Form validation in php problem here

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
shinstar
Forum Newbie
Posts: 18
Joined: Fri May 21, 2010 2:33 pm

Form validation in php problem here

Post by shinstar »

Hy every one, i have some problem :banghead:
these are 2 files that are been used for form validation,
i need to make user to upload the selected file must ( user must select file to upload ) and then submit button work

form_process.php file code here ,

Code: Select all

<?php
set_time_limit(0);
if (isset($_POST['action']) && $_POST['action'] == 'post') {

if ( get_option("permissions") == "no" ) {
	if ( !is_user_logged_in() ){
		wp_redirect( get_bloginfo( 'url' ) . '/' );
		exit;
	};
}

	check_admin_referer( 'new-post' );
	$err = ""; $ok = "";
	$user_id 		= $current_user->user_id;
	$post_title 	= cp_filter($_POST['post_title']);
	$post_cat 		= (int)cp_filter($_POST['cat']);
	$post_cat_array	= array("$post_cat");

	if ( get_option('filter_html') == "yes" ) {
		$description 	= addslashes($_POST['description']);
		$description	= str_replace("javascript", "", $description);
	} else {
		$description 	= cp_filter($_POST['description']);
	}

	$name_ad 		= cp_filter($_POST['name_ad']);
	$email 			= cp_filter($_POST['email']);
	$phone 			= cp_filter($_POST['phone']);
	$price 			= cp_filter($_POST['price']);
	$location 		= cp_filter($_POST['location']);
	$yahoo 			= cp_filter($_POST['yahoo']);
	$aim 			= cp_filter($_POST['aim']);
	$msn 			= cp_filter($_POST['msn']);
	$gtalk 			= cp_filter($_POST['gtalk']);
	$skype 			= cp_filter($_POST['skype']);
	$title 			= cp_filter($_POST['title']);

    $images = strip_tags($_POST['images']);

	$total = (int)$_POST['total'];
	$nr1 = (int)$_POST['nr1']; $nr1 = str_replace("892347", "", $nr1);
	$nr2 = (int)$_POST['nr2']; $nr2 = str_replace("234543", "", $nr2);
	$nr1nr2 = $nr1 + $nr2;

	if ( $total != $nr1nr2 ) {
		$err .= "The spam field is incorect<br />";
	}

	$char_limit		= 1000;
	if( strlen( $description ) > $char_limit ) {
		$description = substr( $description, 0, $char_limit );
	}


	if ($post_title == "" || $post_cat == "" || $price == "" || $location == "" || $name_ad == "" || $email == "" || $description == "") {
		$err .= "You have to fill all the mandatory fields<br />";
	}
	
	if ( !cp_check_email($email) ) {
		$err .= "Your email seems to be wrong<br />";
	}

	if ( $post_cat == "-1") {
		$err .= "You have to choose a category<br />";
	} else {
		global $wpdb;
		$cat_ids = (array) $wpdb->get_col("SELECT `term_id` FROM $wpdb->terms");
		if ( !in_array($post_cat, $cat_ids) && $post_cat != "-1") {
			$err .= "This category doesn't exist<br />";
		}
	}

	if ( $err == "" ) {

   //1024 bytes = 1kb
   //1024000 bytes = 1mb
   $size_bytes = 1024000;
   $size_mb = $size_bytes / 1024000;
   $limitedext = array(".gif",".png",".jpg",".jpeg");

		$dir_to_make = "wp-content/uploads/classipress";
		$dir_to_make = strtolower($dir_to_make);
		$time = time();

		$i = 1;
		$images = "";
		$err2 = "";
		while(list($key,$value) = each($_FILES['images']['name'])) {
			if(!empty($value)) {
				$filename = strtolower($value);
				$filename = str_replace(" ", "-", $filename);
				//get image extension
				$tipul = strrchr($filename,'.');
				$filename = $time."-$i".$tipul;
				$add = "$dir_to_make/$filename";

           //Make sure that file size is correct
				$file_size = $_FILES['images']['size'][$key]; //getting the right size that coresponds with the image uploaded
           		if ($file_size == "0"){
              		$err2 .= "The file <b>$value</b> has 0 bytes.<br />";
           		} else {
					if ($file_size > $size_bytes){
              			$err2 .= "The file <b>$value</b> is bigger than  2MB si nu a fost uploadat.<br />";
           			}
           		}
           		//check file extension
           		$ext = strrchr($filename,'.');
           		if ( (!in_array(strtolower($ext),$limitedext)) ) {
              		$err2 .= "The file <b>$value</b> is not an image<br />";
           		}


				echo $_FILES['images']['type'][$key];
				if ( $err2 == "" ) {
					if (!file_exists($dir_to_make)) { mkdir($dir_to_make, 0777); }
					copy($_FILES['images']['tmp_name'][$key], $add);
					chmod("$add",0777);
					
