Jump to content


Phear46

Member Since 28 Apr 2013
Offline Last Active May 30 2013 09:13 AM

Topics I've Started

Validating a Date

15 May 2013 - 09:40 AM

OK, so i want my form adds a persons details to a DB, all good so far but i want to grab a birth-date with the form then input that to my DB. mySQL only accepts yyyy-mm-dd format so i need to convert my string to that format no-matter what.

 

But what if the person doesn't enter the date correctly? what if the date doesn't even exist?

 

I could 'guide' the user into inputting into the form in the correct format but Ive never seen this done on line anywhere. Everywhere ive ever enter a date has always accepted:

 

dd-mm-yy

dd-mm-yyyy

mm-dd-yy

mm-dd-yyyy

 

I can probably figure out formatting to mySQL format by myself but im totally confused by what i should do when the user enters a date like:

01-03-88

is this 1st March 1988 Or 3rd January 1988?

 

Is there a setting i can grab from the browser to determine where in the world a user is?

 


remove substring from end of string

12 May 2013 - 11:25 AM

I want to remove the last ' AND' from my string im using to build a mySQL query. I thought using rtrim was the way to go but either im wrong or im not using it correctly:

foreach ($dupArray as $k => $v) {
			$whereStr = $whereStr . "$k='$v' AND ";
		}
		
		rtrim($whereStr, "AND");
		echo $whereStr;

Anyone got any ideas? I swear ive seen this done else where but i cant find any examples


define string from variable as another variable - Possible?

07 May 2013 - 04:36 PM

OK, I wrote one function to write my form to a DB, then i created another page, with a different form and wrote another function to write it to a DB. Being lazy and wanting to streamline the process for further 'form writing' I tried to be crafty and hack togther a function that would write the correct form, to the correct database no matter what. So i could come up with any number of forms with different sizes etc different field names and it would just automagically work.

 

I thought.... Hey, if i just make sure the 'name' of the input on the $_POST is the same string as the field name in the db, then it would work no matter what. Until i thought about when my form contained 'arrays' such as a check box array. Now im stuck....

 

The idea was to assign the post array to a new array so i could mess with it and not screw with the original POST array. Easy -

//Form results into array
	$form_array = array();
	foreach ($_POST as $k => $v) {
			$form_array[$k] = $v;
		}
	}
	
	print_r($form_array);

Now what if $k is an array? I figure define another array using the string of $k something like:

//Form results into array
	$form_array = array();
	foreach ($_POST as $k => $v) {
		if (is_array($k)) {
			//Create new array with name $k
			$k = array();
			$k[k] = $v;

		} else {
			$form_array[$k] = $v;
		}
	}
	
	print_r($form_array);

But this just calls the array '$k' instead of '$string from $k'. Then i got to thinking.... even if i know how to use the string to create the variable name, how do i call it from the rest of the script? I cant use $string because writing it now i don't know what $string will be! Now I'm confused and don't know if this is even possible. I imagine it is but may be somewhat beyond my abilities at this point! I apologize if this isn't making any sense. If you do understand and could possibly point me in the direction of some useful functions within PHP already that would be awesome! i cant find anything yet but ill keep looking!


mySQL INSERT - data into SET colum type along with a few other things

05 May 2013 - 09:41 AM

// Grab all info into one variable - This is unnecassary but makes it more readable (to me anyway!)
		$enrollment_array = array('fname' => $_POST['firstname'], 'sname' => $_POST['surname'], 'dob' => $_POST['dob']);
		$enrollment_array_class = $_POST['class'];

		//Set DB access variables
		$host = "localhost";
		$user = "***";
		$pass = "***";
		$db = "userDB";
		$table = "students";

		//Set Array as variables
		//Escape for safety
		$DBfname = mysql_escape_string($enrollment_array['fname']);
		$DBsname = mysql_escape_string($enrollment_array['sname']);
		$DBdob = mysql_escape_string($enrollment_array['dob']);
		$DBclass = mysql_escape_string($enrollment_array_class);
		
		//Open Connection
		$connection = mysql_connect($host, $user, $pass) or die ("Unable to connect!");
	
		//Select DB
		mysql_select_db($db) or die ("Unable to select db!");
	
		//Create query
		$query = "INSERT INTO $table (fname, sname, dob, class) VALUES ('$DBfname', '$DBsname','$DBdob', '$DBclass')";
	
		//Execute query
		mysql_query($query) or die ("Error in query: $query.".mysql_error());
		echo"Added new student!<br />";
		
		//Close connection
		mysql_close($connection);

OK this is the script I have, This is just a small (or not so!) project of mine im using to learn the ins and outs of PHP and mySQL so please forgive me for being a noob!

