Jump to content

Posting information across three forms

Merdok

By Merdok
in PHP Coding Help

 Share

Recommended Posts

Merdok Member

Merdok

Posted
Posted
Hi Guys,

This is the last question and then my project is finally finished!  ;D

Ok so the idea is I have a form which posts data to another page, this page validates the data from the first form and then provides a 2nd form to allow an image upload, this form then sends ALL of the information to the final page which puts the data into the datbase. I'm not getting any errors at all during this process and the image from form 2 does upload to the server but nothing is going in the database, I'm pretty sure that the data is not getting past the first page but I have no idea on how to fix it.

here is the code:

First page -

[code]<?php session_start();

//---------------------------------- Step 1 -----------------------------------------------------------------
//-------------------------------------- Connect to the database ------------------------------------------
require_once('includes/conn_AWARD.php');
//-------------------------------- Step 2 ----------------------------------------------------------------
//-------------------- if a user has been sent from the front page then the ------------------------------
//------------------- get variable 'login' will be true or 1                -------------------------------

if ($_GET['login'] == 1){

//------------------------------- Step 2a -----------------------------------------------------------------

//--------------------- Collect the username and password --------------------------------------------------
if($_POST['username']){
$un = $_POST['username'];
}else if($_SESSION['username']){
$un = $_SESSION['username'];
}

//--------------------- Here we md5 the password to compare it to the --------------------------------------
//--------------------- md5 hash of the password stored in the databbase ------------------------------------
if($_POST['user_password']){
$pw = md5($_POST['user_password']);
}else if($_SESSION['user_password']){
$pw = $_SESSION['user_password'];
}

//--------------------- Step 2b ----------------------------------------------------------------------------

//------------- Query the database for the username record ---------------------------------------------

$login_query = "SELECT * FROM `phpbb_users` WHERE `username` = '$un'";
$result = mysql_query($login_query)or die("query error: ". mysql_error());

//--------------- Step 2c --------------------------------------------------------------------------------

//---- Check if any result was returned from the database -----------------------------------------------

if (mysql_num_rows($result) < 1)
{
//---------------------- if no result is returned then send the user back ---------------------------------
//---------------------- to the login screen with the "user not found" error ------------------------------

header("Location: http://" . $_SERVER['HTTP_HOST']. dirname($_SERVER['PHP_SELF']). "/admin.php?error=noUser");
exit;
}

else

{
//------------------------ Step 2d --------------------------------------------------------------------------

//----------- if a username is returned then compare the password record -----------------------------------
//------------ with the md5 of the input password ----------------------------------------------------------

$accountPass = mysql_result($result, 0, 'user_password');
if ($pw == $accountPass)
{
//-------------If the password matches then set the display variable to true -----------------------------

$display = 1;
}

else
{
//--------- Otherwise send them to the login screen with the "wrong password" error ----------------------

header("Location: http://" . $_SERVER['HTTP_HOST']. dirname($_SERVER['PHP_SELF']). "/admin.php?error=badPass");
exit;
}
}

// Step 3
// if a user has just registered then the 'register' variable
// will be set to true
}else if($_GET['register'] == 1){
$display = 1;
}

// Step 4
// if display is set to true then display the page
if ($display == 1){

// Step 4a
// get all the rows from the database
$listQuery = "SELECT * FROM `phpbb_users`";
$listResult = mysql_query($listQuery)or die("error fetching members list: ". mysql_error());
// Include the header information
include('template/header.php');
?>
<h1>ADD NEW COMICS</h1><br />
<p>Please use this form to add new comics, for security reasons users are not permitted to edit or delete existing comics, if you make a mistake please email wcdb@frfreedom.com with the details</p>
<br />
<form action="databox2.php" method="post" enctype="multipart/form-data" name="upload1">
  <table width="200" border="0" align="center">
    <tr>
      <td class="head">Comic Title </td>
      <td><input name="title" type="text" id="title"></td>
    </tr>
    <tr>
      <td class="head">Comic Series </td>
      <td><input name="series" type="text" id="series"></td>
    </tr>
    <tr>
      <td class="head">Group</td>
      <td><select name="group" id="group">
        <option selected="selected">Superman</option>
        <option>Batman</option>
        <option>Wonderwoman</option>
        <option>Spider-Man</option>
        <option>X-Men</option>
<option>Marvel Civil War</option>
<option>DC 52 Weeks</option>
        </select>
        </td>
    </tr>
    <tr>
      <td class="head">Issue Number </td>
      <td><input name="issue" type="text" id="issue"></td>
    </tr>
    <tr>
      <td class="head">Printed Year </td>
      <td><input name="printed" type="text" id="printed"></td>
    </tr>
    <tr>
      <td class="head">Published By </td>
      <td><input name="publisher" type="text" id="publisher"></td>
    </tr>
    <tr>
      <td colspan="2">
</td>
      </tr>
  </table>

