spanner206 Posted November 19, 2013 Share Posted November 19, 2013 hi ive been researching this all morning but i cant seem to find much, what i want to do is disable special characters and if anybody trys to type one in a message box will appear saying "special characters are not available" or something like that. i know that you cant do message boxes in php so i was wondering how i would do it in javascript/visual basic, i roughly no how to do it in visual basic but i dont know where i would put it in the code. <!DOCTYPE HTML> <html> <head> <style> .error {color: #FF0000;} </style> </head> <body> <?php $con = mysqli_connect("localhost","root","","nib"); // Check connection if (mysqli_connect_errno()) { echo "Failed to connect to MySQL: " . mysqli_connect_error(); } // define variables and set to empty values $companyname = $firstname = $address1 = $address2 = $area = $city = $postcode = $email = $website = $clubphone = $homephone = $mobilephone = $typeofbusiness = $renewaldate = ""; if ($_SERVER["REQUEST_METHOD"] == "POST") { $errors = array(); if (empty($_POST["companyname"])) {$errors['companyname'] = "please enter your companys name";} else {$companyname = test_input($_POST["companyname"]);} if (empty($_POST["typeofbusiness"])) {$errors['typeofbusiness'] = "please enter your TypeofBusiness";} else {$typeofbusiness = test_input($_POST["typeofbusiness"]);} if (empty($_POST["firstname"])) {$errors['firstname'] = "Please Enter Your First Name";} else {$firstname = test_input($_POST["firstname"]);} if (empty($_POST["address1"])) {$errors['address1'] = "Please Enter Address 1";} else {$address1 = test_input($_POST["address1"]);} if (empty($_POST["address2"])) {$address2 = test_input($_POST["address2"]);} if (empty($_POST["area"])) {$errors['area'] = "Please enter Area";} else {$area = test_input($_POST["area"]);} if (empty($_POST["city"])) {$errors['city'] = "Please Enter City";} else {$city = test_input($_POST["city"]);} if (empty($_POST["postcode"])) {$errors['postcode'] = "Please enter your PostCode";} else {$postcode = test_input($_POST["postcode"]);} if (empty($_POST["email"])) {$errors['email'] = "Please enter your Email";} else {$email = test_input($_POST["email"]);} if (empty($_POST["website"])) {$errors['website'] = "Please Enter your Website";} else {$Website = test_input($_POST["website"]);} if (empty($_POST["clubphone"])) {$errors['clubphone'] = "Please enter your club number";} else {$clubphone = test_input($_POST["clubphone"]);} if (empty($_POST["homephone"])) {$errors['homephone'] = "Please enter your home number";} else {$homephone = test_input($_POST["homephone"]);} if (empty($_POST["mobilephone"])) {$errors['mobilephone'] = "Please enter your mobile number";} else {$mobilephone = test_input($_POST["mobilephone"]);} if (empty($_POST["renewaldate"])) {$errors['renewaldate'] = "Please enter your mobile number";} else {$renewaldate = test_input($_POST["renewaldate"]);} } function test_input($data) { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); return $data; } ?> <h2>Add Leads</h2> <p><span class="error">* required field.</span></p> <form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"> <table border = "0"> <tr> <td>Company Name:</td><td> <input type="text(220)" name="companyname"></td> <td><span class="error">* <?php if (isset($errors['companyname'])) echo $errors['companyname']; ?></span></td> </tr> <tr> <td>Type of Business:</td><td> <input type="text" name="typeofbusiness"></td> <td><span class="error">* <?php if (isset($errors['typeofbusiness'])) echo $errors['typeofbusiness']; ?></span></td> </tr> <tr> <td>First Name:</td><td> <input type="text" name="firstname"></td> <td><span class="error">* <?php if (isset($errors['firstname'])) echo $errors['firstname']; ?></span></td> </tr> <tr> <td>Address 1:</td><td> <input type="text" name="address1"></td> <td><span class="error">* <?php if (isset($errors['address1'])) echo $errors['address1']; ?></span></td> </tr> <tr> <td>Address 2:</td><td><input type="text" name="address2"></td> </tr> <tr> <td>Area:</td> <td><input type="text" name="area"></td> <td><span class="error">* <?php if (isset($errors['area'])) echo $errors['area']; ?></span></td> </tr> <tr> <td>Post Code:</td> <td><input type="text" name="postcode"></td> <td><span class="error">* <?php if (isset($errors['postcode'])) echo $errors['postcode']; ?></span></td> </tr> <tr> <td>City:</td> <td><input type="text" name="city"></td> <td><span class="error">* <?php if (isset($errors['city'])) echo $errors['city']; ?></span></td> </tr> <tr> <td>Email:</td> <td><input type="text" name="email"></td> <td><span class="error">* <?php if (isset($errors['email'])) echo $errors['email']; ?