Jump to content

[SOLVED] Check form for required details before mysql insert

beesfan_london

By beesfan_london
in PHP Coding Help

 Share

Recommended Posts

beesfan_london Newbie

beesfan_london

Posted
Posted

Hi, i'm pretty new to php and mysql so please go easy on me. I'm making a script that will let the users of my site enter information into a form and then submit it to a database. I've created the database and set up an sql user account that's only allowed to insert to a specific table so that's all ok. The thing i'm having trouble with, is checking the required forms have been filled in. I don't need to do any reqular expression matches on any of the inputs, i just need to let the user know when they've missed out a required field and to stop the script if they haven't.

 

I know this could have tons of different methods, i'm after something basic that will give me an idea how to do it as a beginner.

 

Are there any turtorials or guides on the net that will give me the information i need?

 

Oh, i'm aware the sql part of the code isn't complete. Please remember i'm somewhat of a php noob so go easy. :D

 

I'm also planning on setting up an array for all the manufacturers so the form isn't quite so big...

 

Thanks

 

 

<?php 






if (isset($_POST['submitted'])) {

$manufacturer = mysql_escape_string(trim($_POST['manufacturer']));
$model = mysql_escape_string(trim($_POST['model']));
$capacity = mysql_escape_string(trim($_POST['capacity']));
$year = mysql_escape_string(trim($_POST['year']));
$part_one = mysql_escape_string(trim($_POST['part_one']));
$part_two = mysql_escape_string(trim($_POST['part_two']));
$part_three = mysql_escape_string(trim($_POST['part_three']));
$part_four = mysql_escape_string(trim($_POST['part_four']));
$part_five = mysql_escape_string(trim($_POST['part_five']));
$full_name = mysql_escape_string(trim($_POST['full_name']));
$telephone = mysql_escape_string(trim($_POST['telephone']));
$alt_telephone = mysql_escape_string(trim($_POST['alt_telephone']));
$email = mysql_escape_string(trim($_POST['email']));
$contact_by = mysql_escape_string(trim($_POST['contact_by']));
$comments = mysql_escape_string(trim($_POST['comments']));
$status = $_POST['status'];
$sent  = $_POST['sent'];
$rid  = $_POST['rid'];

     
  // This is the SQL part of the code
  $dbid = mysql_connect ('localhost', 'blah', 'blah', 'blh');
          mysql_select_db('blah',$dbid) 
          or die ("Cannot find database");

  $query = "INSERT INTO `blah` (`blah`, `blah`, `blah`, `blah`, `blah`, `blah`, `blah`) VALUES ('', '$blah', '$blah', '$blah', '$blah', '$blah', '$blah')";
  $result = mysql_query($query,$dbid) 
   or die("INSERT error:".mysql_error());

  // some sort of redirect will go here....
  exit;
}

?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> 

<html>
<head>
<title>Request Submission Page</title>
</head>
<body>
<form enctype="multipart/form-data" method="post" action="homepage.php">
<!--Make & Model Begin-->
Manufacturer (Required):  
<select name="manufacturer">
        <option value="" SELECTED>
        <option value="1">Aprilia
        <option value="Benelli">Benelli
	<option value="Beta">Beta
	<option value="Bimota">Bimota
	<option value="BMW">BMW
	<option value="BSA">BSA	
	<option value="Buell">Buell
	<option value="BMW">BMW
	<option value="Cagiva"> Cagiva
	<option value="CCM">CCM
	<option value="Derbi">Derbi
	<option value="Ducati">Ducati
	<option value="Enfield">Enfield
	<option value="Gillera">Gilera
	<option value="Harley-Davidson">Harley-Davidson
	<option value="Honda">Honda
	<option value="Husqvarna">Husqvarna
	<option value="Hyosung">Hyosung
	<option value="Italijet">Italijet
	<option value="Kawasaki">Kawasaki
	<option value="Kymco">Kymco
	<option value="Laverda">Laverda
	<option value="Moto Guzzi">Moto Guzzi
	<option value="MV Agusta">MV Agusta
	<option value="MZ">MZ
	<option value="Norton">Norton
	<option value="NRG">NRG
	<option value="Peugeot">Peugeot
	<option value="Sachs">Sachs
	<option value="Suzuki">Suzuki
	<option value="Triumph">Triumph
	<option value="Vespa">Vespa
	<option value="Yamaha">Yamaha		
</select><br>
Model (Required):<input type="text" name="model"><br>
Engine Size (cc):<input type="text" name="capacity"><br>
Year (Required): 
<?php echo '<select name="year">';
echo"<option value=\"/\"></option>";
for($x = 1950; $x <= 2007; $x++)
{
echo "<option value=$x>$x</option>";
}
echo "</option>";
?>
<!-- Make & Model End -->
<br><br>

