[SOLVED] cant get 'only allow characters' to work !

[runnerjp]

ok really i have 2 questions... here is my 1st

 

for some reaosn when it gets my name from the db and i want to chnage anything it sys

 

*First name can only contain letters

*last name can only contain letters

 

even though all thats outputted in the boxes is jarratt perkins

 

how comes its doing this?

 

the code is here

 

<link rel="stylesheet" type="text/css" href="http://www.runningprofiles.com/css/login.css">
<link rel="stylesheet" type="text/css" href="include/profiletab/ajaxtabs/ajaxtabs.css">
<?php 
require_once '../settings.php';
checkLogin('1 2');
include "../info.php"; // sets username/id ect
include "../getuser.php"; // records user view on page
$getuser = mysql_fetch_assoc(mysql_query("SELECT * from users where Username='$username'"));
$getuserprofile = mysql_fetch_assoc(mysql_query("SELECT * from profile where ID='" .
            $getuser['ID'] . "'"));
		$your_date = $getuserprofile['dob'];
$splitDate = explode("-", $your_date);

?>		
           
       
<table width="100%" cellspacing="0" cellpadding="0">
   <tr>
     <td width="10%"> </td>
     <td width="42%"> 

      <div id="countrydivcontainer" style="border:1px solid gray; width:800px; margin-bottom: 1em; padding: 10px">
      
       <?  
       if(isset($_POST['submitted']))
{


   
  foreach($_POST as $field => $value) {
   if (($field != 'submit') && ((!$value) || (trim($value) == ''))) {
      $err .= "$field cannot be empty. <br>";
      $warnings[$field] ="required";
   }
}   

if (!$_POST["first_name"] || !preg_match("/^[a-zA-Z]+$/", $_POST["first_name"])) {
   $warnings["first_name"] = " <label for=\"uname\" class=\"error\"><em>*</em>First name can only contain letters</label>";
   }
if (!$_POST["last_name"] || !preg_match("/^[a-zA-Z]+$/", $_POST["last_name"])) {
   $warnings["last_name"] = " <label for=\"uname\" class=\"error\"><em>*</em>Last name can only contain letters</label>";
   
}

           $count  = count($warnings);
           }
if($count === 0)
{
   
if(array_key_exists('submit', $_POST))
{



$club = mysql_real_escape_string($_POST['club']);
$first_name = mysql_real_escape_string($_POST['first_name']);
$last_name =  mysql_real_escape_string($_POST['last_name']);
$gender =  mysql_real_escape_string($_POST['gender']);
$year =  mysql_real_escape_string( $_POST['year']);
$month =  mysql_real_escape_string( $_POST['month']);
$day =  mysql_real_escape_string( $_POST['day']);
$dob = $day.'-'.$month.'-'.$year; 
$update = "UPDATE profile SET dob='$dob', club= '$club', first_name = '$first_name', gender = '$gender', last_name = '$last_name' WHERE ID='$id' ";


$result = mysql_query($update);

// Check result
// This shows the actual query sent to MySQL, and the error. Useful for debugging.
if (!$result) {
    $er  = 'Invalid query: ' . mysql_error() . "\n";
    $er .= 'Whole query: ' . $query;
    die($er);
       }}
  echo '			<p class="error">' . $message . '</p>' . "\n";
}



            if ($err){?>
      <div class="errors">
	<p align="center"><em>Oops... the following errors were encountered:</em></p>

