maideen Posted April 9, 2014 Share Posted April 9, 2014 Hi. I am new. I don't know how to validate certain data like emai, web site and numeric value. Here is my code which is work fine. Below is my code.Pls Help meadd.php <?php include_once '../inc/header.php'; ?> <Script Language="javascript"> function change_action() { var frm_obj=document.getElementById("frm"); frm_obj.action="data.php"; } </Script> <form action="" method="POST" id="frm" > <table class="" align="center" cellpadding="4" cellspacing="1"> <tr> <td><label class="lbl">ID </label></td> <td><label class="lbl">: </label></td> <td><input type="text" name="id" id="id" readonly="" class="txt"></td> </tr> <tr> <td><label class="lbl">Name </label></td> <td><label class="lbl">: </label></td> <td><input type="text" name="name" id="name" class="txt"></td> </tr> <tr> <td><label class="lbl">Address </label></td> <td><label class="lbl">: </label></td> <td><textarea name="address" id="address" class="txt" rows="5" cols="40"></textarea></td> </tr> <tr> <td><label class="lbl">Tel</label></td> <td><label class="lbl">: </label></td> <td><input type="text" name="tel" id="tel" class="txt"></td> </tr> <tr> <td><label class="lbl">Fax</label></td> <td><label class="lbl">: </label></td> <td><input type="text" name="fax" id="fax" class="txt"></td> </tr> <tr> <td><label class="lbl">Email</label></td> <td><label class="lbl">: </label></td> <td><input type="text" name="email" id="email" class="txt"></td> </tr> <tr> <td><label class="lbl">Web site</label></td> <td><label class="lbl">: </label></td> <td><input type="text" name="website" id="website" class="txt"></td> </tr> <tr> <td><label class="lbl">Type</label></td> <td><label class="lbl">: </label></td> <!--<td><input type="text" name="type" id="type" class="txt"></td>--> <td> <SELECT NAME=type id="type"> <OPTION VALUE=0>Choose <?php $sql="SELECT * FROM bk_parameter where type='typcs' order by id"; $result = mysqli_query($con,$sql); while($row = mysqli_fetch_array($result)) { $typename=$row["name"]; echo "<OPTION VALUE=\"$typename\">".$typename.'</option>'; } ?> </SELECT> </td> </tr> <tr> <td></td> <td></td> <td><input type="submit" value="submit" name="submit" class="btn" onclick="change_action()"> <input type="submit" value="back" name="back" class="btn" onclick="change_action()"></td> </tr> </table> </form> <?php include_once '../inc/footer.php'; ?> data.php <?php include_once '../inc/header.php'; //insert into table if (isset($_POST['submit']) && $_POST['submit'] != "" ) { $name = ($_POST["name"]); $address = ($_POST["address"]); $tel = ($_POST["tel"]); $fax = ($_POST["fax"]); $email = ($_POST["email"]); $website = ($_POST["website"]); $type = ($_POST["type"]); try { $sql="INSERT INTO bk_customer (name,address,tel,fax,email,website,type) VALUES ('$name','$address','$tel','$fax','$email','$website','$type')"; $result = mysqli_query($con,$sql) ; header("Location:index.php"); exit(); } catch (Exception $ex) { echo $e->getMessage() . "\n"; file_put_contents('PDOErrors.txt', $e->getMessage(), FILE_APPEND); exit(); } } //mysqli_close($con); // update table if (isset($_POST['update']) && $_POST['update'] != "" ) { $id= ($_POST["id"]); $name = ($_POST["name"]); $address = ($_POST["address"]); $tel = ($_POST["tel"]); $fax = ($_POST["fax"]); $email = ($_POST["email"]); $website = ($_POST["website"]); $type = ($_POST["type"]); try { $sql="UPDATE bk_customer SET name='$name',address='$address', tel='$tel',fax='$fax'," . "email='$email', website='$website',type='$type' WHERE id='$id'"; $result = mysqli_query($con,$sql) ; header("Location:index.php"); } catch (Exception $ex) { echo $e->getMessage() . "\n"; file_put_contents('PDOErrors.txt', $e->getMessage(), FILE_APPEND); exit(); } } // update record if (isset($_POST['delete']) && $_POST['delete'] != "" ) { $id=$_POST["id"]; try { $sql="DELETE FROM bk_customer WHERE id='$id'"; $result = mysqli_query($con,$sql) ; header("Location:index.php"); } catch (Exception $ex) { echo $e->getMessage() . "\n"; file_put_contents('PDOErrors.txt', $e->getMessage(), FILE_APPEND); exit(); } } // back to index.php if (isset($_POST['back']) && $_POST['back'] != "" ) { header("Location:index.php"); } Quote Link to comment Share on other sites More sharing options...
Ansego Posted April 9, 2014 Share Posted April 9, 2014 I would use php validate filters and sanitize: Reference: http://www.php.net/manual/en/book.filter.php Validate: http://www.php.net/manual/en/filter.filters.validate.php Sanitize: http://www.php.net/manual/en/filter.filters.sanitize.php Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.