<!-- Parts Begin-->	
Part One (Required):<input type="text" name="part_one"><br>
Part Two:<input type="text" name="part_two"><br>
Part Three:<input type="text" name="part_three"><br>
Part Four:<input type="text" name="part_four"><br>
Part Five:<input type="text" name="part_five"><br>
<!--Parts End-->
<br><br>

<!--Details Begin-->
Full Name (Required):<input type="text" name="full_name"><br>
Telephone:<input type="text" name="telephone"><br>
Alternative Telephone:<input type="text" name="alt_telephone"><br>
E-mail Address:<input type="text" name="email"><br>
Contact Me By:
<input type="radio" name="contact_by" value="Email">Email
<input type="radio" name="contact_by" value="Telephone">Telephone<br> 
Area:
<select name="area">
        <option value="" SELECTED>
        <option value="Northern Ireland">Northern Ireland
        <option value="Southern Ireland">Southern Ireland
	<option value="Midlands">Midlands
	<option value="North East">North East
	<option value="North West">North West
	<option value="South East">South East
	<option value="South West">South West
	<option value="Scotland">Scotland
	<option value="Wales">Wales
	<option value="Outside UK">Outside UK
     </select><br>
     Comments:<textarea rows="5" cols="30" name="comments" value="comments"></textarea>
<!-- Details End -->	
<!-- Hidden Fields Begin -->
<input type="hidden" name="status" value="unchecked" />
<input type="hidden" name="sent" value="no" />
<input type="hidden" name="rid" value="1" />
<!-- Hidden Fields End -->



<br><br>

<input type="submit" name="submitted" value="Submit" ></td></tr>


</form>
</body>
</html>

 

Link to comment
Share on other sites
dhimok Member

dhimok

Posted
Posted 

<?php 
if (isset($_POST['submitted'])) {

$manufacturer = mysql_escape_string(trim($_POST['manufacturer']));
$model = mysql_escape_string(trim($_POST['model']));
$capacity = mysql_escape_string(trim($_POST['capacity']));
        // and so on

        $errors = array();
        
        if(empty($manufacturer) || $manufacturer == "") {
          $errors[] = 'Field manufacturers is required';
        }

        if(empty($model) || $model == "") {
          $errors[] = 'Field model is required';
        }

        // end so on all fields you need to check

         if(count($errors == 0)) {

          // insert to database and redirect

         } 
}
          
?>

 

Then on the page where u have the form

 

<?php 
if (isset($_POST['submitted']) && count($errors) > 0) {

echo '<strong>The following fields need to be corrected:</strong><br />';
foreach($errors as $err => $val) {
  echo $val . '<br />';
}
}
?>

Link to comment
Share on other sites
dhimok Member

dhimok

Posted
Posted

You can use this code to strip the html tags from being submitted. You make a function

 

// strip out html
function stripHtml($text) {
$stripStr = array('@<[\\/\\!]*?[^<>]*?>@si',      // Strip out HTML tags
                    '@<style[^>]*?>.*?</style>@siU',  // Strip style tags properly
	    '@<script[^>]*?>.*?</script>@si', // Strip out javascript
	    '@<![\\s\\S]*?--[ \\t\\n\\r]*>@'  // Strip multi-line comments including CDATA
				);    
    return preg_replace($stripStr, "", $text);
}

 

and then define the variables like this

$manufacturer = stripHtml(trim($_POST['manufacturer']))

 

 

Link to comment
Share on other sites
beesfan_london Newbie

beesfan_london

Posted
  • Author
Posted

I've made some changes to my code.... could you take a look and let me know if i'm heading in the right direction? Also, can you spot anything wrong with the insert query? It's giving me the following error....

