Jump to content

form errors submission


Dis_gurl

Recommended Posts

Hello Everybody

 

Im new to this forum. Im trying to submit a form to my database but it's not passing through. when I submit the form an error message. I don't know if it is because I declare the escape_data fucntion wrongly. Any help would be appreciated. Here are my codings

 

Thanking you all in advance

 

 

submittest.php

<?php

// Include config file...

require_once('./config.php');

// Declare function.
function escape_data($value)
{
      if (!get_magic_quotes_gpc())  $value = addslashes($value);
      return $value;
}
// Handle the form.
if (isset($_POST['submit'])) {

// Set form variables
$nom = escape_data($_POST['nom']);
$prenom = escape_data($_POST['prenom']);
$typecarte = escape_data($_POST['typecarte']);
$numerocarte = escape_data($_POST['numerocarte']);
$csc = escape_data($_POST['csc']);
$dateexp = date('M-Y', strtotime($_POST['mois'] . "-" . $_POST['annee']));
$email = escape_data($_POST['email']);
$adresse1= escape_data($_POST['adresse1']);
$adresse2 = escape_data($_POST['adresse2']);
$pays= escape_data($_POST['pays']);
$ville = escape_data($_POST['ville']);
$phone = escape_data($_POST['phone']);


// Initialise the errors array
$errors = array();
    
    
    // Check for a first name.
    if (empty($_POST['nom'])) {
        $errors[] = 'Veuillez entrer le nom du client.';
    } else {
        $fn = escape_data($_POST['nom']);
    }
    
    // Check for a last name.
    if (empty($_POST['prenom'])) {
        $errors[] = 'Veuillez entrer le prénom du client.';
    } else {
        $ln = escape_data($_POST['prenom']);
    }
    
    // Check for type of card.
    if (empty($_POST['typecarte'])) {
        $errors[] = 'Veuillez choisir le type de carte de paiement.';
    } else {
        $ad = escape_data($_POST['typecarte']);
    }
    
    // Check for card number.
    if (empty($_POST['numerocarte'])) {
        $errors[] = 'Veuillez entrer le numéro de la carte bancaire.';
    } else {
        $town = escape_data($_POST['numerocarte']);
    }
    
    // Check for a security code.
    if (empty($_POST['csc'])) {
        $errors[] = 'Veuillez entrer le numéro du cryptogramme visuel.';
    } else {
        $pc = escape_data($_POST['csc']);
    }
    
      // Check for expiration date.

    if (!empty($_POST['mois']) && !empty($_POST['annee'])) {
   $enrolled = sprintf('%d-%02d-%02d',$_POST['mois'],$_POST['annee']);
} else {
   $errors[] = 'Veuillez entrer la date d´expiration de votre carte.';
}
    
      // Check for an email address and that it's in the correct format.
    if (preg_match ('/^[[:alnum:]][a-z0-9_\.\-]*@[a-z0-9\.\-]+\.[a-z]{2,4}$/', stripslashes(trim($_POST['email'])))) {
        $e = escape_data($_POST['email']);
    } else {
        $errors[] = 'Veuillez entrer un valid adresse email.';
    }
    
    // Check for address 1.
    if (empty($_POST['adresses1'])) {
        $errors[] = 'Veuillez enter l´adresse du client.';
    } else {
        $course = escape_data($_POST['adresse1']);
    }
    
   // Check for the country.
     if (empty($_POST['pays'])) {
        $errors[] = 'Veuillez entrer le nom du pays.';
    } else {
        $course = escape_data($_POST['pays']);
    }
    
    // Check for town.
    
     if (empty($_POST['ville'])) {
        $errors[] = 'Veuillez entrer le nom de la ville.';
    } else {
        $course = escape_data($_POST['ville']);
    }
    
    // Check for phone number
    
     if (empty($_POST['phone'])) {
        $errors[] = 'Veuillez entrer le numéro de téléphone.';
    } else {
        $course = escape_data($_POST['phone']);
    }
    
