Code: Select all
<?php
//.........
$data = array();
$valid = array();
foreach($_POST as $k => $v)
{
//......
?>Moderator: General Moderators
Code: Select all
<?php
//.........
$data = array();
$valid = array();
foreach($_POST as $k => $v)
{
//......
?>Code: Select all
$data = array();
$valid = array();
foreach($_POST as $k => $v)
{
switch($k)
{
case 'street_team_data':
break;Code: Select all
default:
$data[$k] = $v;
$valid[$k] = preg_match # <-------- this line
break;
}Code: Select all
default:
$data[$k] = $v;
$valid[$k] = true; //preg_match # <-------- this line
break;
}Code: Select all
<?php
if(!$done){ $done = $HTTP_GET_VARS['done']; }
if($done=="" or $done=="n")
{
include("street_team_form.php");
}
elseif($done=="y")
{
echo "<div class="confirmation" align="center">You have successfully joined the Ten Foot Pole Street Team!</div>";
}
?>Code: Select all
<form enctype="multipart/form-data" action="street_team.php" method="post">
<table width="100%" border="0" cellspacing="0" cellpadding="2">
<tr valign="top">
<td width="34%">First Name:</td>
<td width="66%"><input class="input" name="first_name" type="text" size="25"></td>
</tr>
<tr valign="top">
<td>Last Name:</td>
<td><input class="input" name="last_name" type="text" size="25"></td>
</tr>
<tr valign="top">
<td>Birth Year:</td>
<td><input class="input" name="birth_year" type="text" size="4"></td>
</tr>
<tr valign="top">
<td>Email Address:</td>
<td><input class="input" name="email" type="text" size="35"></td>
</tr>
<tr valign="top">
<td>Postal Address:</td>
<td><input class="input" name="address" type="text" size="35"></td>
</tr>
<tr valign="top">
<td>City:</td>
<td><input class="input" name="city" type="text" size="20"></td>
</tr>
<tr valign="top">
<td>State / Province:</td>
<td><input class="input" name="state_province" type="text" size="20"></td>
</tr>
<tr valign="top">
<td>Zip / Post Code: </td>
<td><input class="input" name="zip" type="text" size="8"></td>
</tr>
<tr valign="top">
<td>Country:</td>
<td><select size="1" name="country" class="input">
<option selected>Other</option>
<option>Argentina</option>
<option>Australia</option>
<option>Belgium</option>
<option>Brazil</option>
<option>Canada</option>
<option>Chile</option>
<option>China</option>
<option>Colombia</option>
<option>Croatia</option>
<option>Czech Republic</option>
<option>Denmark</option>
<option>Ecuador</option>
<option>England</option>
<option>Finland</option>
<option>France</option>
<option>Germany</option>
<option>Great Britain</option>
<option>Hungary</option>
<option>Ireland</option>
<option>Italy</option>
<option>Japan</option>
<option>Mexico</option>
<option>N Ireland</option>
<option>Netherlands</option>
<option>New Zealand</option>
<option>Norway</option>
<option>Portugal</option>
<option>Russia</option>
<option>Scotland</option>
<option>South Africa</option>
<option>Spain</option>
<option>Sweden</option>
<option>Switzerland</option>
<option>Uruguay</option>
<option>USA</option>
<option>Wales</option>
</select></td>
</tr>
<tr valign="top">
<td>Continent</td>
<td><input class="input" name="continent" type="text" size="20"></td>
</tr>
<tr valign="top">
<td>Phone Number:</td>
<td><input class="input" name="phone" type="text" size="20"></td>
</tr>
<tr valign="top">
<td>Nearest Major City:</td>
<td><input class="input" name="major_city" type="text" size="20"></td>
</tr>
<tr valign="top">
<td>Favorite Venues/Hangouts:</td>
<td><textarea rows="5" name="faves" cols="30" class="input"></textarea></td>
</tr>
<tr valign="top">
<td>Comments:</td>
<td><textarea rows="5" name="comments" cols="30" class="input"></textarea></td>
</tr>
<tr valign="top">
<td colspan="2" align="center"><input type="submit" value="Join The Team!" name="street_team_data">
</td>
</tr>
</table>
</form>Code: Select all
<?PHP
$database_name = "my_database";
$dbh = mysql_connect("localhost","my_username","my_password");