 

INSERT error:Unknown column '' in 'field list'

 

I've looked and looked again and all the fields in the query are in the database.....I'm wondering if i've made some silly mistake with the syntax...

 


<?php 

if (isset($_POST['submitted'])) {

// Clean up the bike details
$manufacturer = mysql_escape_string(trim($_POST['manufacturer']));
$model = mysql_escape_string(trim($_POST['model']));
$capacity = mysql_escape_string(trim($_POST['capacity']));
$year = mysql_escape_string(trim($_POST['year']));
  
    // Clean up the parts 
    $part_one = mysql_escape_string(trim($_POST['part_one']));
    $part_two = mysql_escape_string(trim($_POST['part_two']));
    $part_three = mysql_escape_string(trim($_POST['part_three']));
    $part_four = mysql_escape_string(trim($_POST['part_four'])); 
    $part_five = mysql_escape_string(trim($_POST['part_five']));

// Clean up the personal details, some of these don't need cleaning up, i.e the contact prefrence
$full_name = mysql_escape_string(trim($_POST['full_name']));
$telephone = mysql_escape_string(trim($_POST['telephone']));
$alt_telephone = mysql_escape_string(trim($_POST['alt_telephone']));
$email = mysql_escape_string(trim($_POST['email']));
    $area = mysql_escape_string(trim($_POST['area']));
    
    // Fields that do not need cleaning up
    $status = $_POST['status'];
    $sent = $_POST['sent'];
    $contact_by = $_POST['contact_by'];
    $rid = $_POST['rid'];   
    
    // Check for required fields
    $errors = array();
    
    if(empty($manufacturer) || $manufacturer == "") {
          $errors[] = 'Please select a manafacturer';
    }      
    
    if(empty($model) || $model == "") {
          $errors[] = 'Please enter a model';
    }

if(empty($year) || $year == "") {
          $errors[] = 'Please select a year';
    }
    
    if(empty($part_one) || $part_one == "") {
          $errors[] = 'Please enter at least one part';
    }
     
    if(empty($full_name) || $full_name == "") {
          $errors[] = 'Please enter your name';
    } 
    
    if(empty($email) || $email == "") {
          $errors[] = 'Please enter your email address';
    } 
     
    // Do we have any errors? 
    if(count($errors == 0)) {

// If we don't, run the insert query
    $dbid = mysql_connect ('localhost', 'username', 'password');
        mysql_select_db('database',$dbid) 
        or die ("Cannot find database");

$query = "INSERT INTO `request_data` (`rid`, `manufacturer`, `model`, `capacity`, `year`, `part_one`, `part_two`, `part_three`, `part_four`, `part_five`, `full_name`, `telephone`, `alt_telephone`, `email`, `contact_pref`, `area`, `status`, `sent`) VALUES ('$rid', '$manufacturer', '$model', '$capacity', '$year', '$part_one', '$part_two', `$part_three`, `$part_four`, `$part_five`, `$full_name`, `$telephone`, `$alt_telephone`, `$email`, `$contact_by`, `$area`, `$status`, `$sent`)";
$result = mysql_query($query,$dbid) 
or die("INSERT error:".mysql_error());

// If all is cool, this will redirect to a thank you page.
echo 'Form submitted';
  exit;

