Jump to content

number related questions, validation

Ninjakreborn

By Ninjakreborn
in PHP Coding Help

 Share

Recommended Posts

Ninjakreborn Prolific Member

Ninjakreborn

Posted
Posted
[code] if (isset($price)) {
if (!is_numeric($price)) {
$errorhandler .= "The Price value has to be Numbers only.<br />";
}
if (preg_match("/^\$/", $price)){
    $errorhandler .= "Please remove the $ symbol from the price field.<br />";
}
}[/code]
[b]File Structure[/b]
Area around where I am having the problem
It is a posting system spread throughout 5 pages.
Page 1- select category
Page 2- select subcategory
Page 3- Using category, and subcategory, it uses the appropriate case, from a switch statement to show the proper form.
page 4- processes using a switch statement based on a form.
Problem Pages(Page 3, going to Page 4)

[b]Intended Functioning[/b]
[list]
[*]Check if the field is set.
[*]If it's set check to make sure it's of a numeric value(a rough validation)
[*]check to see if a dollar sign if present, if it is return a value
[/list]
[b]Current Functioning[/b]
[list]
[*]Check if the field was set(but with problems *See footnote 1)
[*]Checks to see if it's a number(rough validation), if it isn't then it returns an error(as intended)
[*]Checks to see if there is a dollar sign present.(but with problems *See footnote 2, See credit 1)
[/list]

[b]Foot Notes[/b]
[list]
[*]Footnote 1- It tries to detect the existence of the field, even when it is not present.  It was working, when I inserted the extra code to validate dollar sign, it now tries to read the existence of the field, whether it was left blank or not.  This is not good, as this field was intended to be optional, but if chosen needs to be validated properly.
[*]Footnote 2- When I first call the post4.php page from post3.php it tells me that it detected the existence of the variable.  Then it tries to run the validation on that variable, and ends up returning an error saying remove the dollar sign, when there was no dollar sign, or no variable set.
[/list]

[b]Credits[/b]
[list]
[*]Credit 1- Courtesy of Huggie Bear from a post on http://www.phpfreaks.com (thank you)
[/list]
Link to comment
https://forums.phpfreaks.com/topic/22099-number-related-questions-validation/
Share on other sites
Ninjakreborn Prolific Member

Ninjakreborn

Posted
  • Author
Posted
post.php(The first page of the form process, where they choose category)
[code]<?php
session_start();

if ($_SESSION['controller'] != true) {
header("Location: /login.php");
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<?php
include './includes/meta.inc.php'; // includes meta tags, stylesheet, and javascript inclusion
?>
</head>
<body>
<div id="wrap">
<?php
include './includes/header.inc.php'; // inserts header, logo, and everything up there
?>
   <br style="clear: both;" />

<?php
include './includes/leftnav.inc.php'; // inserts left navigation
?>

   <div id="content">

       <div class="overall">
<p>Please choose a category for your posting.</p>
<form name="postad" id="postad" action="processors/post2.php" method="post">
<label for="category">Category:</label><br />
<select name="category" id="category">
<option>Item</option>
<option>Events</option>
<option>Lost and Found</option>
<option>Work (offered by students)</option>
<option>Work (offered to students)</option>
<option>Academics</option>
<option>Rentals</option>
</select><br />
<input name="submit" type="submit" value="Next" />
</form>

       </div>

   </div>
<?php
include './includes/banner.inc.php'; // includes the banner, randomly selected from a database
?>

<?php
include './includes/footer.inc.php'; // includes the page footer, bottom navigation copyright
?>
</div>
</body>
</html>[/code]

post2.php(Where they choose sub-category)
[code]<?php
session_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<?php
include '../includes/meta.inc.php'; // includes meta tags, stylesheet, and javascript inclusion
?>
</head>
<body>
<div id="wrap">
<?php
include '../includes/header.inc.php'; // inserts header, logo, and everything up there
?>
   <br style="clear: both;" />

<?php
include '../includes/leftnav.inc.php'; // inserts left navigation
?>

   <div id="content">

       <div class="overall">
<h3>Ad Posting Process</h3>
<?php
// connecting to database, selecting database
mysql_connect("mysql185.secureserver.net", "####", "#####3");
mysql_select_db("joyel");
// safety
$category = $_POST['category'];
// switch case to determine what sub-categories appear
echo "<form name=\"post2\" id=\"post2\" action=\"post3.php\" method=\"post\">\n";
switch ($category) {
case "Item":
$select = "SELECT * FROM categoryinformation WHERE categoryname = '$category';";
$query = mysql_query($select);
echo "<select name=\"subcategory\" id=\"subcategory\">\n";
while ($row = mysql_fetch_array($query)) {
echo "<option>" . stripslashes($row['subcategoryname']) . "</option>\n";
}
echo "</select>\n";
echo "<input name=\"postinfo\" id=\"postinfo\" type=\"hidden\" value=\"postset1\" />";
echo "<input name=\"categoryname\" id=\"category\" type=\"hidden\" value=\"$category\" />";
break; // break to stop switch statement

case "Events":
$select = "SELECT * FROM categoryinformation WHERE categoryname = '$category';";
$query = mysql_query($select);
echo "<select name=\"subcategory\" id=\"subcategory\">\n";
while ($row = mysql_fetch_array($query)) {
echo "<option>" . stripslashes($row['subcategoryname']) . "</option>\n";
}
echo "</select>\n";
echo "<input name=\"postinfo\" id=\"postinfo\" type=\"hidden\" value=\"postset1\" />";
echo "<input name=\"categoryname\" id=\"category\" type=\"hidden\" value=\"$category\" />";
break;

case "Lost and Found":
$select = "SELECT * FROM categoryinformation WHERE categoryname = '$category';";
$query = mysql_query($select);
echo "<select name=\"subcategory\" id=\"subcategory\">\n";
while ($row = mysql_fetch_array($query)) {
echo "<option>" . stripslashes($row['subcategoryname']) . "</option>\n";
}
echo "</select>\n";
echo "<input name=\"postinfo_op1\" id=\"postinfo_op1\" type=\"hidden\" value=\"postset2\"
/>";
echo "<input name=\"postinfo_op2\" id=\"postinfo_op2\" type=\"hidden\" value=\"postset3\"
/>";
echo "<input name=\"categoryname\" id=\"category\" type=\"hidden\" value=\"$category\" />";
break;

case "Work (offered by students)":
$select = "SELECT * FROM categoryinformation WHERE categoryname = '$category';";
$query = mysql_query($select);
echo "<select name=\"subcategory\" id=\"subcategory\">\n";
while ($row = mysql_fetch_array($query)) {
echo "<option>" . stripslashes($row['subcategoryname']) . "</option>\n";
}
echo "</select>\n";
echo "<input name=\"postinfo\" id=\"postinfo\" type=\"hidden\" value=\"postset5\" />";
echo "<input name=\"categoryname\" id=\"category\" type=\"hidden\" value=\"$category\" />";
break;

