sandbudd Posted August 4, 2009 Share Posted August 4, 2009 Hey guys this php form works fine but what I need to do is have them put in their email address then put it in again and make sure they match? kind of like a registration form for password re enter password. <?php { $first_name = $_POST[ 'first_name' ]; $middle_name = $_POST[ 'middle_name' ]; $last_name = $_POST[ 'last_name' ]; $phone = $_POST[ 'phone' ]; $email = $_POST[ 'email' ]; $query = "insert into club values ( '$id', '$first_name', '$middle_name', '$last_name', '$phone', '$email')"; $results = mysql_query( $query ) or printf( "Query error: %s", mysql_error() ); } mysql_close(); ?> <form action="<?php $PHP_SELF; ?>" method="POST" onsubmit="return validate_form(this)"> <table width="361" border="0" cellspacing="0" cellpadding="5"> <tr> <td>First Name *</td> <td><input type="text" name="first_name" /></td> </tr> <tr> <td>Middle Name</td> <td><input type="text" name="middle_name" /></td> </tr> <tr> <td>Last/Family/Surname *</td> <td><input type="text" name="last_name" /></td> </tr> <tr> <td>Phone (xxx-xxx-xxxx)</td> <td><input type="text" name="phone" /></td> </tr> <tr> <td>Email Address *</td> <td><input type="text" name="email" /></td> </tr> <tr> <td>Confirm Email *</td> <td><input type="text" name="emailconfirm" /></td> </tr> </table> <p><br /> <input type="submit" /> </p> </form> Quote Link to comment Share on other sites More sharing options...
dadamssg Posted August 4, 2009 Share Posted August 4, 2009 I think you need to do a LOT more validating than that....but do something like if($_POST['email'] != $_POST['emailconfirm']){ //do something if they don't match } Quote Link to comment Share on other sites More sharing options...
sawade Posted August 4, 2009 Share Posted August 4, 2009 A simple validation code should do the trick for you. Something along the lines of the following. if ($email == $emailconfirm) { ALLOW QUERY else { echo 'Your email address was not confirmed, please try again.'; } Quote Link to comment Share on other sites More sharing options...
sandbudd Posted August 4, 2009 Author Share Posted August 4, 2009 sawade where do I put that in the code? Quote Link to comment Share on other sites More sharing options...
sawade Posted August 4, 2009 Share Posted August 4, 2009 [pre]Here is an example: <?php // VARIABLES $first_name = $_POST[ 'first_name' ]; $middle_name = $_POST[ 'middle_name' ]; $last_name = $_POST[ 'last_name' ]; $phone = $_POST[ 'phone' ]; $email = $_POST[ 'email' ]; #email_confirm = $_POST['emailconfirm']; //CREATE THE VARIABLE // VALIDATE EMAIL ADDRESS if ($email == $email_confirm) { // DATABASE QUERY $query = "insert into club values ( '$id', '$first_name', '$middle_name', '$last_name', '$phone', '$email')"; $results = mysql_query( $query ) or printf( "Query error: %s", mysql_error() ); mysql_close(); else { echo 'Your email address was not confirmed, please try again.'; } ?> <form action="<?php $PHP_SELF; ?>" method="POST" onsubmit="return validate_form(this)"> <table width="361" border="0" cellspacing="0" cellpadding="5"> <tr> <td>First Name *</td> <td><input type="text" name="first_name" /></td> </tr> <tr> <td>Middle Name</td> <td><input type="text" name="middle_name" /></td> </tr> <tr> <td>Last/Family/Surname *</td> <td><input type="text" name="last_name" /></td> </tr> <tr> <td>Phone (xxx-xxx-xxxx)</td> <td><input type="text" name="phone" /></td> </tr> <tr> <td>Email Address *</td> <td><input type="text" name="email" /></td> </tr> <tr> <td>Confirm Email *</td> <td><input type="text" name="emailconfirm" /></td> </tr> </table> <p><br /> <input type="submit" /> </p> </form> My only other concern is that in your current code you don't open the $dbc variable for the mySql. I was thinking you left it off so we don't see it. But do be sure you have it. Also, using this validation you may want to think about adding a few more codes in to make your text fields sticky. So in case the two don't match the user does not have to retype the WHOLE form over again. [/pre] Quote Link to comment Share on other sites More sharing options...