    } 
}

?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> 

<html>
<head>
<title>Request Submission Page</title>
</head>
<body>
<form enctype="multipart/form-data" method="post" action="">
<!--Make & Model Begin-->
Manufacturer (Required):  
<select name="manafacturer">
        <option value="" SELECTED>
        <option value="1">Aprilia
        <option value="Benelli">Benelli
	<option value="Beta">Beta
	<option value="Bimota">Bimota
	<option value="BMW">BMW
	<option value="BSA">BSA	
	<option value="Buell">Buell
	<option value="BMW">BMW
	<option value="Cagiva"> Cagiva
	<option value="CCM">CCM
	<option value="Derbi">Derbi
	<option value="Ducati">Ducati
	<option value="Enfield">Enfield
	<option value="Gillera">Gilera
	<option value="Harley-Davidson">Harley-Davidson
	<option value="Honda">Honda
	<option value="Husqvarna">Husqvarna
	<option value="Hyosung">Hyosung
	<option value="Italijet">Italijet
	<option value="Kawasaki">Kawasaki
	<option value="Kymco">Kymco
	<option value="Laverda">Laverda
	<option value="Moto Guzzi">Moto Guzzi
	<option value="MV Agusta">MV Agusta
	<option value="MZ">MZ
	<option value="Norton">Norton
	<option value="NRG">NRG
	<option value="Peugeot">Peugeot
	<option value="Sachs">Sachs
	<option value="Suzuki">Suzuki
	<option value="Triumph">Triumph
	<option value="Vespa">Vespa
	<option value="Yamaha">Yamaha		
</select><br>
Model (Required):<input type="text" name="model"><br>
Engine Size (cc):<input type="text" name="capacity"><br>
Year (Required): 
<?php echo '<select name="year">';
echo"<option value=\"/\"></option>";
for($x = 1950; $x <= 2007; $x++)
{
echo "<OPTION VALUE=$x>$x</OPTION>";
}
echo "</SELECT>";
?>
<!-- Make & Model End -->
<br><br>

<!-- Parts Begin-->	
Part One (Required):<input type="text" name="part_one"><br>
Part Two:<input type="text" name="part_two"><br>
Part Three:<input type="text" name="part_three"><br>
Part Four:<input type="text" name="part_four"><br>
Part Five:<input type="text" name="part_five"><br>
<!--Parts End-->
<br><br>

<!--Details Begin-->
Full Name (Required):<input type="text" name="full_name"><br>
Telephone:<input type="text" name="telephone"><br>
Alternative Telephone:<input type="text" name="alt_telephone"><br>
E-mail Address:<input type="text" name="email"><br>
Contact Me By:
<input type="radio" name="contact_by" value="Email">Email
<input type="radio" name="contact_by" value="Telephone">Telephone<br> 
Area:
<select name="area">
        <option value="" SELECTED>
        <option value="Northern Ireland">Northern Ireland
        <option value="Southern Ireland">Southern Ireland
	<option value="Midlands">Midlands
	<option value="North East">North East
	<option value="North West">North West
	<option value="South East">South East
	<option value="South West">South West
	<option value="Scotland">Scotland
	<option value="Wales">Wales
	<option value="Outside UK">Outside UK
     </select><br>
     Comments:<textarea rows="5" cols="30" value="comments"></textarea>
<!-- Details End -->	
<!-- Hidden Fields Begin -->
<input type="hidden" name="status" value="unchecked" />
<input type="hidden" name="sent" value="no" />
<input type="hidden" name="rid" value="" />
<!-- Hidden Fields End -->



<br><br>
<?php 
if (isset($_POST['submitted']) && count($errors) > 0) {

echo '<strong>The following fields need to be corrected:</strong><br />';
foreach($errors as $err => $val) {
  echo $val . '<br />';
}
}
?>
<input type="submit" name="submitted" value="Submit" ></td></tr>




</form>
</body>
</html>

Link to comment
Share on other sites
dhimok Member

dhimok

Posted
Posted

I wonder what field rid represents. If it is a primary key then remove it from insert query, also the value.

