Jump to content

[SOLVED] PHP skips validation

nvee

By nvee
in PHP Coding Help

 Share

Recommended Posts

nvee Member

nvee

Posted
Posted

Being a newbie, I have to say that I was relatively suprised with my performance so far ... well up to now atleast.

 

The code below is a general page divided into 3 individual forms. The main form is the one where users can change their details (user update form). The PHP script which does this is included in the page right above the form. Like all similiar pages, the update form must only run once the form submit button has run, so in theory when I goto the page, it should show me the database values in the individual form elements, and once I click submit it will run the page again but then pick up the submit has been pressed, and then do the update. HOWEVER, it does exactly the opposite now. It would appear to skip the part where I say if($_POST['edit'] == "submit" and just run the update page. It even skips the validation part (because logically it should stop the update part because there is nothing in any of the fields and now updates blank fields to the database.

 

I apologise for the mess of the page, I really have not gotten time to clean things up, just wanted it to all work, hope you can understand.

 

Just a couple of things

  • Right above the actual script which updates the database you will notice a small PHP script which checks if there was a ID passed to the this page. I do not know if it will cause my script to not work.
  • Right below the update script you will notice another PHP script which does a simple mysql_fetch_array to fetch the data from the database to insert it into the input fields.
  • Right at the bottom there is another PHP script which does the same as point 2, just gets data from another table in the database.

 

 

<?php require_once("includes/config.php"); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>WebCampus.co.za - Intelligent training solutions for tomorrows leaders</title>
<link rel="stylesheet" media="all" href="css/style.css" />
</head>

<body>
	<div id="wrapper">
        		<div id="header"></div>
                <?php include("includes/navigation_normal.php"); ?>
                <div id="advert"><img src="images/layout/advert.jpg" width="770" height="194" alt="advert" /></div>
                <div id="content">
                  <div id="content_area">
                          <h3>STUDENT MANAGEMENT</h3>
                        <h4>ADMIN: Edit student and student courses</h4>
                         <?php 
					  $student_id = $_GET['id'];
					  if(empty($student_id)) {
						  echo "You have to first select a student to manage or the student account has been deleted. Please <a href='students.php'>click here</a> to select a student and try again";
						  stop();
					  }
						   ?> 
                          <h4>Edit the student details form:</h4>
                          <?php	
					  		if($_POST['edit'] == "submit") {
									  $initials = $_POST['initials'];
									  $fullname = $_POST['fullname'];
									  $surname = $_POST['surname'];
									  $title = $_POST['titler'];
									  $maiden = $_POST['msurname'];
									  $id = $_POST['idnumber'];
									  $gender = $_POST['gender'];
									  $language = $_POST['language'];
									  $dob = $_POST['dob'];
									  $htel = $_POST['htel'];
									  $wtel = $_POST['wtel'];
									  $ctel = $_POST['ctel'];
									  $ftel = $_POST['ftel'];
									  $email = $_POST['email'];
									  $postal = $_POST['postal'];
									  $course_id = $_POST['course'];

							if($initials == "") {
								$error .= "<li>We require your full initials</li>";
							}
							if($fullname == "") {
								$error .= "<li>We require your full name</li>";
							}
							if ($surname == "") {
								$error .= "<li>We require your surname</li>";
							}
							if (!is_numeric ($id)) {
								$error .= "<li>Your ID number must be numeric</li>";
							}
							if ($id == "") {
								$error .= "<li>We require your ID number</li>";
							}
							if ($dob == "") {
								$error .= "<li>We require your date of birth</li>";
							}
							if(empty($htel) && empty($wtel) && empty($ctel)) {
								$error .= "<li>You need to atleast have 1 telephone number</li>";
							}
							if(!empty($wtel)) {
  								 	if(!is_numeric($wtel)) {
   								 			 $error .= "<li>Your work telephone number does not appear to be numeric, please correct this</li>";
  										 }
							}
							if(!empty($htel)) {
  								 	if(!is_numeric($htel)) {
   								 			 $error .= "<li>Your home telephone number does not appear to be numeric, please correct this</li>";
  										 }
							} 
							if(!empty($ctel)) {
  								 	if(!is_numeric($ctel)) {
   								 			 $error .= "<li>Your cellular telephone number does not appear to be numeric, please correct this</li>";
  										 }
							} 
							if ($email == "") {
								$error .= "<li>We require your email address</li>";
							}
								}
							if ($error != "") {
								echo "<p>There was errors with your registration:</p>";
								echo "<ul>" . $error . "</ul>";
							} else {			