case "Work (offered to students)":
$select = "SELECT * FROM categoryinformation WHERE categoryname = '$category';";
$query = mysql_query($select);
echo "<select name=\"subcategory\" id=\"subcategory\">\n";
while ($row = mysql_fetch_array($query)) {
echo "<option>" . stripslashes($row['subcategoryname']) . "</option>\n";
}
echo "</select>\n";
echo "<input name=\"postinfo\" id=\"postinfo\" type=\"hidden\" value=\"postset6\" />";
echo "<input name=\"categoryname\" id=\"category\" type=\"hidden\" value=\"$category\" />";
break;

case "Academics":
$select = "SELECT * FROM categoryinformation WHERE categoryname = '$category';";
$query = mysql_query($select);
echo "<select name=\"subcategory\" id=\"subcategory\">\n";
while ($row = mysql_fetch_array($query)) {
echo "<option>" . stripslashes($row['subcategoryname']) . "</option>\n";
}
echo "</select>\n";
echo "<input name=\"postinfo_op1\" id=\"postinfo_op1\" type=\"hidden\" value=\"postset7\"
/>";
echo "<input name=\"postinfo_op2\" id=\"postinfo_op1\" type=\"hidden\" value=\"postset8\"
/>";
echo "<input name=\"categoryname\" id=\"category\" type=\"hidden\" value=\"$category\" />";
break;

case "Rentals":
$select = "SELECT * FROM categoryinformation WHERE categoryname = '$category';";
$query = mysql_query($select);
echo "<select name=\"subcategory\" id=\"subcategory\">\n";
while ($row = mysql_fetch_array($query)) {
echo "<option>" . stripslashes($row['subcategoryname']) . "</option>\n";
}
echo "</select>\n";
echo "<input name=\"postinfo\" id=\"postinfo\" type=\"hidden\" value=\"postset4\" />";
echo "<input name=\"categoryname\" id=\"category\" type=\"hidden\" value=\"$category\" />";
break;
}
echo "<br />";
echo "<input name=\"submit\" id=\"submit\" type=\"submit\" value=\"next\" />";
echo "</form>";

?>

       </div>

   </div>
<?php
include '../includes/banner.inc.php'; // includes the banner, randomly selected from a database
?>

<?php
include '../includes/footer.inc.php'; // includes the page footer, bottom navigation copyright
?>
</div>
</body>
</html>[/code]

Ninjakreborn Prolific Member

Ninjakreborn

Posted
  • Author
Posted
post3.php(Page that choose a form based on category and sub-category, any thing taking numbers is what I am validating with the code from the other post.
[code]<?php
session_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<?php
include '../includes/meta.inc.php'; // includes meta tags, stylesheet, and javascript inclusion
?>
</head>
<body>
<div id="wrap">
<?php
include '../includes/header.inc.php'; // inserts header, logo, and everything up there
?>
   <br style="clear: both;" />

<?php
include '../includes/leftnav.inc.php'; // inserts left navigation
?>

   <div id="content">

       <div class="overall">
<h3>Ad Posting Process</h3>
<?php
// connecting to database, selecting database
mysql_connect("mysql185.secureserver.net", "#####", "####");
mysql_select_db("joyel");
// below I set the variables depending.  If it's coming from further up the page they are set to post, because they are coming from the previous form, otherwise they are coming from the next page, back to this one via get, this allows the form fields to repopulate.
if ($_GET['category']) {
$category = $_GET['category'];
}else {
$category = $_POST['categoryname'];
}
if ($_GET['subcategory']) {
$subcategory = $_GET['subcategory'];
}else {
$subcategory = $_POST['subcategory'];
}
if ($_GET['postinfo']) {
$postinfo = mysql_real_escape_string($_GET['postinfo']);
}else {
$postinfo = mysql_real_escape_string($_POST['postinfo']);
}
// below get's hairy.  based on the contents of cat and subcat different things happen.
if ($category == "Item" || $category == "Events") { // if the category is item
?>
<form enctype="multipart/form-data" name="post3" id="post3" action="post4.php" method="post">
<input name="category" id="category" type="hidden" value="<?php echo $category; ?>" />
<input name="subcategory" id="subcategory" type="hidden" value="<?php echo $subcategory; ?>" />
<input name="postinfo" id="postinfo" type="hidden" value="<?php echo $postinfo; ?>" />
<input name="number" id="number" type="hidden" value="1" />
<label for="itemtitle">*Item Title:</label><br />
<input name="itemtitle" id="itemtitle" type="text" maxlength="120"
value="<?php echo $_GET['itemtitle']; ?>" /><br />
<label for="price">Price:</label><br />
<input name="price" id="price" type="text" maxlength="100"
value="<?php echo $_GET['price']; ?>" /><br />
<label for="zipcode">Zipcode:</label><br />
<input name="zipcode" id="zipcode" type="text" maxlength="30"
value="<?php echo $_GET['zipcode']; ?>" /><br />
<?php
if ($category == "Events") {
?>
<label for="eventdate">Event Date:</label><br />
<input name="eventdate" id="eventdate" type="text" maxlength="30" /><br />
<?php
}
?>
<label for="description">*Description:</label><br />
<textarea name="description" id="description" rows="10" cols="30"><?php echo $_GET['description']; ?></textarea><br />
<p>Upload Picture:</p>
<input type="hidden" name="MAX_FILE_SIZE" value="2097152" />
<input name="userfile" id="userfile" type="file" /><br />
<input name="submit" id="submit" type="submit" value="submit" />
</form>
<?php
} // end the if for category equals item

if ($category == "Lost and Found") {
if ($subcategory == "Items Found") {
if ($_GET['postinfo']) {
$postinfo1 = mysql_real_escape_string($_GET['postinfo']);
}else {
$postinfo1 = mysql_real_escape_string($_POST['postinfo_op2']);
}
?>
<form name="post3" id="post3" action="post4.php" method="post">
<input name="category" id="category" type="hidden" value="<?php echo $category; ?>" />
<input name="subcategory" id="subcategory" type="hidden" value="<?php echo $subcategory; ?>" />
<input name="postinfo" id="postinfo" type="hidden" value="<?php echo $postinfo1; ?>" />
<input name="number" id="number" type="hidden" value="2" />
<label for="itemtitle">*Item Title:</label><br />
<input name="itemtitle" id="itemtitle" type="text" maxlength="200"
value="<?php echo $_GET['itemtitle']; ?>" /><br />
<label for="zipcode">Zipcode:</label><br />
<input name="zipcode" id="zipcode" type="text" maxlength="30"
value="<?php echo $_GET['zipcode']; ?>" /><br />
<label for="datefound">Date Found:</label><br />
<input name="datefound" id="datefound" type="text" maxlength="120"
value="<?php echo $_GET['datefound']; ?>" /><br />
<label for="locationfound">Location Found:</label><br />
<input name="locationfound" id="locationfound" type="text" maxlength="120"
value="<?php echo $_GET['locationfound']; ?>" /><br />
<label for="description">*Description:</label><br />
<textarea name="description" id="description" rows="10" cols="30"><?php echo $_GET['description']; ?></textarea><br />
<input name="submit" id="submit" type="submit" value="submit" />
</form>

