cobusbo Posted March 2, 2015 Share Posted March 2, 2015 Hi I'm currently developing a register page within my form I want the user to specify a name. The problem I curently have is when a user press the spacebar and submit hes name it gets accepted. <?php if($_POST['formSubmit'] == "Submit") { $errorMessage = ""; if(empty($_POST['formName'])) { $errorMessage .= "<li>You forgot to enter a name!</li>"; } if($_POST['formName'] == " ") { $errorMessage = "<li>You cant insert an empty field!</li>"; } $varName = trim($_POST['formName']); $nick = urldecode($_SERVER['HTTP_X_MXIT_NICK']); $phone = urldecode($_SERVER["HTTP_X_DEVICE_USER_AGENT"]); $ip = $_SERVER["HTTP_X_MXIT_USERID_R"]; if(!isset($phone)) { $phone = "Other"; } if(!isset($ip)) { $ip = "Debater"; } if(empty($errorMessage)) { $db = mysql_connect("***********","******","*****"); if(!$db) die("Error connecting to MySQL database."); mysql_select_db("********" ,$db); $sql = "INSERT INTO Users2 (Username, mxitid, nick, phone) VALUES (" . PrepSQL($varName) . ", ". PrepSQL($ip) . ", " . PrepSQL($nick) . ", " . PrepSQL($phone) . ")"; mysql_query($sql); header("Location: thankyou.html"); exit(); } } // function: PrepSQL() // use stripslashes and mysql_real_escape_string PHP functions // to sanitize a string for use in an SQL query // // also puts single quotes around the string // function PrepSQL($value) { // Stripslashes if(get_magic_quotes_gpc()) { $value = stripslashes($value); } // Quote $value = "'" . mysql_real_escape_string($value) . "'"; return($value); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <title>PHP Form processing example</title> <!-- define some style elements--> <style> label,a { font-family : Arial, Helvetica, sans-serif; font-size : 12px; } </style> </head> <body> <?php if(!empty($errorMessage)) { echo("<p>There was an error with your form:</p>\n"); echo("<ul>" . $errorMessage . "</ul>\n"); } ?> <form action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>" method="post"> <p> <label for='formName'>What is your name?</label><br/> <input type="text" name="formName" maxlength="50" value="<?=$varName;?>" /> </p> <input type="submit" name="formSubmit" value="Submit" /> </form> <p> <a href='http://www.html-form-guide.com/php-form/php-form-processing.html' >'PHP form processing' article page</a> </p> </body> </html> As you can see I added if($_POST['formName'] == " ") { $errorMessage = "<li>You cant insert an empty field!</li>"; } This works if the person only typed a whitespace(spacebar) once but if the person types it more then once it gets accepted again. Any help? Quote Link to comment Share on other sites More sharing options...
Barand Posted March 2, 2015 Share Posted March 2, 2015 try if(empty(trim($_POST['formName']))) Quote Link to comment Share on other sites More sharing options...
cobusbo Posted March 2, 2015 Author Share Posted March 2, 2015 try if(empty(trim($_POST['formName']))) I tried it but got an error Fatal error: Can't use function return value in write context in..... line 6 Here is my current code. <?php if($_POST['formSubmit'] == "Submit") { $errorMessage = ""; if(empty(trim($_POST['formName']))) { $errorMessage .= "<li>You forgot to enter a name!</li>"; } $varName = trim($_POST['formName']); $nick = urldecode($_SERVER['HTTP_X_MXIT_NICK']); $phone = urldecode($_SERVER["HTTP_X_DEVICE_USER_AGENT"]); $ip = $_SERVER["HTTP_X_MXIT_USERID_R"]; if(!isset($phone)) { $phone = "Other"; } if(!isset($ip)) { $ip = "Debater"; } if(empty($errorMessage)) { $db = mysql_connect("********","*******","***********"); if(!$db) die("Error connecting to MySQL database."); mysql_select_db("*******" ,$db); $sql = "INSERT INTO Users2 (Username, mxitid, nick, phone) VALUES (" . PrepSQL($varName) . ", ". PrepSQL($ip) . ", " . PrepSQL($nick) . ", " . PrepSQL($phone) . ")"; mysql_query($sql); header("Location: thankyou.html"); exit(); } } // function: PrepSQL() // use stripslashes and mysql_real_escape_string PHP functions // to sanitize a string for use in an SQL query // // also puts single quotes around the string // function PrepSQL($value) { // Stripslashes if(get_magic_quotes_gpc()) { $value = stripslashes($value); } // Quote $value = "'" . mysql_real_escape_string($value) . "'"; return($value); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <title>PHP Form processing example</title> <!-- define some style elements--> <style> label,a { font-family : Arial, Helvetica, sans-serif; font-size : 12px; } </style> </head> <body> <?php if(!empty($errorMessage)) { echo("<p>There was an error with your form:</p>\n"); echo("<ul>" . $errorMessage . "</ul>\n"); } ?> <form action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>" method="post"> <p> <label for='formName'>What is your name?</label><br/> <input type="text" name="formName" maxlength="50" value="<?=$varName;?>" /> </p> <input type="submit" name="formSubmit" value="Submit" /> </form> </body> </html> Quote Link to comment Share on other sites More sharing options...