								$dbx = mysql_connect("localhost","root","");
								if(!$dbx) die("The connection to the database could not be made!");

								mysql_select_db("$dbname") or die("Could not connect to the database");

								$query = mysql_query("UPDATE student SET init='$initials', fname='$fullname', sname='$surname', title='$title', msname='$maiden', dob='$dob', sex='$gender', lang='$language', idno='$id', telh='$htel', telw='$wtel', cel='$ctel', fax='$ftel', email='$email', address='$postal' WHERE sno='$student_id'");
								if(!$query) die ("The entry could not be entered into the database successfully. Please contact your system administrator for more assistance");
								echo "The student has been successfully been ammended into the database, please <a href='students.php'>click here</a> to return to the student management page";

							}
								?>
                                    
                                    <?php
								$dbx = mysql_connect("localhost","root","");
								if(!$dbx) die("The connection to the database could not be made!");
								mysql_select_db("$dbname") or die("Could not connect to the database");
								$query = mysql_query("SELECT * FROM student WHERE sno = $student_id");
								while ($result = mysql_fetch_array($query)) {
									?>
							<form id="register" name="regform" method="post" action="student_management.php">
                            <table width="490" border="0" cellspacing="2" cellpadding="2">
                              <tr>
                                <td width="132">Initials:</td>
                                <td width="344"><label>
                                  <input name="initials" type="text" id="initials" value="<?php echo $result["init"]; ?>" size="10" maxlength="10" />
                                </label></td>
                              </tr>
                              <tr>
                                <td>Full Name:</td>
                                <td><input type="text" name="fullname" value="<?php echo $result["fname"]; ?>" id="fullname" /></td>
                              </tr>
                              <tr>
                                <td>Surname:</td>
                                <td><input type="text" name="surname" value="<?php echo $result["sname"]; ?>" id="surname" /></td>
                              </tr>
                              <tr>
                                <td>Title:</td>
                                <td><select name="title" id="title">
                                <?php 
								if ($result["title"] = "Mr.") {
                                  echo "<option value=\"Mr.\" selected=\"selected\">Mr.</option>";
								} else {
							echo "<option value=\"Mr.\">Mr.</option>";
								}
							if ($result["title"] = "Mrs.") {
                                  echo "<option value=\"Mrs.\" selected=\"selected\">Mrs.</option>";
								} else {
							echo "<option value=\"Mrs.\">Mrs.</option>";
								}
							if ($result["title"] = "Miss") {
                                  echo "<option value=\"Miss\" selected=\"selected\">Miss</option>";
								} else {
							echo "<option value=\"Miss\">Miss</option>";
								}	
							?>
                                </select></td>
                              </tr>
                              <tr>
                                <td>Maiden Surname:</td>
                                <td><input type="text" name="msurname" value="<?php echo $result["msname"]; ?>" id="msurname" /></td>
                              </tr>
                              <tr>
                                <td>ID Number:</td>
                                <td><input name="idnumber" type="text" value="<?php echo $result["idno"]; ?>" id="idnumber" size="13" maxlength="13" /></td>
                              </tr>
                              <tr>
                                <td>Gender:</td>
                                <td><label>
                                  <select name="gender" id="gender">
                                    <?php 
								if ($result["sex"] = "Ma") {
                                  echo "<option value=\"Male\" selected=\"selected\">Male</option>";
								} else {
							echo "<option value=\"Male\">Male</option>";
								}
							if ($result["sex"] = "Fe") {
                                  echo "<option value=\"Female\" selected=\"selected\">Female</option>";
								} else {
							echo "<option value=\"Female\">Female</option>";
								}
							?>
                                  </select>
                                </label></td>
                              </tr>
                              <tr>
                                <td>Preferred Language:</td>
                                <td><select name="language" id="language" value="<?php echo "$language"; ?>">
                                <?php 
								if ($result["lang"] = "English") {
                                  echo "<option value=\"English\" selected=\"selected\">English</option>";
								} else {
							echo "<option value=\"English\">Male</option>";
								}
							if ($result["lang"] = "Afrikaans") {
                                  echo "<option value=\"Afrikaans\" selected=\"selected\">Afrikaans</option>";
								} else {
							echo "<option value=\"Afrikaans\">Afrikaans</option>";
								}
							if ($result["lang"] = "Xhosa") {
                                  echo "<option value=\"Xhosa\" selected=\"selected\">Xhosa</option>";
								} else {
							echo "<option value=\"Xhosa\">Xhosa</option>";
								}
							if ($result["lang"] = "Zulu") {
                                  echo "<option value=\"Zulu\" selected=\"selected\">Zulu</option>";
								} else {
							echo "<option value=\"Zulu\">Tswana</option>";
								}	
								if ($result["lang"] = "Tswana") {
                                  echo "<option value=\"Tswana\" selected=\"selected\">Tswana</option>";
								} else {
							echo "<option value=\"Tswana\">Tswana</option>";
								}									
							?>
                                </select></td>
                              </tr>
                              <tr>
                                <td>Date of birth:</td>
                                <td><input type="text" name="dob" id="dob" value="<?php echo $result["dob"]; ?>" /></td>
                              </tr>
                              <tr>
                                <td>Home Telephone:</td>
                                <td><input name="htel" type="text" id="htel" size="12" maxlength="12" value="<?php echo $result["telh"]; ?>" /></td>
                              </tr>
                              <tr>
                                <td>Work Telephone:</td>
                                <td><input name="wtel" type="text" id="wtel" size="12" maxlength="12" value="<?php echo $result["telw"]; ?>" /></td>
                              </tr>
                              <tr>
                                <td>Cellular Number:</td> 
                                <td><input name="ctel" type="text" id="ctel" size="12" maxlength="12" value="<?php echo $result["cel"]; ?>" /></td>
                              </tr>
                              <tr>
                                <td>Fax Number:</td>
                                <td><input name="ftel" type="text" id="ftel" size="12" maxlength="12" value="<?php echo $result["fax"]; ?>" /></td>
                              </tr>
                              <tr>
                                <td>Email Address:</td>
                                <td><input type="text" name="email" id="email" value="<?php echo $result["email"]; ?>" /></td>
                              </tr>
                              <tr>
                                <td>Postal Address:</td>
                                <td><input type="text" name="postal" id="postal" value="<?php echo $result["address"]; ?>" /></td>
                              </tr>
                              <tr>
                                <td colspan="2"><input type="submit" name="edit" id="edit" value="submit" />
|
  <input type="reset" name="button2" id="button2"  value="Reset" /></td>
                              </tr>
                            </table>
                            <p> </p>
                            <p> </p>
                    </form>
                    <?php
			  }
				?>
                          