<?php
}
if ($subcategory == "Items Lost") {
if ($_GET['postinfo']) {
$postinfo2 = mysql_real_escape_string($_GET['postinfo']);
}else {
$postinfo2 = mysql_real_escape_string($_POST['postinfo_op1']);
}
?>
<form enctype="multipart/form-data" name="post3" id="post3" action="post4.php" method="post">
<input name="category" id="category" type="hidden" value="<?php echo $category; ?>" />
<input name="subcategory" id="subcategory" type="hidden" value="<?php echo $subcategory; ?>" />
<input name="postinfo" id="postinfo" type="hidden" value="<?php echo $postinfo2; ?>" />
<input name="number" id="number" type="hidden" value="3" />
<label for="itemtitle">*Item Title:</label><br />
<input name="itemtitle" id="itemtitle" type="text" maxlength="200"
value="<?php echo $_GET['itemtitle']; ?>" /><br />
<label for="reward">Reward:</label><br />
<input name="reward" id="reward" type="text" maxlength="120"
value="<?php echo $_GET['reward']; ?>" /><br />
<label for="zipcode">Zipcode:</label><br />
<input name="zipcode" id="zipcode" type="text" maxlength="30"
value="<?php echo $_GET['zipcode']; ?>" /><br />
<label for="datelost">Date Lost:</label><br />
<input name="datelost" id="datelost" type="text" maxlength="120"
value="<?php echo $_GET['datelost']; ?>" /><br />
<label for="locationlost">Location Lost:</label><br />
<input name="locationlost" id="locationlost" type="text" maxlength="120"
value="<?php echo $_GET['locationlost']; ?>" /><br />
<label for="description">*Description:</label><br />
<textarea name="description" id="description" rows="10" cols="30"><?php echo $_GET['description']; ?></textarea><br />
<p>Upload Picture:</p>
<input type="hidden" name="MAX_FILE_SIZE" value="2097152" />
<input name="userfile" id="userfile" type="file" /><br />
<input name="submit" id="submit" type="submit" value="submit" />
</form>
<?php
}
}
if ($category == "Work (offered by students)") {
?>
<form enctype="multipart/form-data" name="post3" id="post3" action="post4.php" method="post">
<input name="category" id="category" type="hidden" value="<?php echo $category; ?>" />
<input name="subcategory" id="subcategory" type="hidden" value="<?php echo $subcategory; ?>" />
<input name="postinfo" id="postinfo" type="hidden" value="<?php echo $postinfo; ?>" />
<input name="number" id="number" type="hidden" value="4" />
<label for="itemtitle">*Item Title:</label><br />
<input name="itemtitle" id="itemtitle" type="text" maxlength="200"
value="<?php echo $_GET['itemtitle']; ?>" /><br />
<label for="wage">Wage:</label><br />
<input name="wage" id="wage" type="text" maxlength="120"
value="<?php echo $_GET['wage']; ?>" /><br />
<label for="zipcode">Zipcode:</label><br />
<input name="zipcode" id="zipcode" type="text" maxlength="30"
value="<?php echo $_GET['zipcode']; ?>" /><br />
<label for="description">*Description:</label><br />
<textarea name="description" id="description" rows="10" cols="30"><?php echo $_GET['description']; ?></textarea><br />
<p>Upload Picture:</p>
<input type="hidden" name="MAX_FILE_SIZE" value="2097152" />
<input name="userfile" id="userfile" type="file" /><br />
<input name="submit" id="submit" type="submit" value="submit" />
</form>
<?php
}
if ($category == "Work (offered to students)") {
?>
<form enctype="multipart/form-data" name="post3" id="post3" action="post4.php" method="post">
<input name="category" id="category" type="hidden" value="<?php echo $category; ?>" />
<input name="subcategory" id="subcategory" type="hidden" value="<?php echo $subcategory; ?>" />
<input name="postinfo" id="postinfo" type="hidden" value="<?php echo $postinfo; ?>" />
<input name="number" id="number" type="hidden" value="5" />
<label for="itemtitle">*Item Title:</label><br />
<input name="itemtitle" id="itemtitle" type="text" maxlength="200"
value="<?php echo $_GET['itemtitle']; ?>" /><br />
<label for="wage">Wage:</label><br />
<input name="wage" id="wage" type="text" maxlength="120"
value="<?php echo $_GET['wage']; ?>" /><br />
<label for="hoursperweek">Hours Per Week:</label><br />
<input name="hoursperweek" id="hoursperweek" type="text" maxlength="120"
value="<?php echo $_GET['wage']; ?>" /><br />
<label for="zipcode">Zipcode:</label><br />
<input name="zipcode" id="zipcode" type="text" maxlength="30"
value="<?php echo $_GET['zipcode']; ?>" /><br />
<label for="description">*Description:</label><br />
<textarea name="description" id="description" rows="10" cols="30"><?php echo $_GET['description']; ?></textarea><br />
<p>Upload Picture:</p>
<input type="hidden" name="MAX_FILE_SIZE" value="2097152" />
<input name="userfile" id="userfile" type="file" /><br />
<input name="submit" id="submit" type="submit" value="submit" />
</form>
<?php
}
if ($category == "Academics") {
if ($subcategory == "Textbooks") {
if ($_GET['postinfo']) {
$postinfo = mysql_real_escape_string($_GET['postinfo']);
}else {
$postinfo = mysql_real_escape_string($_POST['postinfo_op1']);
}
?>
<form enctype="multipart/form-data" name="post3" id="post3" action="post4.php" method="post">
<input name="category" id="category" type="hidden" value="<?php echo $category; ?>" />
<input name="subcategory" id="subcategory" type="hidden" value="<?php echo $subcategory; ?>" />
<input name="postinfo" id="postinfo" type="hidden" value="<?php echo $postinfo; ?>" />
<input name="number" id="number" type="hidden" value="6" />
<label for="coursenumber">Course Number:</label><br />
<input name="coursenumber" id="coursenumber" type="text" maxlength="120"
value="<?php echo $_GET['coursenumber']; ?>" /><br />
<label for="title">*Title:</label><br />
<input name="title" id="title" type="text" maxlength="200"
value="<?php echo $_GET['title']; ?>" /><br />
<label for="author">*Author:</label><br />
<input name="author" id="author" type="text" maxlength="120"
value="<?php echo $_GET['author']; ?>" /><br />
<label for="price">Price:</label><br />
<input name="price" id="price" type="text" maxlength="120"
value="<?php echo $_GET['price']; ?>" /><br />
<label for="zipcode">Zipcode:</label><br />
<input name="zipcode" id="zipcode" type="text" maxlength="30"
value="<?php echo $_GET['zipcode']; ?>" /><br />
<p>Upload Picture:</p>
<input type="hidden" name="MAX_FILE_SIZE" value="2097152" />
<input name="userfile" id="userfile" type="file" /><br />
<input name="submit" id="submit" type="submit" value="submit" />
</form>
<?php
}
if ($subcategory == "Notes" || $subcategory == "Cheat Sheets") {
if ($_GET['postinfo']) {
$postinfo = mysql_real_escape_string($_GET['postinfo']);
}else {
$postinfo = mysql_real_escape_string($_POST['postinfo_op2']);
}
?>
<form enctype="multipart/form-data" name="post3" id="post3" action="post4.php" method="post">
<input name="category" id="category" type="hidden" value="<?php echo $category; ?>" />
<input name="subcategory" id="subcategory" type="hidden" value="<?php echo $subcategory; ?>" />
<input name="postinfo" id="postinfo" type="hidden" value="<?php echo $postinfo; ?>" />
<input name="number" id="number" type="hidden" value="7" />
<label for="coursenumber">*Course Number:</label><br />
<input name="coursenumber" id="coursenumber" type="text" maxlength="120"
value="<?php echo $_GET['coursenumber']; ?>" /><br />
<label for="test">Test:</label><br />
<input name="test" id="test" type="text" maxlength="200"
value="<?php echo $_GET['test']; ?>" /><br />
<label for="professor">Professor:</label><br />
<input name="professor" id="professor" type="text" maxlength="200"
value="<?php echo $_GET['professor']; ?>" /><br />
<label for="zipcode">Zipcode:</label><br />
<input name="zipcode" id="zipcode" type="text" maxlength="30"
value="<?php echo $_GET['zipcode']; ?>" /><br />
<p>Upload Picture:</p>
<input type="hidden" name="MAX_FILE_SIZE" value="2097152" />
<input name="userfile" id="userfile" type="file" /><br />
<input name="submit" id="submit" type="submit" value="submit" />
</form>
<?php
}
}
if ($category == "Rentals") {
?>
<form enctype="multipart/form-data" name="post3" id="post3" action="post4.php" method="post">
<input name="category" id="category" type="hidden" value="<?php echo $category; ?>" />
<input name="subcategory" id="subcategory" type="hidden" value="<?php echo $subcategory; ?>" />
<input name="postinfo" id="postinfo" type="hidden" value="<?php echo $postinfo; ?>" />
<input name="number" id="number" type="hidden" value="8" />
<label for="itemtitle">*Item Title:</label><br />
<input name="itemtitle" id="itemtitle" type="text" maxlength="200"
value="<?php echo $_GET['itemtitle']; ?>" /><br />
<label for="priceperunit">Price Per Unit:</label><br />
<input name="priceperunit" id="priceperunit" type="text" maxlength="120"
value="<?php echo $_GET['priceperunit']; ?>" /><br />
<label for="numberofunits">Number Of Units:</label><br />
<input name="numberofunits" id="numberofunits" type="text" maxlength="120"
value="<?php echo $_GET['numberofunits']; ?>" /><br />
<label for="zipcode">Zipcode:</label><br />
<input name="zipcode" id="zipcode" type="text" maxlength="30"
value="<?php echo $_GET['zipcode']; ?>" /><br />
<label for="description">*Description:</label><br />
<textarea name="description" id="description" rows="10" cols="30"><?php echo $_GET['description']; ?></textarea><br />
<p>Upload Picture:</p>
<input type="hidden" name="MAX_FILE_SIZE" value="2097152" />
<input name="userfile" id="userfile" type="file" /><br />
<input name="submit" id="submit" type="submit" value="submit" />
</form>

