Jump to content


Photo

Validation not working sucessfully


  • Please log in to reply
11 replies to this topic

#1 NeilB

NeilB
  • Members
  • PipPip
  • Member
  • 10 posts

Posted 09 October 2006 - 04:39 PM

I'm currently trying to get some validation to work sucessfully, but it is not working >:( I don't get any error messages either, just a blank screen when I submit the data to be inserted into the database, reguardless if the IF statements have been met or not.

<?
if(isset($_POST["submit"])){

$error_msg='';

if(trim($_POST["name"])=='' || strlen(trim($_POST["name"])) < 6 || strlen(trim($_POST["name"])) > 15) {
                $error_msg.="Please enter a name between 6 to 15 characters long<br>";
        }        if(isset($_POST["submit"])){

        if(trim($_POST["peak"])=='' || strlen(trim($_POST["peak"])) < 6 || strlen(trim($_POST["peak"])) > 15) {
                $error_msg.="Please enter a peak between 6 to 15 characters long<br>";
        }

        if(trim($_POST["offpeak"])=='' || strlen(trim($_POST["offpeak"])) < 6 || strlen(trim($_POST["offpeak"])) > 15) {
                $error_msg.="Please enter a off peak between 6 to 15 characters long<br>";
        }

        if(trim($_POST["peaknet"])=='' || strlen(trim($_POST["peaknet"])) < 6 || strlen(trim($_POST["peaknet"])) > 15) {
                $error_msg.="Please enter a peaknet between 6 to 15 characters long<br>";
        }

        if(trim($_POST["offpeaknet"])=='' || strlen(trim($_POST["offpeaknet"])) < 6 || strlen(trim($_POST["offpeaknet"])) > 15) {
                $error_msg.="Please enter a offpeaknet between 6 to 15 characters long<br>";
        }

        if(trim($_POST["txt"])=='' || strlen(trim($_POST["txt"])) < 6 || strlen(trim($_POST["txt"])) > 15) {
                $error_msg.="Please enter a txt between 6 to 15 characters long<br>";
        }

        if(trim($_POST["picture"])=='' || strlen(trim($_POST["picture"])) < 6 || strlen(trim($_POST["picture"])) > 15) {
                $error_msg.="Please enter a picture between 6 to 15 characters long<br>";
        }

        // display error message if any, if not, proceed to other processing
        if($error_msg==''){

        $name = $_POST["name"];
        $peak = $_POST["peak"];
        $offpeak = $_POST["offpeak"];
        $peaknet = $_POST["peaknet"];
        $offpeaknet = $_POST["offpeaknet"];
        $txt = $_POST["txt"];
        $picture = $_POST["picture"];

        $connection = mysql_connect("", "", "");

        mysql_select_db("neil", $connection)
        or die("Unable to select database");

        $query = "INSERT INTO sims VALUES ('','$name','$peak','$peaknet','$offpeaknet','$offpeak','$txt','$picture')";

        mysql_query($query);


        echo mysql_error().

        mysql_close($connection);

        Print "New sim sucessfully created";
        }
} else {
              echo "<font color=red face='Verdana'>$error_msg</font>";
        }
}


?>

#2 redarrow

redarrow
  • Members
  • PipPipPip
  • Advanced Member
  • 7,308 posts
  • Locationlondon

Posted 09 October 2006 - 05:03 PM

Just so we can all see it.
<?php
if(isset($_POST["submit"])){

$error_msg='';

if(trim($_POST["name"])=='' || strlen(trim($_POST["name"])) < 6 || strlen(trim($_POST["name"])) > 
15) 
{
                $error_msg.="Please enter a name between 6 to 15 characters long
";
        }        if(isset($_POST["submit"])){

        if(trim($_POST["peak"])=='' || strlen(trim($_POST["peak"])) < 6 || strlen(trim($_POST["peak"])) >
 15)
 {
                $error_msg.="Please enter a peak between 6 to 15 characters long
";
        }

        if(trim($_POST["offpeak"])=='' || strlen(trim($_POST["offpeak"])) < 6 || strlen
(trim($_POST["offpeak"])) > 15) {
                $error_msg.="Please enter a off peak between 6 to 15 characters long
";
        }

