PRodgers4284 Posted February 8, 2008 Share Posted February 8, 2008 I want add validation to a form for editing a user account, i have the validation code i need but im having trouble putting it together, i want the same validation that i have in the registration form to be included on the edit account form, my code for the registration form and edit account form is: <?php $error_stat = 0; $username_message = ''; $forename_message = ''; $surname_message = ''; $email_message = ''; $mobile_message = ''; $dob_message = ''; $location_message = ''; if (isset($_POST['submit'])) { $username = $_POST['username']; $forename = $_POST['forename']; $surname = $_POST['surname']; $email = $_POST['email']; $mobile = $_POST['mobile']; $dob = $_POST['dob']; $location = $_POST['location']; //Error checking //Username check) if (empty($username)) { //Set the error_stat to 1, which means that an error has occurred $error_stat = 1; //Set the message to tell the user to enter a username $username_message = '*Please enter a username*'; } if(usernameTaken($username,$conn)) { $error_stat = 1; $username_message = '*User name is taken, choose another one*'; } $username = $_POST['username']; $username = trim($username); if (strlen($username) > 12){ $error_stat = 1; $username_message = '*The username must be 12 characters or less*'; } $username = $_POST['username']; $username = trim($username); if (strlen($username) < 4){ $error_stat = 1; $username_message = '*Username must be at least 4 characters*'; } else if ( preg_match( '/\W/', $username)){ $error_stat = 1; $username_message = '*Invalid username, letters only, no spaces*'; } //Forename check) if (empty($forename)) { //Set the error_stat to 1, which means that an error has occurred $error_stat = 1; //Set the message to tell the user to enter a username $forename_message = '*Please enter your forename*'; } else if (ctype_digit($forename)) { $error_stat = 1; $forename_message .= '*Invalid forename*'; } else if ( preg_match( '/\W/', $forename)){ $error_stat = 1; $forename_message = '*Invalid forename, letters only, no spaces*'; } $forename = $_POST['forename']; $forename = trim($forename); if (strlen($forename) > 12){ $error_stat = 1; $forename_message = '*The forename must be 12 characters or less*'; } //Surname check) if (empty($surname)) { //Set the error_stat to 1, which means that an error has occurred $error_stat = 1; //Set the message to tell the user to enter a username $surname_message = '*Please enter your surname*'; } else if (ctype_digit($surname)) { $error_stat = 1; $surname_message .= '*Invalid surname*'; } else if ( preg_match( '/\W/', $surname)){ $error_stat = 1; $surname_message = '*Invalid surname, letters only, no spaces*'; } $surname = $_POST['surname']; $surname = trim($surname); if (strlen($surname) > 12){ $error_stat = 1; $surname_message = '*The surname must be 12 characters or less*'; } //Email check) if (empty($email)) { //Set the error_stat to 1, which means that an error has occurred $error_stat = 1; //Set the message to tell the user to enter an email address $email_message = '*Please enter your email address*'; } //Check format of email address entered else if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$", $email)){ $error_stat = 1; //Set the message to tell the user to enter a valid email address $email_message = '*Invalid Email Address*'; } if(emailTaken($email,$conn)) { $error_stat = 1; $email_message = '*Email is taken please choose another one*'; } $email = $_POST['email']; $email = trim($email); if (strlen($email) > 30){ $error_stat = 1; $email_message = '*The email address must be 30 characters or less*'; } //Mobile number check) if (empty($mobile)) { //Set the error_stat to 1, which means that an error has occurred $error_stat = 1; //Set the message to tell the user to enter a dob $mobile_message = '*Please enter your mobile number*'; } else if (!ctype_digit($mobile)) { $error_stat = 1; $mobile_message .= '*The mobile phone number must be only numbers*'; } if(mobileTaken($mobile,$conn)) { $error_stat = 1; $mobile_message = '*Mobile already in use, choose another one*'; } $mobile = $_POST['mobile']; $mobile = trim($mobile); if (strlen($mobile) > 11){ $error_stat = 1; $mobile_message = '*Invalid mobile number*'; } $mobile = $_POST['mobile']; $mobile = trim($mobile); if (strlen($mobile) < 11){ $error_stat = 1; $mobile_message = '*Invalid mobile number, must be 11 numbers*'; } //DOB check) if (empty($dob)) { //Set the error_stat to 1, which means that an error has occurred $error_stat = 1; //Set the message to tell the user to enter a dob $dob_message = '*Please enter your date of birth*'; } //Check the format and explode into $parts elseif (!ereg("^([0-9]{2})/([0-9]{2})/([0-9]{4})$", $dob, $parts)){ $error_stat = 1; //Set the message to tell the user the date is invalid $dob_message = '*Invalid dob, must be DD/MM/YYYY format*'; } elseif (!checkdate($parts[2],$parts[1],$parts[3])) { $error_stat = 1; //Set the message to tell the date is invalid for the month entered $dob_message = '*Invalid dob, month must be between 1-12*'; } elseif (intval($parts[3]) < 1948 || intval($parts[3]) > intval(date("Y"))) { $error_stat = 1; //Set the message to tell the user the date is invalid for the year entered $dob_message = '*Invalid dob, year must 1948 onwards*'; } if ($location == 'Please Select'){ //Set the error_stat to 1, which means that an error has occurred $error_stat = 1; $location_message = '*Please select a location*'; } //Then, only run the query if there were no errors (if $error_stat still equals 0) if ($error_stat == 0) { mysql_query("INSERT INTO users (username, password, forename, surname, email, mobile, dob, location, ipaddress) VALUES ('$username', '$md5password', '$forename', '$surname', '$email', '$mobile', '$dob', '$location', '$ip')"); echo "<h3>Registration Successful!</h3>"; echo "<p>Thankyou, <b>$username</b>,registration was successful</p>"; echo "<p>login.</p>"; echo "<a href=\"index.php\">Login</a>"; } } //Then, for the form, only show it if 1) the form hasn't been submitted yet OR 2) there is an error if (!isset($_POST['submit']) || $error_stat == 1) { ?> Edit account code is: <?php if ($_SERVER["REQUEST_METHOD"] == "POST") { $update = mysql_query("UPDATE users SET username='" . $_POST["username"] . "',forename='" . $_POST["forename"] . "',surname='" . $_POST["surname"] . "',email='" . $_POST["email"] . "',mobile='" . $_POST["mobile"] . "',dob='" . $_POST["dob"] . "',location='" . $_POST["location"] . "',about='" . $_POST["about"] . "' WHERE username='" . $_SESSION["username"] . "'"); ?> <br /> <a href="viewemployeedetails.php">Back to main page</a> <br /> <br /> <br /> You have successfully updated your account . <?php } else { $account = mysql_fetch_array(mysql_query("SELECT * FROM users WHERE username='" . $_SESSION["username"] . "'")); ?> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.