   
      <div align="center">
        <input type="submit" name="Submit" value="Submit">
        </div>
      <label></label>
      </form></div></div></div>
</body>
</html>
<?php } ?>[/code]

second page -

[code]<?php session_start(); ?>
<?PHP
// Include the header information
include('template/header.php');

//-------------------------------------------------------- Validate the data for the first part of the form

 
//------------------------------- GET THE POSTED VALUES, CLEAN AND TRIM --------------------------------------
 
foreach($HTTP_POST_VARS as $varname => $value)

// $formVars[$varname] = trim(clean($value, 50));
 
//---------------------------------- Validation for title (not null) -----------------------------------------------------------

  if (empty($formVars["title"]))

//------------------------- TITLE CANNOT BE A NULL STRING (EMPTY) -------------------------
   
  $errorString .=
          "\n<br>The title field cannot be blank.";
 
//---------------------------------  Validation for series (not null)  ----------------------------------------------------------------

  if (empty($formVars["series"]))

//------------------------- SERIES CANNOT BE A NULL STRING (EMPTY) -------------------------------

      $errorString .=  "\n<br>The series field cannot be blank.";
 
//----------------------------------  Validation for issue number (not null)  ----------------------------------------------------------------

  if (empty($formVars["issue"]))
 
//------------------------- ISSUE CANNOT BE A NULL STRING (EMPTY) -----------------------------------

      $errorString .=
          "\n<br>The Issue number must be entered.";
 
//----------------------------------  Validation for printed year (not null)------------------------------------------------------------------------

  if (empty($formVars["printed"]))
 
//------------------------- PRINTED YEAR CANNOT BE A NULL STRING (EMPTY) ------------------------------------------

      $errorString .= "\n<br>You must enter the year of printing.";

//------------------------- VALIDATE THE DATE OF PRINTING IS THE CORRECT FORMAT --------------------  
 
  elseif (!ereg("^([0-9]{2})/([0-9]{2})/([0-9]{4})$", $formVars["printed"], $parts))
 
//------------------------- ERROR IF THE USERS DATE OF PRINTING IS NOT THE CORRECT FORMAT ------------

      $errorString .=
  "\n<br>The date of printing is not a valid date in the format DD/MM/YYYY"; 
 
//---------------------------------- Validation for publisher (not null) ----------------------------------------------------------

  if (empty($formVars["publisher"]))
 
//------------------------- PUBLISHER BE A NULL STRING (EMPTY) -------------------------

      $errorString .= "\n<br>You must supply a publisher.";
 
  ?>
 

<h1>PLEASE UPLOAD A FRONT COVER IMAGE</h1>
<p>Please try to keep front cover sized to 200 pixels high and 130 pixels wide, they will be resized to this size anyway but they will look a lot better if this isn't required. </p>
<br />

<form action="datahandler.php" method="post" enctype="multipart/form-data" name="form2">
  <table width="491" height="246" border="1" align="center">
          <tr class="head">
            <td colspan="3"><div align="center"><strong>Image Upload Form </strong></div></td>
    </tr>
          <tr class="searchbox">
            <td colspan="3">Browse a File to Up Load (File must be 1MB or less) </td>
    </tr>
          <tr class="searchbox">
            <td width="374" height="63"><input name="cover" type="file" size="50" id="cover"></td>
      <td width="101" colspan="2" rowspan="2"><div align="center">Preview?</div></td>
      </tr>
          <tr class="searchbox">
            <td><p>
              <input type="hidden" name="MAX_FILE_SIZE" value="<? echo $size_bytes; ?>">
              </p>      </tr>
        </table>

   
      <div align="center">
        <input type="submit" name="Submit" value="Submit">
        </div>
      <label></label>
      </form>
 
<?PHP

// Include the footer information
include('template/footer.php');
?>[/code]

Page 3 -

[code]<?php session_start(); ?>
<?php
// Connect to the Database
require_once('includes/conn_AWARD.php');
// Include the header information
include('template/header.php');
 
//---------------------------------------------Validation for the image uploader

//------------ Description -------------------------------------------------------------------------

//The Super Global Variable $_FILES is used in PHP 4.x.x.
//$_FILES['upload']['size'] ==> Get the Size of the File in Bytes.
//$_FILES['upload']['tmp_name'] ==> Returns the Temporary Name of the File.
//$_FILES['upload']['name'] ==> Returns the Actual Name of the File.
//$_FILES['upload']['type'] ==> Returns the Type of the File.

//So if I filetoupload the file 'test.doc', the $_FILES['upload']['name']
//would be 'phptut.doc' and $_FILES['upload']['type'] would be 'application/msword'.