        if(trim($_POST["peaknet"])=='' || strlen(trim($_POST["peaknet"])) < 6 || strlen(trim($_POST
["peaknet"])) > 15) {
                $error_msg.="Please enter a peaknet between 6 to 15 characters long
";
        }

        if(trim($_POST["offpeaknet"])=='' || strlen(trim($_POST["offpeaknet"])) < 6 || 
strlen(trim($_POST["offpeaknet"])) > 15) {
                $error_msg.="Please enter a offpeaknet between 6 to 15 characters long
";
        }

        if(trim($_POST["txt"])=='' || strlen(trim($_POST["txt"])) < 6 || strlen
(trim($_POST["txt"])) > 15) {
                $error_msg.="Please enter a txt between 6 to 15 characters long
";
        }

        if(trim($_POST["picture"])=='' || strlen(trim($_POST["picture"])) < 6 || 
strlen(trim($_POST["picture"])) > 15) {
                $error_msg.="Please enter a picture between 6 to 15 characters long
";
        }

        // display error message if any, if not, proceed to other processing
        if($error_msg==''){

        $name = $_POST["name"];
        $peak = $_POST["peak"];
        $offpeak = $_POST["offpeak"];
        $peaknet = $_POST["peaknet"];
        $offpeaknet = $_POST["offpeaknet"];
        $txt = $_POST["txt"];
        $picture = $_POST["picture"];

        $connection = mysql_connect("", "", "");

        mysql_select_db("neil", $connection)
        or die("Unable to select database");

        $query = "INSERT INTO sims VALUES ('','$name','$peak','$peaknet','$offpeaknet','$offpeak','$txt','$picture')";

        mysql_query($query);


        echo mysql_error().

        mysql_close($connection);

        Print "New sim sucessfully created";
        }
} else {
               echo "<font color=red face='Verdana'>$error_msg</font>";
        }
}


?>


Wish i new all about php DAM i will have to learn
((EMAIL CODE THAT WORKS))
http://simpleforum.ath.cx/mail2.inc
((PAYPAL INTEGRATION THAT WORKS))
http://simpleforum.a...aypal1_info.inc

#3 phporcaffeine

phporcaffeine
  • Members
  • PipPipPip
  • Advanced Member
  • 361 posts
  • LocationOhio, USA

Posted 09 October 2006 - 05:06 PM

I'd need to see your table structure to know for sure, but it is most likely a query error.  For every ' mysql_query(); put OR die(mysql_error()); behind it.  It would look like;

mysql_query($query) OR die(mysql_query());

1.) I noticed that you haven't supplied any mysql_connect credentials.

2.) Your INSERT query is incorrect, you need to supply table names to the left of VALUES.

P.S (not essential but it's good practice to use <?php as the start tag Vs. <?)

Also,

I noticed that your code could use a bit of re-factoring;

<?php
if(isset($_POST["submit"])){

	unset($_POST['submit']);  
	//YOU CAN USE ARRAY_POP() INSTEAD
	//THE POINT IS TO GET ALL ELEMENTS OUT OF 
	//THE STACK YOU DONT WANT VALIDATED

            $error_msg = NULL;
	
	foreach ($_POST as $key => $value) {
		
		if (is_null($_POST[$key]) || strlen(trim($_POST[$key])) < 6 || strlen(trim($_POST[$key])) > 15) {
			
			$error_msg .= "<span style=\"font-face: Verdana; font-size: 12px; color: black;\">Please enter a <span style=\"color: maroon; text-decoration: underline; font-weight: bold;\">$key</span> between 6 to 15 characters long</span><br /><br />";
			
		}
	
	}
		
	if (is_null($error_msg)) {
	
    $name = $_POST["name"];
    
    $peak = $_POST["peak"];
    
    $offpeak = $_POST["offpeak"];
    
    $peaknet = $_POST["peaknet"];
    
    $offpeaknet = $_POST["offpeaknet"];
    
    $txt = $_POST["txt"];
    
    $picture = $_POST["picture"];

    $connection = mysql_connect("", "", "");

    mysql_select_db("neil", $connection)or die("Unable to select database");

    $query = "";

    mysql_query("INSERT INTO sims (tbl_1, tbl_2, tbl_3, tbl_4, tbl_5, tbl_6, tbl_7, tbl_8) VALUES ('','$name','$peak','$peaknet','$offpeaknet','$offpeak','$txt','$picture')") OR die(mysql_error());

    mysql_close($connection);

    echo "New sim sucessfully created";
    	
