest looking at: http://stackoverflow.com/questions/1752768/is-there-a-max-size-to-the-length-of-a-hidden-input-in-html as the array is not being `unserialize`'d correctly, which is causing the error. (look at the marked answer for the server-side limits. – Jon Feb 13 '13 at 06:22
  • I am using Post instead of Get. Do you belive a 52 card array would break that limit? (not sure how to calculate it exactly). Still unsure why the authors version would work fine, and mine would not. I didn't make any changes to that part of the code. – user2067101 Feb 13 '13 at 07:49
  • Yes...and if you look at the server-side response in that answer: "With POST, there is no technical limit in the browser, but usually one on the server side - see e.g. Apache's LimitRequestBody, PHP's post_max_size and so on." will still affect the POST. – Jon Feb 13 '13 at 07:50
  • I tried using.htaccess to increase the post limit, but it crashed my site. Aparently php5 doesnt use that way any more.(for anyone else looking) then I tried both php.ini and php5.ini, and while they didn't crash the site, they also didn't fixed the error. I'm not sure if they actually changed the post limit? I added echo($hand) and it seemed to echo 'array' until I call the function in question, then it doesn't echo anything: so it looks like this the right answer, but I'm not sure how to fix it. From the research I have done, it looks like Godaddy doesn't allow you to modify their php.ini – user2067101 Feb 13 '13 at 09:43
  • for anyone else with a similar problem, I found this code . it seems to report your max upload and post size. If it is working, my post limit is set to 33 meg. – user2067101 Feb 13 '13 at 10:29

1 Answers1

0

You need to be aware that the output of serialize() is not suitable for direct inclusion in HTML form fields; it may contain characters that are not allowed in HTML, such as Null bytes, single and double quotes etc.

I suggest you wrap the output of serialize() in Base64, such as this:

<input type='hidden' name='dealerstr' value = '<?php echo base64_encode($dealerstr) ?>' />

Of course, you need to base64_decode() the POST data before unserializing, too.

fbitterlich
  • 882
  • 7
  • 24
  • Would this be true even though I'm not using user input, but a pre defined set of text words? (one, two...Jack, Queen, King Plus Diamond, Club, Heart and Spades). There is no chance of any extra characters being in the string. (although I will try your solution.). Can anyone else run the origional php blackjack game? Are you getting the same errors? or is it specific to my hosting? – user2067101 Feb 13 '13 at 18:04
  • You can verify yourself by looking at the HTML source of the generated page. Check what is is the `value` field of all of the `input` tags. If the value is valid HTML, then the problem is somewhere else. However the PHP manual explicitly warns that the output of `serialize()` can contain binary data, so it should be wrapped anyway. Defensive coding. – fbitterlich Feb 14 '13 at 12:41
  • Sorry for the slow reply. The base 64 didn't work, so I tried to do some research. It seems the problem is serialize, but for some reason when I assign a variable - $deck = unserialize($_POST['deckstr']); - $deck is an empty array, even though deckstr echo's correctly. Someone mentioned it might be a difference in the PHP.ini file because it works offline and not online. Anyone know what setting might effect this? – user2067101 Mar 02 '13 at 08:40
  • Looks like I gave up on Base64 too soon. I am a new programmer, and though I needed to replace Serialize with base64, but turns out it's in addition to. working perfectly. Thank you so much for your great suggestion and you patience with my poor programming skills. – user2067101 Mar 02 '13 at 13:50