                    <h4>STUDENT COURSES</h4>
<p>Below is a lst of courses the student is regitered for:</p>
<p> </p>
<h4>REGISTER FOR A NEW COURSE:</h4>
<p>Select a course below and click register to register this student for the specific course:</p>
<form id="form1" name="form1" method="post" action="">
  <table width="490" border="0" cellspacing="2" cellpadding="2">
    <tr>
      <td>Course Registration:</td>
      <td><select name="course2" id="course2">
        <?php
							$dbx = mysql_connect("localhost","root","");	
							if(!$dbx) die("The connection to the database could not be made!");
							$db = mysql_select_db("$dbname");
							if(!$db) die("Cannot connect to database to obtain course values");
							$result = mysql_query("SELECT * FROM course");
								while ($row = mysql_fetch_array($result)) {
								echo "<option value='" . $row["cid"] . "'>" . $row["cname"] . "</option>";
								}
								?>
      </select></td>
    </tr>
    <tr>
      <td><label>
        <input type="submit" name="course_register" id="course_register" value="Register" />
      </label></td>
      <td> </td>
    </tr>
  </table>
</form>
<p> </p>
                          <p> </p>
                  </div>
                        <div id="sidebar">
                                <h3>USER LOGIN</h3>
                                <p>Complete the form below to log in:</p>
                                <ul class="login">
                                		<li>Username:</li>
                                        <li>
                                          <label>
                                            <input type="text" name="username" id="username" />
                                          </label>
                                        </li>
                                        <li>Password:</li>
                                        <li>
                                          <label>
                                            <input type="password" name="password" id="password" />
                                          </label>
                                        </li>
                                        <li>
                                          <label>
                                            <input type="submit" name="new" id="new" value="submit" />
                                          </label>
                                        </li>
                                        <li><a href="register.php">Click here</a> to register a new account</li>
                                        <li><a href="forgotpass.php">Click here</a> if you forgot your password</li>
                                </ul>
                                <p> </p>
                                <p> </p>
                  </div>
                </div>
                <div id="footer">
                		<ul class="foot">
                </div>
        </div>
</body>
</html>

Link to comment
https://forums.phpfreaks.com/topic/179733-solved-php-skips-validation/
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.