Jump to content

capt1701b

New Members
  • Posts

    5
  • Joined

  • Last visited

capt1701b's Achievements

Newbie

Newbie (1/5)

0

Reputation

  1. Welcome to the php forum, Looking at your code, you have not added code to say when click login do x,y,z for example if (isset($_post['login'])) { then what you want to happen after login has been pressed } the logic is "has login been pressed? " "yes" then run the code, mysql has been superseded by mysqli https://www.w3schools.com/php/php_ref_mysqli.asp www.w3schools.com is a good site to learn about php for beginners
  2. Hi all, Since I am just learning about php and sql and trying get my head around it How could I make my query safer? How would I add éö-' etc... into preg? Is there a better way to display an error message when a user does not enter any detail into field that is mandatory The calendar I have changed to <input type="date" value="<?php echo date("Y-m-d");?>"> from http://stackoverflow.com/questions/14212527/how-to-set-default-value-to-the-inputtype-date but now I can enter a date greater then today, how can I prevent this?
  3. Hi all, I am trying to check if all the fields in my php have been completed after the submit button has been clicked, if everything is completed correctly, the data will be passed to my sql table. When I enter the correct details nothing is being passed to the sql table , I think it may be my date as it default to year-month-date which is enter in sql as 0000-00-00? Am I on the right track or is it something else ,can any one help please <?php session_start(); //include files include 'header/header.php'; include 'nav/navigation.php'; include 'init.php'; // define variables and set to empty values $firstNameErr = $dateErr= $surnameErr = $emailErr = $genderErr = $passwordErr = $confirmpasswordErr =""; $firstName = $surname = $email = $gender = $date = $password = $confirmpassword=""; $day = $_POST['day']; $mon = $_POST['month']; $year = $_POST['year']; $date = $year . "-" . $mon . "-" . $day; echo $year . "-" . $mon . "-" . $day; //Store any errors, later check if any of them are no longer empty - if so don't submit the data $errors = array("submit" => "", "firstname" => "", "surname" => "", "email" => "", "gender" => "", "date" => "", "password" => "", "passwordC" => "", "passwordM" => ""); if(isset($_POST["submit"])) { if (empty($_POST["firstname"])) { $errors["firstname"] = "firstname is required"; } else { $firstname = test_input($_POST["firstname"]); // check if name only contains letters and whitespace if (!preg_match("/^[a-zA-Z]*$/",$firstName)) { $errors["firstname"] = "Only letters and white space allowed"; } } if (empty($_POST["surname"])) { $errors["surname"] = "Surname is required"; } else { $surname = test_input($_POST["surname"]); // check if name only contains letters and whitespace if (!preg_match("/^[a-zA-Z]*$/",$surname)) { $errors["surname"] = "Only letters and white space allowed"; } } if (empty($_POST["email"])) { $errors["email"] = "Email is required"; } else { $email = test_input($_POST["email"]); // check if e-mail address is well-formed if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $errors["email"] = "Invalid email format"; } } if (empty($_POST["gender"])) { $errors["gender"] = "Gender is required"; } else { $gender = test_input($_POST["gender"]); } if (empty($_POST["date"])) { $errors["date"] = "your DOB is required"; } elseif($_POST["date"] == "Year-month-date") { $errors["date"] = "your DOB is required"; } else { $date = test_input($_POST["date"]); // check if date is well-formed and valid if(preg_match("/^(\d{2})-(\d{2})-(\d{4})$/", $date, $sdate)){ if(!checkdate($sdate[2], $sdate[1], $sdate[3])) $errors["date"] = "Invalid date"; } else $errors["date"] = "Invalid date format"; } if (empty($_POST["password"])) { $errors["password"] = "a password is required"; } else { $password = test_input($_POST["password"]); // check if name only contains letters and whitespace if (!preg_match("/^[a-zA-Z0-9 ]*$/",$password)) { $errors["password"] = "Only letters, numbers and white space allowed"; } } if (empty($_POST["confirm"])) { $errors["passwordC"] = "Please confirm your password"; } else { $password = test_input($_POST["confirm"]); // check if name only contains letters and whitespace if (!preg_match("/^[a-zA-Z0-9 ]*$/",$password)) { $errors["passwordC"] = "Only letters, numbers and white space allowed"; } } if (($_POST["confirm"] != $_POST["password"])){ $errors["passwordM"] =" Your passwords do not match"; } } $isInvalid = false; foreach($errors as $field => $field_error) { if(!empty($field_error)) $isInvalid = true; } if(!