Page 1 of 1

Please help! Validation Problem

Posted: Fri Feb 25, 2005 3:56 am
by sarahroache
:oops: Hi all, I am relatively new to using php. At the moment I am working on a customer page into which they must input their details. I would like to be able to validate each individual entry, but I am unsure where to insert the validation code, and whether it is correct. I need something like:

Code: Select all

if (!preg_match("/^ї\w]+ї\w.-]{4,19}$/", $firstname))
        return "<p>Please, enter a valid forename.</p><br />".index.php();


Here is the code so far, I would really appreciate any help:

Code: Select all

<?php require_once('Connections/mysql.php'); ?>
<?php
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}

$editFormAction = $HTTP_SERVER_VARSї'PHP_SELF'];
if (isset($HTTP_SERVER_VARSї'QUERY_STRING'])) {
  $editFormAction .= "?" . $HTTP_SERVER_VARSї'QUERY_STRING'];
}

if ((isset($HTTP_POST_VARSї"MM_insert"])) && ($HTTP_POST_VARSї"MM_insert"] == "newCustomer")) {
  $insertSQL = sprintf("INSERT INTO Customer (title, firstname, surname, addressline1, addressline2, email, town, county, postcode, homephone, workphone, mobile, dateofbirth) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)",
                       GetSQLValueString($HTTP_POST_VARSї'select'], "text"),
                       GetSQLValueString($HTTP_POST_VARSї'firstname'], "text"),
                       GetSQLValueString($HTTP_POST_VARSї'surname'], "text"),
                       GetSQLValueString($HTTP_POST_VARSї'addressline1'], "text"),
                       GetSQLValueString($HTTP_POST_VARSї'addressline2'], "text"),
                       GetSQLValueString($HTTP_POST_VARSї'email'], "text"),
                       GetSQLValueString($HTTP_POST_VARSї'town'], "text"),
                       GetSQLValueString($HTTP_POST_VARSї'county'], "text"),
                       GetSQLValueString($HTTP_POST_VARSї'postcode'], "text"),
                       GetSQLValueString($HTTP_POST_VARSї'homephone'], "text"),
                       GetSQLValueString($HTTP_POST_VARSї'workphone'], "text"),
                       GetSQLValueString($HTTP_POST_VARSї'mobile'], "text"),
                       GetSQLValueString($HTTP_POST_VARSї'dateofbirth'], "text")
                       );
    
  mysql_select_db($database_mysql, $mysql);
  $Result1 = mysql_query($insertSQL, $mysql) or die(mysql_error());
  
      if (empty($HTTP_POST_VARSї'firstname'])) {
    return "You must enter the password". index.php();
    }
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>!</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta name="Author" content="Sarah" />
<meta name="Keywords" content="Sarah" />
<meta name="Description" content="!" />
<meta name="classification" content="Travel" />
<meta name="Rating" content="General" />
<meta name="copyright" content="Copyright ©2005/>
<link rel="stylesheet" type="text/css" href="style.css" />
</head>

<body>
<!-- Corporate Banner -->
<table width="800px" cellpadding="0" cellspacing="0" border="0">
<tr><td height="10"></td></tr>
</table>

<table width="800px" cellpadding="0" cellspacing="0" border="0">
  <tr valign="top"> 
  <td width="10px"></td>
  <td height="123"><img src="img/banner.jpg" alt="Europe" width="780px" height="130" /></td>
  <td width="10px"></td>
  </tr>
</table>

<!-- Top Bar -->
<table width="800px" cellpadding="0" cellspacing="0" border="0">
<tr>
<td width="10px"></td>
<td><img src="img/top.jpg" alt="top bar" width="780px" height="20" /></td>
<td width="10px"></td>
</tr>
</table>

<!-- Table containing main content -->
<table width="800px" border="0" cellpadding="0" cellspacing="0">
  <tr valign="top">
  <td width="10px"></td>
  <td width="180px" bgcolor="#4B007D">
    