	} 
	
	else {
		
		echo $error_msg;
	}
}
?>

P.S. To be clear, your INSERT query isn't incorrect "technically", but I would add the table names because it makes things so much easier when trouble shooting.
Thanks,

Ryan Huff
President & Founder, MyCodeTree
support@mycodetree.com | http://mycodetree.com

#4 Daniel0

Daniel0
  • Staff Alumni
  • Advanced Member
  • 11,956 posts

Posted 09 October 2006 - 05:07 PM

Try this:
<?php
function out_of_range($value,$min=6,$max=15)
{
	return (strlen(trim($value))<$min || strlen(trim($value))>$max);
}

if(isset($_POST["submit"]))
{
	$error_msg = array();
	if(out_of_range($_POST['name']))
	{
		$error_msg[] = "Please enter a name between 6 to 15 characters long";
	}
	if(out_of_range($_POST['peak']))
	{
		$error_msg[] = "Please enter a peak between 6 to 15 characters long";
	}
	if(out_of_range($_POST['offpeak']))
	{
		$error_msg[] = "Please enter a off peak between 6 to 15 characters long";
	}
	if(out_of_range($_POST['peaknet']))
	{
		$error_msg[] = "Please enter a peaknet between 6 to 15 characters long";
	}
	if(out_of_range($_POST['offpeaknet']))
	{
		$error_msg[] = "Please enter a offpeaknet between 6 to 15 characters long";
	}
	if(out_of_range($_POST['txt']))
	{
		$error_msg[] ="Please enter a txt between 6 to 15 characters long";
	}
	if(out_of_range($_POST['picture']))
	{
		$error_msg[] = "Please enter a picture between 6 to 15 characters long";
	}
	
	if(count($error_msg)<=0)
	{
		$name		= mysql_real_escape_string($_POST["name"]);
		$peak		= mysql_real_escape_string($_POST["peak"]);
		$offpeak	= mysql_real_escape_string($_POST["offpeak"]);
		$peaknet	= mysql_real_escape_string($_POST["peaknet"]);
		$offpeaknet	= mysql_real_escape_string($_POST["offpeaknet"]);
		$txt		= mysql_real_escape_string($_POST["txt"]);
		$picture	= mysql_real_escape_string($_POST["picture"]);

		$connection	= mysql_connect("", "", "");

		mysql_select_db("neil", $connection) or die("Unable to select database: ".mysql_error());
		
		mysql_query("INSERT INTO sims VALUES ('','$name','$peak','$peaknet','$offpeaknet','$offpeak','$txt','$picture')") or die(mysql_error());
		
		mysql_close($connection);

		echo "New sim sucessfully created";
	}
	else {
		echo "<span style='font-weight: bold; color: red;'>Error(s):</span><br /><ul><li>";
		echo join('</li><li>',$error_msg);
		echo "</ul>";
	}
}
else {
	// show form
}
?>


#5 redarrow

redarrow
  • Members
  • PipPipPip
  • Advanced Member
  • 7,308 posts
  • Locationlondon

Posted 09 October 2006 - 05:14 PM

Try this ok.
<?php

$name = addslashes($_POST["name"]);
$peak =addslashes($_POST["peak"]);
$offpeak =addslashes( $_POST["offpeak"]);
$peaknet = addslashes($_POST["peaknet"]);
$offpeaknet = addslashes($_POST["offpeaknet"]);
$txt = addslashes($_POST["txt"]);
$picture =addslashes( $_POST["picture"]);

if(isset($_POST["submit"])){

if(trim($_POST["name"])=='none' || strlen(trim($_POST["name"])) < 6 || strlen(trim($_POST["name"])) > 15) {
                echo"Please enter a name between 6 to 15 characters long
";
        }        if(isset($_POST["submit"])){

        if(trim($_POST["peak"])=='none' || strlen(trim($_POST["peak"])) < 6 || strlen(trim($_POST["peak"])) > 15) {
                echo"Please enter a peak between 6 to 15 characters long
";
        }

        if(trim($_POST["offpeak"])=='' || strlen(trim($_POST["offpeak"])) < 6 || strlen(trim($_POST["offpeak"])) > 15) {
                echo"Please enter a off peak between 6 to 15 characters long
";
        }