					$images .= get_option('home')."/".$add.",";
				}
				$err2 = "";
				$i++;
			}//if empty $value
		}//end while

	$post_code = time();

	$post_content	 = '[name]'.$name_ad.'[/name]'."\n";
	$post_content	.= '[email]'.$email.'[/email]'."\n";
	$post_content	.= '[phone]'.$phone.'[/phone]'."\n";
	$post_content	.= '[yahoo]'.$yahoo.'[/yahoo]'."\n";
	$post_content	.= '[aim]'.$aim.'[/aim]'."\n";
	$post_content	.= '[gtalk]'.$gtalk.'[/gtalk]'."\n";
	$post_content	.= '[msn]'.$msn.'[/msn]'."\n";
	$post_content	.= '[skype]'.$skype.'[/skype]'."\n";
	$post_content	.= '[price]'.$price.'[/price]'."\n";
	$post_content	.= '[location]'.$location.'[/location]'."\n";
	$post_content	.= '[img]'.$images.'[/img]'."\n";
	$post_content	.= '[description]'.$description.'[/description]'."\n";

// http://codex.wordpress.org/Function_Reference/wp_insert_post

		if ( get_option('activate_paypal') == "yes" ) {
			$post_status = "draft";
		} else {
			$post_status = get_option("post_status");
		}

		$post_id = wp_insert_post( array(
			'post_author'	=> $user_id,
			'post_title'	=> $post_title,
			'post_content'	=> $post_content,
			'post_category'	=> $post_cat_array,
			'post_status'	=> $post_status
		) );
		$ok = "ok";


		// send notification email
		if ( get_option('notif_ad') == "yes" ) {
			$user_info = get_userdata(1);
			$admin_email = $user_info->user_email;
			$subject2 = "ClassiPress new ad";
			$email2 = "Classipress";

			$body = "Someone added a new ad.
Go to the admin panel and edit it or delete it:"
.get_option('home')."/wp-admin/edit.php";
	    	mail($admin_email,$subject2,$body,"From: $email2");
	    }

		if ( get_option('activate_paypal') == "yes" ) {
			$post_title = str_replace(" ", "+", $post_title);
			wp_redirect( get_bloginfo( 'url' ) . '/?ok=ok&title='.$post_title.'&id='.$post_id );
		} else {
			wp_redirect( get_bloginfo( 'url' ) . '/?ok=ok' );
		}
		exit;
	}
}

?>


and second file name post-form.php code is here ,

Code: Select all

<?php
$ok = cp_filter($_GET['ok']);

if ($err != "") {
	echo "<div class=\"err\">$err</div>";
}

if ($ok == "ok") {
	echo "<div class=\"ok\">";
	echo "Your data has been submited succesfully<br />";
	if ( get_option('activate_paypal') == "yes" ) {
	$post_id = (int)$_GET['id'];
	$post_title = $_GET['title'];
	$post_title = str_replace("+", " ", $post_title);
	?>
<br />Please click the paypal button and pay the <b><?php echo get_option('ad_value').get_option('paypal_currency'); ?> fee</b>.<br />Your ad will not be published untill you do that.<br />
<center>
<?php // normal  url -> https://www.paypal.com/cgi-bin/webscr ?>
<?php // testing url -> https://www.sandbox.paypal.com/cgi-bin/webscr ?>
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
   <input type="hidden" name="cmd" value="_xclick">
   <input type="hidden" name="business" value="<?php echo get_option('paypal_email'); ?>">
   <input type="hidden" name="item_name" value="<?php echo $post_title; ?>">
   <input type="hidden" name="item_number" value="<?php echo $post_id; ?>">
   <input type="hidden" name="amount" value="<?php echo get_option('ad_value'); ?>.00">
   <input type="hidden" name="no_shipping" value="1">
   <input type="hidden" name="no_note" value="1">
   <input type="hidden" name="notify_url" value="<?php echo get_option('home'); ?>/">
   <input type="hidden" name="cancel_return" value="<?php echo get_option('home'); ?>/">
   <input type="hidden" name="return" value="<?php echo get_option('home'); ?>/?payment=1">
   <input type="hidden" name="currency_code" value="<?php echo get_option('paypal_currency'); ?>">
   <input type="hidden" name="bn" value="IC_Sample">
   <input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but01.gif" name="submit" alt="Make payments with payPal - it's fast, free and secure!">
   <img alt="" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form><br />
<span style="color: red; background-color: #fff; padding: 2px 5px;"><b>IMPORTANT</b></span>: Be sure to click "Return to store"(from paypal.com) for your ad to be activated.
</center>
<?php	}
	echo "</div>";
} else {
?>

