talas Posted May 10, 2008 Share Posted May 10, 2008 Hello all, I am currently working on a project that is a member backend for a club, but the application needs rework to fit the process. I need the form to require certain information, and have certain fields filled in a certain way. The current fields I have are: Name, Email, Gender, Region, HomeTel, Age, xfire, NicName, Info1, Info2, About1, About2, About3, Sponsor And the following I am having problems with: Requiring: Name, Email, Gender, HomeTel, Age, xfire, NicName Formatting: Email as a proper email or die, HomeTel as only numeric and 10 digits I would like this to be able to be done in a php file that then sends the final data to a processing file that adds the data to the sql table. If the required information is not entered properly I want the script to die before it can even think about going to the database. Any help is appreciated! Thanks, talas Quote Link to comment Share on other sites More sharing options...
Fadion Posted May 10, 2008 Share Posted May 10, 2008 This is a simple procedure on validating post input and inseting them to the database. A simple example for the name and email fields: <?php if(isset($_POST['name'])){ //check at least one field to see if the form has been submitted $name = mysql_real_escape_string($_POST['name']); $email = mysql_real_escape_string($_POST['name']); if($name != '' and $email != ''){ //check if posted data are not empty if(strstr($email, '@') and strstr($email, '.')){ //just a simple check on the email, but regex should be used for better results $results = mysql_query("INSERT INTO myTable (name, email) VALUES ('$name', '$email')"); } else{ echo 'Email is invalid.'; } } else{ echo 'Fields cant be empty.'; } } ?> Quote Link to comment Share on other sites More sharing options...
talas Posted May 10, 2008 Author Share Posted May 10, 2008 This is a simple procedure on validating post input and inseting them to the database. A simple example for the name and email fields: <?php if(isset($_POST['name'])){ //check at least one field to see if the form has been submitted $name = mysql_real_escape_string($_POST['name']); $email = mysql_real_escape_string($_POST['name']); if($name != '' and $email != ''){ //check if posted data are not empty if(strstr($email, '@') and strstr($email, '.')){ //just a simple check on the email, but regex should be used for better results $results = mysql_query("INSERT INTO myTable (name, email) VALUES ('$name', '$email')"); } else{ echo 'Email is invalid.'; } } else{ echo 'Fields cant be empty.'; } } ?> I have a full MySQL injection already, but thanks for the help on the name and email. Now all I need is how to check if HomeTel is numeric and 10 chars long and the script will mostly be done with a little more tweaking. Quote Link to comment Share on other sites More sharing options...
Fadion Posted May 10, 2008 Share Posted May 10, 2008 <?php $hometel = $_POST['hometel']; if(strlen($hometel) == 10 and is_numeric($hometel){ //do some code } else{ echo 'Home phone is invalid.'; } ?> Ull just need to enter that if() in your other validation if()s. Quote Link to comment Share on other sites More sharing options...
talas Posted May 10, 2008 Author Share Posted May 10, 2008 Thanks! I will now try it, and post the errors I get, if any Quote Link to comment Share on other sites More sharing options...
talas Posted May 11, 2008 Author Share Posted May 11, 2008 I keep getting Parse error: syntax error, unexpected '{' in /home/ftpgroup/flh/public_html/ams/inc/process.php on line 38 Line 38: if((strlen($hometel) == 10) and (is_numeric($hometel)){ Quote Link to comment Share on other sites More sharing options...
peranha Posted May 11, 2008 Share Posted May 11, 2008 if((strlen($hometel) == 10) and (is_numeric($hometel))){ that should work, you forgot the last ) closing the whole if statment. Quote Link to comment Share on other sites More sharing options...
talas Posted May 11, 2008 Author Share Posted May 11, 2008 Doh! Thanks! Quote Link to comment Share on other sites More sharing options...
talas Posted May 11, 2008 Author Share Posted May 11, 2008 Problem, again. I am submitting the form with nothing in it, but it is still processing. Any ideas why? Code for this part of the processing: /* The following is to take the data entered by the applicant and set it into values that can be sent to MySQL. */ /* Application - Personal Data */ if($AllInfoEntered=0){ if(isset($_POST['Name'])){ //check at least one field to see if the form has been submitted $name = mysql_real_escape_string($_POST['Name']); $email = mysql_real_escape_string($_POST['Name']); $hometel = mysql_real_escape_string($_POST['HomeTel']); if($name != '' and $email != ''){ //check if posted data are not empty if(strstr($email, '@') and strstr($email, '.')){ //just a simple check on the email, but regex should be used for better results $appname=$_POST['Name']; $appemail=$_POST['Email']; $appgender=$_POST['Gender']; $appregion=$_POST['Region']; if((strlen($hometel) == 10) and (is_numeric($hometel))){ $apptel=$_POST['HomeTel']; $appage=$_POST['Age']; $appxfire=$_POST['xfire']; /*Application Acknowledgements */ if(($_POST['Agree1'] == Yes) and ($_POST['Agree2'] == Yes) and ($_POST['Agree3'] == Yes)){ $acknowledgement=1; /* Application - Game Data */ $appnick=$_POST['NicName']; $appgdinfo1=$_POST['Info1']; $appgdinfo2=$_POST['Info2']; /* Application - About You */ $appinfo1=$_POST['About1']; $appinfo2=$_POST['About2']; $appinfo3=$_POST['About3']; /* Application Sponsor */ $appsponsor=$_POST['Sponsor']; }else{ echo '<b><i><font size=+1>You have not acknowledged all that is required, please go back and correct this.</font></i></u><br><br><a href=".../enlist.php">Go Back</a>'; $fail = 1; } } else{ echo 'Home phone is invalid.'; $fail = 1; } } else{ echo 'Email is invalid.'; $fail = 1; } } else{ echo 'Fields cant be empty.'; $fail = 1; } } if($fail = 1){ echo 'There was an error, please go back and fix it.'; exit(); }else{ $AllInfoEntered = 1; } }elseif($AllInfoEntered = 1){ /* Processing code goes here */ } Quote Link to comment Share on other sites More sharing options...
peranha Posted May 11, 2008 Share Posted May 11, 2008 if($AllInfoEntered=0){ should be if($AllInfoEntered == 0){ you want to compare, not set to 0. that is what I can see right now Quote Link to comment Share on other sites More sharing options...
talas Posted May 11, 2008 Author Share Posted May 11, 2008 thanks, i thought it didn't matter if it was in an if() statement Quote Link to comment Share on other sites More sharing options...
talas Posted May 11, 2008 Author Share Posted May 11, 2008 The script is rejecting the email. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.