></span></td> </tr> <tr> <td>Website:</td> <td><input type="text" name="website"></td> <td><span class="error">* <?php if (isset($errors['website'])) echo $errors['website']; ?></span></td> </tr> <tr> <td>Club phone:</td> <td><input type="integer" name="clubphone"></td> <td><span class="error">* <?php if (isset($errors['clubphone'])) echo $errors['clubphone']; ?></span></td> </tr> <tr> <td>Home phone:</td> <td><input type="integer" name="homephone"></td> <td><span class="error">* <?php if (isset($errors['homephone'])) echo $errors['homephone']; ?></span></td> </tr> <tr> <td>Mobile Phone:</td> <td><input type="integer" name="mobilephone"></td> <td><span class="error">* <?php if (isset($errors['mobilephone'])) echo $errors['mobilephone']; ?></span></td> </tr> <tr> <td>Renewal Date:</td> <td><input type="date" name="renewaldate"></td> <td><span class="error">* <?php if (isset($errors['renewaldate'])) echo $errors['renewaldate']; ?></span></td> </tr> <tr> <td><input type="submit" name="submit" value="Submit"></td> </tr> <?php if($_SERVER['REQUEST_METHOD'] == "POST" && count($errors) == 0) { // Do it { $con = mysqli_connect("localhost","root","","nib"); // Check connection if (mysqli_connect_errno()) { echo "Failed to connect to MySQL: " . mysqli_connect_error(); } $sql="INSERT INTO tbl_club_contacts (CompanyName, FirstName, Address1, Address2, Area, City, PostCode, Email, Website, ClubPhone, HomePhone, MobilePhone, TypeofBusiness, RenewalDate ) VALUES ('$_POST[companyname]','$_POST[firstname]','$_POST[address1]','$_POST[address2]','$_POST[area]','$_POST[city]','$_POST[postcode]','$_POST[email]','$_POST[website]','$_POST[clubphone]','$_POST[homephone]','$_POST[mobilephone]','$_POST[typeofbusiness]','$_POST[renewaldate]')"; if (!mysqli_query($con,$sql)) { die('Error: ' . mysqli_error($con)); echo "record added"; } mysqli_close($con); } // end if $errors == 0 } ?> </form> </body> </html> Quote Link to comment Share on other sites More sharing options...
Ch0cu3r Posted November 19, 2013 Share Posted November 19, 2013 What types of special characters are you wanting to block? Are you only allowing the user to enters letters and numbers only? Â You could do if(preg_match('~[^a-z0-9]+~i', $value)) { // special characters was used } Quote Link to comment Share on other sites More sharing options...
spanner206 Posted November 19, 2013 Author Share Posted November 19, 2013 yh i want to block / only sorry about that Quote Link to comment Share on other sites More sharing options...
Ch0cu3r Posted November 19, 2013 Share Posted November 19, 2013 Use strpos if(strpos($value, '/')) { // a / was found } Quote Link to comment Share on other sites More sharing options...
spanner206 Posted November 19, 2013 Author Share Posted November 19, 2013 shall i wrap this round the whole of the php Quote Link to comment Share on other sites More sharing options...
Ch0cu3r Posted November 19, 2013 Share Posted November 19, 2013 You use that if for each field you want to block the use of / Â For example the firstname field if (empty($_POST["firstname"])) { $errors['firstname'] = "Please Enter Your First Name"; } elseif(strpos($_POST['firstname'], '/') { $errors['firstname'] = 'Cannot use /'; } else { $firstname = test_input($_POST["firstname"]); } Quote Link to comment Share on other sites More sharing options...
spanner206 Posted November 19, 2013 Author Share Posted November 19, 2013 ive put that in and it dosent seem to work Quote Link to comment Share on other sites More sharing options...
Ch0cu3r Posted November 19, 2013 Share Posted November 19, 2013 Change  elseif(strpos($_POST['firstname'], '/')  to  elseif(strpos($_POST['firstname'], '/')) Quote Link to comment Share on other sites More sharing options...
Solution DavidAM Posted November 19, 2013 Solution Share Posted November 19, 2013 Â elseif(strpos($_POST['firstname'], '/') { $errors['firstname'] = 'Cannot use /'; } Â This IF (elseif) will be FALSE if the "/" is the first character. strpos returns the position of the found character and the first position is 0 (zero) which will evaluate to false. You would needelseif(strpos($_POST['firstname'], '/') !== false) (yes, two equal-signs after the bang). Quote Link to comment Share on other sites More sharing options...
spanner206 Posted November 19, 2013 Author Share Posted November 19, 2013 just tryed both and they both dont seemed to work Quote Link to comment Share on other sites More sharing options...
spanner206 Posted November 19, 2013 Author Share Posted November 19, 2013 forget that i cocked up like an idiot but ive finally realised after 3 hours that i was working on the wrong save file but sorted it now cheers for everyones help Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.