Page 1 of 1

SOLVED

Posted: Wed Apr 06, 2005 5:47 am
by Addos
Hi,
I need an eagle eye on this page as I’m going mad trying to get it to process an insert for me.
Basically when I fill out all the required fields the page seems to just refresh in that it doesn’t insert the form data and yet doesn’t throw an error.
If I remove all the validation it works perfectly.
Thanks a mil for any help as I’m using something very similar on another page but yet can’t crack this one.
Best wishes
Brian

Code: Select all

<?php
$pattern = '/^\w[-.\w]*@([-a-z0-9]+\.)+[a-z]{2,4}$/i';
if ($_POST && array_key_exists('sendCom',$_POST)) {
  $nomessage='';
  $nomessageAdd='';
  $nomessagePhone='';
  $nomessageInst='';
  $error=array();
  $error_email=array();
  $message='';
  $Email= $_POST['Email'];
  
if (isset($_POST['FirstName']) && !empty($_POST['FirstName'])) {
  $FirstName=trim($_POST['FirstName']);
  }
else {
  $error['FirstName'] = 'First Name Required';
  }
if (isset($_POST['LastName']) && !empty($_POST['LastName'])) {
  $message=strip_tags($_POST['LastName']);
  }
else {
  $nomessage = 'Last Name Required';
  }
if (isset($_POST['Address']) && !empty($_POST['Address'])) {
  $messageAdd=strip_tags($_POST['Address']);
  }
else {
  $nomessageAdd = 'Address Required';
  } 
if (isset($_POST['Phone']) && !empty($_POST['Phone'])) {
  $messagePhone=strip_tags($_POST['Phone']);
  }
else {
  $nomessagePhone = 'Phone Required';
  } 
if (isset($_POST['InstrumentsTaught']) && !empty($_POST['InstrumentsTaught'])) {
  $messageInst=strip_tags($_POST['InstrumentsTaught']);
  }
else {
  $nomessageInst = 'Inst Required';
  } 
   // Removes HTTP:// or http:// and strips white space
	 $url = trim($_POST['WebSite']);
	 if (strpos(strtolower($url), 'http://') ===0) {
	 $url = substr($url, 7);
	}
	
 if (empty($_POST['Email'])) {// validation of email if inserted otherwise ignore
	 } else {
	 if (!preg_match($pattern,$Email)) $error_email['invalid'] = 'ERROR! Invalid Email. <br> It should be similar <br>to the following: info@me.com';
     }
	 }
	 
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
if (!$nomessage && !$error)  {
if (!$nomessage && !$error_email)  {
if (!$nomessage && !$nomessageAdd)  {
if (!$nomessage && !$nomessagePhone)  {

  $insertSQL = sprintf("INSERT INTO applicants (FirstName, LastName, Address, FullAddress, LocationList, Phone, WebSite, Email, TeachGenre, InstrumentsTaught, Qualifications, Comments) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)",
                       GetSQLValueString($_POST['FirstName'], "text"),
                       GetSQLValueString($_POST['LastName'], "text"),
					   GetSQLValueString($_POST['Address'], "text"),
					   GetSQLValueString($_POST['FullAddress'], "text"),
					   GetSQLValueString($_POST['LocationList'], "text"),
					   GetSQLValueString($_POST['Phone'], "text"),
                       GetSQLValueString($_POST['WebSite'], "text"),
                       GetSQLValueString($_POST['Email'], "text"),
					   GetSQLValueString($_POST['TeachGenre'], "text"),
 					   GetSQLValueString($_POST['Qualifications'], "text"),
					   GetSQLValueString($_POST['InstrumentsTaught'], "text"),
					   GetSQLValueString($_POST['Comments'], "text"));
					   
  mysql_select_db($database_imtdatabase, $imtdatabase);
  $Result1 = mysql_query($insertSQL, $imtdatabase) or die(mysql_error());
  
    $insertGoTo = "application_thank.PHP";
  if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $insertGoTo));
}
}
}
}
}