if (!mysql_select_db($database_name)) {
echo "Unable to select "$database_name" database";
}
$first_name = $_POST['first_name'];
$date=date("Y-m-d");
$last_name = $_POST['last_name'];
$birth_year = $_POST['birth_year'];
$email = $_POST['email'];
$address = $_POST['address'];
$city = $_POST['city'];
$state_province = $_POST['state_province'];
$country = $_POST['country'];
$zip = $_POST['zip'];
$continent = $_POST['continent'];
$phone = $_POST['phone'];
$major_city = $_POST['major_city'];
$faves = $_POST['faves'];
$comments = $_POST['comments'];
$data = array();
$valid = array();
foreach($_POST as $k => $v)
{
switch($k)
{
case 'street_team_data':
break;
case 'first_name':
$data[$k] = $v;
$valid[$k] = !preg_match('#[0-9]#',$v);
if (!$valid[$k]) {
echo "You must enter your first name";
}
break;
case 'last_name':
$data[$k] = $v;
$valid[$k] = !preg_match('#[0-9]#',$v);
if (!$valid[$k]) {
echo "You must enter your last name";
}
break;
case 'birth_year':
$data[$k] = $v;
$valid[$k] = !preg_match('#[0-9]#',$v);
if (!$valid[$k]) {
echo "You must enter your birth year";
}
break;
case 'email':
$data[$k] = $v;
$valid[$k] = !preg_match('#[0-9]#',$v);
if (!$valid[$k]) {
echo "You must enter a working email address";
}
break;
case 'address':
$data[$k] = $v;
$valid[$k] = !preg_match('#[0-9]#',$v);
if (!$valid[$k]) {
echo "You must enter your address";
}
break;
case 'city':
$data[$k] = $v;
$valid[$k] = !preg_match('#[0-9]#',$v);
if (!$valid[$k]) {
echo "You must enter your city";
}
break;
case 'state_province':
$data[$k] = $v;
$valid[$k] = !preg_match('#[0-9]#',$v);
if (!$valid[$k]) {
echo "You must enter your state or province";
}
break;
case 'zip':
$data[$k] = $v;
$valid[$k] = !preg_match('#[0-9]#',$v);
if (!$valid[$k]) {
echo "You must enter your zip or post code";
}
break;
case 'country':
$data[$k] = $v;
$valid[$k] = !preg_match('#[0-9]#',$v);
if (!$valid[$k]) {
echo "You must enter your country";
}
break;
case 'continent':
$data[$k] = $v;
$valid[$k] = !preg_match('#[0-9]#',$v);
if (!$valid[$k]) {
echo "You must enter your continent";
}
break;
default:
$data[$k] = $v;
$valid[$k] = true; // preg_match
break;
}
$banned = false;
$banlist[] = '';
if (isset($_SERVER["HTTP_X_FORWARDED_FOR"]))
$ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
else
$ip = $_SERVER["REMOTE_ADDR"];
$octets1 = explode(".", $ip);
foreach ($banlist as $val){
$octets2 = explode(".", $val);
if ( ($octets1[0] == $octets2[0] || $octets2[0] == "*") && ($octets1[1] == $octets2[1] || $octets2[1] == "*") &&
($octets1[2] == $octets2[2] || $octets2[2] == "*") && ($octets1[3] == $octets2[3] || $octets2[3] == "*")){
$banned = true;
break;
}
}
$sql = "insert into street_team (date, first_name, last_name, birth_year, email, address, city, state_province, country, zip, continent, phone, major_city, faves, comments, ip)
values ('$date', '$first_name', '$last_name', '$birth_year', '$email', '$address', '$city', '$state_province', '$country', '$zip', '$continent', '$phone', '$major_city', '$faves', '$comments', '$ip')";
if (!$banned){
$res = mysql_query($sql,$dbh);
if (!$res) {
echo mysql_errno().": ".mysql_error ()."";
return 0;
}
}
echo"Submission successful";
}
?>If I had more time, I'd read up on all this to work it out but I was supposed to have the form finished a couple of days ago - it's the last item left in a rather large site. But with limited time and limited (read: zero) programming knowledge, I can't afford to tinker with things too much. Would someone be able to show me how to change my code so that it works? I know this is asking a lot but I'm pretty desperate to get this thing finished right now. I can pay you for your time if need be.feyd wrote:your preg matches just check if 1 single number is in each of the fields.. The way it's written now, it's always inserting data. You need to check for invalid fields, and not insert when those happen.. use a [php_man]foreach[/php_man] for that.