Jump to content

Form Input Verification

JaneMN

By JaneMN
in PHP Coding Help

 Share

Recommended Posts

JaneMN Newbie

JaneMN

Posted
Posted

I spent the last 4 days searching forums for ideas on how to fix this. Yes, I am a lightweight when it comes to php.

 

The original form asks user to check if data exists in the TAG_ID part.  If Data Exists, form 1 is shown if not, Form2 is shown. Form 2 is the least amount of data so thats what I am working with here. 

 

Original pages submits call, work fine if no verification is used.

 

Now with verification added,  this does not enter OK data, it doesnt produce the OK data results, it does not produce the error messages I created, nor does it give mySQL errors. It produces the two .. where my echo fix stuff is at the way bottom of the page.

 

This is better than last night when it put blanks in every field, good, bad or ugly.  And better than the day before when every field got array put in it.  Not an array, just the word array.

 

Any ideas what I am doing wrong?

 

Thanks for any help and your patience with me.

 

Php ver 5.2

 

// ---> head html stuff and css stuff which works fine
// ---> body html stuff and php stuff (like includes for header/sidebar links) works fine

<?php

//Form info comes from alternate php page

if(isset($_POST['submit']))
{
$tag_id=$_POST['tag_id'];
$color=$_POST['color'];
$born=$_POST['born'];
$age=$_POST['age'];
$sex=$_POST['sex'];
$hatch=$_POST['hatch'];
$pmom=$_POST['pmom'];
$pdad=$_POST['pdad'];
}

$errs = array();

//looking for multiple error possiblities on just the first field
// first get rid of whitespace
if($tag_id)
{trim($tag_id);}

// making sure field not empty

if ($tag_id=="" || empty($tag_id));
{$errs[] = "You must have a collar tag entry";
}

//tried strtoupper but that didnt work so went with this

if(!preg_match("/[^A-Z0-9]$/s",$tag_id))
{$errs[] = "Please use only uppercase A-Z and 0-9 for Collar ID";
  }

//see if enough characters to make entry valid

   if (strlen($tag_id) < 2)
         {$errs[]="  Collar has to be at least 2 charaters";
	 }
// see if too many characters 

if (strlen($tag_id) > 4)
        {$errs[]=" Collar Lenght invalid. Collars have 4 or fewer charaters";
	 }

if (count($errs) == 0) {

include("myConnection.php");
mysql_connect("$server", "$username", "$password") or die ('screwed up');
mysql_select_db("$database") or die ("Unable to select database!");

// probably dont need all of these if validation works but 
// wanted to make sure missing wouldnt throw error

$tag_id=mysql_real_escape_string($tag_id);
$color=mysql_real_escape_string($color);
$born=mysql_real_escape_string($born);
$age=mysql_real_escape_string($age);
$sex=mysql_real_escape_string($sex);
$hatch=mysql_real_escape_string($hatch);
$pmom=mysql_real_escape_string($pmom);
$pdad=mysql_real_escape_string($pdad);

$result = "INSERT INTO myTable (tag_i, color, born, age, sex, hatch, pmom, pdad) 
VALUES ('$tag_id','$color','$born','$age','$sex','$hatch','$pmom','$pdad')";
mysql_query($result) or die(mysql_error());

echo " <h2>New Entry </h2><br/>";
echo " <b>Collar Number:</b> $tag_id <br/>";
echo " Collar Color: $color <br/>";
echo " <b>Born:</b> $born - $hatch <br/>";
echo " <b>Age:</b> $age  <b>Sex:</b> $sex <br/>";
echo "<br>";
echo "Parent mother: $pmom <br/>";
echo "Parent father: $pdad ";
}

// This may be really wrong too.

elseif (count($errs) > 0)
{$i = 0;
while ($i < count)
{$fix = $errs;
}
++$i;
}

?>
<? echo " .$fix. "; ?>

 

...more html stuff which works fine.

Link to comment
Share on other sites
ignace Advanced Member

ignace

Posted
Posted

1. Properly indent your code

2. Learn PHP, you had many meaningless statements

 

if(isset($_POST['submit'])) {
$tag_id=$_POST['tag_id'];
$color=$_POST['color'];
$born=$_POST['born'];
$age=$_POST['age'];
$sex=$_POST['sex'];
$hatch=$_POST['hatch'];
$pmom=$_POST['pmom'];
$pdad=$_POST['pdad'];

$errs = array();

//looking for multiple error possiblities on just the first field
// first get rid of whitespace
if($tag_id)
	trim($tag_id);

// making sure field not empty

if (empty($tag_id))
	$errs[] = "You must have a collar tag entry";

//tried strtoupper but that didnt work so went with this

if(!preg_match("/[^A-Z0-9]$/s",$tag_id))
	$errs[] = "Please use only uppercase A-Z and 0-9 for Collar ID";

//see if enough characters to make entry valid

if (($strlen = strlen($tag_id)) < 2 || $strlen > 4)
   		$errs[]="  Collar has to be at least 2 charaters and less than 4 characters";

if (count($errs) == 0) {
	include("myConnection.php");
	mysql_connect("$server", "$username", "$password") or die ('screwed up');
	mysql_select_db("$database") or die ("Unable to select database!");

