Jump to content


Photo

number related questions, validation


  • Please log in to reply
9 replies to this topic

#1 Ninjakreborn

Ninjakreborn
  • Members
  • PipPipPip
  • Information Technology Specialist
  • 3,922 posts
  • Age:33

Posted 26 September 2006 - 01:55 PM

if (isset($price)) {
		if (!is_numeric($price)) {
			$errorhandler .= "The Price value has to be Numbers only.<br />";
			}
			if (preg_match("/^\$/", $price)){
   			$errorhandler .= "Please remove the $ symbol from the price field.<br />";
			}
		}
File Structure
Area around where I am having the problem
It is a posting system spread throughout 5 pages.
Page 1- select category
Page 2- select subcategory
Page 3- Using category, and subcategory, it uses the appropriate case, from a switch statement to show the proper form.
page 4- processes using a switch statement based on a form.
Problem Pages(Page 3, going to Page 4)

Intended Functioning
  • Check if the field is set.
  • If it's set check to make sure it's of a numeric value(a rough validation)
  • check to see if a dollar sign if present, if it is return a value
Current Functioning
  • Check if the field was set(but with problems *See footnote 1)
  • Checks to see if it's a number(rough validation), if it isn't then it returns an error(as intended)
  • Checks to see if there is a dollar sign present.(but with problems *See footnote 2, See credit 1)

Foot Notes
  • Footnote 1- It tries to detect the existence of the field, even when it is not present.  It was working, when I inserted the extra code to validate dollar sign, it now tries to read the existence of the field, whether it was left blank or not.  This is not good, as this field was intended to be optional, but if chosen needs to be validated properly.
  • Footnote 2- When I first call the post4.php page from post3.php it tells me that it detected the existence of the variable.  Then it tries to run the validation on that variable, and ends up returning an error saying remove the dollar sign, when there was no dollar sign, or no variable set.

Credits

------

Business Website: http://www.infotechnologist.biz

Personal Website: http://www.joyelpuryear.com

Blog Site: http://www.realmofwriting.com
Services: Web development, application development, mobile development, and custom development. All services listed on my website.


#2 trq

trq
  • Staff Alumni
  • Advanced Member
  • 31,041 posts

Posted 26 September 2006 - 02:04 PM

Where is $price coming from? Can we see more code?

#3 Ninjakreborn

Ninjakreborn
  • Members
  • PipPipPip
  • Information Technology Specialist
  • 3,922 posts
  • Age:33

Posted 26 September 2006 - 02:17 PM

post.php(The first page of the form process, where they choose category)
<?php
session_start();

if ($_SESSION['controller'] != true) {
header("Location: /login.php");
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<?php
include './includes/meta.inc.php'; // includes meta tags, stylesheet, and javascript inclusion
?>
</head>
<body>
<div id="wrap">
<?php
include './includes/header.inc.php'; // inserts header, logo, and everything up there
?>	
    <br style="clear: both;" />
	
<?php
include './includes/leftnav.inc.php'; // inserts left navigation
?>
	
    <div id="content">
	
        <div class="overall">
			<p>Please choose a category for your posting.</p>
			<form name="postad" id="postad" action="processors/post2.php" method="post">
			<label for="category">Category:</label><br />
			<select name="category" id="category">
			<option>Item</option>
			<option>Events</option>
			<option>Lost and Found</option>
			<option>Work (offered by students)</option>
			<option>Work (offered to students)</option>
			<option>Academics</option>
			<option>Rentals</option>
			</select><br />
			<input name="submit" type="submit" value="Next" />
			</form>

        </div>
		
    </div>
<?php
include './includes/banner.inc.php'; // includes the banner, randomly selected from a database
?>
	
<?php
include './includes/footer.inc.php'; // includes the page footer, bottom navigation copyright
?>
</div>
</body>
</html>

post2.php(Where they choose sub-category)
<?php
session_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<?php
include '../includes/meta.inc.php'; // includes meta tags, stylesheet, and javascript inclusion
?>
</head>
<body>
<div id="wrap">
<?php
include '../includes/header.inc.php'; // inserts header, logo, and everything up there
?>	
    <br style="clear: both;" />
	
<?php
include '../includes/leftnav.inc.php'; // inserts left navigation
?>
	
    <div id="content">
	
        <div class="overall">
			<h3>Ad Posting Process</h3>
<?php
// connecting to database, selecting database
mysql_connect("mysql185.secureserver.net", "####", "#####3");
mysql_select_db("joyel");
// safety
$category = $_POST['category'];
// switch case to determine what sub-categories appear
echo "<form name=\"post2\" id=\"post2\" action=\"post3.php\" method=\"post\">\n";
switch ($category) {
case "Item":
	$select = "SELECT * FROM categoryinformation WHERE categoryname = '$category';";
	$query = mysql_query($select);
	echo "<select name=\"subcategory\" id=\"subcategory\">\n";
	while ($row = mysql_fetch_array($query)) {
	echo "<option>" . stripslashes($row['subcategoryname']) . "</option>\n";
	}
	echo "</select>\n";
	echo "<input name=\"postinfo\" id=\"postinfo\" type=\"hidden\" value=\"postset1\" />";
	echo "<input name=\"categoryname\" id=\"category\" type=\"hidden\" value=\"$category\" />";
	break; // break to stop switch statement
	
case "Events":
	$select = "SELECT * FROM categoryinformation WHERE categoryname = '$category';";
	$query = mysql_query($select);
	echo "<select name=\"subcategory\" id=\"subcategory\">\n";
	while ($row = mysql_fetch_array($query)) {
	echo "<option>" . stripslashes($row['subcategoryname']) . "</option>\n";
	}
	echo "</select>\n";
	echo "<input name=\"postinfo\" id=\"postinfo\" type=\"hidden\" value=\"postset1\" />";
	echo "<input name=\"categoryname\" id=\"category\" type=\"hidden\" value=\"$category\" />";
	break;
	
case "Lost and Found":
	$select = "SELECT * FROM categoryinformation WHERE categoryname = '$category';";
	$query = mysql_query($select);
	echo "<select name=\"subcategory\" id=\"subcategory\">\n";
	while ($row = mysql_fetch_array($query)) {
	echo "<option>" . stripslashes($row['subcategoryname']) . "</option>\n";
	}
	echo "</select>\n";
	echo "<input name=\"postinfo_op1\" id=\"postinfo_op1\" type=\"hidden\" value=\"postset2\" 
	/>";
	echo "<input name=\"postinfo_op2\" id=\"postinfo_op2\" type=\"hidden\" value=\"postset3\" 
	/>";
	echo "<input name=\"categoryname\" id=\"category\" type=\"hidden\" value=\"$category\" />";
	break;
	
case "Work (offered by students)":
	$select = "SELECT * FROM categoryinformation WHERE categoryname = '$category';";
	$query = mysql_query($select);
	echo "<select name=\"subcategory\" id=\"subcategory\">\n";
	while ($row = mysql_fetch_array($query)) {
	echo "<option>" . stripslashes($row['subcategoryname']) . "</option>\n";
	}
	echo "</select>\n";
	echo "<input name=\"postinfo\" id=\"postinfo\" type=\"hidden\" value=\"postset5\" />";
	echo "<input name=\"categoryname\" id=\"category\" type=\"hidden\" value=\"$category\" />";
	break;
	
