Page 1 of 1
PHP form validation?
Posted: Mon Jul 05, 2004 8:25 pm
by C_Calav
hi guys, i was wondering if someone could tell me how php form validation works?
i have done javascript validation before.
i have seen on other sites if you dont fill the forms etc out propely it takes you to another page and tells you what you have done wrong OR a message box pops up and tells you whats missing (javascript)
the problem i have is that it tells you what the problems are but it posts it anyway. can some one give me a simple example or explanation of validation for php that stops it from posting all rthe deatils and lets the user type them again?
sorry if this is not where i am ment to post this question.
thanx!
Posted: Mon Jul 05, 2004 8:37 pm
by kettle_drum
just need to do something like:
Code: Select all
if(submitted-form){
//check values
if(isset($_POST['testing']) AND $_POST['testing']<12){
//value was set and valid
}else{
show_form():
}
}else{
show_form();
}
function show_form(){
echo "my form here <input type="text" name="testing"> .........";
}
Posted: Mon Jul 05, 2004 8:49 pm
by C_Calav
hey thanx kettle_drum!
can you explain this a bit please?
Posted: Mon Jul 05, 2004 9:25 pm
by C_Calav
ok heres my code im trying to validate. its not working. am i on the write track? been looking at other posts about this topic.
thanx!
Code: Select all
<?php
$db = mysql_pconnect('xxxxx') or die ("Could not connect to database");
# mysql_select_db('models') or die ("Could not select database!");
# this is processed when the form is submitted
# back on to this page (POST METHOD)
if ($_SERVER['REQUEST_METHOD'] == "POST")
{
# escape data and set variables
mysql_select_db('models') or die ("Could not select database!");
$P_Stock = stripslashes($_POST["P_Stock"]);
$P_Name = stripslashes($_POST["P_Name"]);
$P_Cat = stripslashes($_POST["P_Cat"]);
$P_Scale = stripslashes($_POST["P_Scale"]);
$P_Length = stripslashes($_POST["P_Length"]);
$P_Span = stripslashes($_POST["P_Span"]);
$P_Price = stripslashes($_POST["P_Price"]);
$P_Desc = stripslashes($_POST["P_Desc"]);
if (!empty($P_Stock) || !empty($P_Name) || !empty($P_Cat) || !empty($P_Scale) || !empty($P_Length) || !empty($P_Span))
{
$sql = "INSERT INTO planes (P_Stock, P_Name, P_Cat, P_Scale, P_Length, P_Span, P_Price, P_Desc) VALUES ('$P_Stock','$P_Name','$P_Cat','$P_Scale','$P_Length','$P_Span','$P_Price','$P_Desc')";
$result = mysql_query($sql, $db) or die ("Execution failed.");
echo 'Uploading ' . $_FILES['file']['name'] . ' (' .
$_FILES['file']['type'] . ', ' .
ceil($_FILES['file']['size'] / 91024) . ' Kb).<br />';
move_uploaded_file($_FILES['file']['tmp_name'], '/var/users/modelair/modelaircraft.co.nz/htdocs/Pics/'.$_FILES['file']['name']);
echo 'File has been stored in your uploads directory.';
print "<br><b>new aircraft added</b><br><br>";
}
else
{
echo "Make sure you filled out all the required fields";
}
}
?>
Posted: Mon Jul 05, 2004 10:01 pm
by John Cartwright
change
Code: Select all
<?php
if (!empty($P_Stock) || !empty($P_Name) || !empty($P_Cat) || !empty($P_Scale) || !empty($P_Length) || !empty($P_Span))
?>
to
Code: Select all
<?php
if (!empty($P_Stock) && !empty($P_Name) && !empty($P_Cat) && !empty($P_Scale) && !empty($P_Length) && !empty($P_Span))
?>
what do u mean its not working tho.. other than that ur script looks fine
Posted: Mon Jul 05, 2004 10:06 pm
by C_Calav
still does the same thing. what was thgat change ment to do?
its adding everything to database skipping the if empty part i think.
code looks like this now
Code: Select all
<?php
$db = mysql_pconnect('db.iserve.net.nz', 'chris', 'cessna') or die ("Could not connect to database");
# mysql_select_db('models') or die ("Could not select database!");
# this is processed when the form is submitted
# back on to this page (POST METHOD)
if ($_SERVER['REQUEST_METHOD'] == "POST")
{
# escape data and set variables
mysql_select_db('models') or die ("Could not select database!");
$P_Stock = stripslashes($_POST["P_Stock"]);
$P_Name = stripslashes($_POST["P_Name"]);
$P_Cat = stripslashes($_POST["P_Cat"]);
$P_Scale = stripslashes($_POST["P_Scale"]);
$P_Length = stripslashes($_POST["P_Length"]);
$P_Span = stripslashes($_POST["P_Span"]);
$P_Price = stripslashes($_POST["P_Price"]);
$P_Desc = stripslashes($_POST["P_Desc"]);
if (!empty($P_Stock) && !empty($P_Name) && !empty($P_Cat) && !empty($P_Scale) && !empty($P_Length) && !empty($P_Span))
{
$sql = "INSERT INTO planes (P_Stock, P_Name, P_Cat, P_Scale, P_Length, P_Span, P_Price, P_Desc) VALUES ('$P_Stock','$P_Name','$P_Cat','$P_Scale','$P_Length','$P_Span','$P_Price','$P_Desc')";
$result = mysql_query($sql, $db) or die ("Execution failed.");
echo 'Uploading ' . $_FILES['file']['name'] . ' (' .
$_FILES['file']['type'] . ', ' .
ceil($_FILES['file']['size'] / 91024) . ' Kb).<br />';
move_uploaded_file($_FILES['file']['tmp_name'], '/var/users/modelair/modelaircraft.co.nz/htdocs/Pics/'.$_FILES['file']['name']);
echo 'File has been stored in your uploads directory.';
print "<br><b>new aircraft added</b><br><br>";
}
else
{
echo "Make sure you filled out all the required fields";
}
}
?>
Posted: Mon Jul 05, 2004 10:09 pm
by C_Calav
sorry its working now!
thanx a lot!
Posted: Mon Jul 05, 2004 10:18 pm
by tim
what did you change so others can benefit from this
Posted: Mon Jul 05, 2004 10:46 pm
by C_Calav
i changed what Phenom said to. my last post with code is the working code.
thanx for everyones help