        if(trim($_POST["peaknet"])=='none' || strlen(trim($_POST["peaknet"])) < 6 || strlen(trim($_POST["peaknet"])) > 15) {
                echo"Please enter a peaknet between 6 to 15 characters long
";
        }

        if(trim($_POST["offpeaknet"])=='none' || strlen(trim($_POST["offpeaknet"])) < 6 || strlen(trim($_POST["offpeaknet"])) > 15) {
                echo"Please enter a offpeaknet between 6 to 15 characters long
";
        }

        if(trim($_POST["txt"])=='none' || strlen(trim($_POST["txt"])) < 6 || strlen(trim($_POST["txt"])) > 15) {
                echo"Please enter a txt between 6 to 15 characters long
";
        }

        if(trim($_POST["picture"])=='none' || strlen(trim($_POST["picture"])) < 6 || strlen(trim($_POST["picture"])) > 15) {
                echo"Please enter a picture between 6 to 15 characters long
";
        }
$db=mysql_connect("xxx","xxx","xxx");
mysql_select_db("xxx",$db);
       
$query = "INSERT INTO sims VALUES ('','$name','$peak','$peaknet','$offpeaknet','$offpeak','$txt','$picture')";
mysql_query($query) or die("query problam");

Print "New sim sucessfully created";
}
   
 }
?>


Wish i new all about php DAM i will have to learn
((EMAIL CODE THAT WORKS))
http://simpleforum.ath.cx/mail2.inc
((PAYPAL INTEGRATION THAT WORKS))
http://simpleforum.a...aypal1_info.inc

#6 kenrbnsn

kenrbnsn
  • Staff Alumni
  • Advanced Member
  • 8,235 posts
  • LocationHillsborough, NJ, USA

Posted 09 October 2006 - 05:22 PM

Here's my take on your code. I've tightened it up considerably by using an array to store the errors, a for loop & switch statement to loop through the submitted fields and an array to help generate the query. The generated query uses the alternative version of the INSERT command. I also changed your <font> tag to the more modern [niobbc]<span>[/nobbc] tag.
<?php
$error_msg=array();
$qtmp = array();
if(isset($_POST["submit"])){
	foreach($_POST as $field => $value) {
		switch ($field) {
			case 'name':
			case 'peak':
			case 'offpeak':
			case 'peaknet':
			case 'offpeaknet':
			case 'txt':
			case 'picture':
				if (strlen(trim(stripslashes($value))) < 6 ||
					 strlen(trim(stripslashes($value))) > 15)
					 	$error_msg[] = 'Please enter a ' . $field . ' between 6 and 15 characters long';
				else {
					$qtmp[] = $field . " = '" . mysql_real_escape_string(trim(stripslashes($value))) . "'";
					$$field = $value;
				}
				break;
		}
	}
	// display error message if any, if not, proceed to other processing
	if(empty($error_msg){
		$connection = mysql_connect("", "", "");
		mysql_select_db("neil", $connection) or die("Unable to select database");
		$query = 'insert into sims set ' . implode(', ',$qtmp);
		mysql_query($query) or die("Problem with the insert query: $query<br>" . mysql_error();
		Print "New sim sucessfully created";
	} else {
	      echo '<span style="color:red; font-face="Verdana">' . implode("<br>\n",$error_msg) . "</span>";
	}
}
?>

Ken

#7 redarrow

redarrow
  • Members
  • PipPipPip
  • Advanced Member
  • 7,308 posts
  • Locationlondon

Posted 09 October 2006 - 05:25 PM

kenrbnsn  nice code can not wait untill i can do that.



Wish i new all about php DAM i will have to learn
((EMAIL CODE THAT WORKS))
http://simpleforum.ath.cx/mail2.inc
((PAYPAL INTEGRATION THAT WORKS))
http://simpleforum.a...aypal1_info.inc

#8 phporcaffeine

phporcaffeine
  • Members
  • PipPipPip
  • Advanced Member
  • 361 posts
  • LocationOhio, USA

Posted 09 October 2006 - 05:31 PM

Here's my take on your code. I've tightened it up considerably by using an array to store the errors, a for loop & switch statement to loop through the submitted fields and an array to help generate the query. The generated query uses the alternative version of the INSERT command. I also changed your <font> tag to the more modern [niobbc]<span>[/nobbc] tag.