	<div align="center">
	  <ul>
	    <?php echo $err; ?>
      </ul>
    </div>
	<p align="center">Data has <strong>not</strong> been saved.</p>
</div>
      <p>
       <?php } ?>
      <fieldset>
	<legend>Basic Information</legend>
	<p> </p>
	<form  action='<?php "$_SERVER[php_SELF]" ?>' method="post" name="submit">
        <label>
        <table width="75%" align="left" cellpadding="0" cellspacing="0">
          <tr>
            <td height="30"width="28%"><div align="right">First Name:</div></td>
            <td width="2%"> </td>
            <td width="70%"><input name="first_name" id="first_name" <? if (count($warnings) > 0){ if ($warnings['first_name']) echo "class=\"inputerror\""; }?> value="<?php echo $getuserprofile['first_name'] ?>"  />
              <?php if (count($warnings) > 0){ echo $warnings["first_name"];} ?> </td>
          </tr>
          <tr>
            <td height="30"><div align="right">last_name: </div></td>
            <td><label></label></td>
            <td><input  type="text" name="last_name" id="last_name" <? if (count($warnings) > 0){ if ($warnings['last_name']) echo "class=\"inputerror\"";} ?> value="<?php echo $getuserprofile['last_name'] ?>" />
            <?php if (count($warnings) > 0){ echo $warnings["last_name"];} ?>
            </td>
          </tr>
          <tr>
            <td height="30"><div align="right">Birthday :</div></td>
            <td> </td>
            <td><?php  
$months = array (1 => 'January', 'February', 'March', 'April', 'May', 'June','July', 'August', 'September', 'October', 'November', 'December');
$weekday = array('Sunday','Monday','Tuesday','Wednesday','Thursday','Friday','Saturday');
$days = range (1, 31);
$years = range (1910, 2015);

//**********************************************

echo "Day: <select name='day'>";
foreach ($days as $value) {
   echo '<option ';
   if($splitDate[0] == $value)
      echo 'selected="selected"';
   echo ' value="'.$value.'">'.$value.'</option>\n';
} echo '</select>';

echo "Month: <select name='month'>";
foreach ($months as $value) {

   echo '<option ';
   if($splitDate[1]==$value) 
      echo "selected='selected'";
   echo 'value="'.$value.'">'.$value.'</option>\n';
} echo '</select>';

echo "Year: <select name='year'>";
foreach ($years as $value) {
   echo '<option ';
   if($splitDate[2]==$value)
      echo 'selected="selected"';
   echo " value='".$value."'>".$value."</option>\n";
} 
?>

</td>
          </tr>
          <tr>
            <td height="30"><div align="right">Gender : </div></td>
            <td> </td>
            <td><select  id="gender" name="gender">
              <option value="Male" selected="<?php echo $getuserprofile['gender']; ?>" >Male</option>
              <option value="Female" selected="<?php echo $getuserprofile['gender']; ?>"  >Female</option>
            </select></td>
          </tr>
          <tr>
            <td height="30"><div align="right">Club :</div></td>
            <td> </td>
            <td>
<?php $lines = file('runningclubs.txt');
echo '<select class="inputedit" id="club" name="club">';
foreach($lines as $line) {
if($getuserprofile['club'] == trim($line)){
echo '<option value="'.$line.'" selected="selected">'.$line.'</option>';
}else{
echo '<option value="'.$line.'">'.$line.'</option>';
}
}
echo "</select>";
?>

<input type="hidden" name="submitted" value="1" />
              <input type="hidden" name="id" value="<?php echo $id ?>" /></td>
          </tr>
          <tr>
            <td colspan="3"><div align="center">
              <input name="submit"  type="submit" class="submit-btn" value="" />
            </div></td>
          </tr>
        </table>
      </form>      
      </fieldset>  
      
      </div>

      </td>
     <td width="10%"> </td>
   </tr>
</table>

 

also an extra question is looking at the code can it be made better or shorter or anything?

[haku]

Change this:

 

if (!$_POST["first_name"] || !preg_match("/^[a-zA-Z]+$/", $_POST["first_name"])) {

 

To this:

 

if (!$_POST["first_name"] || !preg_match("/^[a-zA-Z ]+$/", $_POST["first_name"])) {

[runnerjp]

what did the space do?

[haku]

Fixed your problem.

 

You were only checking for letters, and you were using a space. A space isn't a letter. Now it's checking for letters and spaces.