[SOLVED] Validation and Insert problems

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Addos
Forum Contributor
Posts: 305
Joined: Mon Jan 17, 2005 4:13 pm

[SOLVED] Validation and Insert problems

Post by Addos »

Hi,
This is my very first time posting here so I hope I’m following all the rules. If not, go easy as I’m also new to PHP but learning fast.
I wonder if anybody can see why the two codes will not work together.
For example at the moment if I enter details into the Form the info is
passed to the database without the validation kicking in. If I test each
separately i.e. validation without the 'insert record' code and the 'insert
recode' without the validation code, both work perfectly but just placing them
together causes the validation to be ignored.
I know that I need to make sure the insert code is only called when everything else is fine but I’m at this two days now and just can’t seem to see where I’m going in order to correct this.

Any help is much appreciated.

Thanks
Brian

Code: Select all

<?php require_once('Connections/b.php'); ?>
<?php
if ($_POST && array_key_exists('sendCom',$_POST)) &#123;
  $nomessage='';
  $GuestName='';
// Check each field and build errors array if problems found
if (isset($_POST&#1111;'GuestDetails']) && !empty($_POST&#1111;'GuestDetails'])) &#123;
  $message=strip_tags($_POST&#1111;'GuestDetails']);
  &#125;
else &#123;
  $nomessage = 'Message';
  &#125;
if (isset($_POST&#1111;'GuestName']) && !empty($_POST&#1111;'GuestName'])) &#123;
  $GuestName=trim($_POST&#1111;'GuestName']);
  &#125;
else &#123;
  $error&#1111;'GuestName'] = 'You must give your name';
&#125;
&#125;
function GetSQLValueString($theValue, $theType, $theDefinedValue = "",
$theNotDefinedValue = "")
&#123;
  $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;



  switch ($theType) &#123;
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" :
"NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue :
$theNotDefinedValue;
      break;
  &#125;
  return $theValue;
&#125;
$editFormAction = $_SERVER&#1111;'PHP_SELF'];
if (isset($_SERVER&#1111;'QUERY_STRING'])) &#123;
  $editFormAction .= "?" . htmlentities($_SERVER&#1111;'QUERY_STRING']);
&#125;
if ((isset($_POST&#1111;"MM_insert"])) && ($_POST&#1111;"MM_insert"] == "form1")) &#123;
  $insertSQL = sprintf("INSERT INTO tblguestbook (GuestName, GuestLocation,
GuestDetails, GuestWebsite, GuestEmail, GuestDate) VALUES (%s,%s, %s, %s,
%s, CURDATE())",
                       GetSQLValueString($_POST&#1111;'GuestName'], "text"),
                       GetSQLValueString($_POST&#1111;'GuestLocation'], "text"),
                       GetSQLValueString($_POST&#1111;'GuestDetails'], "text"),
                       GetSQLValueString($_POST&#1111;'GuestWebsite'], "text"),
                      GetSQLValueString($_POST&#1111;'GuestEmail'], "text"));
  mysql_select_db($database_brian, $brian);
  $Result1 = mysql_query($insertSQL, $brian) or die(mysql_error());
  $insertGoTo = "guestbook.php";
  if (isset($_SERVER&#1111;'QUERY_STRING'])) &#123;
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER&#1111;'QUERY_STRING'];
  &#125;
  header(sprintf("Location: %s", $insertGoTo));
&#125;
?>

<?php
// Display error message if errors have been found in submission
if (isset($nomessage) || isset($error)) &#123;
?>
Error.
<?php
  &#125;
?>
<form method="post" name="form1" action="<?php echo $editFormAction; ?>">
GuestName:
              <?PHP
            if(isset($error)) &#123;//Display error essage.Otherwise skip row.
            foreach ($error as $key=> $value)&#123; //Loop through error message,
and display
            echo $value;
            &#125;
            &#125;
            ?>
      <input type="text" name="GuestName" value="" size="32">
    GuestLocation:
      <input type="text" name="GuestLocation" value="" size="32">
    GuestDetails:
              <?php if (isset($nomessage) && !empty($nomessage)) &#123;
                          echo $nomessage; &#125; else &#123;
                          &#125; ?>
   <textarea name="GuestDetails" cols="55" rows="10" id="GuestDetails"
 ><?php if (isset($_POST&#1111;'comments'])) echo $_POST&#1111;'comments']; ?></textarea>
GuestWebsite:
      <input type="text" name="GuestWebsite" value="" size="32">
    GuestEmail:
      <input type="text" name="GuestEmail" value="" size="32">
      <input name="sendCom" type="submit" id="sendCom" value="Post Message"
/>

               <input name="Reset" type="reset" value="Reset">
<input type="hidden" name="MM_insert" value="form1">
</form>
McGruff
DevNet Master
Posts: 2893
Joined: Thu Jan 30, 2003 8:26 pm
Location: Glasgow, Scotland

Post by McGruff »

Try sprinkling a few of these through the code.

Code: Select all

echo  __FILE__ . ' | line ' . __LINE__ . '<br />';
Start at the beginning. The first place you don't see anything being echo'd when you run the script is the line immediately after the problem. Probably.
Last edited by McGruff on Sun Aug 07, 2005 3:38 am, edited 1 time in total.
magicrobotmonkey
Forum Regular
Posts: 888
Joined: Sun Mar 21, 2004 1:09 pm
Location: Cambridge, MA

Post by magicrobotmonkey »

you are always validating, but you are failing to check for passed validation before running the query. You need some boolean that you can set to true then change to false if something fails validation. Then do an if with that bool before running the query.
Addos
Forum Contributor
Posts: 305
Joined: Mon Jan 17, 2005 4:13 pm

Post by Addos »

Thanks very much for all your replies. I just got this sorted. I appreciate your help very much.
Thanks
Brian
Post Reply