tribol Posted September 19, 2010 Share Posted September 19, 2010 I have a situation where I need to put a textbox and a submit button on a page. The user is logged in. The script needs to check against a list of words to make sure the word the user entered is correct and if so submit their information(ie:name, email, time, date, word entered to a database table. The part i'm having trouble with is figuring out how to make it check against a specific set of words. <p><strong>Enter Word</strong></p> <form action="/paradisepassword.php" method="post"> <input type="hidden" name="action" value="password2paradise" /> <table cellpadding="5px"> <tr> <td style="padding:3px;"><label for="password2paradise">Enter here::</label></td> <td style="padding:3px;"><input name="password2paradise" type="password2paradise" id="password2paradise" value="" maxlength="30" tabindex="5" /></td> </tr> <tr> <td style="padding:3px;"> </td> <td style="padding:3px;"><input name="submit" type="submit" value="Submit Password" tabindex="7" class="generalButton" /></td> </tr> </table> </form> and the php file to process it: <?php include_once($_SERVER['DOCUMENT_ROOT']."/_core/config.php"); include_once($_SERVER['DOCUMENT_ROOT']."/_core/db-connect.php"); include_once($_SERVER['DOCUMENT_ROOT']."/_core/functions.php"); include_once($_SERVER['DOCUMENT_ROOT']."/_core/user-cookies.php"); ///////////////////////////////////////////////////////////////////////////// //function submitParadisePassword($intContestantID, $intDateSent, $intParadisePassword, $strType){ $paradise_password = paradisePassword("password1", "password2", "password3", "password4", "password5", "password6", "password7", "password8", "password9", "password10"); if (!$paradise_password == paradisePassword); { // success! $query_insert="INSERT INTO ".DB_DATABASE.".paradisepassword_2010 ( accountID, nickname, firstName, lastName, email, paradisePassword, sentFromUrl, dateSent, dateSentTimestamp, ipAddress ) VALUES ( '".mysql_real_escape_string($_POST['accountID'])."', '".mysql_real_escape_string($_POST['nickname'])."', '".mysql_real_escape_string($_POST['firstName'])."', '".mysql_real_escape_string($_POST['lastName'])."', '".mysql_real_escape_string($_POST['email'])."', '".mysql_real_escape_string($_POST['paradisePassword'])."', '".mysql_real_escape_string($_POST['sentFromUrl'])."', '".date("Y-m-d")."', '".time()."', '".$_SERVER['REMOTE_ADDR']."' ) "; mysql_query($query_insert); header("Location: ".$_POST['sentFromUrl']."?p2p=success"); } else { header("Location: ".$_POST['sentFromUrl']."?p2p=fail"); } //} ?> what am i missing? Quote Link to comment https://forums.phpfreaks.com/topic/213821-ideas-on-validating-a-word-submitted-against-a-list-of-predetermined-words/ Share on other sites More sharing options...
sasa Posted September 19, 2010 Share Posted September 19, 2010 look in_array($needle, $haystackarray); function Quote Link to comment https://forums.phpfreaks.com/topic/213821-ideas-on-validating-a-word-submitted-against-a-list-of-predetermined-words/#findComment-1112847 Share on other sites More sharing options...
Namtip Posted September 19, 2010 Share Posted September 19, 2010 You could use the preg_match function (I think it's the best way of validating form information because its versatility). You just need to understand regular expressions. Do you mind me asking why you want to check for specific words? Quote Link to comment https://forums.phpfreaks.com/topic/213821-ideas-on-validating-a-word-submitted-against-a-list-of-predetermined-words/#findComment-1112858 Share on other sites More sharing options...
tribol Posted September 19, 2010 Author Share Posted September 19, 2010 Not at all, it's for a contest. People have to find a word in a random place and type it into the textbox on their dashboard on their account page. If it's the right word they get entered into a contest to win a trip. Quote Link to comment https://forums.phpfreaks.com/topic/213821-ideas-on-validating-a-word-submitted-against-a-list-of-predetermined-words/#findComment-1112860 Share on other sites More sharing options...