case "Work (offered to students)":
	$select = "SELECT * FROM categoryinformation WHERE categoryname = '$category';";
	$query = mysql_query($select);
	echo "<select name=\"subcategory\" id=\"subcategory\">\n";
	while ($row = mysql_fetch_array($query)) {
	echo "<option>" . stripslashes($row['subcategoryname']) . "</option>\n";
	}
	echo "</select>\n";
	echo "<input name=\"postinfo\" id=\"postinfo\" type=\"hidden\" value=\"postset6\" />";
	echo "<input name=\"categoryname\" id=\"category\" type=\"hidden\" value=\"$category\" />";
	break;

case "Academics":
	$select = "SELECT * FROM categoryinformation WHERE categoryname = '$category';";
	$query = mysql_query($select);
	echo "<select name=\"subcategory\" id=\"subcategory\">\n";
	while ($row = mysql_fetch_array($query)) {
	echo "<option>" . stripslashes($row['subcategoryname']) . "</option>\n";
	}
	echo "</select>\n";
	echo "<input name=\"postinfo_op1\" id=\"postinfo_op1\" type=\"hidden\" value=\"postset7\" 
	/>";
	echo "<input name=\"postinfo_op2\" id=\"postinfo_op1\" type=\"hidden\" value=\"postset8\" 
	/>";
	echo "<input name=\"categoryname\" id=\"category\" type=\"hidden\" value=\"$category\" />";
	break;

case "Rentals":
	$select = "SELECT * FROM categoryinformation WHERE categoryname = '$category';";
	$query = mysql_query($select);
	echo "<select name=\"subcategory\" id=\"subcategory\">\n";
	while ($row = mysql_fetch_array($query)) {
	echo "<option>" . stripslashes($row['subcategoryname']) . "</option>\n";
	}
	echo "</select>\n";
	echo "<input name=\"postinfo\" id=\"postinfo\" type=\"hidden\" value=\"postset4\" />";	
	echo "<input name=\"categoryname\" id=\"category\" type=\"hidden\" value=\"$category\" />";
	break;
}
	echo "<br />";
	echo "<input name=\"submit\" id=\"submit\" type=\"submit\" value=\"next\" />";
	echo "</form>";

?>

        </div>
		
    </div>
<?php
include '../includes/banner.inc.php'; // includes the banner, randomly selected from a database
?>
	
<?php
include '../includes/footer.inc.php'; // includes the page footer, bottom navigation copyright
?>
</div>
</body>
</html>


------

Business Website: http://www.infotechnologist.biz

Personal Website: http://www.joyelpuryear.com

Blog Site: http://www.realmofwriting.com
Services: Web development, application development, mobile development, and custom development. All services listed on my website.


#4 Ninjakreborn

Ninjakreborn
  • Members
  • PipPipPip
  • Information Technology Specialist
  • 3,922 posts
  • Age:33

Posted 26 September 2006 - 02:17 PM

post3.php(Page that choose a form based on category and sub-category, any thing taking numbers is what I am validating with the code from the other post.
<?php
session_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<?php
include '../includes/meta.inc.php'; // includes meta tags, stylesheet, and javascript inclusion
?>
</head>
<body>
<div id="wrap">
<?php
include '../includes/header.inc.php'; // inserts header, logo, and everything up there
?>	
    <br style="clear: both;" />
	
<?php
include '../includes/leftnav.inc.php'; // inserts left navigation
?>
	
    <div id="content">
	
        <div class="overall">
			<h3>Ad Posting Process</h3>
<?php
// connecting to database, selecting database
mysql_connect("mysql185.secureserver.net", "#####", "####");
mysql_select_db("joyel");
// below I set the variables depending.  If it's coming from further up the page they are set to post, because they are coming from the previous form, otherwise they are coming from the next page, back to this one via get, this allows the form fields to repopulate.
if ($_GET['category']) {
$category = $_GET['category'];
}else {
$category = $_POST['categoryname'];
}
if ($_GET['subcategory']) {
$subcategory = $_GET['subcategory'];
}else {
$subcategory = $_POST['subcategory'];
}
if ($_GET['postinfo']) {
$postinfo = mysql_real_escape_string($_GET['postinfo']);
}else {
$postinfo = mysql_real_escape_string($_POST['postinfo']);
}
// below get's hairy.  based on the contents of cat and subcat different things happen.
if ($category == "Item" || $category == "Events") { // if the category is item
?>
<form enctype="multipart/form-data" name="post3" id="post3" action="post4.php" method="post">
<input name="category" id="category" type="hidden" value="<?php echo $category; ?>" />
<input name="subcategory" id="subcategory" type="hidden" value="<?php echo $subcategory; ?>" />
<input name="postinfo" id="postinfo" type="hidden" value="<?php echo $postinfo; ?>" />
<input name="number" id="number" type="hidden" value="1" />
<label for="itemtitle">*Item Title:</label><br />
<input name="itemtitle" id="itemtitle" type="text" maxlength="120" 
value="<?php echo $_GET['itemtitle']; ?>" /><br />
<label for="price">Price:</label><br />
<input name="price" id="price" type="text" maxlength="100" 
value="<?php echo $_GET['price']; ?>" /><br />
<label for="zipcode">Zipcode:</label><br />
<input name="zipcode" id="zipcode" type="text" maxlength="30" 
value="<?php echo $_GET['zipcode']; ?>" /><br />
<?php
if ($category == "Events") {
?>
<label for="eventdate">Event Date:</label><br />
<input name="eventdate" id="eventdate" type="text" maxlength="30" /><br />
<?php
}
?>
<label for="description">*Description:</label><br />
<textarea name="description" id="description" rows="10" cols="30"><?php echo $_GET['description']; ?></textarea><br />
<p>Upload Picture:</p>
<input type="hidden" name="MAX_FILE_SIZE" value="2097152" />
<input name="userfile" id="userfile" type="file" /><br />
<input name="submit" id="submit" type="submit" value="submit" />
</form>
<?php
} // end the if for category equals item

if ($category == "Lost and Found") {
	if ($subcategory == "Items Found") {
	if ($_GET['postinfo']) {
	$postinfo1 = mysql_real_escape_string($_GET['postinfo']);
	}else {
	$postinfo1 = mysql_real_escape_string($_POST['postinfo_op2']);
	}
?>
<form name="post3" id="post3" action="post4.php" method="post">
<input name="category" id="category" type="hidden" value="<?php echo $category; ?>" />
<input name="subcategory" id="subcategory" type="hidden" value="<?php echo $subcategory; ?>" />
<input name="postinfo" id="postinfo" type="hidden" value="<?php echo $postinfo1; ?>" />
<input name="number" id="number" type="hidden" value="2" />
<label for="itemtitle">*Item Title:</label><br />
<input name="itemtitle" id="itemtitle" type="text" maxlength="200" 
value="<?php echo $_GET['itemtitle']; ?>" /><br />
<label for="zipcode">Zipcode:</label><br />
<input name="zipcode" id="zipcode" type="text" maxlength="30" 
value="<?php echo $_GET['zipcode']; ?>" /><br />
<label for="datefound">Date Found:</label><br />
<input name="datefound" id="datefound" type="text" maxlength="120" 
value="<?php echo $_GET['datefound']; ?>" /><br />
<label for="locationfound">Location Found:</label><br />
<input name="locationfound" id="locationfound" type="text" maxlength="120" 
value="<?php echo $_GET['locationfound']; ?>" /><br />
<label for="description">*Description:</label><br />
<textarea name="description" id="description" rows="10" cols="30"><?php echo $_GET['description']; ?></textarea><br />
<input name="submit" id="submit" type="submit" value="submit" />
</form>

