bigdspbandj Posted October 5, 2007 Share Posted October 5, 2007 Can anyone see what's wrong here? I am using a regular expression to validate the format of the date. It seems to only return false when the last item in my expected array (adv_seed) is the wrong format. If anything else is in the wrong format my error doesn't show up. None of the db items are being updated either (i've checked column names and everything matches. Please help!!! Thanks ! //if adv-edit is submitted, update record if (array_key_exists('advanced_edit', $_POST)) { //prepare items for insertion into database foreach ($_POST as $key => $value) { if (in_array($key, $adv_expected)) { ${$key} = mysql_real_escape_string($value); $iso_format = preg_match('{[0-9]{4}-[0-9]{2}-[0-9]{2}}', ${$key}); } } if ($iso_format == false) { $iso_error = "Please use the provided date format of yyyy-mm-dd"; $iso_error_main = "There was an error with the dates inputed in the \"Advanced Edit\" area"; } else { $sql = "UPDATE table SET date_new = '$adv_received', date_proofed = '$adv_proofed', date_approved = '$adv_approved', date_printed = '$adv_printed', date_inserted = '$adv_inserted', date_mailed = '$adv_mailed', date_seed = '$adv_seed' WHERE tracking_number = '$tracking_number'"; } } Quote Link to comment Share on other sites More sharing options...
MadTechie Posted October 5, 2007 Share Posted October 5, 2007 try this regex iso_format = preg_match('/[0-9]{4}-[0-9]{2}-[0-9]{2}/', ${$key}) Updated: messed it up EDIT: infact this is more correct iso_format = preg_match('/^[0-9]{4}-[0-9]{2}-[0-9]{2}$/', ${$key}) Quote Link to comment Share on other sites More sharing options...
bigdspbandj Posted October 5, 2007 Author Share Posted October 5, 2007 $iso_error is showing up even if the format is correct. Quote Link to comment Share on other sites More sharing options...
bigdspbandj Posted October 5, 2007 Author Share Posted October 5, 2007 That did the trick. Thanks my man! I am still having troubles with the record being updated though. Is it in my if else statement? Quote Link to comment Share on other sites More sharing options...
MadTechie Posted October 5, 2007 Share Posted October 5, 2007 welcome, please click solved bottom left Quote Link to comment Share on other sites More sharing options...
MadTechie Posted October 5, 2007 Share Posted October 5, 2007 the problem is here // see comments <?php foreach ($_POST as $key => $value) { if (in_array($key, $adv_expected)) { ${$key} = mysql_real_escape_string($value); $iso_format = preg_match('{[0-9]{4}-[0-9]{2}-[0-9]{2}}', ${$key}); //checks each item } }//loop ends if ($iso_format == false) { //outside the loop (so only checks the LAST item) ?> May i ask why your looping through the POST ?, do you know the element name you wish to check ? Quote Link to comment Share on other sites More sharing options...
bigdspbandj Posted October 5, 2007 Author Share Posted October 5, 2007 The form data is submitted through post. The script checks to see if there is a $_POST with the form data of advanced_edit. It loops through the adv_expected array (which contains the name of each field in the form). It then prepares the data for insertion. If the iso_format is in the wrong format it shouldn't run the query. If the format is ok the query should run. Quote Link to comment Share on other sites More sharing options...
MadTechie Posted October 5, 2007 Share Posted October 5, 2007 can you do a print_r($_POST); at the top of your script and post the results i assume you have a submit button value thats messing it up (if all the values MUST be date formatted) Quote Link to comment Share on other sites More sharing options...
bigdspbandj Posted October 5, 2007 Author Share Posted October 5, 2007 Array ( [adv_received] => 2007-09-05 [adv_proofed] => 2007-09-06 [adv_approved] => 0000-00-00 [adv_printed] => 0000-00-00 [adv_inserted] => 0000-00-00 [adv_mailed] => 0000-00-00 [adv_seed] => 2007-10-05 [advanced_edit] => Continue → ) That was a good call. How would I go about remedying this? Quote Link to comment Share on other sites More sharing options...
MadTechie Posted October 5, 2007 Share Posted October 5, 2007 ok read comments <?php //if adv-edit is submitted, update record if ( isset($_POST['advanced_edit']) ) { unset($_POST['advanced_edit']); //don't need this //prepare items for insertion into database $iso_format = true; foreach ($_POST as $key => $value) { if (in_array($key, $adv_expected)) { //Don't Filter yet (will messup the check) if( !preg_match('/^[0-9]{4}-[0-9]{2}-[0-9]{2}$/', $value) ) { //No point continuing, it failed $iso_format = false; break; }else{ //Thats OK, set the value for the SQL ${$key} = mysql_real_escape_string($value); } } } // === with true false value, (good pratice) if ($iso_format === true) //swapped (just seams right, === true) { $sql = "UPDATE table SET date_new = '$adv_received', date_proofed = '$adv_proofed', date_approved = '$adv_approved', date_printed = '$adv_printed', date_inserted = '$adv_inserted', date_mailed = '$adv_mailed', date_seed = '$adv_seed' WHERE tracking_number = '$tracking_number'"; }else { $iso_error = "Please use the provided date format of yyyy-mm-dd"; $iso_error_main = "There was an error with the dates inputed in the \"Advanced Edit\" area"; } } ?> of course its untested EDIT: bug fix Quote Link to comment Share on other sites More sharing options...
MadTechie Posted October 5, 2007 Share Posted October 5, 2007 Few extra words.. i am not sure but i think this line ${$key} = mysql_real_escape_string($value); may mess it up (on the insert), but i assume your attempting to protect yourself from SQL injections, but you have missed one thing..the fieldnames maybe try this $newkey = mysql_real_escape_string($key); ${$newkey} = mysql_real_escape_string($value); or (if the value is failing) $newkey = mysql_real_escape_string($key); ${$newkey} = $value; Quote Link to comment Share on other sites More sharing options...
bigdspbandj Posted October 5, 2007 Author Share Posted October 5, 2007 Haha. I feel really stupid, but I was forgetting to submit the query... I need sleep. Thank you very much, sir! Much learned! Solved! Quote Link to comment Share on other sites More sharing options...
MadTechie Posted October 5, 2007 Share Posted October 5, 2007 Welcome, please check the keys as well Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.