sandbudd Posted August 4, 2009 Author Share Posted August 4, 2009 get a blank page Quote Link to comment Share on other sites More sharing options...
sawade Posted August 4, 2009 Share Posted August 4, 2009 get a blank page Well you need to add in a isset statement as well. Basically, you need to tell the from since it is a self processing php that at open all variables are empty and thats okay, shoe the html. Then when the user clicks submit that the form needs to process. Add an isset statement for the basic html form to show with empty fields. Example: if (isset($_POST['submit'])) { ADD VARIABLES $output_form = false; /* POST Validity - Security */ if($_SERVER['REQUEST_METHOD'] != "POST"){ echo("Unauthorized attempt to access page."); exit; } } else { $output_form = true; } ADD PROCESSING CODE AND VALIDATION CODE if ($output_form == true) { end php code and INPUT FORM <?php } ?> This should point you in the right direction. While you are debugging add this to the very top of the php scripting area. <?php ini_set("display_errors", "1"); error_reporting(E_ALL); session_start(); ?> Quote Link to comment Share on other sites More sharing options...
premiso Posted August 4, 2009 Share Posted August 4, 2009 <?php // first up there was no statement here ? if (isset($_POST['first_name'])){ // lets check if a value of the form is there $first_name = isset($_POST[ 'first_name' ])?mysql_real_escape_string($_POST[ 'first_name' ]):null; // repeat this for anything coming in from the form // it will prevent sql injection. $middle_name = $_POST[ 'middle_name' ]; // repeat here $last_name = $_POST[ 'last_name' ]; // and here $phone = $_POST[ 'phone' ]; // and here $email = $_POST[ 'email' ]; // and here if ($_POST['email'] == $_POST['emailconfirm']) { // the email fields checked out $query = "insert into club values ( '$id', '$first_name', '$middle_name', '$last_name', '$phone', '$email')"; $results = mysql_query( $query ) or printf( "Query error: %s", mysql_error() ); }else { // some type of error message generated } } // mysql_close(); // really not necessary unless you are working with persistent connections ?> <form action="<?php $PHP_SELF; ?>" method="POST" onsubmit="return validate_form(this)"> <table width="361" border="0" cellspacing="0" cellpadding="5"> <tr> <td>First Name *</td> <td><input type="text" name="first_name" /></td> </tr> <tr> <td>Middle Name</td> <td><input type="text" name="middle_name" /></td> </tr> <tr> <td>Last/Family/Surname *</td> <td><input type="text" name="last_name" /></td> </tr> <tr> <td>Phone (xxx-xxx-xxxx)</td> <td><input type="text" name="phone" /></td> </tr> <tr> <td>Email Address *</td> <td><input type="text" name="email" /></td> </tr> <tr> <td>Confirm Email *</td> <td><input type="text" name="emailconfirm" /></td> </tr> </table> <p><br /> <input type="submit" value="Submit" /> </p> </form> Give that a try and see if it helps. I commented the code where I modified it. Quote Link to comment Share on other sites More sharing options...
