yobo Posted January 18, 2008 Share Posted January 18, 2008 Hey, i have a strange problem with my coding some of my validation works and my email validation does not, for example when i leave the form fileds empty and click submit it says fileds names can not be blank, now when i enter data into the field names including the email input box and submit the data it says user created as well as saying invalid email? please can you help <?php /** * @author Cobra Internet * @copyright 2008 */ $dbcon = mysql_connect('localhost', 'root'); if (!$dbcon) { exit('<p> unable to connect to the database server at this time </p>'); } if (!@mysql_select_db('website')) { exit('<p>unable to locate the joke database</p>'); } if($_SERVER['REQUEST_METHOD'] == "POST"){ //if the form was posted then only do something.... $firstname = mysql_real_escape_string($_POST['firstname']); $lastname = mysql_real_escape_string($_POST['lastname']); $email = mysql_real_escape_string($_POST['email']); $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string(md5($_POST ['password'])); //Validate the Email Address $email=$_POST['email']; $result=eregi("^[0-9a-z]([-_.]?[0-9a-z])*@[0-9a-z]([-.]?[0-9a-z])*\.[a-z]{2,4}$", $email); if(!$result){ echo "Enter a valid E-mail Address"; } else{ echo "Invalid E-mail Address"; } $error = 0; $error_mes = ''; if (strlen($_POST['firstname']) < 1) {$error = $error + 1; $error_mes .= "Sorry, no name entered\n";} if (strlen($_POST['lastname']) < 1) {$error = $error + 1; $error_mes .= "Sorry, no last name entered\n";} if (strlen($_POST['email']) < 1) {$error = $error + 1; $error_mes .= "Sorry, no email entered / Invalid Email\n";} if (strlen($_POST['username']) < 1) {$error = $error + 1; $error_mes .= "Sorry, no username entered\n";} if (strlen($_POST['password']) < 1) {$error = $error + 1; $error_mes .= "Sorry, no password entered\n";} if($error >= 1) {echo "<PRE>"; echo "<span style=\"color: red;\">Errors!!!\n\n"; echo $error_mes; echo "</span>"; echo "</PRE>"; }else{ // If no errors, enter data into database $sql = "INSERT INTO members SET firstname='$firstname', lastname='$lastname', username='$username', password='$password', email='$email'"; $sql2 = "INSERT INTO profile SET username='$username'"; if (@mysql_query($sql)) { echo '<p>User Created! Thank you.</p>'; } else { echo '<p>Database Error - Unable to create user</p>'; } }} //execute second query $sql2 = "INSERT INTO profile SET username='$username'"; if (@mysql_query($sql2)) { echo '<p>User profile updated!</p>'; } if ($_POST){ if ($error >= 1) { // Prints any errors at the beginning of the page // echo "<PRE>"; // echo "<span style=\"color: red;\">Errors!!!\n\n"; // echo $error_mes; // echo "</span>"; // echo "</PRE>"; } } ?> part of my html form coding below <td><label for="email">Enter E-Mail</td> <td>:</td> <div class="div_texbox"> <td><input type="text" name="email" id="email" value="<?php if (strlen($email) > 0) {echo $email;} ?>" /></label></td> </div> </tr> <tr> Link to comment https://forums.phpfreaks.com/topic/86637-email-validation-problem/ Share on other sites More sharing options...
adam291086 Posted January 18, 2008 Share Posted January 18, 2008 It because you are running lots of if statments. So if one == false the others will still run regardless. You need to set up a condition that will stops the if statements if something isn't valid. For Example $error=0; if(error =="1") { echo "problem } else { run inser into database } Link to comment https://forums.phpfreaks.com/topic/86637-email-validation-problem/#findComment-442726 Share on other sites More sharing options...
Daniel0 Posted January 18, 2008 Share Posted January 18, 2008 Well, the only thing that happens if the user enters an invalid email is that it tells him/her so. Nothing else. The rest of the script will always continue. I also have a couple of comments to your code: Instead of doing something like this: $error = $error + 1; $error_mes .= "Sorry, no name entered\n"; I would do this: $errors[] = 'Sorry, no name entered.'; Then you can check how many errors there are with count() and do join("\n", $errors);. This if statement: if ($_POST){ will always evaluate to true as $_POST will always be set. Thus the succeeding code block will always be run. Instead of checking if something is longer than one character: strlen($_POST['firstname']) < 1 it will probably be faster and more readable to check it is not empty: !empty($_POST['firstname']) In your form you might as well just echo $email - no point in checking the length. If it's to prevent E_NOTICEs then it won't work as you will already have used an undefined variable in strlen(). Link to comment https://forums.phpfreaks.com/topic/86637-email-validation-problem/#findComment-442728 Share on other sites More sharing options...