 

You can also make some modifications to the error code where it says:

 

// Do we have any errors? 
    if(count($errors == 0)) {
    // do insert query, redirect
   } else {
   return false;
  }

 

I mean you add this

 

else {

  return false;

  }

Link to comment
Share on other sites
beesfan_london Newbie

beesfan_london

Posted
  • Author
Posted

I've changed the INSERT query so it's only submitting one piece of data but it's still chucking out the following error

 

INSERT error:Unknown column '' in 'field list'

 

I've had a look in the db and it is defo there,

 

$dbid = mysql_connect ('localhost', 'username', 'password');
        mysql_select_db('database',$dbid) 
        or die ("Cannot find database");

$query = "INSERT INTO `request_data` (`manufacturer`) VALUES (`$manufacturer`)";
$result = mysql_query($query,$dbid) 
or die("INSERT error:".mysql_error());

// If all is cool, this will redirect to a thank you page.
echo 'Form submitted';
  exit;

Link to comment
Share on other sites
beesfan_london Newbie

beesfan_london

Posted
  • Author
Posted

I have it working now, well it's submitting all the data to the database. Would you be able to tell me why the script isn't displaying the error message when the required data isn't entered?

 

 

I've attached the whole script so you can take another look.

 

Thanks very very much.

 



<?php 

#TheSparesNetwork v0.1
#Andrew Taylor andrewtayloruk@gmail.com

if (isset($_POST['submitted'])) {

// Clean up the bike details
$manufacturer = mysql_escape_string(trim($_POST['manufacturer']));
$model = mysql_escape_string(trim($_POST['model']));
$capacity = mysql_escape_string(trim($_POST['capacity']));
$year = mysql_escape_string(trim($_POST['year']));
  
    // Clean up the parts 
    $part_one = mysql_escape_string(trim($_POST['part_one']));
    $part_two = mysql_escape_string(trim($_POST['part_two']));
    $part_three = mysql_escape_string(trim($_POST['part_three']));
    $part_four = mysql_escape_string(trim($_POST['part_four'])); 
    $part_five = mysql_escape_string(trim($_POST['part_five']));

// Clean up the personal details, some of these don't need cleaning up, i.e the contact prefrence
$full_name = mysql_escape_string(trim($_POST['full_name']));
$telephone = mysql_escape_string(trim($_POST['telephone']));
$alt_telephone = mysql_escape_string(trim($_POST['alt_telephone']));
$email = mysql_escape_string(trim($_POST['email']));
    $area = mysql_escape_string(trim($_POST['area']));
    
    // Fields that do not need cleaning up
    $status = $_POST['status'];
    $sent = $_POST['sent'];
    $contact_pref = $_POST['contact_pref'];
      
    
    // Check for required fields
    $errors = array();
    
    if(empty($manufacturer) || $manufacturer == "") {
          $errors[] = 'Please select a manafacturer';
    }      
    
    if(empty($model) || $model == "") {
          $errors[] = 'Please enter a model';
    }

if(empty($year) || $year == "") {
          $errors[] = 'Please select a year';
    }
    
    if(empty($part_one) || $part_one == "") {
          $errors[] = 'Please enter at least one part';
    }
     
    if(empty($full_name) || $full_name == "") {
          $errors[] = 'Please enter your name';
    } 
    
    if(empty($email) || $email == "") {
          $errors[] = 'Please enter your email address';
    } 
     
    // Do we have any errors? 
    if(count($errors == 0)) {

// If we don't, run the insert query
    $dbid = mysql_connect ('localhost', 'usernamer', 'password');
          mysql_select_db('database',$dbid) 
          or die ("Cannot find database");

  $query = "INSERT INTO `request_data` (`req_id`, `manufacturer`, `model`, `capacity`, `year`, `part_one`, `part_two`, `part_three`, `part_four`, `part_five`, `full_name`, `telephone`, `alt_telephone`, `email`, `contact_pref`, `area`, `status`, `sent`) VALUES ('', '$manufacturer', '$model', '$capacity', '$year', '$part_one', '$part_two', '$part_three', '$part_four', '$part_five', '$full_name', '$telephone', '$alt_telephone', '$email', '$contact_pref', '$area', '$status', '$sent')";
  $result = mysql_query($query,$dbid) 
   or die("INSERT error:".mysql_error());