sandbudd Posted August 4, 2009 Author Share Posted August 4, 2009 okay here is the entire code but it does not show error when emails are not the same <?php ini_set("display_errors", "1"); error_reporting(E_ALL); session_start(); ?> <script type="text/javascript"> function validate_required(field,alerttxt) { with (field) { if (value==null||value=="") { alert(alerttxt);return false; } else { return true; } } } function validate_form(thisform) { with (thisform) { if (validate_required(first_name,"First Name must be filled out!")==false) {first_name.focus();return false;} } } </script> <?php $host = ''; $user = ''; $pw = ''; $db = ''; $link = mysql_connect( $host, $user, $pw ) or die( 'Could not connect: ' . mysql_error() ); mysql_select_db( $db ); ?> <?php // first up there was no statement here ? if (isset($_POST['first_name'])){ // lets check if a value of the form is there $first_name = isset($_POST[ 'first_name' ])?mysql_real_escape_string($_POST[ 'first_name' ]):null; // repeat this for anything coming in from the form // it will prevent sql injection. $middle_name = $_POST[ 'middle_name' ]; // repeat here $last_name = $_POST[ 'last_name' ]; // and here $phone = $_POST[ 'phone' ]; // and here $email = $_POST[ 'email' ]; // and here if ($_POST['email'] == $_POST['emailconfirm']) { // the email fields checked out $query = "insert into club values ( '$id', '$first_name', '$middle_name', '$last_name', '$phone', '$email')"; $results = mysql_query( $query ) or printf( "Query error: %s", mysql_error() ); }else { // some type of error message generated } } // mysql_close(); // really not necessary unless you are working with persistent connections ?> <form action="<?php $PHP_SELF; ?>" method="POST" onsubmit="return validate_form(this)"> <table width="361" border="0" cellspacing="0" cellpadding="5"> <tr> <td>First Name *</td> <td><input type="text" name="first_name" /></td> </tr> <tr> <td>Middle Name</td> <td><input type="text" name="middle_name" /></td> </tr> <tr> <td>Last/Family/Surname *</td> <td><input type="text" name="last_name" /></td> </tr> <tr> <td>Phone (xxx-xxx-xxxx)</td> <td><input type="text" name="phone" /></td> </tr> <tr> <td>Email Address *</td> <td><input type="text" name="email" /></td> </tr> <tr> <td>Confirm Email *</td> <td><input type="text" name="emailconfirm" /></td> </tr> </table> <p><br /> <input type="submit" value="Submit" /> </p> </form> Quote Link to comment Share on other sites More sharing options...
sandbudd Posted August 4, 2009 Author Share Posted August 4, 2009 and know its not populating the database...lol Quote Link to comment Share on other sites More sharing options...
sandbudd Posted August 4, 2009 Author Share Posted August 4, 2009 forgot the echo message duh...now I get this error Notice: Undefined variable: id Quote Link to comment Share on other sites More sharing options...
premiso Posted August 4, 2009 Share Posted August 4, 2009 You never set the variable id. Where is it suppose to come from / what is it suppose to contain? Quote Link to comment Share on other sites More sharing options...
sandbudd Posted August 4, 2009 Author Share Posted August 4, 2009 it is a auto_increment set in the table Quote Link to comment Share on other sites More sharing options...
premiso Posted August 4, 2009 Share Posted August 4, 2009 $query = "insert into club values (NULL, '$first_name', '$middle_name', '$last_name', '$phone', '$email')"; Then you do not need to but $id in there, as it does not have a value and causes issues as you noticed. Try putting NULL in the id spot. The auto_increment should pick it up and work just fine. Quote Link to comment Share on other sites More sharing options...
sandbudd Posted August 4, 2009 Author Share Posted August 4, 2009 yea that worked...one more quick question...for the fields that need to are mandatory is there a easier or better way to do it then with javascript? Quote Link to comment Share on other sites More sharing options...
premiso Posted August 4, 2009 Share Posted August 4, 2009 better way to do it then with javascript? PHP would be better as it cannot be disabled. if (!isset($_POST['first_name']) || empty($_POST['first_name'])) { echo 'First name is required.'; exit; } $first_name = isset($_POST[ 'first_name' ])?mysql_real_escape_string($_POST[ 'first_name' ]):null; // repeat this for anything coming in from the form // it will prevent sql injection. $middle_name = $_POST[ 'middle_name' ]; // repeat here $last_name = $_POST[ 'last_name' ]; // and here $phone = $_POST[ 'phone' ]; // and here $email = $_POST[ 'email' ]; // and here The checks can be done a bit nicer with nicer error messages and without exiting the script. That is just a rough example of one way it could be done. Quote Link to comment Share on other sites More sharing options...
sandbudd Posted August 4, 2009 Author Share Posted August 4, 2009 one more question guys when submitted how do I do and echo statement saying "form submitted" Quote Link to comment Share on other sites More sharing options...
sandbudd Posted August 4, 2009 Author Share Posted August 4, 2009 premiso that gives me a blank page? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.