Inserting a value into a session user table

[cl0482]

I am having a heck of a time trying to figure this one out. When I click submit and my function returns as true I want the value subscribed to replace null for my session user. I am new to php so my code may be incorrect in a few places. This is the code I have that is after my submit input.My function is called validateForm. 

<?php


$connect=mysql_connect('localhost','user','pass');
if(!$connect){
echo "<script> alert('Connection to Server is Lost or Restricted For Your IP .')</script> ";
exit();
}


$db=mysql_select_db('d');
if(!$db){
echo "<script> alert('Connection to Database Succussfull but Sorry Access Denied !')</script>";
exit();


if (validateForm == true) 
{
$query = "insert into users(sub) values ( '" . isSessionSet('username') . "', '" . 
isSessionSet('sub') . "' )
" or die(mysql_error());


mysql_query($query);}

[benanamen]

You can toss all that code. You are using obsolete code that has been completely removed from PHP. Go to this PDO tutorial and start from there.

 

https://phpdelusions.net/pdo

Edited April 3, 2016 by benanamen

[mac_gyver]

the syntax for a function call would be validateForm()

 

the syntax you current have would be interpreted as a reference to a defined constant and if you had php's error_reporting set to E_ALL and display_errors set to ON, you would be getting an error to help point out the problem.

[cl0482]

You can toss all that code. You are using obsolete code that has been completely removed from PHP. Go to this PDO tutorial and start from there.

 

https://phpdelusions.net/pdo

Thanks! It's been ages since I touched anything php and this is what I remembered. I didn't know it was obsolete. Am I on the correct path for validating if my function is correct? 

[cl0482]

the syntax for a function call would be validateForm()

 

the syntax you current have would be interpreted as a reference to a defined constant and if you had php's error_reporting set to E_ALL and display_errors set to ON, you would be getting an error to help point out the problem.

Would the code be 

if (validateForm() ) {

// when its true

} else {

// when its false

}

[benanamen]

What exactly are you trying to accomplish, and I don't mean how you think you need to do something. What is the overall task at hand?

[cl0482]

I want to insert the value subscribed into my sub field in my session user table after the function validates returns as true. 

Edited April 3, 2016 by cl0482

[benanamen]

I dont see a thing about a subscribed value or a sub field or any function. I have no idea what your doing.

[cl0482]

Sorry I may be describing everything incorrectly. I didn't post my whole code because it's quite long. The sub field is in my user database and it's null for all registered users. The validateForm function validates information that the session user enters. Once the function is validates everything the user enters and returns as true I would like the null in the sub field of the user database to switched from NULL to subscribed. 

This is the table

 

+-----------+-------------+------+-----+---------+----------------+
| Field     | Type        | Null | Key | Default | Extra          |
+-----------+-------------+------+-----+---------+----------------+
| user_id   | int(11)     | NO   | PRI | NULL    | auto_increment | 
| username  | varchar(50) | YES  |     | NULL    |                | 
| password  | varchar(50) | YES  |     | NULL    |                | 
| email     | varchar(50) | YES  |     | NULL    |                | 
| city      | varchar(50) | YES  |     | NULL    |                | 
| state     | varchar(2)  | YES  |     | NULL    |                | 
| zip       | char(15)    | YES  |     | NULL    |                | 
| phone     | varchar(15) | YES  |     | NULL    |                | 
| firstName | varchar(50) | YES  |     | NULL    |                | 
| lastName  | varchar(50) | YES  |     | NULL    |                | 
| sub       | int(1)      | YES  |     | NULL    |                | 
| orderDate | date        | YES  |     | NULL    |                | 
| endDate   | date        | YES  |     | NULL    |                | 
+-----------+-------------+------+-----+---------+----------------+

I am not sure how to call a function to see if it's true and how to change information for a session user. Hopefully I described everything correctly that time.

[benanamen]

You should probably post your code or this thread is going to get very long. I will understand the code much better than you trying to talk about it.

Edited April 3, 2016 by benanamen

[cl0482]

I am working on switching mysql to mysqli as we speak. Here is my entire code. Once the validateForm function verifies the card is a visa length and that the date is not expired it will return true. Once the forms are validated I would like the sub field in my database to change from null to subscribed. Thanks again and sorry for the old code. 