<?php	
	}
	if ($subcategory == "Items Lost") {
	if ($_GET['postinfo']) {
	$postinfo2 = mysql_real_escape_string($_GET['postinfo']);
	}else {
	$postinfo2 = mysql_real_escape_string($_POST['postinfo_op1']);
	}
?>
<form enctype="multipart/form-data" name="post3" id="post3" action="post4.php" method="post">
<input name="category" id="category" type="hidden" value="<?php echo $category; ?>" />
<input name="subcategory" id="subcategory" type="hidden" value="<?php echo $subcategory; ?>" />
<input name="postinfo" id="postinfo" type="hidden" value="<?php echo $postinfo2; ?>" />
<input name="number" id="number" type="hidden" value="3" />
<label for="itemtitle">*Item Title:</label><br />
<input name="itemtitle" id="itemtitle" type="text" maxlength="200" 
value="<?php echo $_GET['itemtitle']; ?>" /><br />
<label for="reward">Reward:</label><br />
<input name="reward" id="reward" type="text" maxlength="120" 
value="<?php echo $_GET['reward']; ?>" /><br />
<label for="zipcode">Zipcode:</label><br />
<input name="zipcode" id="zipcode" type="text" maxlength="30" 
value="<?php echo $_GET['zipcode']; ?>" /><br />
<label for="datelost">Date Lost:</label><br />
<input name="datelost" id="datelost" type="text" maxlength="120" 
value="<?php echo $_GET['datelost']; ?>" /><br />
<label for="locationlost">Location Lost:</label><br />
<input name="locationlost" id="locationlost" type="text" maxlength="120" 
value="<?php echo $_GET['locationlost']; ?>" /><br />
<label for="description">*Description:</label><br />
<textarea name="description" id="description" rows="10" cols="30"><?php echo $_GET['description']; ?></textarea><br />
<p>Upload Picture:</p>
<input type="hidden" name="MAX_FILE_SIZE" value="2097152" />
<input name="userfile" id="userfile" type="file" /><br />
<input name="submit" id="submit" type="submit" value="submit" />
</form>
<?php
	}
}
if ($category == "Work (offered by students)") {
?>
<form enctype="multipart/form-data" name="post3" id="post3" action="post4.php" method="post">
<input name="category" id="category" type="hidden" value="<?php echo $category; ?>" />
<input name="subcategory" id="subcategory" type="hidden" value="<?php echo $subcategory; ?>" />
<input name="postinfo" id="postinfo" type="hidden" value="<?php echo $postinfo; ?>" />
<input name="number" id="number" type="hidden" value="4" />
<label for="itemtitle">*Item Title:</label><br />
<input name="itemtitle" id="itemtitle" type="text" maxlength="200" 
value="<?php echo $_GET['itemtitle']; ?>" /><br />
<label for="wage">Wage:</label><br />
<input name="wage" id="wage" type="text" maxlength="120" 
value="<?php echo $_GET['wage']; ?>" /><br />
<label for="zipcode">Zipcode:</label><br />
<input name="zipcode" id="zipcode" type="text" maxlength="30" 
value="<?php echo $_GET['zipcode']; ?>" /><br />
<label for="description">*Description:</label><br />
<textarea name="description" id="description" rows="10" cols="30"><?php echo $_GET['description']; ?></textarea><br />
<p>Upload Picture:</p>
<input type="hidden" name="MAX_FILE_SIZE" value="2097152" />
<input name="userfile" id="userfile" type="file" /><br />
<input name="submit" id="submit" type="submit" value="submit" />
</form>
<?php
}
if ($category == "Work (offered to students)") {
?>
<form enctype="multipart/form-data" name="post3" id="post3" action="post4.php" method="post">
<input name="category" id="category" type="hidden" value="<?php echo $category; ?>" />
<input name="subcategory" id="subcategory" type="hidden" value="<?php echo $subcategory; ?>" />
<input name="postinfo" id="postinfo" type="hidden" value="<?php echo $postinfo; ?>" />
<input name="number" id="number" type="hidden" value="5" />
<label for="itemtitle">*Item Title:</label><br />
<input name="itemtitle" id="itemtitle" type="text" maxlength="200" 
value="<?php echo $_GET['itemtitle']; ?>" /><br />
<label for="wage">Wage:</label><br />
<input name="wage" id="wage" type="text" maxlength="120" 
value="<?php echo $_GET['wage']; ?>" /><br />
<label for="hoursperweek">Hours Per Week:</label><br />
<input name="hoursperweek" id="hoursperweek" type="text" maxlength="120" 
value="<?php echo $_GET['wage']; ?>" /><br />
<label for="zipcode">Zipcode:</label><br />
<input name="zipcode" id="zipcode" type="text" maxlength="30" 
value="<?php echo $_GET['zipcode']; ?>" /><br />
<label for="description">*Description:</label><br />
<textarea name="description" id="description" rows="10" cols="30"><?php echo $_GET['description']; ?></textarea><br />
<p>Upload Picture:</p>
<input type="hidden" name="MAX_FILE_SIZE" value="2097152" />
<input name="userfile" id="userfile" type="file" /><br />
<input name="submit" id="submit" type="submit" value="submit" />
</form>
<?php
}
if ($category == "Academics") {
	if ($subcategory == "Textbooks") {
	if ($_GET['postinfo']) {
	$postinfo = mysql_real_escape_string($_GET['postinfo']);
	}else {
	$postinfo = mysql_real_escape_string($_POST['postinfo_op1']);
	}
?>
<form enctype="multipart/form-data" name="post3" id="post3" action="post4.php" method="post">
<input name="category" id="category" type="hidden" value="<?php echo $category; ?>" />
<input name="subcategory" id="subcategory" type="hidden" value="<?php echo $subcategory; ?>" />
<input name="postinfo" id="postinfo" type="hidden" value="<?php echo $postinfo; ?>" />
<input name="number" id="number" type="hidden" value="6" />
<label for="coursenumber">Course Number:</label><br />
<input name="coursenumber" id="coursenumber" type="text" maxlength="120" 
value="<?php echo $_GET['coursenumber']; ?>" /><br />
<label for="title">*Title:</label><br />
<input name="title" id="title" type="text" maxlength="200" 
value="<?php echo $_GET['title']; ?>" /><br />
<label for="author">*Author:</label><br />
<input name="author" id="author" type="text" maxlength="120" 
value="<?php echo $_GET['author']; ?>" /><br />
<label for="price">Price:</label><br />
<input name="price" id="price" type="text" maxlength="120" 
value="<?php echo $_GET['price']; ?>" /><br />
<label for="zipcode">Zipcode:</label><br />
<input name="zipcode" id="zipcode" type="text" maxlength="30" 
value="<?php echo $_GET['zipcode']; ?>" /><br />
<p>Upload Picture:</p>
<input type="hidden" name="MAX_FILE_SIZE" value="2097152" />
<input name="userfile" id="userfile" type="file" /><br />
<input name="submit" id="submit" type="submit" value="submit" />
</form>
<?php
	}
	if ($subcategory == "Notes" || $subcategory == "Cheat Sheets") {
	if ($_GET['postinfo']) {
	$postinfo = mysql_real_escape_string($_GET['postinfo']);
	}else {
	$postinfo = mysql_real_escape_string($_POST['postinfo_op2']);
	}
?>
<form enctype="multipart/form-data" name="post3" id="post3" action="post4.php" method="post">
<input name="category" id="category" type="hidden" value="<?php echo $category; ?>" />
<input name="subcategory" id="subcategory" type="hidden" value="<?php echo $subcategory; ?>" />
<input name="postinfo" id="postinfo" type="hidden" value="<?php echo $postinfo; ?>" />
<input name="number" id="number" type="hidden" value="7" />
<label for="coursenumber">*Course Number:</label><br />
<input name="coursenumber" id="coursenumber" type="text" maxlength="120" 
value="<?php echo $_GET['coursenumber']; ?>" /><br />
<label for="test">Test:</label><br />
<input name="test" id="test" type="text" maxlength="200" 
value="<?php echo $_GET['test']; ?>" /><br />
<label for="professor">Professor:</label><br />
<input name="professor" id="professor" type="text" maxlength="200" 
value="<?php echo $_GET['professor']; ?>" /><br />
<label for="zipcode">Zipcode:</label><br />
<input name="zipcode" id="zipcode" type="text" maxlength="30" 
value="<?php echo $_GET['zipcode']; ?>" /><br />
<p>Upload Picture:</p>
<input type="hidden" name="MAX_FILE_SIZE" value="2097152" />
<input name="userfile" id="userfile" type="file" /><br />
<input name="submit" id="submit" type="submit" value="submit" />
</form>
<?php
	}
}
if ($category == "Rentals") {
?>
<form enctype="multipart/form-data" name="post3" id="post3" action="post4.php" method="post">
<input name="category" id="category" type="hidden" value="<?php echo $category; ?>" />
<input name="subcategory" id="subcategory" type="hidden" value="<?php echo $subcategory; ?>" />
<input name="postinfo" id="postinfo" type="hidden" value="<?php echo $postinfo; ?>" />
<input name="number" id="number" type="hidden" value="8" />
<label for="itemtitle">*Item Title:</label><br />
<input name="itemtitle" id="itemtitle" type="text" maxlength="200" 
value="<?php echo $_GET['itemtitle']; ?>" /><br />
<label for="priceperunit">Price Per Unit:</label><br />
<input name="priceperunit" id="priceperunit" type="text" maxlength="120" 
value="<?php echo $_GET['priceperunit']; ?>" /><br />
<label for="numberofunits">Number Of Units:</label><br />
<input name="numberofunits" id="numberofunits" type="text" maxlength="120" 
value="<?php echo $_GET['numberofunits']; ?>" /><br />
<label for="zipcode">Zipcode:</label><br />
<input name="zipcode" id="zipcode" type="text" maxlength="30" 
value="<?php echo $_GET['zipcode']; ?>" /><br />
<label for="description">*Description:</label><br />
<textarea name="description" id="description" rows="10" cols="30"><?php echo $_GET['description']; ?></textarea><br />
<p>Upload Picture:</p>
<input type="hidden" name="MAX_FILE_SIZE" value="2097152" />
<input name="userfile" id="userfile" type="file" /><br />
<input name="submit" id="submit" type="submit" value="submit" />
</form>

