phpanon Posted March 25, 2008 Share Posted March 25, 2008 Hello there, Is there anyway I can get validation on this page that ensures users do not leave any fields blank...? It is an EDIT EMPLOYEE page that carries over the empID from a previous page once the user has selected the employee they wish to edit!! <?php session_start(); if (isset($_SESSION['username']) == false){ header("Location: login.php"); exit(); } if (($_SESSION['type']) == 'user') { header("Location: AccessDenied.php"); exit(); } if (($_SESSION['type']) == 'manager') { header("Location: AccessDenied.php"); exit(); } require "connect.php"; $empID = $_GET['empID']; $query = "select * from employee where empID = " .$empID; $result = @mysql_query($query, $connection) or die ("Unable to perform query<br>$query".mysql_error()); $row= mysql_fetch_array($result); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Edit User</title> <link rel="stylesheet" type="text/css" href="mystylelogin.css" /> </head> <body> <?php include ("headerAdmin.php"); ?> <div id="Adminheader">Modify User</div> <div id="AdminTable"> <form action="updateEmployee.php" method="get"> <table width="106%" border="0"> <hr /> <tr> <td width="3%"> </td> <td width="13%"> </td> <td width="41%"><h3>Employee Details</h3></td> <td width="6%"> </td> <td width="13%"> </td> <td width="24%"><h3>Account Details</h3></td> </tr> <tr> <td> </td> <td> </td> <td> </td> <td> </td> <td> </td> <td> </td> </tr> <tr> <td> </td> <td>Employee ID: </td> <td><input name="empID" type="text" value="<?php echo $row['empID']?>" size="3" readonly="true" /></td> <td> </td> <td>Username:</td> <td><input name="username" type="text" value="<?php echo $row['username']?>" /></td> </tr> <tr> <td> </td> <td colspan="2"><?php if(isset($_GET['message1'])) { echo $_GET['message1']; } ?></td> <td> </td> <td> </td> <td> </td> </tr> <tr> <td> </td> <td>First Name:</td> <td><input name="fName" type="text" value="<?php echo $row['fName']?>" /></td> <td> </td> <td>Password:</td> <td><input name="password" type="password" value="<?php echo $row['password']?>" /></td> </tr> <tr> <td> </td> <td> </td> <td> </td> <td> </td> <td> </td> <td> </td> </tr> <tr> <td> </td> <td>Surname:</td> <td><input name="sName" type="text" value="<?php echo $row['sName']?>" /></td> <td> </td> <td>Access Type: </td> <td><select name="type"> <option><?php echo $row['type']?></option> <option>user</option> <option>admin</option> <option>manager</option> </select></td> </tr> <tr> <td> </td> <td> </td> <td> </td> <td> </td> <td> </td> <td> </td> </tr> <tr> <td> </td> <td>Job Role:</td> <td><input name="jobRole" type="text" value="<?php echo $row['jobRole']?>" size="50" /></td> <td> </td> <td>Active User? </td> <td><input name="active" type="text" value="<?php echo $row['active']?>" size="1" /></td> </tr> <tr> <td> </td> <td> </td> <td> </td> <td> </td> <td> </td> <td> </td> </tr> <tr> <td> </td> <td> </td> <td><a href="UserEdit.php">Back</a></td> <td> </td> <td> </td> <td><input name="Save" type="submit" value="Update" /></td> </tr> </table> </form> </div> </body> </html> <?php session_start(); if (isset($_SESSION['username']) == false){ header("Location: login.php"); exit(); } if (($_SESSION['type']) == 'user') { header("Location: AccessDenied.php"); exit(); } if (($_SESSION['type']) == 'manager') { header("Location: AccessDenied.php"); exit(); } require "connect.php"; $empID = $_GET['empID']; $fName = $_GET['fName']; $sName = $_GET['sName']; $jobRole = $_GET['jobRole']; $username = $_GET['username']; $password = $_GET['password']; $type = $_GET['type']; $active = $_GET['active']; $query = "update employee set empID = '".$empID."', fName = '".$fName."', sName = '".$sName."', jobRole = '".