[SOLVED] mysql not insterting full data.

jamesxg1 · April 9, 2009

<?php session_start();

ini_set('display_errors', 1);
error_reporting(E_ALL);

include 'Database/Connection.php';
include 'Database/Utility.php';

isloggedin();
accessneeded("C");

if (isset($_POST['Add'])) {

  $holder     = mysql_real_escape_string($_POST['holder']);
  $firstname  = mysql_real_escape_string($_POST['firstname']);
  $firstname  = ereg_replace(" ", "", $firstname); 
  $lastname   = mysql_real_escape_string($_POST['lastname']);
  $lastname   = ereg_replace(" ", "", $lastname); 
  $address    = mysql_real_escape_string($_POST['address']);
  $postcode   = mysql_real_escape_string($_POST['postcode']);
  $email      = mysql_real_escape_string($_POST['email']);
  $email      = ereg_replace(" ", "", $email); 
  $pnumber    = mysql_real_escape_string(intval($_POST['pnumber']));
  $pnumber    = ereg_replace(" ", "", $pnumber); 
  $number     = mysql_real_escape_string($_POST['txtNumber']);

  if($holder && $firstname && $lastname && $address && $postcode && $email && $pnumber) {
    $_name = "/^[-!#$%&\'*+\\.\/0-9=?A-Z^`{|}~]+";
    $_host = "([-0-9A-Z]+\.)+";
    $_tlds = "([0-9A-Z]){2,4}$/i";
     
    if( !preg_match($_name."@".$_host.$_tlds,$email) ){
      echo "<div align=\"center\">The email you entered is of invalid format.</div>";
         include("ContactsControl.php?contact=Add");
         die();
    }

    if (md5($number) == $_SESSION['image_random_value']) {

      $sql = "INSERT INTO `contacts` (`holder`, `firstname`, `lastname`, `address`, `postcode`, `email`, `pnumber`) VALUES('$holder', '$firstname', '$lastname', '$address', '$postcode', '$email', '$pnumber')";
      mysql_query($sql) or die(mysql_error());
      header('Location: ContactsControl.php?contact=Overview');
    }
  }
}

?>
      <form method="POST" action="<?php $PHP_SELF ?>">
      <p><b>First Name:</b><br><input type="text" name="firstname" size="20" maxlength="255" /></p>
      <p><b>Last Name:</b><br><input type="text" name="lastname" size="20" maxlength="255" /></p>

      <p><b>Address:</b><br><textarea rows="5" cols="40" name="address" id="$address"></textarea></p>

      <p><b>Postcode:</b><br><input type="text" name="postcode" size="20" maxlength="255" /></p>
      <p><b>Email:</b><br><input type="text" name="email" size="20" maxlength="255" /></p>
      <p><b>Phone Number:</b><br><input type="text" name="pnumber" size="20" maxlength="255" /></p>

      <p><img src="Security/SecureSubmit.php" /></p>

      <p><b>Security Code:</b><br><input name="txtNumber" type="text" id="txtNumber" value="" /></p>
      <p><br><input type="hidden" name="holder" size="20" maxlength="255" value="<?php print $_SESSION['userid']; ?>"/></p>
      <p align="center">
      <input type="submit" name="Add" value="Submit" />
      <input type="reset" name="reset" value="Reset Form" />
      </p>
      </form>

its the pnumber i type 01795510249 and get 1795510249 in the DB

revraz · April 9, 2009

$pnumber = mysql_real_escape_string(intval($_POST['pnumber']));

Do you know what INTVAL does?

http://www.php.net/intval

Sign In

[SOLVED] mysql not insterting full data.

Recommended Posts

jamesxg1

Link to comment

Share on other sites

revraz

Link to comment

Share on other sites

Archived

Browse

Activity

Important Information