php !empty and !is_string and !strleng doesn't work with me.

[sayedsohail]

Hi,

 

I am trying to validate post variable (cname) but function doesn't do anything just insert the records in my table.  Any advise.

 

 

if(isset($_POST[submit]))
{

	if ((!empty($_POST[cname])) && (!is_string($_POST[cname])) && (!strlen(trim($_POST[cname])>30))) 
		{
		print 'Please Enter a valid company name';
		exit;
		}
	else
	{

	$q1 = "insert into clients (member_id, name, address_1, p_code, city, l_line, mobile) VALUES
	('".$_SESSION['SESS_MEMID']."', '$_POST[cname]','$_POST[address]','$_POST[postcode]', '$_POST[city]','$_POST[phone]',				'$_POST[mobile]')";
	mysql_query($q1) or die(mysql_error());
	print '<script>self.close()</script>';
	}

}

[sspoke]

try adding quotes to all $_POST[' ']'s  quotes mean strings after all

 

i mean

 

just make em all  $_POST['cname']

[sayedsohail]

I applied the $_post['phone'], still the same problem.

[sspoke]

sure you didn't miss

 

$_POST[submit]?  needs quotes too

 

ah but i see it gets in that nested if statement anyways just make sure all of them have quotes

[sayedsohail]

As you have noticed, the insert command is nested its just performing the insert wihtout doing the validation, the problem is at the validation, which i changed, still the same problem.

 

if(isset($_POST['submit']))
{

	if ((!empty($_POST['cname'])) && (!is_string($_POST['cname'])) && (!strlen(trim($_POST['cname'])>30))) 
		{
		print 'Please Enter a valid company name';
		exit;
		}
	else
	{

	$q1 = "insert into clients (member_id, name, address_1, p_code, city, l_line, mobile) VALUES
	('".$_SESSION['SESS_MEMID']."', '$_POST[cname]','$_POST[address]','$_POST[postcode]', '$_POST[city]','$_POST[phone]',				'$_POST[mobile]')";
	mysql_query($q1) or die(mysql_error());
	print '<script>self.close()</script>';
	}

}

[sspoke]

ya but your checks

fail so..well... try to add if not isset

 

if ((!isset($_POST['cname'])) && (!empty($_POST['cname'])) && (!is_string($_POST['cname'])) && (!strlen(trim($_POST['cname'])>30)))

 

[sayedsohail]

still the same.

[sspoke]

omg lol of course u using alot of AND operators use OR's

 

repalce all  &&'s  with  ||'s

 

with AND operators they all have to pass to make it go inside

 

wait i dont know im confused.. i lost what i was about to type

[sayedsohail]

all changed to or || statement. stillt he same.

[sspoke]

try leaving the cname blank in your form and click submit

[sayedsohail]

doe that still the same, here is my modified code

 

if (!isset($_POST['cname'])) || (!is_string($_POST['cname'])) ||(strlen(trim($_POST['cname'])>30)))

 

 

[JJohnsenDK]

it also shouldnt be if(!empty), im guessing that you want to print the error msg if the field is empty and not if it isnt empty... same with strlen.. and whats up with all () you dont have to start with ()

 

so this

 

if ((!empty($_POST['cname'])) && (!is_string($_POST['cname'])) && (!strlen(trim($_POST['cname'])>30)))

 

should be:

if (empty($_POST['cname']) && !is_string($_POST['cname']) && strlen(trim($_POST['cname'])>30))

 

also consider the use of || insted of &&...

[sayedsohail]

excatly copied the same still the sam problem. using || statement

here is the code

if(empty($_POST['cname']) || !is_string($_POST['cname']) || strlen(trim($_POST['cname'])>30))

[JJohnsenDK]

plz post all your code, including the form script...

[sayedsohail]

complete code is listed above except the form,  although else nested value doing the job and closing the page and adding a blank record in my sql table.  nesting have no problem, only the validation is not echo any errors, definately something wrong with my nexting or !empty and !is_string, !strlen problems.

 

 

 

if(isset($_POST['submit']))

{

 

if ((!empty($_POST['cname'])) && (!is_string($_POST['cname'])) && (!strlen(trim($_POST['cname'])>30)))

{

print 'Please Enter a valid company name';

exit;

}

else

{

 

$q1 = "insert into clients (member_id, name, address_1, p_code, city, l_line, mobile) VALUES

('".$_SESSION['SESS_MEMID']."', '$_POST[cname]','$_POST[address]','$_POST[postcode]', '$_POST[city]','$_POST[phone]', '$_POST[mobile]')";

mysql_query($q1) or die(mysql_error());

print '<script>self.close()</script>';

}

 

}

[sspoke]

a $POST can still be not empty and not set

 

always use isset() first on all of em thats why they enter as blanks in your db

[JJohnsenDK]

i would like to see the form plz..

[sayedsohail]

Here is the form

 

<form action="<?php  $_SERVER['PHP_SELF'] ?>" method="post" >

<TR>

<td>Company Name </td>

    <td><input type='text' name='cname' value='<?php echo $_POST['cname']?>'> </td>

 

</tr>

<tr><input type='submit' name ='submit' value='Save!'/></tr>

</form>

[sspoke]

your missing a echo at your PHP_SELF

[sayedsohail]

echo added, still the same.

[sspoke]

what can i say that shit is fucked up bro  its beyond understanding

 

 

wait just a second i dont even see a submit button rofl

[JJohnsenDK]

i dont see a submit button in your form script?

 

if you dont have a submit button named submit you cant use:

 

if(isset($_POST['submit']))

 

....

[sayedsohail]

sorry for missing submit. it was due to copy paste stuff. actually submit button exists in my form.

[JJohnsenDK]

Then are is only one thing left to do, cut down the conditions... like this to check which condition is fcked...

 

if(isset($_POST['submit']))

{

 

      if (empty($_POST['cname'])

        {

        print 'Please Enter a valid company name';

        exit;

        }

      else

      {

 

      $q1 = "insert into clients (member_id, name, address_1, p_code, city, l_line, mobile) VALUES

      ('".$_SESSION['SESS_MEMID']."', '$_POST[cname]','$_POST[address]','$_POST[postcode]', '$_POST[city]','$_POST[phone]',            '$_POST[mobile]')";

      mysql_query($q1) or die(mysql_error());

      print '<script>self.close()</script>';

      }

 

}

 

this should print the error if there is something type in the field...

 

[sayedsohail]

The empty funtion works fine, !is_string is the problem, when i enter values ie., xyz 123, it doesn't validate and the white space,  any function to padd the white spaces. such as trim(), although trim can only padd left and rigth spaces how do i padd values in between two values i.e., xyz 123.