          <!-- W3C Validator Logos -->
          <br /><p align="center"><a href="http://validator.w3.org/check?uri=referer"><img style="border:0;width:88px;height:31px"
          src="http://www.w3.org/Icons/valid-xhtml10"
          alt="Valid XHTML 1.0!" height="31" width="88" /></a> </p>
             
  <p align="center"><a href="http://jigsaw.w3.org/css-validator/">
  <img src="http://jigsaw.w3.org/css-validator/images/vcss" 
  alt="Valid CSS!" style="border:0;width:88px;height:31px" /></a></p></td>
          
    <td width="10px"></td>
    <td width="400px"><h2>New Customer</h2>
      <p>This is a dummy site!</p>              
      <form action="<?php echo $editFormAction; ?>" name="newCustomer" id="newCustomer" method="post">
        <table>
          <tbody>
            <tr> 
              <td style="text-align: left;"> <label for="newCustomer">*Title: 
                </label></td>
              <td> <select name="select" size="1">
                  <option>Mr</option>
                  <option>Mrs</option>
                  <option>Miss</option>
                  <option>Ms</option>
                </select> <input type="hidden" name="MM_insert" value="newCustomer"/></td>
            </tr>
            <tr> 
              <td><label>*Forename: </label></td>
              <td><input name="firstname" type="text" id="firstname" maxlength="30"/></td>
            </tr>
            <tr> 
              <td><label>*Surname: </label></td>
              <td><input name="surname" type="text" id="surname" maxlength="30"/></td>
            </tr>
            <tr> 
              <td><label>*Address Line 1: </label></td>
              <td><input name="addressline1" type="text" id="addressline1" maxlength="50"/></td>
            </tr>
            <tr> 
              <td><label>*Address Line 2: </label></td>
              <td><input name="addressline2" type="text" id="addressline2" maxlength="50"/></td>
            </tr>
            <tr> 
              <td><label>*City/Town: </label></td>
              <td><input name="town" type="text" id="town" maxlength="30"/></td>
            </tr>
            <tr> 
              <td><label>*County: </label></td>
              <td><input name="county" type="text" id="county" maxlength="30"/></td>
            </tr>
            <tr> 
              <td><label>*Postcode: </label></td>
              <td><input name="postcode" type="text" id="postcode" maxlength="8"/></td>
            </tr>
            <tr> 
              <td><label>*Email Address: </label></td>
              <td><input name="email" type="text" id="email" maxlength="50"/></td>
            </tr>
            <tr> 
              <td><label>*Home Phone Number: </label></td>
              <td><input name="homephone" type="text" id="homephone" maxlength="15"/></td>
            </tr>
            <tr> 
              <td><label>*Work Phone Number: </label></td>
              <td><input name="workphone" type="text" id="workphone" maxlength="15"/></td>
            </tr>
            <tr> 
              <td><label>*Mobile Phone Number: </label></td>
              <td><input name="mobile" type="text" id="mobile" maxlength="15"/></td>
            </tr>
            <tr> 
              <td><label>*Date Of Birth: </label></td>
              <td><input name="dateofbirth" type="text" id="dateofbirth" value="0000-00-00" maxlength="10"/></td>
            </tr>
          </tbody>
        </table>
        <div align="center"> <br />
          <input type="submit" name="Submit" value="Submit" />
        </div>
      </form>

              <p align="center"> This site is © Copyright 
              , All Rights Reserved<br />
              </p>
    </td>
    <td width="10px"></td>
    <td width="180px" bgcolor="#4B007D"></td>
    <td width="10px"></td>
  </tr>
</table>
</body>
</html>

feyd | use

Code: Select all

tags while the

Code: Select all

tags are offline[/color]

Posted: Fri Feb 25, 2005 4:21 am
by n00b Saibot
first of all you should post all code using code tags provided.

secondly you can validate input same way you do in GetSQLValueString function. define another function to validate the input and call it after GetSQLValueString function. Simple :)