gorkongroove Posted August 18, 2006 Share Posted August 18, 2006 Hi! I have a problem! The system I work with is a Fedora with MySql and Php 4. In the application there is a FORM to introduce data in the DDBB, and there are some obligatory fields, so there is a typical JS function that, on submit and before saving the information with other php script, it checks if there are any blank fields and shows a typical error message. This was working correctly until some collateral effects appeared after changing some SQL querys. The problem now is that anyone can save the information with all the mandatory fields left blank. And this is not the expected behaviour... I've been checking all the code and making some changes during the last month but I can´t get the solution. It is not neccesary to say that I am not an experienced developer ... So I am asking for some help please, because I am desperated for a solution... Maybe this has happened to someone before? ... or is a typical error? Or maybe someone know other solutions or debuging methods to focus the problem? Thanks in advance! Quote Link to comment Share on other sites More sharing options...
craygo Posted August 18, 2006 Share Posted August 18, 2006 If this is a Jscript question you should go to the java section, but in both cases you may want to give us some code to work with.Ray Quote Link to comment Share on other sites More sharing options...
HeyRay2 Posted August 18, 2006 Share Posted August 18, 2006 Never rely only on client-side scripting to verify data. It's good to give the user a quick heads-up if they miss a field, but don't allow that to be your only line of defense.Here's a good thread on server-side data validation and error checking, which includes checking for blank values.http://www.phpfreaks.com/forums/index.php/topic,36973.0.htmlFor your client-side error checking, post some code and we'll do what we can to help out... ;) Quote Link to comment Share on other sites More sharing options...
gorkongroove Posted August 21, 2006 Author Share Posted August 21, 2006 Thanks for your replies! The problem, in my opinion, is not a JS problem because I have not modified the jScript code. And I have been doing some changes in the form.js file so it only checks one field and the result was the same! Also thanks for the link, it is a very interesting thread and will help me a lot. I am starting now to make some php error checking.The code is here, maybe it is a bit extense ... The previous developer coded most parts. Smarty is used. *******************************************************************#######editar.php#######*******************************************************************<? session_start(); $__usuario = $_SESSION["__usuario"]; require_once("Smarty.class.php"); include_once("alioli.ini"); include_once("ez_sql.php"); include_once("pagina.inc.php"); $id_lom = $HTTP_GET_VARS["id_lom"]; $pantalla = $HTTP_GET_VARS["pantalla"]; $smarty = new Smarty; $p = new pagina(); $p->menu(); if (!isset($__usuario)) { $p->Redireccionar(); exit;} $sql6 = "select * from lom_educational_learning_resource_types"; if ($datos_lom_educational_learning_resource_types = $db->get_results($sql6)){ foreach ($datos_lom_educational_learning_resource_types as $fila6 ){ $smarty->append('edu_learn_id', $fila6->id); $smarty->append('edu_learn_description', $fila6->description); } } $sql2 = "select * from avl_languages"; if ($datos_avl_languages = $db->get_results($sql2)){ foreach ($datos_avl_languages as $fila2 ){ $smarty->append('id_language', $fila2->id_language); $smarty->append('caption', $fila2->caption); $smarty->append('code', $fila2->code); } } $sql2 = "select * from lom_rights_types "; if ($datos_rights_types = $db->get_results($sql2)){ foreach ($datos_rights_types as $fila2 ){ $smarty->append('id_rights', $fila2->id); $smarty->append('caption_rights', $fila2->caption); $smarty->append('default_rights', $fila2->Iddefault); } } $sql1 = "select * from lom_educational_interactivity_type"; if ($datos_lom_educational_interactivity_type= $db->get_results($sql1)){ foreach ($datos_lom_educational_interactivity_type as $fila1 ){ $smarty->append('interactivity_type_id', $fila1->id); $smarty->append('interactivity_type_description', $fila1->description); } } $sql2 = "select * from lom_educational_intended_end_user_role"; if ($datos_lom_educational_intended_end_user_role = $db->get_results($sql2)){ foreach ($datos_lom_educational_intended_end_user_role as $fila2 ){ $smarty->append('intended_end_user_id', $fila2->id); $smarty->append('intended_end_user_description', $fila2->description); } } $sql3 = "select * from lom_educational_context"; if ($datos_lom_educational_context = $db->get_results($sql3)){ foreach ($datos_lom_educational_context as $fila3 ){ $smarty->append('context_id', $fila3->id); $smarty->append('context_description', $fila3->description); } } $sql4 = "select * from lom_educational_difficulty"; if ($datos_lom_educational_difficulty = $db->get_results($sql4)){ foreach ($datos_lom_educational_difficulty as $fila4 ){ $smarty->append('difficulty_id', $fila4->id); $smarty->append('difficulty_description', $fila4->description); } } $sql4 = "select * from lom_general_structure"; if ($datos_lom_general_structure = $db->get_results($sql4)){ foreach ($datos_lom_general_structure as $fila4 ){ $smarty->append('general_structure_id', $fila4->id_structure); $smarty->append('general_structure_description', $fila4->description); } } $sql5 = "select * from lom_general_aggregation_level"; if ($datos_lom_general_aggregation_level= $db->get_results($sql5)){ foreach ($datos_lom_general_aggregation_level as $fila5 ){ $smarty->append('aggregation_level_id', $fila5->id_aggregation_level); $smarty->append('aggregation_level_description', $fila5->description); } } $sql5 = "select id, extension, mime, ltf_order from lom_technical_format ORDER BY ltf_order"; if ($datos_lom_technical_format = $db->get_results($sql5)){ foreach ($datos_lom_technical_format as $fila5){ $smarty->append('technical_id', $fila5->id); $smarty->append('technical_datos', $fila5->mime." (".$fila5->extension.") "); } } if ($pantalla=='Modify'){ $sqlg3 = "SELECT g.loID, g.title, g.description, g.catalog, g.entity, g.keyword, g.coverage, g.id_structure, g.id_aggregation_level, g.id_language, g.copyrightcom FROM lom_general g WHERE g.loID='$id_lom'"; if ($datos_lom_general = $db->get_results($sqlg3)){ foreach ($datos_lom_general as $fila ){ $smarty->assign('id_lom', $fila->loID); $smarty->assign('title', $fila->title); $smarty->assign('description', $fila->description); $smarty->assign('entity', $fila->entity); $smarty->assign('keyword', $fila->keyword); $smarty->assign('coverage', $fila->coverage); $smarty->assign('catalog', $fila->catalog); $smarty->assign('id_structure1', $fila->id_structure); $smarty->assign('id_aggregation_levell', $fila->id_aggregation_level); $smarty->assign('id_language11', $fila->id_language); $smarty->assign('copyrightcom', $fila->copyrightcom); } } $sqlg1 = "SELECT id, interactivity_type, learning_resource_type, interactivity_level, semantic_density, intended_end_user_role, context, typical_age_range, difficulty, typical_learning_time, description, language FROM lom_educational WHERE loID='$id_lom'"; if ($datos_lom_educational = $db->get_results($sqlg1)){ foreach ($datos_lom_educational as $fila ){ $smarty->assign('id_educational', $fila->id); $smarty->assign('id_interactivity_type1', $fila->interactivity_type); $smarty->assign('id_learning_resource_type1', $fila->learning_resource_type); $smarty->assign('id_interactivity_level1', $fila->interactivity_level); $smarty->assign('id_intended_end_user_role1', $fila->intended_end_user_role); $smarty->assign('id_context1', $fila->context); $smarty->assign('id_semantic_density1', $fila->semantic_density); $smarty->assign('id_difficulty1', $fila->difficulty); $smarty->assign('typical_learning_time',$fila->typical_learning_time); $smarty->assign('typical_age_range',$fila->typical_age_range); $smarty->assign('educational_description',$fila->description); $smarty->assign('id_language21',$fila->language); $smarty->assign('id_edu',$fila->id); } } $sqlg2 = "SELECT distinct id_technical, id_format, size, location, requirement FROM lom_technical WHERE loID='$id_lom'"; if ($datos_lom_general = $db->get_results($sqlg2)){ foreach ($datos_lom_general as $fila ){ $smarty->assign('id_tec', $fila->id_technical); $smarty->assign('id_format1', $fila->id_format); $smarty->assign('size', $fila->size); $smarty->assign('location', $fila->location); $smarty->assign('requirement', $fila->requirement); } } } $smarty->assign('app_dir', $app_dir); $smarty->assign('pantalla', $pantalla); $smarty->assign('id_lom', $id_lom); $smarty->display('editar.tpl'); $p->pie();?> Quote Link to comment Share on other sites More sharing options...
