scm22ri Posted November 7, 2012 Share Posted November 7, 2012 Hi Everyone, If a user presses "submit" and does not fill in any information into the text fields they are suppose to get a error message stating "All fields Required" but if you press "submit" it says "Please enter a valid zip.Please enter a valid zip code Please enter a valid email." I'm not sure what I'm doing wrong here. Any ideas? http://whatsmyowncar...ship-submit.php <?php include "connect_to_mysql3.php"; //////////////// Below is the function function capitalize($element) { $element = strtolower($element); return ucwords($element); } //////////////// Above is the function if (isset ( $_POST['dealership'] ) ){ $dealership = $_POST['dealership']; $address = $_POST['address']; $state = $_POST['state']; $city = $_POST['city']; $zip = $_POST['zip']; $phone = $_POST['phone']; $website = $_POST['website']; $email = $_POST['email']; $name = $_POST['name']; $dealership = mysql_real_escape_string($dealership); $address = mysql_real_escape_string($address); $state = mysql_real_escape_string($state); $city = mysql_real_escape_string($city); $zip = mysql_real_escape_string($zip); $phone = mysql_real_escape_string($phone); $website = mysql_real_escape_string($website); $email = mysql_real_escape_string($email); $name = mysql_real_escape_string($name); $dealership = capitalize($dealership); $state = capitalize($state); $city = capitalize($city); $name = capitalize($name); if ( empty($dealership) || empty($address) || empty($state) || empty($city) || empty($zip) || empty($phone) || empty($website) || empty($email) || empty($name) ){ $errors[] = "All Fields Are Required! <br>"; } else { if (strlen($dealership) > 65){ $errors[] = 'Dealership name is too long. Shorten it'.'<br>'; } if (strlen($state) > 65){ $errors[] = 'State name too long. Shorten it'.'<br>'; } if (!is_numeric($zip)){ $errors[] = 'Please enter a valid zip.'.'<br>'; } if(strlen($zip) > 6 || strlen($zip) == 6){ // If string/pass length is greater then 6 or equal to 6 it will display password okay, // You can do further code here, else, It will show short pass error. // echo"Its good mate! have atleast 5 digit pass "; // You can continue your login code here... } else{ $errors[] = 'Please enter a valid zip code'.'<br>'; } if (filter_var($email, FILTER_VALIDATE_EMAIL) === FALSE){ $errors[] = 'Please enter a valid email.'.'<br>'; } } if(!empty($errors)){ foreach ($errors as $error){ echo "$error"; } } else { $insert = ("INSERT INTO dealers (name, state, city, age, email, password, time) VALUES ('$name','$state','$city','$age','$email','$password', now() )"); mysql_query($insert); /* $to = $email; $from = "admin@whatsmyowncarworth.com"; $subject = "Thanks for signing up!"; $message = '<html> <body bgcolor="#FFFFFF"> Hi ' . $name . ', <br /><br /> Thanks for signing up! <br /><br /> <a href="http://www.yahoo.com?city='. $city .'" target="_blank">Browse through cars in your city!</a> </a> <br /><br /> Thanks! </body> </html>'; $headers = "From: $from\r\n"; $headers .= "Content-type: text/html\r\n"; $to = "$to"; mail($to, $subject, $message, $headers); echo 'Thanks for submitting your information.'; */ } } ?> <form action="add-dealership-submit.php" method="POST"> <table> <tr> <td width="99">Dealership Name:</td> <td width="112"> <input type="text" name="dealership" value="<?php $dealership ;?> " /> </td> </tr> <tr> <td width="99">Address:</td> <td width="112"> <input type="text" name="address" value="<?php $address ;?> " /> </td> </tr> <tr> <td width="99">State:</td> <td width="112"> <input type="text" name="state" value="<?php $state ;?> " /> </td> </tr> <tr> <td width="99">City:</td> <td width="112"> <input type="text" name="city" value="<?php $city ;?> " /> </td> </tr> <tr> <td width="99">Zip:</td> <td width="112"> <input type="text" name="zip" value="<?php $zip ;?> " /> </td> </tr> <tr> <td width="99">Phone:</td> <td width="112"> <input type="text" name="phone" value="<?php $phone ;?> " /> </td> </tr> <tr> <td width="99">Website:</td> <td width="112"> <input type="text" name="website" value="<?php $website ;?> " /> </td> </tr> <tr> <td width="99">Email:</td> <td width="112"> <input type="text" name="email" value="<?php $email ;?> " /> </td> </tr> <tr> <td width="99">Your Name:</td> <td width="112"> <input type="text" name="name" value="<?php $name ;?> " /> </td> </tr> <tr> <td width="99"> <input type="submit" name="submit" value="Submit"> </td> </tr> </table> </form> Quote Link to comment https://forums.phpfreaks.com/topic/270431-form-help/ Share on other sites More sharing options...
PFMaBiSmAd Posted November 8, 2012 Share Posted November 8, 2012 Your form code is outputting a space after the <?php ?> code in each value attribute, so of course none of the fields are actually empty. A) You need to remove those spaces from the form code. B) As part of your filtering logic that you should apply before validating the submitted data, you should trim the values and/or filter out any characters that are not within the expected range of characters for the type of the data field. Quote Link to comment https://forums.phpfreaks.com/topic/270431-form-help/#findComment-1390981 Share on other sites More sharing options...
PFMaBiSmAd Posted November 8, 2012 Share Posted November 8, 2012 Also, you should escape data right before putting it into your query statement, not before validating it as any escape characters will alter the length of the string. Also, if you redisplay the entered data in the form fields upon an error condition, the escape characters would need to be removed. Quote Link to comment https://forums.phpfreaks.com/topic/270431-form-help/#findComment-1390982 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.