$isInvalid) { $query = "INSERT `Membership` (`First_Name`, `Surname`, `Gender`, `DOB`, `Email`, `Password`) VALUES ('$firstname', '$surname', '$gender', '$date','$email', '$password')"; $result = mysqli_query($connection,$query) or exit ("Error in query: $query. ".mysqli_error($connection)); } function test_input($data) { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); return $data; } ?> <div class="large-6 columns"> <h2>Register Form</h2> <p><span style="color:red">required fields.</span></p> <form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"> <fieldset> <fieldset> <legend>First Name</legend> <label> <input type="text" name="firstname" placeholder="your first name"> <span style="color:red"> <?php echo $errors["firstname"];?> </span> </fieldset> <fieldset> <legend>Surname</legend> <label> <input type="text" name="surname" placeholder="your surname"> <span style="color:red"> <?php echo $errors["surname"];?> </span> </fieldset> <fieldset> <legend>Email</legend> <label> <input type="text" name="email" placeholder="your email address"> <span style="color:red"> <?php echo $errors["email"];?> </span> </fieldset> <fieldset> <legend>Gender</legend> <label> <input type="radio" name="gender" value="female"> Female <input type="radio" name="gender" value="male"> Male <span style="color:red"> <?php echo $errors["gender"];?> </span> <br><br> </fieldset> <fieldset> <legend>DOB</legend> <div class="small-6 columns"> <tr> <th> <td> <select size="1" name="day" value="Date"> <option>date</option> <option>1</option> <option>2</option> <option>3</option> <option>4</option> <option>5</option> <option>6</option> <option>7</option> <option>8</option> <option>9</option> <option>10</option> <option>11</option> <option>12</option> <option>13</option> <option>14</option> <option>15</option> <option>16</option> <option>17</option> <option>18</option> <option>19</option> <option>20</option> <option>21</option> <option>22</option> <option>23</option> <option>24</option> <option>25</option> <option>26</option> <option>27</option> <option>28</option> <option>29</option> <option>30</option> <option>31</option> </select> <select size="1" name="month" value="Month"> </th> <option>month</option> <option>1</option> <option>2</option> <option>3</option> <option>4</option> <option>5</option> <option>6</option> <option>7</option> <option>8</option> <option>9</option> <option>10</option> <option>11</option> <option>12</option> </select> <select size="1" name="year" value="Year"> <option>Year</option> <option>1966</option> <option>1967</option> <option>1968</option> <option>1969</option> <option>1970</option> <option>1971</option> <option>1972</option> <option>1973</option> <option>1974</option> <option>1975</option> <option>1976</option> <option>1977</option> <option>1978</option> <option>1979</option> <option>1980</option> <option>1981</option> <option>1982</option> <option>1982</option> <option>1983</option> <option>1984</option> <option>1985</option> <option>1986</option> <option>1987</option> <option>1988</option> <option>1989</option> <option>1990</option> <option>1991</option> <option>1992</option> <option>1993</option> <option>1994</option> <option>1995</option> <option>1996</option> <option>1997</option> <option>1998</option> <option>1999</option> <option>2000</option> <option>2001</option> <option>2002</option> <option>2003</option> <option>2004</option> <option>2005</option> <option>2006</option> <option>2007</option> <option>2008</option> <option>2009</option> <option>2010</option> </div> </select> </td></tr> <span style="color:red"> <?php echo $errors["date"];?> </span> </fieldset> <fieldset> <legend>Password</legend> <label> <input type="text" name="password" placeholder="your password"> <span style="color:red"> <?php echo $errors["password"];?> </span> <br><br> <label> <input type="text" name="confirm"placeholder="Confirm your password"> <span style="color:red"> <?php echo $errors["passwordC"];?> </span> <span style="color:red"> <?php echo $errors["passwordM"];?> </span> </fieldset> <br><br> <input type="submit" name="submit" value="Submit"> </form> </fieldset> <?php echo "<h2>Your Input:</h2>"; echo $firstname; echo "<br>"; echo $surname; echo "<br>"; echo $email; echo "<br>"; echo $password; echo "<br>"; echo $gender; echo "<br>"; echo $date; //include files include 'footer/footer.php'; ?> <script src="js/vendor/jquery.js"></script> <script src="js/foundation.min.js"></script> <script> </script> </body>
  4. Hi Jacques1, The site is just for demo only and a work in progress The reason for displaying the details was for testing purposes, these will be removed when the required section is working. MySQL may have vulnerabilities but these are going to be addressed shortly and it will help in learning about sql injection attacks for my course.