<?php
$error_msg=array();
$qtmp = array();
if(isset($_POST["submit"])){
	foreach($_POST as $field => $value) {
		switch ($field) {
			case 'name':
			case 'peak':
			case 'offpeak':
			case 'peaknet':
			case 'offpeaknet':
			case 'txt':
			case 'picture':
				if (strlen(trim(stripslashes($value))) < 6 ||
					 strlen(trim(stripslashes($value))) > 15)
					 	$error_msg[] = 'Please enter a ' . $field . ' between 6 and 15 characters long';
				else {
					$qtmp[] = $field . " = '" . mysql_real_escape_string(trim(stripslashes($value))) . "'";
					$$field = $value;
				}
				break;
		}
	}
	// display error message if any, if not, proceed to other processing
	if(empty($error_msg){
		$connection = mysql_connect("", "", "");
		mysql_select_db("neil", $connection) or die("Unable to select database");
		$query = 'insert into sims set ' . implode(', ',$qtmp);
		mysql_query($query) or die("Problem with the insert query: $query<br>" . mysql_error();
		Print "New sim sucessfully created";
	} else {
	      echo '<span style="color:red; font-face="Verdana">' . implode("<br>\n",$error_msg) . "</span>";
	}
}
?>

Ken


Ken, nice code.  I have done the same above in my original POST, you can further simplify the code because you do not need a switch or an array for the error messages.
Thanks,

Ryan Huff
President & Founder, MyCodeTree
support@mycodetree.com | http://mycodetree.com

#9 kenrbnsn

kenrbnsn
  • Staff Alumni
  • Advanced Member
  • 8,235 posts
  • LocationHillsborough, NJ, USA

Posted 09 October 2006 - 05:42 PM

I used the foreach and the switch because the OP didn't indicate whether there were more fields on his form. If there are other fields, then he can just add more case statements. If those are the only fields of the form, then the switch statement could be replaced with an if that makes sure that the $field being tested is not the submit button.

Another way of doing the error message would be to just store the offending field names in the array and then insert them into the error message with something like this:
<?php
if (!empty($error_msg))
   echo '<span style="color:red; font-face="Verdana">The following fields were either less than 6 characters or more than 15 characters long:<br>' . implode(', ',$error_msg) . '<br>';
?>

Ken

#10 phporcaffeine

phporcaffeine
  • Members
  • PipPipPip
  • Advanced Member
  • 361 posts
  • LocationOhio, USA

Posted 09 October 2006 - 05:45 PM

I used the foreach and the switch because the OP didn't indicate whether there were more fields on his form. If there are other fields, then he can just add more case statements. If those are the only fields of the form, then the switch statement could be replaced with an if that makes sure that the $field being tested is not the submit button.

Another way of doing the error message would be to just store the offending field names in the array and then insert them into the error message with something like this:

<?php
if (!empty($error_msg))
   echo '<span style="color:red; font-face="Verdana">The following fields were either less than 6 characters or more than 15 characters long:<br>' . implode(', ',$error_msg) . '<br>';
?>

Ken


Correct, or as I have done, you can initially set the var to NULL and then if any stack elements fire bad on the validation just append to the string $error_msg .=

Either way works just fine, just a different approach I suppose.

Thanks Ken
Thanks,

Ryan Huff
President & Founder, MyCodeTree
support@mycodetree.com | http://mycodetree.com

#11 Daniel0

Daniel0
  • Staff Alumni
  • Advanced Member
  • 11,956 posts

Posted 09 October 2006 - 05:48 PM

Not checking for the field names would be a security issue. Imagine a user registration script like this. Say there is another field called is_admin which defaults to 0 (false) and therefor is not included in the query as it is not needed. The user could send an extra post variable called is_admin with the value 1 (true) and thereby gain administrative rights.

#12 NeilB

NeilB
  • Members
  • PipPip
  • Member
  • 10 posts

Posted 09 October 2006 - 06:01 PM

Thanks guys, I was hoping to try to keep the same format as I started out with so I could have a go at using regular expressions to validate if an e-mail address is in the correct format etc...

Whats really got me is that the coding I originally posted works fine on another page, but refuses to work on this one. ???




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users