<?php
}
?>
        </div>
		
    </div>
<?php
include '../includes/banner.inc.php'; // includes the banner, randomly selected from a database
?>
	
<?php
include '../includes/footer.inc.php'; // includes the page footer, bottom navigation copyright
?>
</div>
</body>
</html>


------

Business Website: http://www.infotechnologist.biz

Personal Website: http://www.joyelpuryear.com

Blog Site: http://www.realmofwriting.com
Services: Web development, application development, mobile development, and custom development. All services listed on my website.


#5 Ninjakreborn

Ninjakreborn
  • Members
  • PipPipPip
  • Information Technology Specialist
  • 3,922 posts
  • Age:33

Posted 26 September 2006 - 02:19 PM

post4.php(this is where I handle that validation for multiple variables, based on category and sub-category)
<?php
session_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<?php
include '../includes/meta.inc.php'; // includes meta tags, stylesheet, and javascript inclusion
?>
</head>
<body>
<div id="wrap">
<?php
include '../includes/header.inc.php'; // inserts header, logo, and everything up there
?>	
    <br style="clear: both;" />
	
<?php
include '../includes/leftnav.inc.php'; // inserts left navigation
?>
	
    <div id="content">
	
        <div class="overall">
			<h3>Ad Posting Process</h3>
<?php
// connecting to database, selecting database
mysql_connect("mysql185.secureserver.net", "#####", "######");
mysql_select_db("joyel");
$number = mysql_real_escape_string($_POST['number']);
switch ($number) {  // begin switch

case "1":
	// post set number 1 database work
	// Items and events categories
	$category = mysql_real_escape_string($_POST['category']);
	$subcategory = mysql_real_escape_string($_POST['subcategory']);
	$postinfo = mysql_real_escape_string($_POST['postinfo']); // table used in db
	$schoolname = mysql_real_escape_string($_SESSION['schoolaccess']);
	$userid = mysql_real_escape_string($_SESSION['userid']);
	$itemtitle = mysql_real_escape_string($_POST['itemtitle']);
	$price = mysql_real_escape_string($_POST['price']);
	if (isset($_POST['eventdate'])) {
	$eventdate = mysql_real_escape_string($_POST['eventdate']);
	}
	if (!isset($_POST['eventdate'])) {
	$eventdate = "None";
	}
	$description = mysql_real_escape_string($_POST['description']);
	$dateentered = date("m/d/y");
	$zipcode = mysql_real_escape_string($_POST['zipcode']);
	$expires = date("m/d/y", strtotime("+30 days"));
	$errorhandler = "";
	// file handling
	if ($_FILES['userfile']['name']) {
	$newfile = "../upload/itemsandevents/".basename($_FILES['userfile']['name']);
	$file = "/upload/itemsandevents/".basename($_FILES['userfile']['name']);
	$filename = $_FILES['userfile']['name'];
	$newfiletemp = "{$_FILES[userfile][tmp_name]}";
	$_accepted_extensions = array('.jpg', '.png', '.txt', '.gif', '.bmp', '.jpeg', '.doc', '.pdf');
	$tmp = pathinfo($_FILES['userfile']['name']);
	if (in_array('.' . $tmp['extension'],$_accepted_extensions)) {
	}else {
			$errorhandler .= "Incorrect file extension.<br />";
			$errorhandler .= "We accept .jpg, .png, .txt, .gif, .bmp, .jpeg, .doc, and .pdf ";
			$errorhandler .= "file formats, please make sure you are uploading the correct ";
			$errorhandler .= "file format or contact administration to find out what is ";
			$errorhandler .= "causing the problem.<br />";
			$die = "stop";
			}
	if (file_exists($newfile)) {
		$errorhandler .= "The file already exists.<br />";
		$die = "stop";
	}
		if ($die != "stop") {
	if (!move_uploaded_file($newfiletemp, $newfile)) {
		$errorhandler .= "There was some sort of problem moving the file.<br />";
		