$jobRole."', username = '".$username."', password = '".$password."', type = '".$type."', active = '".$active."' where empID = ".$empID; $result = @mysql_query($query, $connection) or die ("Unable to perform query<br>$query"); header("Location: UserEDIT.php"); exit(); ?> I currently have this validation working on a different page but it is creating a user rather than editing a user so therefore does not need to carry over the empID through the URL from a previous page. <?php session_start(); if (isset($_SESSION['username']) == false){ header("Location: login.php"); exit(); } if (($_SESSION['type']) == 'user') { header("Location: AccessDenied.php"); exit(); } if (($_SESSION['type']) == 'manager') { header("Location: AccessDenied.php"); exit(); } require "connect.php"; $page_mode = isset($_POST['page_mode']) ? $_POST['page_mode'] : ''; if ($page_mode == 'userADD') { $title = $_POST['title']; $fName = $_POST['fName']; $sName = $_POST['sName']; $jobRole = $_POST['jobRole']; $username = $_POST['username']; $password = $_POST['password']; $type = $_POST['type']; if($title == "Title") { $message1 = "* Please select the employees title"; } if($fName == "") { $message2 = "* Please enter the employees first name"; } if($sName == "") { $message3 = "* Please enter the employees surname"; } if($jobRole == "") { $message4 = "* Please enter the employees job role"; } if($username == "") { $message5 = "* Please enter the employees Username"; } if($password == "") { $message6 = "* Please enter the employees Password"; } if($type == "Access") { $message8 = "* Please enter the employees access level"; } if (is_numeric($fName)) { $message9 = "* Please ensure the Users firstname does not contain numbers"; } if (is_numeric($sName)) { $message10 = "* Please ensure the Users surname does not contain numbers"; } if (is_numeric($jobRole)) { $message11 = "* Please ensure the Users job role does not contain numbers"; } if (strlen(trim($password)) < 6) { $message14 = "* Please ensure the Password is more than 6 characters"; } if (!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $username)) { $message13 = "* Please ensure the username is the persons email address"; } else if($title != "Title" && $fName == !null && $sName == !null && $jobRole == !null && $username == !null && $password == !null && $type != "Access") { $query2 = "SELECT COUNT(username) FROM employee WHERE username='" . mysql_real_escape_string($username) . "'"; $result2 = mysql_query($query2, $connection) or die ("Unable to perform query<br>$query2"); $row2= mysql_fetch_row($result2); $count = $row2[0]; if($count) { $message12 .= 'That user already exists on the system.<br>'; } else { $username = mysql_real_escape_string($username); // protect against SQL attacks $fName = mysql_real_escape_string($fName); $sName = mysql_real_escape_string($sName); $jobRole = mysql_real_escape_string($jobRole); $query = "insert into employee values ('','".$title."','".$fName."','".$sName."','".$jobRole."','".$username."','".$password."', '".$type."','y')"; $result = mysql_query($query, $connection) or die ("Unable to perform query<br>$query"); $message7 = "The User ". basename ($fName)." ". basename ($sName)." added successfully. "; $fName = ""; $sName = ""; $jobRole = ""; $username = ""; } } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Add User</title> <link rel="stylesheet" type="text/css" href="mystylelogin.css" /> <style type="text/css"> <!-- .style1 {color: #FF0000} --> </style> </head> <body> <?php include ("headerAdmin.php"); ?