// If all is cool, this will redirect to a thank you page.
  echo 'Form submitted';
  exit;
}

else {
   		return false;
}



    
   

}

?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> 

<html>
<head>
<title>Request Submission Page</title>
</head>
<body>

<?php 
if (isset($_POST['submitted']) && count($errors) > 0) {

echo '<strong>The following fields need to be corrected:</strong><br />';
foreach($errors as $err => $val) {
  echo $val . '<br />';
}
}
?>


<form enctype="multipart/form-data" method="post" action="">

<!--Make & Model Begin-->
Manufacturer (Required):  
<select name="manufacturer">
        <option value="" SELECTED>
        <option value="Aprilia">Aprilia
        <option value="Benelli">Benelli
	<option value="Beta">Beta
	<option value="Bimota">Bimota
	<option value="BMW">BMW
	<option value="BSA">BSA	
	<option value="Buell">Buell
	<option value="BMW">BMW
	<option value="Cagiva"> Cagiva
	<option value="CCM">CCM
	<option value="Derbi">Derbi
	<option value="Ducati">Ducati
	<option value="Enfield">Enfield
	<option value="Gillera">Gilera
	<option value="Harley-Davidson">Harley-Davidson
	<option value="Honda">Honda
	<option value="Husqvarna">Husqvarna
	<option value="Hyosung">Hyosung
	<option value="Italijet">Italijet
	<option value="Kawasaki">Kawasaki
	<option value="Kymco">Kymco
	<option value="Laverda">Laverda
	<option value="Moto Guzzi">Moto Guzzi
	<option value="MV Agusta">MV Agusta
	<option value="MZ">MZ
	<option value="Norton">Norton
	<option value="NRG">NRG
	<option value="Peugeot">Peugeot
	<option value="Sachs">Sachs
	<option value="Suzuki">Suzuki
	<option value="Triumph">Triumph
	<option value="Vespa">Vespa
	<option value="Yamaha">Yamaha		
</select><br>
Model (Required):<input type="text" name="model"><br>
Engine Size (cc):<input type="text" name="capacity"><br>
Year (Required): 
<?php echo '<select name="year">';
echo"<option value=\"/\"></option>";
for($x = 1950; $x <= 2007; $x++)
{
echo "<OPTION VALUE=$x>$x</OPTION>";
}
echo "</SELECT>";
?>
<!-- Make & Model End -->
<br><br>

<!-- Parts Begin-->	
Part One (Required):<input type="text" name="part_one"><br>
Part Two:<input type="text" name="part_two"><br>
Part Three:<input type="text" name="part_three"><br>
Part Four:<input type="text" name="part_four"><br>
Part Five:<input type="text" name="part_five"><br>
<!--Parts End-->
<br><br>

<!--Details Begin-->
Full Name (Required):<input type="text" name="full_name"><br>
Telephone:<input type="text" name="telephone"><br>
Alternative Telephone:<input type="text" name="alt_telephone"><br>
E-mail Address:<input type="text" name="email"><br>
Contact Me By:
<input type="radio" name="contact_pref" value="Email">Email
<input type="radio" name="contact_pref" value="Telephone">Telephone<br> 
Area:
<select name="area">
        <option value="" SELECTED>
        <option value="Northern Ireland">Northern Ireland
        <option value="Southern Ireland">Southern Ireland
	<option value="Midlands">Midlands
	<option value="North East">North East
	<option value="North West">North West
	<option value="South East">South East
	<option value="South West">South West
	<option value="Scotland">Scotland
	<option value="Wales">Wales
	<option value="Outside UK">Outside UK
     </select><br>
     Comments:<textarea rows="5" cols="30" value="comments"></textarea>
<!-- Details End -->	
<!-- Hidden Fields Begin -->
<input type="hidden" name="status" value="unchecked" />
<input type="hidden" name="sent" value="no" />