tinker Posted January 18, 2008 Share Posted January 18, 2008 I took out your regex email validator and it didn't pass any of my valid emails. Here's one that I sometimes use: function scheck_email($email) { if(eregi("[A-Z0-9._%-]+@[A-Z0-9.-]{2}([A-Z0-9.-])?\.[A-Z]{2,4}",$email)) return 1; // valid return -1; // invalid } Also i'd change this line: $password = mysql_real_escape_string(md5($_POST ['password'])); to $password = md5(mysql_real_escape_string($_POST ['password'])); not that it makes much difference... Not gone through the rest yet, but try the email thing... Link to comment https://forums.phpfreaks.com/topic/86637-email-validation-problem/#findComment-442730 Share on other sites More sharing options...
yobo Posted January 18, 2008 Author Share Posted January 18, 2008 I have update my code but still no luck, please forgive me for being a newbie i only started to learn php recently and my scirpt is built mainly from reading tutorials etc.. <?php /** * @author Cobra Internet * @copyright 2008 */ $dbcon = mysql_connect('localhost', 'root'); if (!$dbcon) { exit('<p> unable to connect to the database server at this time </p>'); } if (!@mysql_select_db('website')) { exit('<p>unable to locate the joke database</p>'); } if($_SERVER['REQUEST_METHOD'] == "POST"){ //if the form was posted then only do something.... $firstname = mysql_real_escape_string($_POST['firstname']); $lastname = mysql_real_escape_string($_POST['lastname']); $email = mysql_real_escape_string($_POST['email']); $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string(md5($_POST ['password'])); function scheck_email($email) { if(eregi("[A-Z0-9._%-]+@[A-Z0-9.-]{2}([A-Z0-9.-])?\.[A-Z]{2,4}",$email)) return 1; // valid return -1; // invalid } $error = 0; $error_mes = ''; if (strlen($_POST['firstname']) < 1) {$error = $error + 1; $error_mes .= "Sorry, no name entered\n";} if (strlen($_POST['lastname']) < 1) {$error = $error + 1; $error_mes .= "Sorry, no last name entered\n";} if (strlen($_POST['email']) < 1) {$error = $error + 1; $error_mes .= "Sorry, no email entered / Invalid Email\n";} if (strlen($_POST['username']) < 1) {$error = $error + 1; $error_mes .= "Sorry, no username entered\n";} if (strlen($_POST['password']) < 1) {$error = $error + 1; $error_mes .= "Sorry, no password entered\n";} if($error >= 1) {echo "<PRE>"; echo "<span style=\"color: red;\">Errors!!!\n\n"; echo $error_mes; echo "</span>"; echo "</PRE>"; }else{ // If no errors, enter data into database $sql = "INSERT INTO members SET firstname='$firstname', lastname='$lastname', username='$username', password='$password', email='$email'"; $sql2 = "INSERT INTO profile SET username='$username'"; if (@mysql_query($sql)) { echo '<p>User Created! Thank you.</p>'; } else { echo '<p>Database Error - Unable to create user</p>'; } }} //execute second query $sql2 = "INSERT INTO profile SET username='$username'"; if (@mysql_query($sql2)) { echo '<p>User profile updated!</p>'; } if ($_POST){ if ($error >= 1) { // Prints any errors at the beginning of the page // echo "<PRE>"; // echo "<span style=\"color: red;\">Errors!!!\n\n"; // echo $error_mes; // echo "</span>"; // echo "</PRE>"; } } ?> Link to comment https://forums.phpfreaks.com/topic/86637-email-validation-problem/#findComment-442741 Share on other sites More sharing options...
tinker Posted January 18, 2008 Share Posted January 18, 2008 you need to call the function or just rehash it like so: $email=$_POST['email']; $result=eregi("[A-Z0-9._%-]+@[A-Z0-9.-]{2}([A-Z0-9.-])?\.[A-Z]{2,4}",$email); if(!$result){ echo "Enter a valid E-mail Address"; } else{ echo "Invalid E-mail Address"; } Link to comment https://forums.phpfreaks.com/topic/86637-email-validation-problem/#findComment-442744 Share on other sites More sharing options...
Daniel0 Posted January 18, 2008 Share Posted January 18, 2008 Also i'd change this line: $password = mysql_real_escape_string(md5($_POST ['password'])); to $password = md5(mysql_real_escape_string($_POST ['password'])); not that it makes much difference... The mysql_real_escape_string() function call is in that case redundant as md5() will always return an alphanumeric string of 32 characters thus not posing any risk of SQL injection. @yobo: You didn't check the email. You might want create to if (scheck_email($email) == -1) {$error = $error + 1; $error_mes .= "Invalid email\n";} below the other similar lines. Link to comment https://forums.phpfreaks.com/topic/86637-email-validation-problem/#findComment-442745 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.