Jump to content

Recommended Posts

I'm having a problem with passing the error checking in this script into the url. It's basically checking to see if the entry has a value and if doesn't give an error messaage.  All the error messages (technically a error number to trigger the error message on the original page) should be combined into one array, and sent via the URL so the original page can get the information from the URL. All it produces right now is index.php?investors=register2&error=array. I thought serializing the array should stop that from happening.

 

<?php
$host="localhost"; // Host name 
$username="username"; // Mysql username 
$password="password"; // Mysql password 
$db_name="db_name"; // Database name 
$tbl_name="application"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

$error= array();

$name=$_POST['name'];
$name = stripslashes($name);
$name = mysql_real_escape_string($name);
if(!isset($name)){
$error[0]=1;
}

$organization=$_POST['organization'];
$organization = stripslashes($organization);
$organization = mysql_real_escape_string($organization);

$email=$_POST['email'];
$email = stripslashes($email);
$email = mysql_real_escape_string($email);
if(!isset($email)){
$error[1]=1;
}

$area_code=$_POST['area_code'];
$area_code = stripslashes($area_code);
$area_code = mysql_real_escape_string($area_code);
if(!isset($area_code) || is_int($area_code)){
$error[2]=1;
}

$phone3=$_POST['phone3'];
$phone3 = stripslashes($phone3);
$phone3 = mysql_real_escape_string($phone3);
if(!isset($phone3) || is_int($phone3)){
$error[3]=1;
}

$phone4=$_POST['phone4'];
$phone4 = stripslashes($phone4);
$phone4 = mysql_real_escape_string($phone4);
if(!isset($phone4) || is_int($phone4)){
$error[4]=1;
}

$ext=$_POST['ext'];
$ext = stripslashes($ext);
$ext = mysql_real_escape_string($ext);

$phone="(".$area_code.") ".$phone3." - ".$phone4." Ext. ".$ext."";

$company_description=$_POST['company_description'];
$company_description = stripslashes($company_description);
$company_description = mysql_real_escape_string($company_description);

$nature_inquiry=$_POST['nature_inquiry'];
$nature_inquiry = stripslashes($nature_inquiry);
$nature_inquiry = mysql_real_escape_string($nature_inquiry);
if(!isset($nature_inquiry)){
$error[5]=1;
}


$company_assets=$_POST['company_assets'];
$natural_person=$_POST['natural_person'];
$employee_benefit_plan=$_POST['employee_benefit_plan'];
$bank_savings=$_POST['bank_savings'];
$broker_dealer=$_POST['broker_dealer'];
$development_company=$_POST['development_company'];
$equity_owners=$_POST['equity_owners'];
$confirm_agreement=$_POST['confirm_agreement'];
if($confirm_agreement=="no"){
$error[6]=1;
}

if($employee_benefit_plan=="plan-fiduciary"){
$employee_benefit_plan="The investment decision is being made by a plan fiduciary, as defined in Section 3(21) of 
ERISA, which is either a bank, savings and loan association, insurance company or registered investment adviser";
}
elseif($employee_benefit_plan=="participant-directed"){
$employee_benefit_plan="It is a participant-directed plan (i.e., a tax-qualified defined contribution plan in 
which a participant may exercise control over the investment of assets credited to his or her account and the 
decision to invest is made by those participants investing) and each such participant qualifies as an accredited 
investor.";
}
elseif($employee_benefit_plan=="na"){
$employee_benefit_plan="Neither of the Above.";
}


if(isset($error)){
rawurlencode(serialize($error));
header("Location: ./index.php?investors=register2&error=".$error."");
}
else{
$sql="INSERT INTO $tbl_name VALUES ('$name', '$organization', '$email', '$phone', '$company_description', '$nature_inquiry', '$company_assets', '$natural_person', '$employee_benefit_plan', '$bank_savings', '$broker_dealer', '$development_company', '$equity_owners', '$confirm_agreement')";
mysql_query($sql);
}
?>

Link to comment
https://forums.phpfreaks.com/topic/234083-investors-application-script/
Share on other sites

try using http_build_query  instead of encoding the serialized array.

 

Alright, I get the following return:

Warning: http_build_query() [function.http-build-query]: Parameter 1 expected to be Array or Object. Incorrect value given in /home/zyquo/public_html/makethemoviehappen.com/investors_application_process.php on line 99

 

 

if(isset($error)){
http_build_query(serialize($error));
header("Location: ./index.php?investors=register2&error=".$error."");
}

Alright I noticed one of my errors.