tribol Posted September 19, 2010 Author Share Posted September 19, 2010 So here is the most recent, it's submitting some info to the db table but not yet grabbing the users cookie to fill in the rest of the information. The other thing is that when it does it submits the password twice and then puts another 40 records in the db without the word? So it's looping like mad (i guess) and still can't grab the users info out of the cookie? (DW shows me an error in the code when I uncomment //if ($validUser==1($_COOKIE['account_id'])) <?php include_once($_SERVER['DOCUMENT_ROOT']."/_core/config.php"); include_once($_SERVER['DOCUMENT_ROOT']."/_core/db-connect.php"); include_once($_SERVER['DOCUMENT_ROOT']."/_core/functions.php"); include_once($_SERVER['DOCUMENT_ROOT']."/_core/user-cookies.php"); ///////////////////////////////////////////////////////////////////////////// //if ($validUser==1($_COOKIE['account_id'])) //function submitParadisePassword($intContestantID, $intVoterID, $strType){ $p2p = array("Password1", "password1"); if (in_array("Password1", $p2p)) { // success! $query_insert="INSERT INTO ".DB_DATABASE.".paradise_password_2010 ( accountID, nickname, firstName, lastName, email, paradisePassword, sentFromUrl, dateSent, dateSentTimestamp, ipAddress ) VALUES ( '".mysql_real_escape_string($_POST['accountID'])."', '".mysql_real_escape_string($_POST['nickname'])."', '".mysql_real_escape_string($_POST['firstName'])."', '".mysql_real_escape_string($_POST['lastName'])."', '".mysql_real_escape_string($_POST['email'])."', '".mysql_real_escape_string($_POST['paradisePassword'])."', '".mysql_real_escape_string($_POST['sentFromUrl'])."', '".date("Y-m-d")."', '".time()."', '".$_SERVER['REMOTE_ADDR']."' ) "; mysql_query($query_insert); header("Location: ".$_POST['sentFromUrl']."?p2p=success"); } else { header("Location: ".$_POST['sentFromUrl']."?p2p=fail"); } if (in_array("password1", $p2p)) { // success! $query_insert="INSERT INTO ".DB_DATABASE.".paradise_password_2010 ( accountID, nickname, firstName, lastName, email, paradisePassword, sentFromUrl, dateSent, dateSentTimestamp, ipAddress ) VALUES ( '".mysql_real_escape_string($_POST['accountID'])."', '".mysql_real_escape_string($_POST['nickname'])."', '".mysql_real_escape_string($_POST['firstName'])."', '".mysql_real_escape_string($_POST['lastName'])."', '".mysql_real_escape_string($_POST['email'])."', '".mysql_real_escape_string($_POST['paradisePassword'])."', '".mysql_real_escape_string($_POST['sentFromUrl'])."', '".date("Y-m-d")."', '".time()."', '".$_SERVER['REMOTE_ADDR']."' ) "; mysql_query($query_insert); header("Location: ".$_POST['sentFromUrl']."?p2p=success"); } else { header("Location: ".$_POST['sentFromUrl']."?p2p=fail"); } //} ?> Quote Link to comment https://forums.phpfreaks.com/topic/213821-ideas-on-validating-a-word-submitted-against-a-list-of-predetermined-words/#findComment-1112885 Share on other sites More sharing options...
Pikachu2000 Posted September 19, 2010 Share Posted September 19, 2010 If the cookie is set by one of the included files (user_cookies.php, perhaps?), its value isn't available to the script. Cookie values aren't available until the next page load. EDIT: What it this supposed to do? if ($validUser==1($_COOKIE['account_id'] )) The syntax is off. Quote Link to comment https://forums.phpfreaks.com/topic/213821-ideas-on-validating-a-word-submitted-against-a-list-of-predetermined-words/#findComment-1112890 Share on other sites More sharing options...
tribol Posted September 19, 2010 Author Share Posted September 19, 2010 The cookie is set when the user logs into the site using user-cookies.php The second line is supposed to validate that the user is actually a verified user so that it can pull their account details for when they get to the dashboard. arghh.. wish i knew more, i'm one of two developers for this site but the other is in australia... he's the one that put it together Quote Link to comment https://forums.phpfreaks.com/topic/213821-ideas-on-validating-a-word-submitted-against-a-list-of-predetermined-words/#findComment-1112901 Share on other sites More sharing options...
Namtip Posted September 20, 2010 Share Posted September 20, 2010 This is probably off topic now As you seem to have problems with inserting the information from a cookie into your database. Whereas I thought you wanted to know how to check that a word from a form is you competition winning word. I knocked up some code to help you with that. but check out this tutorial http://www.webcheatsheet.com/php/regular_expressions.php winner.php <?php if (isset($_POST['submit'])) { if( preg_match('/^magicword$/',$_POST['word'])){ echo 'success!'; //put the code you use to insert you data here. } else{ echo 'failed!'; } } ?> <html> <form action="winner.php" method="post"> <table> <tr> <td><label for="word">Special competition word:</label></td> <td><input type="text" name="word" id="word" size="100" maxlength="100" value=""/> </td> <td><input type="submit" name="submit" value="Sumbit"/></td> </tr> </table> </form> </html> Maybe you should start up a new post and be a little more specific about what your problem is? I dunno I'm a newbie too Quote Link to comment https://forums.phpfreaks.com/topic/213821-ideas-on-validating-a-word-submitted-against-a-list-of-predetermined-words/#findComment-1113046 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.