			}	
		}
	}else {
	$file = "null";
	$newfile = "null";
	$newfiletemp = "null";
	}
	// end file handling
	if ($itemtitle == "" || $description == "") {
		$errorhandler .= "The title and description were required.  Please click the link ";
		$errorhandler .= "below to go back and fix the mistakes.<br />";
		}
	if (isset($price)) {
		if (!is_numeric($price)) {
			$errorhandler .= "The Price value has to be Numbers only.<br />";
			}
			if (preg_match("/^\$/", $price)){
   			$errorhandler .= "Please remove the $ symbol from the price field.<br />";
			}
		}
		if ($errorhandler != "") {
		echo $errorhandler;
		echo "<br />";
		echo "<a href=\"post3.php?category={$category}&subcategory={$subcategory}&postinfo={$postinfo}&itemtitle={$itemtitle}&price={$price}&description={$description}&zipcode={$zipcode}\" title=\"Go Back\">Go back and fix errors</a>";
		}
if ($errorhandler == "") {
$insert = "INSERT INTO $postinfo (categoryname, subcategoryname, schoolname, userid, itemtitle, price, description, zipcode, uploadurl, uploadname, dateentered, expiredate, eventdate) VALUES ('$category', '$subcategory', '$schoolname', '$userid', '$itemtitle', '$price', '$description', '$zipcode', '$file', '$newfiletemp', '$dateentered', '$expires', '$eventdate');";
if (mysql_query($insert)) {
?>
<p>Thank you for submitting your post.   We recommend that you check your post to ensure that all the information is correct.  You can view, edit, or delete your post by clicking the “My Account” link in the left navigation bar.</p>
<?php
	}else {
	echo "There was a problem submitting your post.  Please try again, or contact us.<br />";
	}
}
	break;	
		
case "2":
	// post set number 3 database work
	// Found items from the lost and found category
	$category = mysql_real_escape_string($_POST['category']);
	$subcategory = mysql_real_escape_string($_POST['subcategory']);
	$postinfo = mysql_real_escape_string($_POST['postinfo']); // table used in db
	$schoolname = mysql_real_escape_string($_SESSION['schoolaccess']);
	$userid = mysql_real_escape_string($_SESSION['userid']);
	$itemtitle = mysql_real_escape_string($_POST['itemtitle']);
	$description = mysql_real_escape_string($_POST['description']);
	$zipcode = mysql_real_escape_string($_POST['zipcode']);
	$datefound = mysql_real_escape_string($_POST['datefound']);
	$locationfound = mysql_real_escape_string($_POST['locationfound']);
	$dateentered = date("m/d/y");
	$expires = date("m/d/y", strtotime("+30 days"));
	$errorhandler = "";
	if ($itemtitle == "" || $description == "") {
		$errorhandler .= "The title and description were required.  Please click the link ";
		$errorhandler .= "below to go back and fix the mistakes.<br />";	
		}
		if ($errorhandler != "") {
		echo $errorhandler;
		echo "<br />";
		echo "<a href=\"post3.php?category={$category}&subcategory={$subcategory}&postinfo={$postinfo}&itemtitle={$itemtitle}&description={$description}&datefound={$datefound}&locationfound={$locationfound}&zipcode={$zipcode}\" title=\"Go Back\">Go back and fix errors</a>";	
		}
if ($errorhandler == "") {
$insert = "INSERT INTO $postinfo(categoryname, subcategoryname, schoolname, userid, itemtitle, description, locationfound, zipcode, datefound, dateentered, expiredate) VALUES ('$category', '$subcategory', '$schoolname', '$userid', '$itemtitle', '$description', '$locationfound', '$zipcode', '$datefound', '$dateentered', '$expires');";
if (mysql_query($insert)) {
	echo "Thank you for submitting the post. ";
	echo "You can edit your posts by logging into your account at any time and clicking ";
	echo "on edit posts in the left navigation.<br />";
	}else {
	echo "There was a problem submitting your post.  Please try again, or contact us.<br />";
	}
}
	break;

case "3":
	// post set number 2 database work
	// lost items from the lost and found category
	$category = mysql_real_escape_string($_POST['category']);
	$subcategory = mysql_real_escape_string($_POST['subcategory']);
	$postinfo = mysql_real_escape_string($_POST['postinfo']); // table used in db
	$schoolname = mysql_real_escape_string($_SESSION['schoolaccess']);
	$userid = mysql_real_escape_string($_SESSION['userid']);
	$itemtitle = mysql_real_escape_string($_POST['itemtitle']);
	$reward = mysql_real_escape_string($_POST['reward']);
	$description = mysql_real_escape_string($_POST['description']);
	$zipcode = mysql_real_escape_string($_POST['zipcode']);
	$datelost = mysql_real_escape_string($_POST['datelost']);
	$locationlost = mysql_real_escape_string($_POST['locationlost']);
	$dateentered = date("m/d/y");
	$expires = date("m/d/y", strtotime("+30 days"));
	$errorhandler = "";
	// file handling
	if ($_FILES['userfile']['name']) {
	$newfile = "../upload/lostitemfiles/".basename($_FILES['userfile']['name']);
	$file = "./upload/lostitemfiles/".basename($_FILES['userfile']['name']);
	$filename = $_FILES['userfile']['name'];
	$newfiletemp = "{$_FILES[userfile][tmp_name]}";
	$_accepted_extensions = array('.jpg', '.png', '.txt', '.gif', '.bmp', '.jpeg', '.doc', '.pdf');
	$tmp = pathinfo($_FILES['userfile']['name']);
	if (in_array('.' . $tmp['extension'],$_accepted_extensions)) {
	}else {
			$errorhandler .= "Incorrect file extension.<br />";
			$errorhandler .= "We accept .jpg, .png, .txt, .gif, .bmp, .jpeg, .doc, and .pdf ";
			$errorhandler .= "file formats, please make sure you are uploading the correct ";
			$errorhandler .= "file format or contact administration to find out what is ";
			$errorhandler .= "causing the problem.<br />";
			$die = "stop";
			}
	if (file_exists($newfile)) {
		$errorhandler .= "The file already exists.<br />";
		$die = "stop";
	}
		if ($die != "stop") {
	if (!move_uploaded_file($newfiletemp, $newfile)) {
		$errorhandler .= "There was some sort of problem moving the file.<br />";
			}		
		}	
	}else {
	$file = "null";
	$newfile = "null";
	$newfiletemp = "null";
	}
	// end file handling
	if ($itemtitle == "" || $description == "") {
		$errorhandler .= "The title and description were required.  Please click the link ";
		$errorhandler .= "below to go back and fix the mistakes.<br />";	
		}
		if (isset($reward)) {
		if (!is_numeric($reward)) {
			$errorhandler .= "The Reward value has to be Numbers only.<br />";
			}
			if (preg_match("/^\$/", $reward)){
   			$errorhandler .= "Please remove the $ symbol from the reward field.<br />";
			}

		}	
		if ($errorhandler != "") {
		echo $errorhandler;
		echo "<br />";
		echo "<a href=\"post3.php?category={$category}&subcategory={$subcategory}&postinfo={$postinfo}&itemtitle={$itemtitle}&reward={$reward}&description={$description}&datelost={$datelost}&locationlost={$locationlost}&zipcode={$zipcode}\" title=\"Go Back\">Go back and fix errors</a>";
		}
if ($errorhandler == "") {
$insert = "INSERT INTO $postinfo(categoryname, subcategoryname, schoolname, userid, itemtitle, reward, description, uploadurl, uploadname, locationlost, zipcode, datelost, dateentered, expiredate) VALUES ('$category', '$subcategory', '$schoolname', '$userid', '$itemtitle', '$reward', '$description', '$file', '$newfiletemp', '$locationlost', '$zipcode', '$datelost', '$dateentered', '$expires');";
if (mysql_query($insert)) {
	echo "Thank you for submitting the post. ";
	echo "You can edit your posts by logging into your account at any time and clicking ";
	echo "on edit posts in the left navigation.<br />";
	}else {
	echo "There was a problem submitting your post.  Please try again, or contact us.<br />";
	}
}
	break;

