Jump to content

Problem with my code from php in mysql

abadon

By abadon
in PHP Coding Help

 Share

Recommended Posts

abadon Newbie

abadon

Posted
Posted

Hello, could you help me. I have a problem. When I don't write, nothing in the fields and click save, I save an empty field in the database. How can I do that.
                 <label>Title</label 
        <input class="form-control" type="text" name="title";  
                <label>Аuthor</label>
                <input class="form-control" type="text" name="author">
              ................
            <br>
            <div style="padding-left: 10px;">
       <button  type="submit" name="save">save</button></div>
       
        <?php 
        include 'config.php';    
          if(isset($_POST['save'])){     
     
       if($link->connect_error){
    die('Connect failed: '.$link->connect_error);
} else{
    $stmt=$link->prepare("insert into user_books(user_name_books,user_name_author,user_year,user_ISBAN)  value(?,?,?,?)");
    $stmt->bind_param("ssss",$title,$author,$year,$isban);
   $execval=$stmt->execute();
 
  
if(!isset($title) || trim($title)=='') {
echo  'You did not fill out the required fields title';}
else { 
    if(!isset($author) || trim($author)==''){
        echo " You did not fill out the required fields author";
    }
    else { if(!isset($year)|| trim($year)==''){
        echo 'You did not fill out the required fields year'; 
    } 
    else { if(!isset($isban) || trim($isban)==''){
    echo 'You did not fill out the required fields isban';}
    else {
          header("Location: homeUserFinish.php");  }}

Link to comment
https://forums.phpfreaks.com/topic/314426-problem-with-my-code-from-php-in-mysql/
Share on other sites
gw1500se Prolific Member

gw1500se

Posted
Posted

First, please use the code icon (<>) in the top menu and specify PHP. I'm not sure I understand what you are asking but if you leave the empty column name off of your insert, it will not be set unless your schema made it a required field.

ginerjm Prolific Member

ginerjm

Posted
Posted

Your cleaned up code, such as it is: 

<label>Title</label 
<input class="form-control" type="text" name="title";  
<label>Аuthor</label>
<input class="form-control" type="text" name="author">
<br>
<div style="padding-left: 10px;">
<button type="submit" name="save">save</button>
</div>

<?php 
include 'config.php';    
if(isset($_POST['save']))
{     
	if($link->connect_error)
	{
		die('Connect failed: '.$link->connect_error);
	} 
	else
	{
		$stmt = $link->prepare("insert into user_books(user_name_books, user_name_author, user_year, user_ISBAN)  value(?, ?, ?, ?)");
		$stmt->bind_param("ssss", $title, $author, $year, $isban);
		$execval = $stmt->execute();
		if(!isset($title) || trim($title) == '') 
		{
			echo  'You did not fill out the required fields title';
		}
		else 
		{ 
			if(!isset($author) || trim($author) == '')
			{
				echo " You did not fill out the required fields author";
			}
			else 
			{ 
				if(!isset($year) || trim($year) == '')
				{
					echo 'You did not fill out the required fields year'; 
				} 
				else 
				{ 
					if(!isset($isban) || trim($isban)=='')
					{
						echo 'You did not fill out the required fields isban';
					}
					else 
					{
						header("Location: homeUserFinish.php");
					}
				}

You are showing us how you are handling the received POST data.  The only thing is where do all of the fields you are editing come from since you don't show us?
It seems that if you don't have any POST data you don't do any of these checks so that is one hole. And since you are asking about the 'save' process, it would be helpful if you showed us THAT code from your other script instead of this one.

  • Like 1
mac_gyver Prolific Member

mac_gyver

Posted
Posted (edited)

if the order of the posted code is actually what exists, your validation logic is after the point where you are inserting the data. how do you expect this to prevent the insert query from executing? you would need to validate the data first, then execute the insert query if there are no validation errors.

the simple way to do this is add any validation errors to an array, using the field name as the array index, then after all the validation logic, test if the array holding the validation errors is empty. if the array is empty, you would build, prepare, and execute the insert query. to display the validation errors, when you re-display the form, you would test and display the non-empty content of the array.

next, validating each different input is not dependent on the result of the previous validation step. you should validate all the inputs at once, so that the visitor can correct all the validation errors at one time.

you should also not use isset() for inputs that will always be set when the form has been submitted. only un-checked checkbox and radio buttons won't be set. by using isset() for the always set form fields, you are hiding programming/typo mistakes and cluttering up your code with unnecessary typing.

you should trim all inputs at once, then use the trimmed values throughout the rest of your code. if your current code was in the proper order, you are validating the trimmed values, but using the original untrimmed values in the query. the simple way of correcting this is to keep the input data as an array, use array_map() to make a trimmed copy into a different, working variable (you want to leave the original $_POST data as is), then operate on elements in this working array variable throughout the rest of the code.

finally, the header() redirect in your post method form processing code should be to the exact same URL of the current page to cause a get request for that page. this will prevent the browser from trying to resubmit the form data if the user reloads that page or browses away from and back to that page. the header() redirect also needs an exit; statement after it to stop php code execution. if you want the user to be able to go to a different page, provide navigation link(s.)

Edited by mac_gyver
ginerjm Prolific Member

ginerjm

Posted
Posted (edited)
Quote

if the order of the posted code is actually what exists, your validation logic is after the point where you are inserting the data. how do you expect this to prevent the insert query from executing? you would need to validate the data first, then execute the insert query if there are no validation errors.

By the time I cleaned up the code I seem to have forgotten how it began and lost focus on what was being shown.  Yes - a horribly mis-arranged block of code that Mac_gyver has seen more clearly than I.  Kudos to him!

#abadon - may I ask what your second post is all about?  Looks like a screenshot of a PHPadmin table browse window which has nothing to do with the question.

Edited by ginerjm
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.