<!-- Hidden Fields End -->



<br><br>
<?php 
if (isset($_POST['submitted']) && count($errors) > 0) {

echo '<strong>The following fields need to be corrected:</strong><br />';
foreach($errors as $err => $val) {
  echo $val . '<br />';
}
}
?>
<br><br>
<input type="submit" name="submitted" value="Submit" ></td></tr>




</form>
</body>
</html>

Link to comment
Share on other sites
beesfan_london Newbie

beesfan_london

Posted
  • Author
Posted

I've got the error code working so it displays the error messages when the required information is missing. One problem i'm having is getting the $year_error coming up when a year isn't entered. If i change the variable to $part_error it displays that error message correctly but as soon as i change it to year it isn't coming up. Any ideas? One other thing, the redirect isn't redirecting when the form is submitted, why is this?

 

 

The code is below.

 

Thanks

 


<?php 

if (isset($_POST['submitted'])) {

$valid = 1;

// Pike details
$manufacturer = mysql_escape_string(trim($_POST['manufacturer']));
	if ( empty($manufacturer) ) {
		$valid = 0;
		$manufacturer_error = 'Please select a manufacturer.';
	}

$model = mysql_escape_string(trim($_POST['model']));
	if ( empty($model) ) {
		$valid = 0;
		$model_error = 'Please enter the model of bike..';
	}

$capacity = mysql_escape_string(trim($_POST['capacity']));

$year = mysql_escape_string(trim($_POST['year']));
  		if ( empty($year) ) {
		$valid = 0;
		$year_error = 'Please select a year.';
	}
  
  
  
    // Parts 
    $part_one = mysql_escape_string(trim($_POST['part_one']));
    	if ( empty($part_one) ) {
		$valid = 0;
		$part_error = 'Please enter a part.';
	}
    
    $part_two = mysql_escape_string(trim($_POST['part_two']));
    $part_three = mysql_escape_string(trim($_POST['part_three']));
    $part_four = mysql_escape_string(trim($_POST['part_four'])); 
    $part_five = mysql_escape_string(trim($_POST['part_five']));

// Personal details, some of these don't need cleaning up, i.e the contact prefrence
$full_name = mysql_escape_string(trim($_POST['full_name']));
	if ( empty($full_name) ) {
		$valid = 0;
		$name_error = 'Please enter a name.';
	}

$telephone = mysql_escape_string(trim($_POST['telephone']));
$alt_telephone = mysql_escape_string(trim($_POST['alt_telephone']));
$email = mysql_escape_string(trim($_POST['email']));
    	if ( empty($email) ) {
		$valid = 0;
		$email_error = 'Please enter an email address.';
	}
    
    $area = mysql_escape_string(trim($_POST['area']));
    
    // Fields that do not need cleaning up
    $status = $_POST['status'];
    $sent = $_POST['sent'];
    $contact_pref = $_POST['contact_pref'];
      
    // Do we have errors?  
    if ( $valid == 1 ) {
    

// If we don't, run the insert query
    $dbid = mysql_connect ('localhost', 'username', 'password');
          mysql_select_db('database',$dbid) 
          or die ("Cannot find database");

  $query = "INSERT INTO `request_data` (`req_id`, `manufacturer`, `model`, `capacity`, `year`, `part_one`, `part_two`, `part_three`, `part_four`, `part_five`, `full_name`, `telephone`, `alt_telephone`, `email`, `contact_pref`, `area`, `status`, `sent`) VALUES ('', '$manufacturer', '$model', '$capacity', '$year', '$part_one', '$part_two', '$part_three', '$part_four', '$part_five', '$full_name', '$telephone', '$alt_telephone', '$email', '$contact_pref', '$area', '$status', '$sent')";
  $result = mysql_query($query,$dbid) 
   or die("INSERT error:".mysql_error());