case "4":
	// post set number 5 database work
	// Work offered by students category
	$category = mysql_real_escape_string($_POST['category']);
	$subcategory = mysql_real_escape_string($_POST['subcategory']);
	$postinfo = mysql_real_escape_string($_POST['postinfo']); // table used in db
	$schoolname = mysql_real_escape_string($_SESSION['schoolaccess']);
	$userid = mysql_real_escape_string($_SESSION['userid']);
	$itemtitle = mysql_real_escape_string($_POST['itemtitle']);
	$wage = mysql_real_escape_string($_POST['wage']);
	$description = mysql_real_escape_string($_POST['description']);
	$zipcode = mysql_real_escape_string($_POST['zipcode']);
	$dateentered = date("m/d/y");
	$expires = date("m/d/y", strtotime("+30 days"));
	$errorhandler = "";
	if ($itemtitle == "" || $description == "") {
		$errorhandler .= "The title and description were required.  Please click the link ";
		$errorhandler .= "below to go back and fix the mistakes.<br />";
	// file handling
	if ($_FILES['userfile']['name']) {
	$newfile = "../upload/workofferedby/".basename($_FILES['userfile']['name']);
	$file = "./upload/workofferedby/".basename($_FILES['userfile']['name']);
	$filename = $_FILES['userfile']['name'];
	$newfiletemp = "{$_FILES[userfile][tmp_name]}";
	$_accepted_extensions = array('.jpg', '.png', '.txt', '.gif', '.bmp', '.jpeg', '.doc', '.pdf');
	$tmp = pathinfo($_FILES['userfile']['name']);
	if (in_array('.' . $tmp['extension'],$_accepted_extensions)) {
	}else {
			$errorhandler .= "Incorrect file extension.<br />";
			$errorhandler .= "We accept .jpg, .png, .txt, .gif, .bmp, .jpeg, .doc, and .pdf ";
			$errorhandler .= "file formats, please make sure you are uploading the correct ";
			$errorhandler .= "file format or contact administration to find out what is ";
			$errorhandler .= "causing the problem.<br />";
			$die = "stop";
			}
	if (file_exists($newfile)) {
		$errorhandler .= "The file already exists.<br />";
		$die = "stop";
	}
		if ($die != "stop") {
	if (!move_uploaded_file($newfiletemp, $newfile)) {
		$errorhandler .= "There was some sort of problem moving the file<br />";
			}	
		}
	}else {
	$file = "null";
	$newfile = "null";
	$newfiletemp = "null";
	}
	// end file handling
	if (isset($wage)) {
		if (!is_numeric($wage)) {
			$errorhandler .= "The wage value has to be Numbers only.<br />";
				}
			}	
			if (preg_match("/^\$/", $wage)){
   			$errorhandler .= "Please remove the $ symbol from the wage field.<br />";
			}
	
		}
		if ($errorhandler != "") {
		echo $errorhandler;
		echo "<br />";
		echo "<a href=\"post3.php?category={$category}&subcategory={$subcategory}&postinfo={$postinfo}&itemtitle={$itemtitle}&wage={$wage}&description={$description}&zipcode={$zipcode}\" title=\"Go Back\">Go back and fix errors</a>";
		}
if ($errorhandler == "") {
$insert = "INSERT INTO $postinfo(categoryname, subcategoryname, schoolname, userid, itemtitle, wage, description, zipcode, uploadurl, uploadname, dateentered, expiredate) VALUES ('$category', '$subcategory', '$schoolname', '$userid', '$itemtitle', '$wage', '$description', '$zipcode', '$file', '$newfiletemp', '$dateentered', '$expires');";
if (mysql_query($insert)) {
	echo "Thank you for submitting the post. ";
	echo "You can edit your posts by logging into your account at any time and clicking ";
	echo "on edit posts in the left navigation.<br />";
	}else {
	echo "There was a problem submitting your post.  Please try again, or contact us.<br />";
	}
}
	break;


case "5":
	// post set number 6 database work
	// work offered to students category
	$category = mysql_real_escape_string($_POST['category']);
	$subcategory = mysql_real_escape_string($_POST['subcategory']);
	$postinfo = mysql_real_escape_string($_POST['postinfo']); // table used in db
	$schoolname = mysql_real_escape_string($_SESSION['schoolaccess']);
	$userid = mysql_real_escape_string($_SESSION['userid']);
	$itemtitle = mysql_real_escape_string($_POST['itemtitle']);
	$wage = mysql_real_escape_string($_POST['wage']);
	$hoursperweek = mysql_real_escape_string($_POST['hoursperweek']);
	$description = mysql_real_escape_string($_POST['description']);
	$zipcode = mysql_real_escape_string($_POST['zipcode']);
	$dateentered = date("m/d/y");
	$expires = date("m/d/y", strtotime("+30 days"));
	$errorhandler = "";
	// file handling
	if ($_FILES['userfile']['name']) {
	$newfile = "../upload/workofferedto/".basename($_FILES['userfile']['name']);
	$file = "./upload/workofferedto/".basename($_FILES['userfile']['name']);
	$filename = $_FILES['userfile']['name'];
	$newfiletemp = "{$_FILES[userfile][tmp_name]}";
	$_accepted_extensions = array('.jpg', '.png', '.txt', '.gif', '.bmp', '.jpeg', '.doc', '.pdf');
	$tmp = pathinfo($_FILES['userfile']['name']);
	if (in_array('.' . $tmp['extension'],$_accepted_extensions)) {
	}else {
			$errorhandler .= "Incorrect file extension.<br />";
			$errorhandler .= "We accept .jpg, .png, .txt, .gif, .bmp, .jpeg, .doc, and .pdf ";
			$errorhandler .= "file formats, please make sure you are uploading the correct ";
			$errorhandler .= "file format or contact administration to find out what is ";
			$errorhandler .= "causing the problem.<br />";
			$die = "stop";
			}
	if (file_exists($newfile)) {
		$errorhandler .= "The file already exists.<br />";
		$die = "stop";
	}
		if ($die != "stop") {
	if (!move_uploaded_file($newfiletemp, $newfile)) {
		$errorhandler .= "There was some sort of problem moving the file.<br />";
			}
		}	
	}else {
	$file = "null";
	$newfile = "null";
	$newfiletemp = "null";
	}
	// end file handling
	if ($itemtitle == "" || $description == "") {
		$errorhandler .= "The title and description were required.  Please click the link ";
		$errorhandler .= "below to go back and fix the mistakes.<br />";
		}
		if (isset($wage)) {
			if (!is_numeric($wage)) {
			$errorhandler .= "The wage value has to be Numbers only.<br />";
			}
			if (preg_match("/^\$/", $wage)){
   			$errorhandler .= "Please remove the $ symbol from the wage field.<br />";
			}

		}
		if (isset($hoursperweek)) {
			if (!is_numeric($hoursperweek)) {
			$errorhandler .= "The Hours Per Week value has to be Numbers only.<br />";
			}
			if (preg_match("/^\$/", $hoursperweek)){
   			$errorhandler .= "Please remove the $ symbol from the Hours Per Week field.<br />";
			}