 

I didn't have http_built_query assigned to a vaiable.... changed that. Now it's passing:

 

/index.php?investors=register2&error=6=1

 

Where I want it to basically base a 7-bit binary code.

 

/index.php?investors=register2&error=1010111

 

So on the original page I can pull the 0s and 1s from the url and trigger the proper error messages.

 

<?php
$host="localhost"; // Host name 
$username="username"; // Mysql username 
$password="password"; // Mysql password 
$db_name="dbname"; // Database name 
$tbl_name="application"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

$error= array();
$name=$_POST['name'];
$name = stripslashes($name);
$name = mysql_real_escape_string($name);
if(!isset($name)){
$error[0]=1;
}
else{
$error[0]=0;
}

$organization=$_POST['organization'];
$organization = stripslashes($organization);
$organization = mysql_real_escape_string($organization);

$email=$_POST['email'];
$email = stripslashes($email);
$email = mysql_real_escape_string($email);
if(!isset($email)){
$error[1]=1;
}
else{
$error[1]=0;
}

$area_code=$_POST['area_code'];
$area_code = stripslashes($area_code);
$area_code = mysql_real_escape_string($area_code);
if(!isset($area_code) || is_int($area_code)){
$error[2]=1;
}
else{
$error[2]=0;
}

$phone3=$_POST['phone3'];
$phone3 = stripslashes($phone3);
$phone3 = mysql_real_escape_string($phone3);
if(!isset($phone3) || is_int($phone3)){
$error[3]=1;
}
else{
$error[3]=0;
}

$phone4=$_POST['phone4'];
$phone4 = stripslashes($phone4);
$phone4 = mysql_real_escape_string($phone4);
if(!isset($phone4) || is_int($phone4)){
$error[4]=1;
}
else{
$error[4]=0;
}

$ext=$_POST['ext'];
$ext = stripslashes($ext);
$ext = mysql_real_escape_string($ext);

$phone="(".$area_code.") ".$phone3." - ".$phone4." Ext. ".$ext."";

$company_description=$_POST['company_description'];
$company_description = stripslashes($company_description);
$company_description = mysql_real_escape_string($company_description);

$nature_inquiry=$_POST['nature_inquiry'];
$nature_inquiry = stripslashes($nature_inquiry);
$nature_inquiry = mysql_real_escape_string($nature_inquiry);
if(!isset($nature_inquiry)){
$error[5]=1;
}
else{
$error[5]=0;
}

$company_assets=$_POST['company_assets'];
$natural_person=$_POST['natural_person'];
$employee_benefit_plan=$_POST['employee_benefit_plan'];

$bank_savings=$_POST['bank_savings'];
$broker_dealer=$_POST['broker_dealer'];
$development_company=$_POST['development_company'];
$equity_owners=$_POST['equity_owners'];
$confirm_agreement=$_POST['confirm_agreement'];
if($confirm_agreement=="no"){
$error[6]=1;
}
else{
$error[6]=0;
}

if($employee_benefit_plan=="plan-fiduciary"){
$employee_benefit_plan="The investment decision is being made by a plan fiduciary, as defined in Section 3(21) of 
ERISA, which is either a bank, savings and loan association, insurance company or registered investment adviser";
}
elseif($employee_benefit_plan=="participant-directed"){
$employee_benefit_plan="It is a participant-directed plan (i.e., a tax-qualified defined contribution plan in 
which a participant may exercise control over the investment of assets credited to his or her account and the 
decision to invest is made by those participants investing) and each such participant qualifies as an accredited 
investor.";
}
elseif($employee_benefit_plan=="na"){
$employee_benefit_plan="Neither of the Above.";
}

if(isset($error)){
$error=http_build_query($error);
header("Location: ./index.php?investors=register2&error=".$error."");
}
else{
$sql="INSERT INTO $tbl_name VALUES ('$name', '$organization', '$email', '$phone', '$company_description', 
'$nature_inquiry', '$company_assets', '$natural_person', '$employee_benefit_plan', '$bank_savings', 
'$broker_dealer', '$development_company', '$equity_owners', '$confirm_agreement')";
mysql_query($sql);
}
?>

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.