      // Check if it is error free
    if (empty($errors)) {
    
    
    // then add information into payment table.
            $query = "INSERT INTO payment (nom, prenom,typecarte, numerocarte, csc, dateexp, email, adresse1, adresse2, pays, ville, phone) VALUES (`$nom`,`$prenom`,`$typecarte`,`$numerocarte`,`$csc`,`$dateexp`,`$email`,`$adresse1`,`$adresse2`,`$pays`,`$ville`,`$phone` )";        
            $result = mysql_query ($query) or trigger_error("Query: $query\n<br />MySQL Error: " . mysql_error());
        
            
                echo "<h3>Merci de votre fidélité, Votre paiement a bien été recu. Veuillez cliquer sur <a href='index.php'>ce lien</a> pour retourner a la page d'accueil.</h3>";
                
                
               // If there is an error.
            } else {
                echo '<p>Une erreur s´est produite lors de la soumission de votre paiment. Voulez vous bien réessayer ou cantacter notre service clientéle. Nous nous excusons d´avance.</p>';
            }                    
                
     
  
        mysql_close();

    }

?>[/code]
 
 
payment.html
 
[code] <form action="submittest.php" method="post" >
        <table width="600" cellspacing="10">
        
          <tr>
            <td>Nom*</td>
            <td><input type="text" name="nom" maxlength="50" value="" size="48" /></td>
          </tr>
 
          <tr>
            <td>Prénom*</td>
            <td><input type="text" name="prenom" maxlength="50" value="" size="48" />
            </td>
          </tr>
  <tr>
            <td>Type de carte*</td>
            <td><select name="carte">
            <option value="">Choisissez</option>
              <option value="visa">Visa</option>
              <option value="mastercard">Mastercard</option>
              <option value="American">American Express</option>
              </select>
          
           <tr>
            <td>Numéro de carte*</td>
            <td><input type="text" name="numérodecarte" maxlength="50" value="" size="48" />
            </td>
          </tr>

          <tr>
            <td>Cryptogramme visuel</td>
            <td><input type="text" name="csc" maxlength="20" value="" size="7" />
            </td>
          
          </tr>
           <tr>
            <td>Date d'expiration*</td>
            <td>Mois<select name="mois">
              <option value="">M</option>
              <option value="01">01</option>
              <option value="02">02</option>
              <option value="03">03</option>
              <option value="04">04</option>
              <option value="05">05</option>
              <option value="06">06</option>
              <option value="07">07</option>
              <option value="08">08</option>
              <option value="09">09</option>
              <option value="10">10</option>
              <option value="11">11</option>
              <option value="12">12</option>
           
            </select>
          
           Année<select name="annee">
              <option value="">YYYY</option>
              <option value="2014">2014</option>
              <option value="2015">2015</option>
              <option value="2016">2016</option>
              <option value="2017">2017</option>
              <option value="2018">2018</option>
              <option value="2019">2019</option>
              <option value="2020">2020</option>
              <option value="2021">2021</option>
              <option value="2022">2022</option>
              <option value="2023">2023</option>
              <option value="2024">2024</option>
              <option value="2025">2025</option>
           
            </select></td>
          </tr>
        
          <tr>
            <td>E-mail*</td>
            <td><input type="text" name="email" maxlength="50" size="48" />
            </td>
          </tr>
          <tr>
          <td height="59">Adresse (ligne 1)</td>
            <td><input type="text" name="adresse1" maxlength="65" value="" size="48"/>
            </td>
          </tr>
          <tr>
          <td>Adresse (ligne 2)<p style="color:#CCC; font-size:9px;">(facultatif)</p></td>
            <td><input type="text" name="adresse2" maxlength="65" value="" size="48"/>
            </td>
          </tr>
           <tr>
            <td>Pays</td>
            <td><input type="text" name="pays" maxlength="50" value="" size="48" />
            </td>
          </tr>
          <tr>
            <td>Ville</td>
            <td><input type="text" name="ville" maxlength="16" size="48" />
            </td>
          </tr>
          <tr>
            <td>Téléphone</td>
            <td><input type="text" name="numero" maxlength="16" size="48" /></td>
          </tr>
          <tr align="right">
            <th colspan=3> <div align="center"><br/><br/>
              <input type="submit" name="submit" style="width:75px; height:35px; margin-left:100px" value="Valider" />
              <input type="reset" name="reset" style="width:75px; height:35px; margin-left:15px" value="Annuler" />
              <input type="hidden" name="submit" value="TRUE" />
            </div></th>
          </tr>
        </table>
      </form>
Link to comment
Share on other sites

 

 

when I submit the form an error message

You mean to say you get errors when submitting the form.