		}	
		if ($errorhandler != "") {
		echo $errorhandler;
		echo "<br />";
		echo "<a href=\"post3.php?category={$category}&subcategory={$subcategory}&postinfo={$postinfo}&itemtitle={$itemtitle}&wage={$wage}&hoursperweek={$hoursperweek}&description={$description}&zipcode={$zipcode}\" title=\"Go Back\">Go back and fix errors</a>";	
		}
if ($errorhandler == "") {
$insert = "INSERT INTO $postinfo(categoryname, subcategoryname, schoolname, userid, itemtitle, wage, hoursperweek, description, zipcode, uploadurl, uploadname, dateentered, expiredate) VALUES ('$category', '$subcategory', '$schoolname', '$userid', '$itemtitle', '$wage', '$hoursperweek', '$description', '$zipcode', '$file', '$newfiletemp', '$dateentered', '$expires');";
if (mysql_query($insert)) {
	echo "Thank you for submitting the post. ";
	echo "You can edit your posts by logging into your account at any time and clicking ";
	echo "on edit posts in the left navigation.<br />";
	}else {
	echo "There was a problem submitting your post.  Please try again, or contact us.<br />";
	}
}
	break;

case "6":
	// Post set number 7 database
	// texts subcategory under the academics category
	$category = mysql_real_escape_string($_POST['category']);
	$subcategory = mysql_real_escape_string($_POST['subcategory']);
	$postinfo = mysql_real_escape_string($_POST['postinfo']); // table used in db
	$schoolname = mysql_real_escape_string($_SESSION['schoolaccess']);
	$userid = mysql_real_escape_string($_SESSION['userid']);
	$coursenumber = mysql_real_escape_string($_POST['coursenumber']);
	$title = mysql_real_escape_string($_POST['title']);
	$author = mysql_real_escape_string($_POST['author']);
	$price = mysql_real_escape_string($_POST['price']);
	$zipcode = mysql_real_escape_string($_POST['zipcode']);
	$dateentered = date("m/d/y");
	$expires = date("m/d/y", strtotime("+30 days"));
	$errorhandler = "";
	// file handling
	if ($_FILES['userfile']['name']) {
	$newfile = "../upload/textbooks/".basename($_FILES['userfile']['name']);
	$file = "./upload/textbooks/".basename($_FILES['userfile']['name']);
	$filename = $_FILES['userfile']['name'];
	$newfiletemp = "{$_FILES[userfile][tmp_name]}";
	$_accepted_extensions = array('.jpg', '.png', '.txt', '.gif', '.bmp', '.jpeg', '.doc', '.pdf');
	$tmp = pathinfo($_FILES['userfile']['name']);
	if (in_array('.' . $tmp['extension'],$_accepted_extensions)) {
	}else {
			$errorhandler .= "Incorrect file extension.<br />";
			$errorhandler .= "We accept .jpg, .png, .txt, .gif, .bmp, .jpeg, .doc, and .pdf ";
			$errorhandler .= "file formats, please make sure you are uploading the correct ";
			$errorhandler .= "file format or contact administration to find out what is ";
			$errorhandler .= "causing the problem.<br />";
			$die = "stop";
			}
	if (file_exists($newfile)) {
		$errorhandler .= "The file already exists<br />";
		$die = "stop";
	}
		if ($die != "stop") {
	if (!move_uploaded_file($newfiletemp, $newfile)) {
		$errorhandler .= "There was some sort of problem moving the file<br />";
			}
		}	
	}else {
	$file = "null";
	$newfile = "null";
	$newfiletemp = "null";
	}
	// end file handling

	if ($title == "" || $author == "") {
		$errorhandler .= "The title and description were required.  Please click the link ";
		$errorhandler .= "below to go back and fix the mistakes.<br />";
		}
		if (isset($price)) {
			if (!is_numeric($price)) {
			$errorhandler .= "The Price value has to be Numbers only.<br />";
			}
			if (preg_match("/^\$/", $price)){
   			$errorhandler .= "Please remove the $ symbol from the price field.<br />";
			}

		}	
		if ($errorhandler != "") {
		echo $errorhandler;
		echo "<br />";
		echo "<a href=\"post3.php?category={$category}&subcategory={$subcategory}&postinfo={$postinfo}&coursenumber={$coursenumber}&title={$title}&author={$author}&price={$price}&zipcode={$zipcode}\" title=\"Go Back\">Go back and fix errors</a>";	
		}
if ($errorhandler == "") {
$insert = "INSERT INTO $postinfo (categoryname, subcategoryname, schoolname, userid, coursenumber, title, author, price, zipcode, uploadurl, uploadname, dateentered, expiredate) VALUES ('$category', '$subcategory', '$schoolname', '$userid', '$coursenumber', '$title', '$author', '$price', '$zipcode', '$file', '$newfiletemp', '$dateentered', '$expires');";
if (mysql_query($insert)) {
	echo "Thank you for submitting the post. ";
	echo "You can edit your posts by logging into your account at any time and clicking ";
	echo "on edit posts in the left navigation.<br />";
	}else {
	echo "There was a problem submitting your post.  Please try again, or contact us.<br />";
	}
}
	break;


case "7":
	// Post set number 8 database
	// Notes And Cheat Sheets subcategory under the academics category
	$category = mysql_real_escape_string($_POST['category']);
	$subcategory = mysql_real_escape_string($_POST['subcategory']);
	$postinfo = mysql_real_escape_string($_POST['postinfo']); // table used in db
	$schoolname = mysql_real_escape_string($_SESSION['schoolaccess']);
	$userid = mysql_real_escape_string($_SESSION['userid']);
	$coursenumber = mysql_real_escape_string($_POST['coursenumber']);
	$test = mysql_real_escape_string($_POST['test']);
	$professor = mysql_real_escape_string($_POST['professor']);
	$zipcode = mysql_real_escape_string($_POST['zipcode']);
	$dateentered = date("m/d/y");
	$expires = date("m/d/y", strtotime("+30 days"));
	$errorhandler = "";
	// file handling
	if ($_FILES['userfile']['name']) {
	$newfile = "../upload/notesandcheatsheets/".basename($_FILES['userfile']['name']);
	$file = "./upload/notesandcheatsheets/".basename($_FILES['userfile']['name']);
	$filename = $_FILES['userfile']['name'];
	$newfiletemp = "{$_FILES[userfile][tmp_name]}";
	$_accepted_extensions = array('.jpg', '.png', '.txt', '.gif', '.bmp', '.jpeg', '.doc', '.pdf');
	$tmp = pathinfo($_FILES['userfile']['name']);
	if (in_array('.' . $tmp['extension'],$_accepted_extensions)) {
	}else {
			$errorhandler .= "Incorrect file extension.<br />";
			$errorhandler .= "We accept .jpg, .png, .txt, .gif, .bmp, .jpeg, .doc, and .pdf ";
			$errorhandler .= "file formats, please make sure you are uploading the correct ";
			$errorhandler .= "file format or contact administration to find out what is ";
			$errorhandler .= "causing the problem.<br />";
			$die = "stop";
			}
	if (file_exists($newfile)) {
		$errorhandler .= "The file already exists.<br />";
		$die = "stop";
	}
		if ($die != "stop") {
	if (!move_uploaded_file($newfiletemp, $newfile)) {
		$errorhandler .= "There was some sort of problem moving the file.<br />";
			}
		}	
	}else {
	$file = "null";
	$newfile = "null";
	$newfiletemp = "null";
	}
	// end file handling
	
	if ($coursenumber == "") {
		$errorhandler .= "The course number was required.  Please click the link ";
		$errorhandler .= "below to go back and fix the mistakes.<br />";		
			}
		if ($errorhandler != "") {
		echo $errorhandler;
		echo "<br />";
		echo "<a href=\"post3.php?category={$category}&subcategory={$subcategory}&postinfo={$postinfo}&coursenumber={$coursenumber}&test={$test}&professor={$professor}&zipcode={$zipcode}\" title=\"Go Back\">Go back and fix errors</a>";
		}
if ($errorhandler == "") {
$insert = "INSERT INTO $postinfo (categoryname, subcategoryname, schoolname, userid, coursenumber, test, professor, zipcode, uploadurl, uploadname, dateentered, expiredate) VALUES ('$category', '$subcategory', '$schoolname', '$userid', '$coursenumber', '$test', '$professor', '$zipcode', '$file', '$newfiletemp', '$dateentered', '$expires');";
if (mysql_query($insert)) {
	echo "Thank you for submitting the post. ";
	echo "You can edit your posts by logging into your account at any time and clicking ";
	echo "on edit posts in the left navigation.<br />";
	}else {
	echo "There was a problem submitting your post.  Please try again, or contact us.<br />";
	}
}
	break;