<?php
}
?>
       </div>

   </div>
<?php
include '../includes/banner.inc.php'; // includes the banner, randomly selected from a database
?>

<?php
include '../includes/footer.inc.php'; // includes the page footer, bottom navigation copyright
?>
</div>
</body>
</html>[/code]

Ninjakreborn Prolific Member

Ninjakreborn

Posted
  • Author
Posted
post4.php(this is where I handle that validation for multiple variables, based on category and sub-category)
[code]<?php
session_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<?php
include '../includes/meta.inc.php'; // includes meta tags, stylesheet, and javascript inclusion
?>
</head>
<body>
<div id="wrap">
<?php
include '../includes/header.inc.php'; // inserts header, logo, and everything up there
?>
    <br style="clear: both;" />

<?php
include '../includes/leftnav.inc.php'; // inserts left navigation
?>

    <div id="content">

        <div class="overall">
<h3>Ad Posting Process</h3>
<?php
// connecting to database, selecting database
mysql_connect("mysql185.secureserver.net", "#####", "######");
mysql_select_db("joyel");
$number = mysql_real_escape_string($_POST['number']);
switch ($number) {  // begin switch

case "1":
// post set number 1 database work
// Items and events categories
$category = mysql_real_escape_string($_POST['category']);
$subcategory = mysql_real_escape_string($_POST['subcategory']);
$postinfo = mysql_real_escape_string($_POST['postinfo']); // table used in db
$schoolname = mysql_real_escape_string($_SESSION['schoolaccess']);
$userid = mysql_real_escape_string($_SESSION['userid']);
$itemtitle = mysql_real_escape_string($_POST['itemtitle']);
$price = mysql_real_escape_string($_POST['price']);
if (isset($_POST['eventdate'])) {
$eventdate = mysql_real_escape_string($_POST['eventdate']);
}
if (!isset($_POST['eventdate'])) {
$eventdate = "None";
}
$description = mysql_real_escape_string($_POST['description']);
$dateentered = date("m/d/y");
$zipcode = mysql_real_escape_string($_POST['zipcode']);
$expires = date("m/d/y", strtotime("+30 days"));
$errorhandler = "";
// file handling
if ($_FILES['userfile']['name']) {
$newfile = "../upload/itemsandevents/".basename($_FILES['userfile']['name']);
$file = "/upload/itemsandevents/".basename($_FILES['userfile']['name']);
$filename = $_FILES['userfile']['name'];
$newfiletemp = "{$_FILES[userfile][tmp_name]}";
$_accepted_extensions = array('.jpg', '.png', '.txt', '.gif', '.bmp', '.jpeg', '.doc', '.pdf');
$tmp = pathinfo($_FILES['userfile']['name']);
if (in_array('.' . $tmp['extension'],$_accepted_extensions)) {
}else {
$errorhandler .= "Incorrect file extension.<br />";
$errorhandler .= "We accept .jpg, .png, .txt, .gif, .bmp, .jpeg, .doc, and .pdf ";
$errorhandler .= "file formats, please make sure you are uploading the correct ";
$errorhandler .= "file format or contact administration to find out what is ";
$errorhandler .= "causing the problem.<br />";
$die = "stop";
}
if (file_exists($newfile)) {
$errorhandler .= "The file already exists.<br />";
$die = "stop";
}
if ($die != "stop") {
if (!move_uploaded_file($newfiletemp, $newfile)) {
$errorhandler .= "There was some sort of problem moving the file.<br />";