Code: Select all

<form method="post" name="form1" action="<?php echo $editFormAction; ?>">
      <table align="center">
        <tr valign="baseline">
          <td nowrap align="right">* FirstName:
		  <?php 
	  if (isset($error)) { // Display error messages. Otherwise skip table row.
	   // Loop through error messages and display
		foreach ($error as $key => $value) {
		  echo $value.'<br />';
		  }
		  }
		?>
		  </td>
          <td><input type="text" name="FirstName" value="" size="32"></td>
        </tr>
        <tr valign="baseline">
          <td nowrap align="right">* LastName:
		  <?php if (isset($nomessage) && !empty($nomessage)) {
		  echo $nomessage; } else { 		 
		  } ?>
		  </td>
          <td><input type="text" name="LastName" value="" size="32"></td>
        </tr>
		          <td nowrap align="right" valign="top">* Address:
				<?php if (isset($nomessageAdd) && !empty($nomessageAdd)) {
		  echo $nomessageAdd; } else { 		 
		  } ?>  
				  </td>
                    <td><textarea name="Address" cols="28" rows="4"></textarea>
        </td>
		<tr valign="baseline">
        <td nowrap align="right">Include Full Address:</td>
        <td valign="baseline"><input type="radio" name="FullAddress" value="Include_Address" checked >
        </tr>
      <tr valign="baseline">
        <td nowrap align="right">Only Include County </td>
        <td valign="baseline"><input type="radio" name="FullAddress" value="Dont_include_Address" >
        </tr>
		<tr valign="baseline">
        <td nowrap align="right">Choose County:</td>
        <td valign="baseline"><?PHP echo "<select name='LocationList' id='LocationList'>\n";
	  // this has replaced the a codeing row that usually is entered above by DW 
		while($dbRow = mysql_fetch_array($rstSearchLocations)){ 
  		echo "<option value='"
		. $dbRow["Counties_IDPK"]  
		. "'>"
		. $dbRow["Counties_Name"]
		."</option>\n"; 
		} echo "</select>\n"; 
		?>
      </tr>
	  <tr valign="baseline">
        <td nowrap align="right"> * Phone:
		<?php if (isset($nomessagePhone) && !empty($nomessagePhone)) {
		  echo $nomessagePhone; } else { 		 
		  } ?>  
		</td>
        <td><input type="text" name="Phone" value="" size="32"></td>
      </tr>
      <tr valign="baseline">
        <td nowrap align="right">Website:</td>
        <td><input type="text" name="WebSite" value="" size="32"></td>
      </tr>
      <tr valign="baseline">
        <td nowrap align="right">Email:
		<?php 
	  if (isset($error_email)) {	  
		foreach ($error_email as $key => $value) {
		  echo $value.'<br />';
		  }
		  }
		?></td>
        <td><input type="text" name="Email" value="" size="32"></td>
      </tr>
      <tr valign="baseline">
        <td nowrap align="right">Mobile:</td>
        <td><input type="text" name="Mobile" value="" size="32"></td>
      </tr>
	  <tr valign="baseline">
        <td nowrap align="right">Do you teach from home:</td>
        <td valign="baseline"><input type="radio" name="TeachGenre" value="HomeTeach" >
        </tr>
      <tr valign="baseline">
        <td nowrap align="right">Do you  teach in a music school:</td>
        <td valign="baseline"><input type="radio" name="TeachGenre" value="SchoolTeach" >
        </tr>
      <tr valign="baseline">
        <td nowrap align="right">Do you teach  home  & music school:</td>
        <td valign="baseline"><input type="radio" name="TeachGenre" value="Home_School" checked >
        </tr>
         <tr valign="baseline">
        <td nowrap align="right" valign="top">* InstrumentsTaught:
		<?php if (isset($nomessageInst) && !empty($nomessageInst)) {
		  echo $nomessageInst; } else { 		 
		  } ?>  
		</td>
        <td><textarea name="InstrumentsTaught" cols="28" rows="4"></textarea>
        </td>
      </tr>
      <tr valign="baseline">
        <td nowrap align="right" valign="top">Qualifications:</td>
        <td><textarea name="Qualifications" cols="28" rows="4"></textarea>
        </td>
      </tr>
      <tr valign="baseline">
        <td nowrap align="right" valign="top">Comments:</td>
        <td><textarea name="Comments" cols="28" rows="4"></textarea></td>
      </tr>
      <tr valign="baseline">
        <td nowrap align="right">&nbsp;</td>
        <td><input type="submit" value="Insert record"></td>
      </tr>
    </table>
      <input type="hidden" name="sendCom" value="form1">
    </form>

feyd | :|

Posted: Wed Apr 06, 2005 8:25 am
by CoderGoblin
What do you get if you echo the insert query string ?

I would guess you are trying to use string values without single quotes.

Posted: Wed Apr 06, 2005 9:54 am
by feyd
$_POST['MM_insert'] does not exist.

Posted: Wed Apr 06, 2005 11:39 am
by Addos
Thank you thank thank you. Did is say thanks you?

I wish I could say it in person.

Much appreciated.

Brian