case "8":
	// Post set number 4 database
	// Everything under the rentals category
	$category = mysql_real_escape_string($_POST['category']);
	$subcategory = mysql_real_escape_string($_POST['subcategory']);
	$postinfo = mysql_real_escape_string($_POST['postinfo']); // table used in db
	$schoolname = mysql_real_escape_string($_SESSION['schoolaccess']);
	$userid = mysql_real_escape_string($_SESSION['userid']);
	$itemtitle = mysql_real_escape_string($_POST['itemtitle']);
	$priceperunit = mysql_real_escape_string($_POST['priceperunit']);
	$numberofunits = mysql_real_escape_string($_POST['numberofunits']);
	$description = mysql_real_escape_string($_POST['description']);
	$dateentered = date("m/d/y");
	$zipcode = mysql_real_escape_string($_POST['zipcode']);
	$expires = date("m/d/y", strtotime("+30 days"));
	$errorhandler = "";
	// file handling
	if ($_FILES['userfile']['name']) {
	$newfile = "../upload/rentals/".basename($_FILES['userfile']['name']);
	$file = "./upload/rentals/".basename($_FILES['userfile']['name']);
	$filename = $_FILES['userfile']['name'];
	$newfiletemp = "{$_FILES[userfile][tmp_name]}";
	$_accepted_extensions = array('.jpg', '.png', '.txt', '.gif', '.bmp', '.jpeg', '.doc', '.pdf');
	$tmp = pathinfo($_FILES['userfile']['name']);
	if (in_array('.' . $tmp['extension'],$_accepted_extensions)) {
	}else {
			$errorhandler .= "Incorrect file extension.<br />";
			$errorhandler .= "We accept .jpg, .png, .txt, .gif, .bmp, .jpeg, .doc, and .pdf ";
			$errorhandler .= "file formats, please make sure you are uploading the correct ";
			$errorhandler .= "file format or contact administration to find out what is ";
			$errorhandler .= "causing the problem.<br />";
			$die = "stop";
			}
	if (file_exists($newfile)) {
		$errorhandler .= "The file already exists.<br />";
		$die = "stop";
	}
		if ($die != "stop") {
	if (!move_uploaded_file($newfiletemp, $newfile)) {
		$errorhandler .= "There was some sort of problem moving the file.<br />";
			}
		}	
	}else {
	$file = "null";
	$newfile = "null";
	$newfiletemp = "null";
	}
	// end file handling
	if ($itemtitle == "" || $description == "") {
		$errorhandler .= "The title and description were required.  Please click the link ";
		$errorhandler .= "below to go back and fix the mistakes.<br />";	
		}
		if (isset($priceperunit)) {
			if (!is_numeric($priceperunit)) {
			$errorhandler .= "The Price Per Unit value has to be Numbers only.<br />";
			}
			if (preg_match("/^\$/", $priceperunit)){
   			$errorhandler .= "Please remove the $ symbol from the price Per Unit field.<br />";
			}

		}
		if (isset($numberofunits)) {
			if (!is_numeric($numberofunits)) {
			$errorhandler .= "The Number Of Units value has to be Numbers only.<br />";
			}
			if (preg_match("/^\$/", $numberofunits)){
   			$errorhandler .= "Please remove the $ symbol from the Number Of Units field.<br />";
			}
		}	
		if ($errorhandler != "") {
		echo $errorhandler;
		echo "<br />";
		echo "<a href=\"post3.php?category={$category}&subcategory={$subcategory}&postinfo={$postinfo}&itemtitle={$itemtitle}&priceperunit={$priceperunit}&numberofunits={$numberofunits}&description={$description}&zipcode={$zipcode}\" title=\"Go Back\">Go back and fix errors</a>";
		}
if ($errorhandler == "") {
$insert = "INSERT INTO $postinfo (categoryname, subcategoryname, schoolname, userid, itemtitle, priceperunit, numberofunits, description, zipcode, uploadurl, uploadname, dateentered, expiredate) VALUES ('$category', '$subcategory', '$schoolname', '$userid', '$itemtitle', '$priceperunit', '$numberofunits', '$description', '$zipcode', '$file', '$newfiletemp', '$dateentered', '$expires');";
if (mysql_query($insert)) {
	echo "Thank you for submitting the post. ";
	echo "You can edit your posts by logging into your account at any time and clicking ";
	echo "on edit posts in the left navigation.<br />";
	}else {
	echo "There was a problem submitting your post.  Please try again, or contact us.<br />";
	}
}
	break;
} // end switch

?>
        </div>
		
    </div>
<?php
include '../includes/banner.inc.php'; // includes the banner, randomly selected from a database
?>
	
<?php
include '../includes/footer.inc.php'; // includes the page footer, bottom navigation copyright
?>
</div>
</body>
</html>

------

Business Website: http://www.infotechnologist.biz

Personal Website: http://www.joyelpuryear.com

Blog Site: http://www.realmofwriting.com
Services: Web development, application development, mobile development, and custom development. All services listed on my website.


#6 trq

trq
  • Staff Alumni
  • Advanced Member
  • 31,041 posts

Posted 26 September 2006 - 02:27 PM

You set $price youself so if (isset($price)) will always be true. As for why it always finds a $, why are you using preg_match? A simple....

if ($price{0} == "$") {

would suffice.

#7 Ninjakreborn

Ninjakreborn
  • Members
  • PipPipPip
  • Information Technology Specialist
  • 3,922 posts
  • Age:33

Posted 26 September 2006 - 02:32 PM

ok, I see now the first problem, thanks for that.
Can you help me further on one thing, what do you mean by
if ($price{0} == "$") {
Is that a quick way to check a variables character position.
How else can this be used, more of what does it mean, I have never seen it before.

------

Business Website: http://www.infotechnologist.biz

Personal Website: http://www.joyelpuryear.com

Blog Site: http://www.realmofwriting.com
Services: Web development, application development, mobile development, and custom development. All services listed on my website.


#8 trq

trq
  • Staff Alumni
  • Advanced Member
  • 31,041 posts

Posted 26 September 2006 - 02:34 PM

This checks to see if the first character is a $ sign. $price{1} would be the second char etc, etc.

#9 Daniel0

Daniel0
  • Staff Alumni
  • Advanced Member
  • 11,956 posts

Posted 26 September 2006 - 02:37 PM

You set $price youself so if (isset($price)) will always be true. As for why it always finds a $, why are you using preg_match? A simple....

if ($price{0} == "$") {

would suffice.


Cool... thats sort of like Python. Where can you read more about that?

#10 Ninjakreborn

Ninjakreborn
  • Members
  • PipPipPip
  • Information Technology Specialist
  • 3,922 posts
  • Age:33

Posted 26 September 2006 - 02:45 PM

I have to keep that in mind, thanks.

------

Business Website: http://www.infotechnologist.biz

Personal Website: http://www.joyelpuryear.com

Blog Site: http://www.realmofwriting.com
Services: Web development, application development, mobile development, and custom development. All services listed on my website.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users