	// probably dont need all of these if validation works but 
	// wanted to make sure missing wouldnt throw error

	$tag_id=mysql_real_escape_string($tag_id);
	$color=mysql_real_escape_string($color);
	$born=mysql_real_escape_string($born);
	$age=mysql_real_escape_string($age);
	$sex=mysql_real_escape_string($sex);
	$hatch=mysql_real_escape_string($hatch);
	$pmom=mysql_real_escape_string($pmom);
	$pdad=mysql_real_escape_string($pdad);

	$result = "INSERT INTO myTable (tag_i, color, born, age, sex, hatch, pmom, pdad)
		VALUES ('$tag_id','$color','$born','$age','$sex','$hatch','$pmom','$pdad')";
	mysql_query($result) or die(mysql_error());

	echo '<h2>New Entry</h2>',
	     ' <b>Collar Number:</b> $tag_id <br/>',
	     ' Collar Color: $color <br/>',
	     ' <b>Born:</b> $born - $hatch <br/>',
	     ' <b>Age:</b> $age <b>Sex:</b> $sex <br/>',
	     '<br>',
	     'Parent mother: $pmom <br/>',
	     'Parent father: $pdad ';
}

else {
	$i = 0;
	$fix = '';
	$count = sizeof($errs);
	while ($i < $count) {
		$fix .= $errs[$i] . '<br>';//???
		++$i;
	}
	echo $fix;
}
}

Link to comment
Share on other sites
JaneMN Newbie

JaneMN

Posted
  • Author
Posted

Thanks ignace for your help.  Your changes really helped me along.

 

I will try to format correctly, but I am not sure what the proper formatting is.  I have read two books on php and have limited dabbling. This is the biggest coding effort I have undertaken so forgive me if I look like the beginner I am.

 

I did find a couple helpful posts here:

 

http://www.phpfreaks.com/forums/index.php/topic,245400.msg1146733.html#msg1146733

 

http://www.phpfreaks.com/forums/index.php/topic,247327.msg1156996.html#msg1156996

 

Heres the working code so far:

 

// I had to move the connection info to top or got an error.
include("myConn");
mysql_connect("$server", "$username", "$password") or die ('screwed up');
mysql_select_db("$database") or die ("Unable to select database!");

   if(isset($_POST['submit']))
    $errs = array();
    $errs_m = '';

// tested this function via whitespace entry in tag_id and color. Seems to work.
// Havent tested mysql_real_escape_string yet.

   	function clean($str) {
      	$str = @trim($str);
      	return mysql_real_escape_string($str);
   }
$tag_id=clean($_POST['tag_id']);
$color=clean($_POST['color']);
$born=clean($_POST['born']);
$age=clean($_POST['age']);
$sex=clean($_POST['sex']);
$hatch=clean($_POST['hatch']);
$pmom=clean($_POST['pmom']);
$pdad=clean($_POST['pdad']);


// making sure field not empty	
   if (empty($tag_id))
$errs[] = "You must have a collar tag entry";

// found ^ was in wrong spot either original post or during retries.	
   if(!preg_match("/^[A-Z0-9]+$/s",$tag_id))
$errs[] = "Please use only uppercase A-Z and 0-9 for Collar ID";	

//see if enough characters to make entry valid
// Kept getting errors with || use. Split out and gave length test different name.
   if ($strlen = strlen($tag_id) < 2)
$errs[]="  Collar has to be at least 2 charaters";

   if ($strlen2 = strlen($tag_id) > 4)
$errs[]="  Collar must be less than 5 characters";

// Tested for lower case or wrong letter. Throws the error both times.
// Throws an error for being blank too so thats handy to know.
   if(!preg_match("/^[GRY]+$/s",$color))
$errs[] = "Please use only uppercase G, R, Y for collar colors";

   if (count($errs) == 0)

{
$result = "INSERT INTO myTable (tag_id, color, born, age, sex, hatch, pmom, pdad) VALUES ('$tag_id','$color','$born','$age','$sex','$hatch','$pmom','$pdad')";
mysql_query($result) or die(mysql_error());

//Could not get this to print correctly via 1st reply format. Would only show $var and not true text.
//Can be shortened to one line but this makes reading easier.
echo "<h2>New Entry</h2><b>Collar Number:</b>$tag_id<br/>Collar Color: $color <br/>";
echo "<b>Born:</b> $born - $hatch <br/><b>Age:</b> $age <b>Sex:</b> $sex <br/>";
echo "<br>Parent mother: $pmom <br/>Parent father: $pdad ";
}
elseif (count($errs) > 0)
{$i = 0;
   $fix = '';
   $errs_m = 'The following errors need to be corrected before your new information can be added.<br />';
   $count = sizeof($errs);
while ($i < $count) {
   $fix .= $errs[$i] . '<br>';//???
++$i;
    }	
echo $errs_m;
echo $fix;	
}

 

Next piece is finishing up verifications then I need to add form below Fixes for easy corrections.

 

Thanks again for the help you gave me!

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.