gorkongroove Posted August 21, 2006 Author Share Posted August 21, 2006 I get a timeout error so I have to post the code separately... Sorry ...*******************************************************************#####forms.js#####*******************************************************************/* form functions */function submit_add_content_form (){ var funcion = new function () {} alert_message=""; first_unfilled_field = ""; campo = document.forma.learning_resource_type; if ( campo.value == 0 ){ alert_message += "* Learning Resource Type \n"; } campo = document.forma.title; if ( campo.value == "" ) { alert_message += "* Title\n"; x = first_unfilled_field; first_unfilled_field = (x ? x : campo ); } campo = document.forma.id_language1; if ( campo.value == 0 ){ alert_message += "* Language\n"; } campo = document.forma.lom_description; if ( campo.value == "" ) { alert_message += "* Description\n"; x = first_unfilled_field; first_unfilled_field = (x ? x : campo ); } campo = document.forma.copyrightcom; //gor if ( campo.value == "") { alert_message += "* Copyright Comments\n"; } campo = document.forma.life_entity; //gor if ( campo.value == "") { alert_message += "* Entity\n"; } campo = document.forma.interactivity_type_id; if ( campo.value == 0 ){ alert_message += "* Interactivity Type\n"; } campo = document.forma.intended_end_user_id; if ( campo.value == 0 ){ alert_message += "* Intended end user\n"; } campo = document.forma.context_id; if ( campo.value == 0 ){ alert_message += "* Context\n"; } campo = document.forma.difficulty_id; if ( campo.value == 0 ) { alert_message += "* Difficulty\n"; } campo = document.forma.typical_learning_time; if ( campo.value == "" ) { alert_message += "* Typical Learning Time\n"; x = first_unfilled_field; first_unfilled_field = (x ? x : campo ); } campo = document.forma.learning_outcomes; if ( campo.value == "" ) { alert_message += "* Learning Outcomes\n"; x = first_unfilled_field; first_unfilled_field = (x ? x : campo ); } campo = document.forma.id_language; if ( campo.value == 0 ) { alert_message += "* Language\n"; } campo = document.forma.aggregation_level_id; if ( campo.value == 0 ){ alert_message += "* Aggregation Level\n"; } campo = document.forma.id_structure; if ( campo.value == 0 ){ alert_message += "* Structure\n"; } if ( alert_message ) { alert ( "Sorry, you must fill in the mandatory fields (*):\n" + alert_message ); return false; } else { return true; } }****************************************************************** Quote Link to comment Share on other sites More sharing options...
gorkongroove Posted August 21, 2006 Author Share Posted August 21, 2006 This is the last part of my sliced reply. This is the .tpl Smarty file. Is compressed in rar format because I could not post the code in the message (got timeout ...). Thanks![attachment deleted by admin] Quote Link to comment Share on other sites More sharing options...
gorkongroove Posted August 24, 2006 Author Share Posted August 24, 2006 I don´t know why, but it is solved. Like it appeared it disappeared .... I realized some changes in the php files. I didn´t liked the results so I commented the new lines typed, and after that all was working in the desired way. Thanks Craygo and HeyRay2. I am working know trying to make some server-side validation, and it works. The main problem now is, after showing the error message (with a new Smarty .tpl file), how to redirect the user to the form and keep the filled fields with the information, so he or she doesn't need to fill ALL the fields another time. I am now reading some literature to do it. Bye! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.