}
}
}else {
$file = "null";
$newfile = "null";
$newfiletemp = "null";
}
// end file handling
if ($itemtitle == "" || $description == "") {
$errorhandler .= "The title and description were required.  Please click the link ";
$errorhandler .= "below to go back and fix the mistakes.<br />";
}
if (isset($price)) {
if (!is_numeric($price)) {
$errorhandler .= "The Price value has to be Numbers only.<br />";
}
if (preg_match("/^\$/", $price)){
  $errorhandler .= "Please remove the $ symbol from the price field.<br />";
}
}
if ($errorhandler != "") {
echo $errorhandler;
echo "<br />";
echo "<a href=\"post3.php?category={$category}&subcategory={$subcategory}&postinfo={$postinfo}&itemtitle={$itemtitle}&price={$price}&description={$description}&zipcode={$zipcode}\" title=\"Go Back\">Go back and fix errors</a>";
}
if ($errorhandler == "") {
$insert = "INSERT INTO $postinfo (categoryname, subcategoryname, schoolname, userid, itemtitle, price, description, zipcode, uploadurl, uploadname, dateentered, expiredate, eventdate) VALUES ('$category', '$subcategory', '$schoolname', '$userid', '$itemtitle', '$price', '$description', '$zipcode', '$file', '$newfiletemp', '$dateentered', '$expires', '$eventdate');";
if (mysql_query($insert)) {
?>
<p>Thank you for submitting your post.  We recommend that you check your post to ensure that all the information is correct.  You can view, edit, or delete your post by clicking the “My Account” link in the left navigation bar.</p>
<?php
}else {
echo "There was a problem submitting your post.  Please try again, or contact us.<br />";
}
}
break;

case "2":
// post set number 3 database work
// Found items from the lost and found category
$category = mysql_real_escape_string($_POST['category']);
$subcategory = mysql_real_escape_string($_POST['subcategory']);
$postinfo = mysql_real_escape_string($_POST['postinfo']); // table used in db
$schoolname = mysql_real_escape_string($_SESSION['schoolaccess']);
$userid = mysql_real_escape_string($_SESSION['userid']);
$itemtitle = mysql_real_escape_string($_POST['itemtitle']);
$description = mysql_real_escape_string($_POST['description']);
$zipcode = mysql_real_escape_string($_POST['zipcode']);
$datefound = mysql_real_escape_string($_POST['datefound']);
$locationfound = mysql_real_escape_string($_POST['locationfound']);
$dateentered = date("m/d/y");
$expires = date("m/d/y", strtotime("+30 days"));
$errorhandler = "";
if ($itemtitle == "" || $description == "") {
$errorhandler .= "The title and description were required.  Please click the link ";
$errorhandler .= "below to go back and fix the mistakes.<br />";
}
if ($errorhandler != "") {
echo $errorhandler;
echo "<br />";
echo "<a href=\"post3.php?category={$category}&subcategory={$subcategory}&postinfo={$postinfo}&itemtitle={$itemtitle}&description={$description}&datefound={$datefound}&locationfound={$locationfound}&zipcode={$zipcode}\" title=\"Go Back\">Go back and fix errors</a>";
}
if ($errorhandler == "") {
$insert = "INSERT INTO $postinfo(categoryname, subcategoryname, schoolname, userid, itemtitle, description, locationfound, zipcode, datefound, dateentered, expiredate) VALUES ('$category', '$subcategory', '$schoolname', '$userid', '$itemtitle', '$description', '$locationfound', '$zipcode', '$datefound', '$dateentered', '$expires');";
if (mysql_query($insert)) {
echo "Thank you for submitting the post. ";
echo "You can edit your posts by logging into your account at any time and clicking ";
echo "on edit posts in the left navigation.<br />";
}else {
echo "There was a problem submitting your post.  Please try again, or contact us.<br />";
}
}
break;

case "3":
// post set number 2 database work
// lost items from the lost and found category
$category = mysql_real_escape_string($_POST['category']);
$subcategory = mysql_real_escape_string($_POST['subcategory']);
$postinfo = mysql_real_escape_string($_POST['postinfo']); // table used in db
$schoolname = mysql_real_escape_string($_SESSION['schoolaccess']);
$userid = mysql_real_escape_string($_SESSION['userid']);
$itemtitle = mysql_real_escape_string($_POST['itemtitle']);
$reward = mysql_real_escape_string($_POST['reward']);
$description = mysql_real_escape_string($_POST['description']);
$zipcode = mysql_real_escape_string($_POST['zipcode']);
$datelost = mysql_real_escape_string($_POST['datelost']);
$locationlost = mysql_real_escape_string($_POST['locationlost']);
$dateentered = date("m/d/y");
$expires = date("m/d/y", strtotime("+30 days"));
$errorhandler = "";
// file handling
if ($_FILES['userfile']['name']) {
$newfile = "../upload/lostitemfiles/".basename($_FILES['userfile']['name']);
$file = "./upload/lostitemfiles/".basename($_FILES['userfile']['name']);
$filename = $_FILES['userfile']['name'];
$newfiletemp = "{$_FILES[userfile][tmp_name]}";
$_accepted_extensions = array('.jpg', '.png', '.txt', '.gif', '.bmp', '.jpeg', '.doc', '.pdf');
$tmp = pathinfo($_FILES['userfile']['name']);
if (in_array('.' . $tmp['extension'],$_accepted_extensions)) {
}else {
$errorhandler .= "Incorrect file extension.<br />";
$errorhandler .= "We accept .jpg, .png, .txt, .gif, .bmp, .jpeg, .doc, and .pdf ";
$errorhandler .= "file formats, please make sure you are uploading the correct ";
$errorhandler .= "file format or contact administration to find out what is ";
$errorhandler .= "causing the problem.<br />";
$die = "stop";
}
if (file_exists($newfile)) {
$errorhandler .= "The file already exists.<br />";
$die = "stop";
}
if ($die != "stop") {
if (!move_uploaded_file($newfiletemp, $newfile)) {
$errorhandler .= "There was some sort of problem moving the file.<br />";
}
}
}else {
$file = "null";
$newfile = "null";
$newfiletemp = "null";
}
// end file handling
if ($itemtitle == "" || $description == "") {
$errorhandler .= "The title and description were required.  Please click the link ";
$errorhandler .= "below to go back and fix the mistakes.<br />";
}
if (isset($reward)) {
if (!is_numeric($reward)) {
$errorhandler .= "The Reward value has to be Numbers only.<br />";
}
if (preg_match("/^\$/", $reward)){
  $errorhandler .= "Please remove the $ symbol from the reward field.<br />";
}