// If all is cool, this will redirect to a thank you page.
  header ("Location: http://www.google.com");
  exit;
  
  }

}

?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> 

<html>
<head>
<title>Request Submission Page</title>
</head>
<body>

<form enctype="multipart/form-data" method="post" action="">

<!--Make & Model Begin-->
Manufacturer (Required):  
<select name="manufacturer">
        <option value="" SELECTED>
        <option value="Aprilia">Aprilia
        <option value="Benelli">Benelli
	<option value="Beta">Beta
	<option value="Bimota">Bimota
	<option value="BMW">BMW
	<option value="BSA">BSA	
	<option value="Buell">Buell
	<option value="BMW">BMW
	<option value="Cagiva"> Cagiva
	<option value="CCM">CCM
	<option value="Derbi">Derbi
	<option value="Ducati">Ducati
	<option value="Enfield">Enfield
	<option value="Gillera">Gilera
	<option value="Harley-Davidson">Harley-Davidson
	<option value="Honda">Honda
	<option value="Husqvarna">Husqvarna
	<option value="Hyosung">Hyosung
	<option value="Italijet">Italijet
	<option value="Kawasaki">Kawasaki
	<option value="Kymco">Kymco
	<option value="Laverda">Laverda
	<option value="Moto Guzzi">Moto Guzzi
	<option value="MV Agusta">MV Agusta
	<option value="MZ">MZ
	<option value="Norton">Norton
	<option value="NRG">NRG
	<option value="Peugeot">Peugeot
	<option value="Sachs">Sachs
	<option value="Suzuki">Suzuki
	<option value="Triumph">Triumph
	<option value="Vespa">Vespa
	<option value="Yamaha">Yamaha		
</select>
<?php echo $manufacturer_error; ?><br>

Model (Required):<input type="text" name="model">
<?php echo $model_error; ?><br>


Engine Size (cc):<input type="text" name="capacity"><br>

Year (Required): 
<?php echo '<select name="year">';
echo"<option value=\"/\"></option>";
for($x = 1950; $x <= 2007; $x++)
{
echo "<option value=$x>$x</option>";
}
echo "</select> ";
echo $year_error;
?>
<br>


<!-- Make & Model End -->
<br><br>

<!-- Parts Begin-->	
Part One (Required):<input type="text" name="part_one">
<?php echo $part_error; ?><br>

Part Two:<input type="text" name="part_two"><br>
Part Three:<input type="text" name="part_three"><br>
Part Four:<input type="text" name="part_four"><br>
Part Five:<input type="text" name="part_five"><br>
<!--Parts End-->
<br><br>

<!--Details Begin-->
Full Name (Required):<input type="text" name="full_name">
<?php echo $name_error; ?><br>

Telephone:<input type="text" name="telephone"><br>
Alternative Telephone:<input type="text" name="alt_telephone"><br>

E-mail Address (Required):<input type="text" name="email">
<?php echo $email_error; ?><br>

Contact Me By:
<input type="radio" name="contact_pref" value="Email">Email
<input type="radio" name="contact_pref" value="Telephone">Telephone<br> 
Area:
<select name="area">
        <option value="" SELECTED>
        <option value="Northern Ireland">Northern Ireland
        <option value="Southern Ireland">Southern Ireland
	<option value="Midlands">Midlands
	<option value="North East">North East
	<option value="North West">North West
	<option value="South East">South East
	<option value="South West">South West
	<option value="Scotland">Scotland
	<option value="Wales">Wales
	<option value="Outside UK">Outside UK
     </select><br>
     Comments:<textarea rows="5" cols="30" value="comments"></textarea>
<!-- Details End -->	
<!-- Hidden Fields Begin -->
<input type="hidden" name="status" value="unchecked" />
<input type="hidden" name="sent" value="no" />

<!-- Hidden Fields End -->




<br><br>
<input type="submit" name="submitted" value="Submit" ></td></tr>




</form>
</body>
</html>

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.