<div class="classform" id="formbox" <?php if ($err == "") { echo "style=\"display: none;\""; } ?>>
	<form action="" method="post" enctype="multipart/form-data" id="new_post2" name="new_post2">
		<input type="hidden" name="action" value="post" />
		<?php wp_nonce_field( 'new-post' ); ?>

		<div class="left_form">
				<label for="title">Title: <span>*</span></label>
				<input type="text" id="title" name="post_title" value="<?php echo $post_title;?>" />
				
				<label for="cat">Category: <span>*</span></label>
				<?php wp_dropdown_categories('show_option_none=Select category&orderby=name&order=ASC&hide_empty=0'); ?>
				<label for="phone">Phone: </label>
				<input type="text" id="phone" name="phone" value="<?php echo $phone; ?>" />

				<label for="price">Price: <span>* <small><em></em></small></span></label>
				<input type="text" id="price" name="price" value="<?php echo $price; ?>" />

				<label for="location">Location: <span>*</span></label>
				<input type="text" id="location" name="location" value="<?php echo $location; ?>" />

				<label for="name_ad">Your Name: <span>*</span></label>
				<input type="text" id="name_ad" name="name_ad" value="<?php echo $name_ad; ?>" />

				<label for="email">Email: <span>*</span></label>
				<input type="text" id="email" name="email" value="<?php echo $email; ?>" />		
				
				<label for="description">Product Description: <span>*</span></label>
				<textarea name="description" id="description" rows="10" cols="93" onkeydown="textCounter(document.new_post2.description,document.new_post2.remLen1,1000)"
				onkeyup="textCounter(document.new_post2.description,document.new_post2.remLen1,1000)"><?php echo $description; ?></textarea><br />

				<div class="limit">
					<input readonly="readonly" type="text" name="remLen1" size="4" maxlength="4" value="1000" style="width: 50px;" /><span style="font-size:11px;"> characters left</span>
				</div>
				
				<center>

				</center>

		</div>

		<div class="right_form">
				<img src="<?php bloginfo( 'template_url' ); ?>/images/add-images.jpg" alt="add some images" /><br />
				<input type="file" name="images[]" class="wwIconified" /><br />
				<small>(your image must be under 1MB or else it won't be uploaded)</small>
				<img src="<?php bloginfo( 'template_url' ); ?>/images/more-contact-information.jpg" alt="more contact information" style="margin-top: 40px;" /><br />
				<label for="yahoo">Yahoo: </label>
				<input type="text" id="yahoo" name="yahoo" value="<?php echo $yahoo; ?>" />

				<label for="aim">Aim: </label>
				<input type="text" id="aim" name="aim" value="<?php echo $aim; ?>" />

				<label for="msn">MSN: </label>
				<input type="text" id="msn" name="msn" value="<?php echo $msn; ?>" />

				<label for="gtalk">Gtalk: </label>
				<input type="text" id="gtalk" name="gtalk" value="<?php echo $gtalk; ?>" />

				<label for="skype">Skype: </label>
				<input type="text" id="skype" name="skype" value="<?php echo $skype; ?>" /><br />


		</div>
		<div style="clear: both; height: 20px;"></div>
		<center>
			<div class="capcha">
				<?php
				$nr1 = rand("0", "9");
				$nr2 = rand("0", "9");
				?>
				<?php echo $nr1; ?> + <?php echo $nr2; ?> = <input type="text" name="total" style="width: 30px; text-align: center; border: 1px #DF0005 solid; padding: 4px;" maxlength="2" value="" /> &nbsp; 
				<input type="hidden" name="nr1" value="892347<?php echo $nr1; ?>" />
				<input type="hidden" name="nr2" value="234543<?php echo $nr2; ?>" />
			</div>
			<input id="submit" type="submit" value="Post it!" class="postit" />
		</center>
	</form>
</div> <!-- // postbox -->
<?php } //if the form is ok don't display the form anymore ?>

Please tell me how can force user to upload the file must..?
User avatar
Celauran
Moderator
Posts: 6427
Joined: Tue Nov 09, 2010 2:39 pm
Location: Montreal, Canada

Re: Form validation in php problem here

Post by Celauran »

When you're validating the form, just check if $_FILES is empty or not. At least, that's a starting off point.
Post Reply