}
if ($errorhandler != "") {
echo $errorhandler;
echo "<br />";
echo "<a href=\"post3.php?category={$category}&subcategory={$subcategory}&postinfo={$postinfo}&itemtitle={$itemtitle}&reward={$reward}&description={$description}&datelost={$datelost}&locationlost={$locationlost}&zipcode={$zipcode}\" title=\"Go Back\">Go back and fix errors</a>";
}
if ($errorhandler == "") {
$insert = "INSERT INTO $postinfo(categoryname, subcategoryname, schoolname, userid, itemtitle, reward, description, uploadurl, uploadname, locationlost, zipcode, datelost, dateentered, expiredate) VALUES ('$category', '$subcategory', '$schoolname', '$userid', '$itemtitle', '$reward', '$description', '$file', '$newfiletemp', '$locationlost', '$zipcode', '$datelost', '$dateentered', '$expires');";
if (mysql_query($insert)) {
echo "Thank you for submitting the post. ";
echo "You can edit your posts by logging into your account at any time and clicking ";
echo "on edit posts in the left navigation.<br />";
}else {
echo "There was a problem submitting your post.  Please try again, or contact us.<br />";
}
}
break;

case "4":
// post set number 5 database work
// Work offered by students category
$category = mysql_real_escape_string($_POST['category']);
$subcategory = mysql_real_escape_string($_POST['subcategory']);
$postinfo = mysql_real_escape_string($_POST['postinfo']); // table used in db
$schoolname = mysql_real_escape_string($_SESSION['schoolaccess']);
$userid = mysql_real_escape_string($_SESSION['userid']);
$itemtitle = mysql_real_escape_string($_POST['itemtitle']);
$wage = mysql_real_escape_string($_POST['wage']);
$description = mysql_real_escape_string($_POST['description']);
$zipcode = mysql_real_escape_string($_POST['zipcode']);
$dateentered = date("m/d/y");
$expires = date("m/d/y", strtotime("+30 days"));
$errorhandler = "";
if ($itemtitle == "" || $description == "") {
$errorhandler .= "The title and description were required.  Please click the link ";
$errorhandler .= "below to go back and fix the mistakes.<br />";
// file handling
if ($_FILES['userfile']['name']) {
$newfile = "../upload/workofferedby/".basename($_FILES['userfile']['name']);
$file = "./upload/workofferedby/".basename($_FILES['userfile']['name']);
$filename = $_FILES['userfile']['name'];
$newfiletemp = "{$_FILES[userfile][tmp_name]}";
$_accepted_extensions = array('.jpg', '.png', '.txt', '.gif', '.bmp', '.jpeg', '.doc', '.pdf');
$tmp = pathinfo($_FILES['userfile']['name']);
if (in_array('.' . $tmp['extension'],$_accepted_extensions)) {
}else {
$errorhandler .= "Incorrect file extension.<br />";
$errorhandler .= "We accept .jpg, .png, .txt, .gif, .bmp, .jpeg, .doc, and .pdf ";
$errorhandler .= "file formats, please make sure you are uploading the correct ";
$errorhandler .= "file format or contact administration to find out what is ";
$errorhandler .= "causing the problem.<br />";
$die = "stop";
}
if (file_exists($newfile)) {
$errorhandler .= "The file already exists.<br />";
$die = "stop";
}
if ($die != "stop") {
if (!move_uploaded_file($newfiletemp, $newfile)) {
$errorhandler .= "There was some sort of problem moving the file<br />";
}
}
}else {
$file = "null";
$newfile = "null";
$newfiletemp = "null";
}
// end file handling
if (isset($wage)) {
if (!is_numeric($wage)) {
$errorhandler .= "The wage value has to be Numbers only.<br />";
}
}
if (preg_match("/^\$/", $wage)){
  $errorhandler .= "Please remove the $ symbol from the wage field.<br />";
}

}
if ($errorhandler != "") {
echo $errorhandler;
echo "<br />";
echo "<a href=\"post3.php?category={$category}&subcategory={$subcategory}&postinfo={$postinfo}&itemtitle={$itemtitle}&wage={$wage}&description={$description}&zipcode={$zipcode}\" title=\"Go Back\">Go back and fix errors</a>";
}
if ($errorhandler == "") {
$insert = "INSERT INTO $postinfo(categoryname, subcategoryname, schoolname, userid, itemtitle, wage, description, zipcode, uploadurl, uploadname, dateentered, expiredate) VALUES ('$category', '$subcategory', '$schoolname', '$userid', '$itemtitle', '$wage', '$description', '$zipcode', '$file', '$newfiletemp', '$dateentered', '$expires');";
if (mysql_query($insert)) {
echo "Thank you for submitting the post. ";
echo "You can edit your posts by logging into your account at any time and clicking ";
echo "on edit posts in the left navigation.<br />";
}else {
echo "There was a problem submitting your post.  Please try again, or contact us.<br />";
}
}
break;


case "5":
// post set number 6 database work
// work offered to students category
$category = mysql_real_escape_string($_POST['category']);
$subcategory = mysql_real_escape_string($_POST['subcategory']);
$postinfo = mysql_real_escape_string($_POST['postinfo']); // table used in db
$schoolname = mysql_real_escape_string($_SESSION['schoolaccess']);
$userid = mysql_real_escape_string($_SESSION['userid']);
$itemtitle = mysql_real_escape_string($_POST['itemtitle']);
$wage = mysql_real_escape_string($_POST['wage']);
$hoursperweek = mysql_real_escape_string($_POST['hoursperweek']);
$description = mysql_real_escape_string($_POST['description']);
$zipcode = mysql_real_escape_string($_POST['zipcode']);
$dateentered = date("m/d/y");
$expires = date("m/d/y", strtotime("+30 days"));
$errorhandler = "";
// file handling
if ($_FILES['userfile']['name']) {
$newfile = "../upload/workofferedto/".basename($_FILES['userfile']['name']);
$file = "./upload/workofferedto/".basename($_FILES['userfile']['name']);
$filename = $_FILES['userfile']['name'];
$newfiletemp = "{$_FILES[userfile][tmp_name]}";
$_accepted_extensions = array('.jpg', '.png', '.txt', '.gif', '.bmp', '.jpeg', '.doc', '.pdf');
$tmp = pathinfo($_FILES['userfile']['name']);
if (in_array('.' . $tmp['extension'],$_accepted_extensions)) {
}else {
$errorhandler .= "Incorrect file extension.<br />";
$errorhandler .= "We accept .jpg, .png, .txt, .gif, .bmp, .jpeg, .doc, and .pdf ";
$errorhandler .= "file formats, please make sure you are uploading the correct ";
$errorhandler .= "file format or contact administration to find out what is ";
$errorhandler .= "causing the problem.<br />";
$die = "stop";
}
if (file_exists($newfile)) {
$errorhandler .= "The file already exists.<br />";
$die = "stop";
}
if ($die != "stop") {
if (!move_uploaded_file($newfiletemp, $newfile)) {
$errorhandler .= "There was some sort of problem moving the file.<br />";
}
}
}else {
$file = "null";
$newfile = "null";
$newfiletemp = "null";
}
// end file handling
if ($itemtitle == "" || $description == "") {
$errorhandler .= "The title and description were required.  Please click the link ";
$errorhandler .= "below to go back and fix the mistakes.<br />";
}
if (isset($wage)) {
if (!is_numeric($wage)) {
$errorhandler .= "The wage value has to be Numbers only.<br />";
}
if (preg_match("/^\$/", $wage)){
  $errorhandler .= "Please remove the $ symbol from the wage field.<br />";
}