  5. Hi all, Can anyone help as I get this error Warning: mysqli_error() expects exactly 1 parameter, 0 given in /home/ubuntu/workspace/Project/Admin.php on line 48 Call Stack: 0.0011 239616 1. {main}() /home/ubuntu/workspace/Project/Admin.php:0 0.0028 249744 2. mysqli_error() /home/ubuntu/workspace/Project/Admin.php:48 Error in query: INSERT `Membership` (`First_Name`, `Surname`, `Gender`, `DOB`, `Email Address`, `Password`) VALUES ('ewqewq', 'qweqw', '', '1966','eqweqe', 'eqwe'). <?php //include files include 'header/header.php'; include 'nav/navigation.php'; include 'init.php'; print_r ($_POST); echo "<br />"; if (isset($_POST['loginSubmit'])) { $firstname = $_POST['txtFirstName'] ; $surname = $_POST['txtSurname'] ; $gender = $_POST['myList']; $email =$_POST['txtEmail']; $password = $_POST['txtPass']; $DOB = $_POST['edob']; echo "$firstname"; echo "<br />"; echo "$surname"; echo "<br />"; echo "$gender"; echo "<br />"; echo "$email"; echo "<br />"; echo "$password"; echo "<br />"; echo "$DOB"; echo "<br />"; } //run $query //(b)Construct INSERT query using variables holding data gathered $query = "INSERT `Membership` (`First_Name`, `Surname`, `Gender`, `DOB`, `Email Address`, `Password`) VALUES ('$firstname', '$surname', '$gender', '$DOB','$email', '$password')"; //Temporarily echo $query for debugging purposes echo "$query"; //run $query include 'init.php'; echo "<br />"; //echo "$query"; echo "<br />"; $result = mysqli_query($connection,$query) or exit ("Error in query: $query. ".mysqli_error()); ?> <div class="large-6 columns"> <form method="post" action="Admin.php"> <fieldset> <legend>Registration Form</legend> <label> <fieldset> <legend>First Name</legend> <input type="text"name="txtFirstName" placeholder="Your first Name" </fieldset> </label> <fieldset> <legend>Surname</legend> <label> <input type="text"name="txtSurname" placeholder="Your Surame" </fieldset> </label> <fieldset> <legend>Gender</legend> <select name="Gender"id = "myList"> <option value = "Male">Male</option> <option value = "Female">Female</option> </select> </fieldset> <fieldset> <legend>DOB</legend> <div class="small-6 columns"> <tr> <th> <td> <select size="1" name="edob" value="date"> <option>date</option> <option>1</option> <option>2</option> <option>3</option> <option>4</option> <option>5</option> <option>6</option> <option>7</option> <option>8</option> <option>9</option> <option>10</option> <option>11</option> <option>12</option> <option>13</option> <option>14</option> <option>15</option> <option>16</option> <option>17</option> <option>18</option> <option>19</option> <option>20</option> <option>21</option> <option>22</option> <option>23</option> <option>24</option> <option>25</option> <option>26</option> <option>27</option> <option>28</option> <option>29</option> <option>30</option> <option>31</option> </select> <select size="1" name="edob" value="month"> </th> <option>month</option> <option>Jan</option> <option>Feb</option> <option>Mar</option> <option>Apr</option> <option>May</option> <option>June</option> <option>July</option> <option>Aug</option> <option>Sep</option> <option>Oct</option> <option>Nov</option> <option>Dec</option> </select> <select size="1" name="edob" value="Year"> <option>Year</option> <option>1966</option> <option>1967</option> <option>1968</option> <option>1969</option> <option>1970</option> <option>1971</option> <option>1972</option> <option>1973</option> <option>1974</option> <option>1975</option> <option>1976</option> <option>1977</option> <option>1978</option> <option>1979</option> <option>1980</option> <option>1981</option> <option>1982</option> <option>1982</option> <option>1983</option> <option>1984</option> <option>1985</option> <option>1986</option> <option>1987</option> <option>1988</option> <option>1989</option> <option>1990</option> <option>1991</option> <option>1992</option> <option>1993</option> <option>1994</option> <option>1995</option> <option>1996</option> <option>1997</option> <option>1998</option> <option>1999</option> <option>2000</option> <option>2001</option> <option>2002</option> <option>2003</option> <option>2004</option> <option>2005</option> <option>2006</option> <option>2007</option> <option>2008</option> <option>2009</option> <option>2010</option> </div> </select> </td></tr> </fieldset> <fieldset> <legend>Email Address</legend> <label> <input type="text" name="txtEmail" placeholder="Your email address"> </label> </fieldset> <fieldset> <legend>Password</legend> <label> <input type="text" name="txtPass" placeholder="Your password"> </label> <label> <input type="text" placeholder="Confirm your password"> </fieldset> </label> <button name="loginSubmit" class="Submit" value="Submit" >Submit</button> <button class="reset" value="Clear" >Clear</button> </form> </div> </div> <?php //include files include 'footer/footer.php'; ?> <script src="js/vendor/jquery.js"></script> <script src="js/foundation.min.js"></script> <script> </script> </body>
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.