 

I have a form with 3 text input (fname, sname, dob) and an array 'class[]' of 7 checkboxes. One must be ticked but no more than three. Ive already got all the error checking sorted (mostly) for form inputs but now I'm struggling to figure out how to input my class[] array into my 'class' column in the DB.

 

The 'class' column is of the SET data type and Ive set up the allowed strings correctly as far as i know. When i run the script it gives no errors and even adds a student to the table but the 'class' column is empty.

 

I think I'm going wrong with these two:

$DBclass = mysql_escape_string($enrollment_array_class);
$query = "INSERT INTO $table (fname, sname, dob, class) VALUES ('$DBfname', '$DBsname','$DBdob', '$DBclass')";

I'm assuming that there is a mysql_escape_array function or something similar? If not i could maybe do a for-each on the array and escape each string one by one into a new array?

 

With the query i think i might need to do something similar to this but im not sure how to write it in php:

INSERT fname, sname, dob;

select row from table with matching fname, sname, dob;
      if rows returned = 1 {
           add class array to class column on row matching returned ID using something like:
           INSERT INTO $table (class) VALUES ($DBclass);
      } else {
           ERROR - either no matching student OR duplicates exist
      }

I know this is asking quite a bit, I'm trying to be as clear as i can. Thanks for reading!

Nathan


Login form - if error, re-display form + errors (atm i have just errors)

02 May 2013 - 10:58 AM

Login.php

<?php

if (!$_SESSION['auth'] == 1) {

	if (!isset($_POST['login_submit'])) {
	//If login has NOT been submitted then {
	?>
	<form name="login" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
	<div id="username" style="width:500px;">
		<div name="box1" style="text-align:right;height:27px;width:250px;float:left;">
			Username:
		</div>
		<div name="box2" style="text-align:center;height:27px;width:250px;float:right;">
			<input type="text" name="userlogin">
		</div>
	</div>
	<div id="password" style="width:500px;">
		<div name="box1" style="text-align:right;height:27px;width:250px;float:left;">
			Password:
		</div>
		<div name="box2" style="text-align:center;height:27px;width:250px;float:right;">
			<input type="password" name="userpass">
		</div>
	</div>
	<div id="submit" style="width:500px;">
		<div name="box1" style="text-align:center;height:27px;width:250px;float:left;">
		</div>
		<div name="box2" style="text-align:center;height:27px;width:250px;float:right;">
			<input type="submit" name="login_submit" value="Log In">
		</div>
	</div>
	</form>
	<?php

	} else {
		if (empty($_POST['userlogin'])) {
		die ("ERROR: Please enter username!");
		}

		if (empty($_POST['userpass'])) {
		die ("ERROR: Please enter password!");
		}


	// set server access variables
		$host = "***";
		$user = "***";
		$pass = "***";
		$db = "***";
		$table = "***";

	// open connection
		$connection = mysql_connect($host, $user, $pass) or die ("Unable to connect!");

	// select database
		mysql_select_db($db) or die ("Unable to select database!");

	// create query
		$query = "SELECT * FROM $table WHERE username = '" . $_POST['userlogin'] . "' AND password = '" . $_POST['userpass'] . "'";

	// execute query
		$result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());

	// see if any rows were returned
		if (mysql_num_rows($result) == 1) {
			// if a row was returned
			// authentication was successful
			// create session and set cookie with username

			session_start();
			$_SESSION['auth'] = 1;
			setcookie("username", $_POST['userlogin'], time()+(84600*30));
			echo "Access granted!";

		} else {
		// no result
		// authentication failed
		echo "ERROR: Incorrect username or password!";
		}

	}

} else {
	echo "You are logged in! <a href=include/logout.php>Logout</a>";
}
?>

This is a php file that is included inside a <div> on the actual webpage. It works fine but if i have an error id like to display the form with the error message below. Right now the form dissapears and leaves me with just an error message.

 

Any ideas? I was thinking about making the 'display form' part of the code a function and then calling it + my errors when an error is returned. Not sure if this is the best way to do it or not.

 

Thanks for reading, any relpies are much appreciated!