}
if (isset($hoursperweek)) {
if (!is_numeric($hoursperweek)) {
$errorhandler .= "The Hours Per Week value has to be Numbers only.<br />";
}
if (preg_match("/^\$/", $hoursperweek)){
  $errorhandler .= "Please remove the $ symbol from the Hours Per Week field.<br />";
}

}
if ($errorhandler != "") {
echo $errorhandler;
echo "<br />";
echo "<a href=\"post3.php?category={$category}&subcategory={$subcategory}&postinfo={$postinfo}&itemtitle={$itemtitle}&wage={$wage}&hoursperweek={$hoursperweek}&description={$description}&zipcode={$zipcode}\" title=\"Go Back\">Go back and fix errors</a>";
}
if ($errorhandler == "") {
$insert = "INSERT INTO $postinfo(categoryname, subcategoryname, schoolname, userid, itemtitle, wage, hoursperweek, description, zipcode, uploadurl, uploadname, dateentered, expiredate) VALUES ('$category', '$subcategory', '$schoolname', '$userid', '$itemtitle', '$wage', '$hoursperweek', '$description', '$zipcode', '$file', '$newfiletemp', '$dateentered', '$expires');";
if (mysql_query($insert)) {
echo "Thank you for submitting the post. ";
echo "You can edit your posts by logging into your account at any time and clicking ";
echo "on edit posts in the left navigation.<br />";
}else {
echo "There was a problem submitting your post.  Please try again, or contact us.<br />";
}
}
break;

case "6":
// Post set number 7 database
// texts subcategory under the academics category
$category = mysql_real_escape_string($_POST['category']);
$subcategory = mysql_real_escape_string($_POST['subcategory']);
$postinfo = mysql_real_escape_string($_POST['postinfo']); // table used in db
$schoolname = mysql_real_escape_string($_SESSION['schoolaccess']);
$userid = mysql_real_escape_string($_SESSION['userid']);
$coursenumber = mysql_real_escape_string($_POST['coursenumber']);
$title = mysql_real_escape_string($_POST['title']);
$author = mysql_real_escape_string($_POST['author']);
$price = mysql_real_escape_string($_POST['price']);
$zipcode = mysql_real_escape_string($_POST['zipcode']);
$dateentered = date("m/d/y");
$expires = date("m/d/y", strtotime("+30 days"));
$errorhandler = "";
// file handling
if ($_FILES['userfile']['name']) {
$newfile = "../upload/textbooks/".basename($_FILES['userfile']['name']);
$file = "./upload/textbooks/".basename($_FILES['userfile']['name']);
$filename = $_FILES['userfile']['name'];
$newfiletemp = "{$_FILES[userfile][tmp_name]}";
$_accepted_extensions = array('.jpg', '.png', '.txt', '.gif', '.bmp', '.jpeg', '.doc', '.pdf');
$tmp = pathinfo($_FILES['userfile']['name']);
if (in_array('.' . $tmp['extension'],$_accepted_extensions)) {
}else {
$errorhandler .= "Incorrect file extension.<br />";
$errorhandler .= "We accept .jpg, .png, .txt, .gif, .bmp, .jpeg, .doc, and .pdf ";
$errorhandler .= "file formats, please make sure you are uploading the correct ";
$errorhandler .= "file format or contact administration to find out what is ";
$errorhandler .= "causing the problem.<br />";
$die = "stop";
}
if (file_exists($newfile)) {
$errorhandler .= "The file already exists<br />";
$die = "stop";
}
if ($die != "stop") {
if (!move_uploaded_file($newfiletemp, $newfile)) {
$errorhandler .= "There was some sort of problem moving the file<br />";
}
}
}else {
$file = "null";
$newfile = "null";
$newfiletemp = "null";
}
// end file handling

if ($title == "" || $author == "") {
$errorhandler .= "The title and description were required.  Please click the link ";
$errorhandler .= "below to go back and fix the mistakes.<br />";
}
if (isset($price)) {
if (!is_numeric($price)) {
$errorhandler .= "The Price value has to be Numbers only.<br />";
}
if (preg_match("/^\$/", $price)){
  $errorhandler .= "Please remove the $ symbol from the price field.<br />";
}

}
if ($errorhandler != "") {
echo $errorhandler;
echo "<br />";
echo "<a href=\"post3.php?category={$category}&subcategory={$subcategory}&postinfo={$postinfo}&coursenumber={$coursenumber}&title={$title}&author={$author}&price={$price}&zipcode={$zipcode}\" title=\"Go Back\">Go back and fix errors</a>";
}
if ($errorhandler == "") {
$insert = "INSERT INTO $postinfo (categoryname, subcategoryname, schoolname, userid, coursenumber, title, author, price, zipcode, uploadurl, uploadname, dateentered, expiredate) VALUES ('$category', '$subcategory', '$schoolname', '$userid', '$coursenumber', '$title', '$author', '$price', '$zipcode', '$file', '$newfiletemp', '$dateentered', '$expires');";
if (mysql_query($insert)) {
echo "Thank you for submitting the post. ";
echo "You can edit your posts by logging into your account at any time and clicking ";
echo "on edit posts in the left navigation.<br />";
}else {
echo "There was a problem submitting your post.  Please try again, or contact us.<br />";
}
}
break;


case "7":
// Post set number 8 database
// Notes And Cheat Sheets subcategory under the academics category
$category = mysql_real_escape_string($_POST['category']);
$subcategory = mysql_real_escape_string($_POST['subcategory']);
$postinfo = mysql_real_escape_string($_POST['postinfo']); // table used in db
$schoolname = mysql_real_escape_string($_SESSION['schoolaccess']);
$userid = mysql_real_escape_string($_SESSION['userid']);
$coursenumber = mysql_real_escape_string($_POST['coursenumber']);
$test = mysql_real_escape_string($_POST['test']);
$professor = mysql_real_escape_string($_POST['professor']);
$zipcode = mysql_real_escape_string($_POST['zipcode']);
$dateentered = date("m/d/y");
$expires = date("m/d/y", strtotime("+30 days"));
$errorhandler = "";
// file handling
if ($_FILES['userfile']['name']) {
$newfile = "../upload/notesandcheatsheets/".basename($_FILES['userfile']['name']);
$file = "./upload/notesandcheatsheets/".basename($_FILES['userfile']['name']);
$filename = $_FILES['userfile']['name'];
$newfiletemp = "{$_FILES[userfile][tmp_name]}";
$_accepted_extensions = array('.jpg', '.png', '.txt', '.gif', '.bmp', '.jpeg', '.doc', '.pdf');
$tmp = pathinfo($_FILES['userfile']['name']);
if (in_array('.' . $tmp['extension'],$_accepted_extensions)) {
}else {
$errorhandler .= "Incorrect file extension.<br />";
$errorhandler .= "We accept .jpg, .png, .txt, .gif, .bmp, .jpeg, .doc, and .pdf ";
$errorhandler .= "file formats, please make sure you are uploading the correct ";
$errorhandler .= "file format or contact administration to find out what is ";
$errorhandler .= "causing the problem.<br />";
$die = "stop";
}
if (file_exists($newfile)) {
$errorhandler .= "The file already exists.<br />";
$die = "stop";
}
if ($die != "stop") {
if (!move_uploaded_file($newfiletemp, $newfile)) {
$errorhandler .= "There was some sort of problem moving the file.<br />";
}
}
}else {
$file = "null";
$newfile = "null";
$newfiletemp = "null";
}
// end file handling