Landslyde Posted March 2, 2015 Share Posted March 2, 2015 Here's a bit of code from my client login page. It works. <?php if ($_SERVER["REQUEST_METHOD"] == "POST") { // First brace if (empty($_POST["uname"])) { $unameErr = "* Username is required"; } else { $uname = test_input($_POST["uname"]); if (!preg_match("/^[a-zA-Z0-9]*$/",$uname)) { $unameErr = "* Letters and numerals only"; } } } // Last brace ?> Quote Link to comment Share on other sites More sharing options...
Barand Posted March 2, 2015 Share Posted March 2, 2015 to get that error you would be trying to assign a value to a function call EG if (trim($x)='') { So what is the real code that is giving you that error? Quote Link to comment Share on other sites More sharing options...
Landslyde Posted March 2, 2015 Share Posted March 2, 2015 the test_input function function test_input($data) { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); return $data; } Quote Link to comment Share on other sites More sharing options...
cyberRobot Posted March 2, 2015 Share Posted March 2, 2015 I tried it but got an error... For some reason, you can't run the trim() function inside of empty(). Try something like this: $_POST['formName'] = trim($_POST['formName']); if(empty($_POST['formName'])) { Quote Link to comment Share on other sites More sharing options...
cobusbo Posted March 2, 2015 Author Share Posted March 2, 2015 Here's a bit of code from my client login page. It works. <?php if ($_SERVER["REQUEST_METHOD"] == "POST") { // First brace if (empty($_POST["uname"])) { $unameErr = "* Username is required"; } else { $uname = test_input($_POST["uname"]); if (!preg_match("/^[a-zA-Z0-9]*$/",$uname)) { $unameErr = "* Letters and numerals only"; } } } // Last brace ?> Ok seems like this solved my problem, just one last question how would I go if I would like to allow one space between words like for example "Jon Snow" Quote Link to comment Share on other sites More sharing options...
cyberRobot Posted March 2, 2015 Share Posted March 2, 2015 Ok seems like this solved my problem, just one last question how would I go if I would like to allow one space between words like for example "Jon Snow" Are you looking to replace the extra spaces for the user? If so, there are many examples here: https://www.google.com/webhp#q=php+replace+multiple+spaces+with+one Quote Link to comment Share on other sites More sharing options...
Barand Posted March 2, 2015 Share Posted March 2, 2015 For some reason, you can't run the trim() function inside of empty(). Try something like this: this worked ok for me $x= ' '; if (empty(trim($x))) { echo 'empty'; } Quote Link to comment Share on other sites More sharing options...
cyberRobot Posted March 2, 2015 Share Posted March 2, 2015 this worked ok for me $x= ' '; if (empty(trim($x))) { echo 'empty'; } Hmm...maybe it's just a bug in PHP 5.4.37. The above code produces a fatal error for me. However, it works in PHP 5.6.5. Quote Link to comment Share on other sites More sharing options...
Ch0cu3r Posted March 2, 2015 Share Posted March 2, 2015 Hmm...maybe it's just a bug in PHP 5.4.37. The above code produces a fatal error for me. However, it works in PHP 5.6.5. Nope this was a change in PHP5.5. Quote Link to comment Share on other sites More sharing options...
Solution Landslyde Posted March 2, 2015 Solution Share Posted March 2, 2015 To allow a space in the code I provided you: <?php if ($_SERVER["REQUEST_METHOD"] == "POST") { // First brace if (empty($_POST["uname"])) { $unameErr = "* Username is required"; } else { $uname = test_input($_POST["uname"]); if (!preg_match("/^[a-zA-Z0-9]*$/",$uname)) { $unameErr = "* Letters and numerals only"; } } } // Last brace ?> do this if (!preg_match("/^[a-zA-Z0-9\s]*$/",$name)) { Just add the '\s' Simple as that. 1 Quote Link to comment Share on other sites More sharing options...
CroNiX Posted March 2, 2015 Share Posted March 2, 2015 Sorry to be a stickler, but functions should be named for what they do. Your "test_input()" function does not test a thing and is misleading Quote Link to comment Share on other sites More sharing options...
Landslyde Posted March 2, 2015 Share Posted March 2, 2015 I got it off an online tutorial. Live and learn Quote Link to comment Share on other sites More sharing options...
Ch0cu3r Posted March 3, 2015 Share Posted March 3, 2015 I got it off an online tutorial. Live and learn One on the many gems from w3schools 1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.