js form validator

[cainam29]

below is my form validator for my previous SQL statement,

 

 

function validateDBLoad ()
{
if((document.form1.XiD.value=="Blank") || (document.form1.PhoneNumber.value=="") || (document.form1.Category2.value=="") || (document.form1.Category3.value=="Blank") || (document.form1.Status.value=="Blank") || (document.form1.Createdate.value=="") || (document.form1.Severity.value=="") || (document.form1.BanType.value=="") || (document.form1.Date.value==""))
{
alert('Please fill up all the fields..');
return false;
}
else
{
alert('Ticket upload Successful.');
return true;
}
}

here is my previous PHP/SQL statement:

<?php
	error_reporting(0);
	require 'include/DB_Open.php';
	
	$RemedyTicketNo = $_POST['PhoneNumber'];
	$PhoneNumber = $_POST['PhoneNumber'];
	$Category2 = $_POST['Category2'];
	$Category3 = $_POST['Category3'];
	$Status = $_POST['Status'];
	$Createdate = $_POST['Createdate'];
	$Date = $_POST['Date'];
	$Severity = $_POST['Severity'];
	$BanType = $_POST['BanType'];
	$XiD = $_POST['XiD'];
	$Ticket = $_POST['Ticket'];
			
	if (isset($RemedyTicketNo))	
	{
	$sql="INSERT into tbl_main (ars_no, phone_number, category_1, category_2, status, create_date, resolved_date, trouble_type_priority, ban_type, employee_id_name) VALUES ('".$RemedyTicketNo."', '".$PhoneNumber."', '".$Category2."', '".$Category3."', '".$Status."', '".$Createdate."', '".$Date."', '".$Severity."', '".$BanType."', '".$XiD."')";
	$result=mysql_query($sql);
	
	header("Location: smp_backend.php");
	}
?>

now that i have modified my PHP/SQL code to:

<?php
	error_reporting(E_ALL);
	require 'include/DB_Open.php';
	
	if(isset($_POST['DBLoad']))
{
    //print_r($_POST);
    //die();
    $Category2 = $_POST['Category2'];
    $Category3 = $_POST['Category3'];
    $Status = $_POST['Status'];
    $Date = $_POST['Date'];
    $Severity = $_POST['Severity'];
    $BanType = $_POST['BanType'];
    $XiD = $_POST['XiD'];
    $Ticket = $_POST['Ticket'];

    //Process the input textareas into arrays
    $PhoneNumber = array_map('mysql_real_escape_string', explode("\r\n", $_POST['PhoneNumber']));
    $Createdate = array_map('mysql_real_escape_string', explode("\r\n", $_POST['Createdate']));
    $RemedyTicketNo = array_map('mysql_real_escape_string', explode("\r\n", $_POST['PhoneNumber']));
   //Determine the values with the least amoutn of elements
  $min_count = min(count($PhoneNumber), count($Createdate), count($RemedyTicketNo));

    //Create array to hold INSERT values
    $values = array();

    //Create the INSERT values
    for($index=0; $index<$min_count; $index++)
    {
    $values[] = "('$RemedyTicketNo[$index]','$PhoneNumber[$index]','$Createdate[$index]',
    '$Category2','$Category3','$Status','$Date','$Severity','$BanType','$XiD')";   
    }

  $sql="INSERT into tbl_main
 (ars_no,phone_number,create_date,category_1,category_2,status,resolved_date,trouble_type_priority,ban_type,employee_id_name)
 VALUES " . implode (',',$values);
   die();
    $result=mysql_query($sql);

    header("Location: smp_backend_test.php");
   }
?>

im thinking my form validator is not working properly because when i INSERT directly to MySQL using my new INSERT code its working fine but when im using a browser with my form validator set...data is not uploading to db...

 

[nogray]

You have a "die()"  before your sql insert. Also, if you are writing the sql query directly, use 'mysql_real_escape_string' on all the variables.