if ($coursenumber == "") {
$errorhandler .= "The course number was required.  Please click the link ";
$errorhandler .= "below to go back and fix the mistakes.<br />";
}
if ($errorhandler != "") {
echo $errorhandler;
echo "<br />";
echo "<a href=\"post3.php?category={$category}&subcategory={$subcategory}&postinfo={$postinfo}&coursenumber={$coursenumber}&test={$test}&professor={$professor}&zipcode={$zipcode}\" title=\"Go Back\">Go back and fix errors</a>";
}
if ($errorhandler == "") {
$insert = "INSERT INTO $postinfo (categoryname, subcategoryname, schoolname, userid, coursenumber, test, professor, zipcode, uploadurl, uploadname, dateentered, expiredate) VALUES ('$category', '$subcategory', '$schoolname', '$userid', '$coursenumber', '$test', '$professor', '$zipcode', '$file', '$newfiletemp', '$dateentered', '$expires');";
if (mysql_query($insert)) {
echo "Thank you for submitting the post. ";
echo "You can edit your posts by logging into your account at any time and clicking ";
echo "on edit posts in the left navigation.<br />";
}else {
echo "There was a problem submitting your post.  Please try again, or contact us.<br />";
}
}
break;

case "8":
// Post set number 4 database
// Everything under the rentals category
$category = mysql_real_escape_string($_POST['category']);
$subcategory = mysql_real_escape_string($_POST['subcategory']);
$postinfo = mysql_real_escape_string($_POST['postinfo']); // table used in db
$schoolname = mysql_real_escape_string($_SESSION['schoolaccess']);
$userid = mysql_real_escape_string($_SESSION['userid']);
$itemtitle = mysql_real_escape_string($_POST['itemtitle']);
$priceperunit = mysql_real_escape_string($_POST['priceperunit']);
$numberofunits = mysql_real_escape_string($_POST['numberofunits']);
$description = mysql_real_escape_string($_POST['description']);
$dateentered = date("m/d/y");
$zipcode = mysql_real_escape_string($_POST['zipcode']);
$expires = date("m/d/y", strtotime("+30 days"));
$errorhandler = "";
// file handling
if ($_FILES['userfile']['name']) {
$newfile = "../upload/rentals/".basename($_FILES['userfile']['name']);
$file = "./upload/rentals/".basename($_FILES['userfile']['name']);
$filename = $_FILES['userfile']['name'];
$newfiletemp = "{$_FILES[userfile][tmp_name]}";
$_accepted_extensions = array('.jpg', '.png', '.txt', '.gif', '.bmp', '.jpeg', '.doc', '.pdf');
$tmp = pathinfo($_FILES['userfile']['name']);
if (in_array('.' . $tmp['extension'],$_accepted_extensions)) {
}else {
$errorhandler .= "Incorrect file extension.<br />";
$errorhandler .= "We accept .jpg, .png, .txt, .gif, .bmp, .jpeg, .doc, and .pdf ";
$errorhandler .= "file formats, please make sure you are uploading the correct ";
$errorhandler .= "file format or contact administration to find out what is ";
$errorhandler .= "causing the problem.<br />";
$die = "stop";
}
if (file_exists($newfile)) {
$errorhandler .= "The file already exists.<br />";
$die = "stop";
}
if ($die != "stop") {
if (!move_uploaded_file($newfiletemp, $newfile)) {
$errorhandler .= "There was some sort of problem moving the file.<br />";
}
}
}else {
$file = "null";
$newfile = "null";
$newfiletemp = "null";
}
// end file handling
if ($itemtitle == "" || $description == "") {
$errorhandler .= "The title and description were required.  Please click the link ";
$errorhandler .= "below to go back and fix the mistakes.<br />";
}
if (isset($priceperunit)) {
if (!is_numeric($priceperunit)) {
$errorhandler .= "The Price Per Unit value has to be Numbers only.<br />";
}
if (preg_match("/^\$/", $priceperunit)){
  $errorhandler .= "Please remove the $ symbol from the price Per Unit field.<br />";
}

}
if (isset($numberofunits)) {
if (!is_numeric($numberofunits)) {
$errorhandler .= "The Number Of Units value has to be Numbers only.<br />";
}
if (preg_match("/^\$/", $numberofunits)){
  $errorhandler .= "Please remove the $ symbol from the Number Of Units field.<br />";
}
}
if ($errorhandler != "") {
echo $errorhandler;
echo "<br />";
echo "<a href=\"post3.php?category={$category}&subcategory={$subcategory}&postinfo={$postinfo}&itemtitle={$itemtitle}&priceperunit={$priceperunit}&numberofunits={$numberofunits}&description={$description}&zipcode={$zipcode}\" title=\"Go Back\">Go back and fix errors</a>";
}
if ($errorhandler == "") {
$insert = "INSERT INTO $postinfo (categoryname, subcategoryname, schoolname, userid, itemtitle, priceperunit, numberofunits, description, zipcode, uploadurl, uploadname, dateentered, expiredate) VALUES ('$category', '$subcategory', '$schoolname', '$userid', '$itemtitle', '$priceperunit', '$numberofunits', '$description', '$zipcode', '$file', '$newfiletemp', '$dateentered', '$expires');";
if (mysql_query($insert)) {
echo "Thank you for submitting the post. ";
echo "You can edit your posts by logging into your account at any time and clicking ";
echo "on edit posts in the left navigation.<br />";
}else {
echo "There was a problem submitting your post.  Please try again, or contact us.<br />";
}
}
break;
} // end switch

?>
        </div>

    </div>
<?php
include '../includes/banner.inc.php'; // includes the banner, randomly selected from a database
?>

<?php
include '../includes/footer.inc.php'; // includes the page footer, bottom navigation copyright
?>
</div>
</body>
</html>[/code]
Ninjakreborn Prolific Member

Ninjakreborn

Posted
  • Author
Posted
ok, I see now the first problem, thanks for that.
Can you help me further on one thing, what do you mean by
if ($price{0} == "$") {
Is that a quick way to check a variables character position.
How else can this be used, more of what does it mean, I have never seen it before.
Daniel0 Advanced Member

Daniel0

Posted
Posted
[quote author=thorpe link=topic=109541.msg441690#msg441690 date=1159280861]
You set $price youself so if (isset($price)) will always be true. As for why it always finds a $, why are you using preg_match? A simple....

[code=php:0]
if ($price{0} == "$") {
[/code]

would suffice.
[/quote]

Cool... thats sort of like Python. Where can you read more about that?
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.