//------------------------------------------------------------------------------------------------------

// this is the upload dir where files will go.
//Don't remove the /
//Chmod it (777)

//---------------------- Change to whatever you want.---------------------------------------------------

$upload_dir = "images/covers/"; 

//----------------------- Files less than 1MB -------------------------------------------------------------

$size_bytes = 1048576; //bytes  will be uploaded

//-------------------------Check if the directory exist or not --------------------------------------------


if (!is_dir("$upload_dir"))
{
die ("The directory <b>($upload_dir)</b> doesn't exist");
}


// ------------------ Check if the directory is writable. ---------------------------------------------------


if (!is_writeable("$upload_dir"))
{
        die ("The directory <b>($upload_dir)</b> is NOT writable, Please Chmod (777)");
}

//------------------------- Check first if a file has been selected
//------------------------- is_filetoupload_file('filename') returns true if
//------------------------- a file was filetoupload via HTTP POST. Returns false otherwise.



if (is_uploaded_file($_FILES['cover']['tmp_name']))
{

//------------------------------- Get the Size of the File -------------------------------------------------

$size = $_FILES['cover']['size'];

//----------------Make sure that $size is less than 1MB (1000000 bytes)--------------------------------------

if ($size > $size_bytes)

{
echo "File Too Large. Please try again.";
exit();
}

//-------------- $filename will hold the value of the file name submetted from the form.----------------------

$filename =  $_FILES['cover']['name'];

//--------------------- Check if file is Already EXISTS.------------------------------------------------------

if(file_exists($upload_dir.$filename))
{
  echo "The file named <b>$filename </b>already exists";
  exit();
}

//------------- Move the File to the Directory of your choice -----------------------------------------------
//--------------Move_filetoupload_file('filename','destination') Moves an filetoupload file to a new location.

if (move_uploaded_file($_FILES['cover']['tmp_name'],$upload_dir.$filename))
{

//-------------- Tell the user that the file has been filetoupload ---------------------------------------------
//
echo "File (<a href=$upload_dir$filename>$filename</a>) uploaded!";
//
// exit();
}
//
else
{
//
//----------------------------Print error -----------------------------------------------------------------------
echo "There was a problem moving your file";
exit();

}
}

//----------------- VALIDATION NOW FINISHED. CHECK IF THERE WERE ANY ERRORS ---------------------
//
if (!empty($errorString))
 
{

?>

<!-------------------------------------------------------------- SHOW THE USER ERRORS -------------------------------------->

<html>
<head>
<title>Comic Entry Validation</title>
<link href="standard.css" rel="stylesheet" type="text/css" media="screen">
</head>
<body bgcolor="white">
<h1>Data Validation error!</h1>

<?=$errorString?>

<br>

<!-------------------------------------------------- RETURN THE USER BACK TO THE FORM ----------------------------> 

<a href="databox.php">Add Another Comic</a> or
<a href="index.php">Return to the Home Page</a>

</body>
</html>

<!--------------------------------EXIT IF THERE IS AN ERROR IN THE CUSTOMER FORM -------------------------->

<?php 
 
      exit;
  }
else {
//--------------------------------------------------------------------- DATA IS VALID -------------------------------------------------
 
//------------------------------------------------- FORMAT THE DATE FOR THE DATABASE -------------------------------


  $dob = " \"$parts[3]-$parts[2]-$parts[1]\"";

//--------------------------------- INSERT DATA FROM CUSTOMER QUERY ------------------------------------------

$title = $formVars["title"];
$series = $formVars["series"];
$issue = $formVars["issue"];
$groups = $formVars["groups"];
$printed = $formVars["printed"];
$publisher = $formVars["publisher"];
$cover = $formVars["cover"];



  $query = "INSERT INTO comics(title, series, issue, groups, printed, publisher, cover)
VALUES ('$title',
  '$series',
  '$issue',
  '$printed',
  '$publsisher',
  '$cover')";


     
//------------------------------------------------- RUN THE QUERY ----------------------------------------------------------------

  if (!(@ mysql_query ($query, $connection))) // showerror(); 

//--------------------------------------------------------- GET THE CUSTOMER ID ------------------------------------------------

 
$custID = mysql_insert_id();

//---------------------------------------------------------- CLOSE THE CONNECTION --------------------------------------------


mysql_close();

//----------------------------------------------------------- CONFIRM CUSTOMER QUERY --------------------------------------

if($query)

{

echo "<h2>Thank you! $title Issue No. $issue from the $series series has been entered.</h2>\n";

}
}

?><?PHP
// Include the footer information
include('template/footer.php');
?>[/code]

any help would be appreciated.
Link to comment
Share on other sites
HuggieBear Member

HuggieBear

Posted
Posted
OK, did you write this code yourself or did a lot of it come from a different location, as you have mixed standards.

In some places you're using $_POST and in others $HTTP_POST_VARS.  These are different standards for achieving the same thing, so something has gotten mixed up along the way.

I'm not saying this is the problem, as the two can work happily alongside each other, but it does help to gauge how much you've changed the script if you didn't write it originally yourself.

Regards
Huggie
Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.