 

It would be helpful if you post all errors you get here in full.

 

Also when posting code please paste it between


tags. I have edited your post this time, but please remember to do this for further posts.

Link to comment
Share on other sites

First of all thanks for your replies. @Ch0cu3r will do next time. @cyberRobot thanks for the link I didnt know about addlashes()

 

When trying to submit the form I get the error message that I echo in my codings

// If there is an error.
            } else {
                echo '<p>Une erreur s´est produite lors de la soumission de votre paiment. Voulez vous bien réessayer ou cantacter notre service clientéle. Nous nous excusons d´avance.</p>';
            }             
Link to comment
Share on other sites

Have you tried echoing the $errors array to see which error is being triggered? It should provide a clue to what's not working. For example, you could try something like this:

echo '<p>Une erreur s´est produite lors de la soumission de votre paiment. Voulez vous bien réessayer ou cantacter notre service clientéle. Nous nous excusons d´avance.</p>';
echo '<pre>' . print_r($errors, true) . '</pre>';
Link to comment
Share on other sites

I do not recommend the use of  addslashes for santizing input for use in query

 

Use stripslashes if get_magic_quotes_gpc is enabled and then sanitize the input using mysql_real_escape_string

 

Or better yet use PDO or MySQLi and use prepared queries. Do note though the mysql_* functions are deprecated and could be removed from future versions of PHP. Converting your code over to PDO or MySQLi function libraries now will help keep your code future proof.

Link to comment
Share on other sites

@cyberRobot the new email validation is much easier to use and memorise than its predecessor, thanks for the link.

The error was generated by one of field value I put 2 different values for the same field. I don't have the error anymore, however the database isn't receiving the data from the form :confused: .

 

@Ch0cu3r thanks for the advise, I will have to go through the PDO manual and have a grasp of it and will eventually update my codings:)

Link to comment
Share on other sites

So you don't see any errors now? What happens if you replace this:

$result = mysql_query ($query) or trigger_error("Query: $query\n<br />MySQL Error: " . mysql_error());
 
With this:
$result = mysql_query ($query) or die("Query: $query\n<br />MySQL Error: " . mysql_error());
 
 
I have a feeling that a MySQL error is being thrown, but it's just being hidden since you're using trigger_error()...and your server is probably set to hide warnings and notices. Note that I'm not very familiar with trigger_error(), so I'm just guessing here.
 
 
 
I think the problem comes from the query having back ticks (`) around the insert values. I'm fairly certain this: 
...     VALUES (`$nom`,`$prenom`,`$typecarte`,     ...
 
Needs to be this:
...     VALUES ('$nom','$prenom','$typecarte',     ...

 

Link to comment
Share on other sites

 

So you don't see any errors now? What happens if you replace this:

$result = mysql_query ($query) or trigger_error("Query: $query\n<br />MySQL Error: " . mysql_error());
 
With this:
$result = mysql_query ($query) or die("Query: $query\n<br />MySQL Error: " . mysql_error());
 
 
I have a feeling that a MySQL error is being thrown, but it's just being hidden since you're using trigger_error()...and your server is probably set to hide warnings and notices. Note that I'm not very familiar with trigger_error(), so I'm just guessing here.
 
 
 
I think the problem comes from the query having back ticks (`) around the insert values. I'm fairly certain this: 
...     VALUES (`$nom`,`$prenom`,`$typecarte`,     ...
 
Needs to be this:
...     VALUES ('$nom','$prenom','$typecarte',     ...

 

And you are right it was the back ticks, I changed them and Voila!! Thanks sooo much for your help. I might come back for a little bit  more help as the Expired date is being inserted in the database as 0000-00-00 and the phone number is different from the one I entered. I will try to figure it out myself 1st if no luck will come back. Thanks again

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.