 

<?php
mysql_connect('localhost','user','pass');
mysql_select_db('db');
session_start();
$username=$_SESSION['username'];
if(!$username){
    die("Please login");
}
else
{
$query="select *from users WHERE username='$username' ";
$run=mysql_query($query);
while($row=mysql_fetch_array($run)){
$admin=$row['username'];
}
}
?>
<!doctype html>
<html>
<head>
<title>entrySubscription</title>
<link rel="stylesheet" type="text/css"  href="Substyle.css">  
   <script src="http://code.jquery.com/jquery-1.9.1.js" type="text/javascript"></script>
    <script src="js/general.js" type="text/javascript">
    </script>   
</head>
<body>
<form name="myForm" autocomplete="on" onsubmit="return validateForm()">


<p><label>First name (required) <input type="text" id="firstName" 
autofocus="autofocus" /> </label></p> 


<p><label>Last name (required) <input type="text" id="lastName"/> </label></p>


<p> Email address (required)
<input type="text" id="email" /> </p> 


<p> Postcode (required)
<input type="text" id="postcode"/> </p> 


<p> Payment type (required)
<select id="paymentType" title="Choose a payment type">
  <option value="0">Select a payment option</option>
  <option value="visa">VISA</option>
</select>
</p>


<p> Expiry date (required)
<select id="exMonth" title="select a month">
<option value="0">Enter month</option>
    <option value="01">January</option>
    <option value="02">February</option>
    <option value="03">March</option>
    <option value="04">April</option>
    <option value="05">May</option>
    <option value="06">June</option>
    <option value="07">July</option>
    <option value="08">August</option>
    <option value="09">September</option>
    <option value="10">October</option>
    <option value="11">November</option>
    <option value="12">December</option>
</select>


<select id="exYear" title="select a year">
 <option value="0">Enter year</option>
    <option value="2016">2016</option>
    <option value="2017">2017</option>
    <option value="2018">2018</option>
    <option value="2019">2019</option>
    <option value="2020">2020</option>
    <option value="2021">2021</option>
    <option value="2022">2022</option>
    <option value="2023">2023</option>
    <option value="2024">2024</option>
    <option value="2025">2025</option>
    <option value="2026">2026</option>
    <option value="2027">2027</option>
    <option value="2028">2028</option>
    <option value="2029">2029</option>
    <option value="2030">2030</option>
    <option value="2031">2031</option>
</select>
</p>
<p><label>Credit card number (required) <input type="text" id="cardNumber"/> </label></p> 
<div id="centreimg">
<input type="submit" name="S1" value="Submit response" />
<input type="reset" name="reset" value="Clear form" /> 
</div>
</form>
</body>


<?php


$connect=mysql_connect('localhost','user','pass');
if(!$connect){
echo "<script> alert('Connection to Server is Lost or Restricted For Your IP .')</script> ";
exit();
}


$db=mysql_select_db('db');
if(!$db){
echo "<script> alert('Connection to Database Succussfull but Sorry Access Denied !')</script>";
exit();


if (validateForm == true) 
{
$query = "insert into users() values ( '" . isSessionSet('') . "', '" . 
isSessionSet('') . "' )
" or die(mysql_error());


mysql_query($query);
}
?>
</html>

[benanamen]

You really need to start with the basics of coding. There is too much wrong going on here.

[mac_gyver]

@cl0482, there is something wrong with almost everything you have shown us about your database table design, your code, and your statement of what you are trying to do.

 

programming requires a clear definition of what exactly the code is going to do, before you write any code.

 

ignoring that you shouldn't even be inputting a credit card number * and that you shouldn't be storing things like subscription/order data in the users table, your code requires a $_SESSION['username'] value (you should actually be storing the user_id in the session variable) in order to do anything. this implies that the current visitor must already be registered and logged in. this would require there to already be a row for the current visitor in your users database table. to alter the value in the `sub` column for an existing row, you would use an UPDATE query, not an INSERT query. your form would also only have the necessary fields for the subscription data. all the other fields for the user 'registration' data don't belong.

 

* if you need a realistic and safe example of some data to add/update for a user, do something like a date of birth.

 

edit: the following post contains a recommend layout for your code on the page - http://forums.phpfreaks.com/topic/297824-database-issues-and-working/?do=findComment&comment=1519095 following this will group together like things, which will eliminate duplication, and separate the different concerns in the code.

Edited April 4, 2016 by mac_gyver

[cl0482]

This is just me practicing trying to figure out the code. The credit card can be any number as long as it's 16 digits long. The credit card number was just an example and this is not going to be live at all. I am just trying to figure out how to store data from a field into a database with a session user when the onsumbit"return validateForm()" comes back as true. I was able to create a registration and login form and the username is stored in there. The only person that can view the website is a registered user.

Lets say I use this code. I know the the code is old and has flaws with security issues. Once I figure out how to update a session database this way I will be changing all my other php files(I have a lot) to mysqli and fix other issues. 

<?php
mysql_connect('localhost','user','pass');
mysql_select_db('user');
session_start();
$username=$_SESSION['username'];


if(!$username){
    die("Please login");
}
else
{
$query="select *from users WHERE username='$username' ";
$run=mysql_query($query);
while($row=mysql_fetch_array($run)){
$admin=$row['username'];
}
}
?>
?><form  method="post" name="myForm" autocomplete="on" onsubmit="return validateForm()">
 <p><label>Please type yes if you accept the charge (required) <input type="text" id="sub"/> </label></p>
<input type="submit" name="submit" value="Submit" />

Thank you everyone for the information on the previous posts.

Edited April 4, 2016 by cl0482

[cl0482]

I was able to update my database. Now I will work on fixing my code. Thank you for all the information.