> <div id="Adminheader">Create User</div> <form action="UserADD.php" method="post"> <input type="hidden" name="page_mode" value="userADD"> <div id="AdminTable"> <table width="99%" border="0"> <hr /> <tr> <td width="13%">Title:</td> <td width="34%"><select name="title"> <option >Title</option> <option >Mr</option> <option >Mrs</option> <option >Ms</option> <option >Miss</option> </select></td> <td width="8%"><div align="right">*</div></td> <td width="14%">Username:</td> <td width="17%"><input name="username" type="text" value="<?php if (isset($username)) echo $username;?>" /></td> <td width="14%"> </td> </tr> <tr> <td> </td> <td><span class="style2 style1"> <?php if (isset($message1)) echo $message1; ?> </span></td> <td> </td> <td colspan="3"><div align="left"><span class="style2 style1"> <?php if (isset($message5)) echo $message5; ?> </span></div></td> </tr> <tr> <td>First Name:</td> <td><input name="fName" type="text" value="<?php if (isset($fName)) echo $fName;?>" /></td> <td> </td> <td colspan="3"><span class="style2 style1"> <?php if(isset($message13)) echo $message13; ?> </span></td> </tr> <tr> <td> </td> <td><span class="style2 style1"> <?php if(isset($message2)) echo $message2; if(isset($message9)) echo $message9; ?> </span></td> <td><div align="right">**</div></td> <td>Password:</td> <td><input name="password" type="password" /></td> </tr> <tr> <td>Surname:</td> <td><input name="sName" type="text" value="<?php if (isset($sName)) echo $sName; ?>" /></td> <td> </td> <td colspan="3"><span class="style2 style1"> <?php if(isset($message6)) echo $message6; ?> </span></td> </tr> <tr> <td> </td> <td><span class="style2 style1"> <?php if(isset($message3)) echo $message3; if(isset($message10)) echo $message10; ?> </span></td> <td> </td> <td colspan="3"><span class="style2 style1"> <?php if(isset($message14)) echo $message14; ?></span></td> </tr> <tr> <td>Job Role:</td> <td><input type="text" name="jobRole" size="50" value="<?php if (isset($jobRole)) echo $jobRole; ?>" /></td> <td> </td> <td>Access: </td> <td><select name="type"> <option >Access</option> <option >user</option> <option >admin</option> <option >manager</option> </select></td> <td> </td> </tr> <tr> <td> </td> <td><span class="style2 style1"> <?php if(isset($message4)) echo $message4; if(isset($message11)) echo $message11; ?> </span></td> <td> </td> <td colspan="3"><span class="style2 style1"> <?php if(isset($message8)) echo $message8; ?> </span></td> </tr> <tr> <td> </td> <td> </td> <td> </td> <td colspan="2"><h5>* Must be the users email address</h5></td> <td> </td> </tr> <tr> <td> </td> <td> </td> <td> </td> <td colspan="2"><h5>** Must be a minimum 6 characters</h5></td> <td> </td> </tr> <tr> <td> </td> <td> </td> <td> </td> <td> </td> <td> </td> <td> </td> </tr> <tr> <td> </td> <td> </td> <td> </td> <td> </td> <td><input name="Save" type="submit" value="Create User" /> <input name="clear" type="reset" value="Clear" /></td> <td> </td> </tr> <tr> <td> </td> <td><?php if(isset($message7)) echo $message7; ?> <span class="style2 style1"><?php if(isset($message12)) echo $message12; ?></span> </td> <td> </td> <td> </td> <td> </td> <td> </td> </tr> </table> </div> </form> </body> </html> Link to comment https://forums.phpfreaks.com/topic/97772-php-validation/ Share on other sites More sharing options...
trq Posted March 25, 2008 Share Posted March 25, 2008 Take a look at empty(). Link to comment https://forums.phpfreaks.com/topic/97772-php-validation/#findComment-500268 Share on other sites More sharing options...
phpanon Posted March 25, 2008 Author Share Posted March 25, 2008 ok thanks, but how do i pass error messages back to that page without losing the empID which is carried over from a previous page to determine the employee that is being editted!?? Link to comment https://forums.phpfreaks.com/topic/97772-php-validation/#findComment-500308 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.