Here is the code I am using:
Code: Select all
<?php
ob_start();
session_start();
if($_SESSION['tracker'] != 1)
header("location: index.php");
/*
* Quote a variable to make it safe
*/
function quote_smart($value)
{
// Stripslashes if we need to
if (get_magic_quotes_gpc())
{
$value = stripslashes($value);
}
// Quote it if it's not an integer
if (!is_int($value))
{
$value = mysql_real_escape_string($value);
}
return $value;
}
$showerror = '';
if(isset($_POST['Submit']))
{
$error = '';
if(empty($_POST['Fname']))
{
$error = "Please enter the first name.";
}
elseif(preg_match("/^[a-zA-Z]+$/", $_POST['Fname'], $matches) == 0)
{
$error = "Please enter the first name containing only letters.";
}
elseif(empty($_POST['Lname']))
{
$error = "Please enter the last name.";
}
elseif(preg_match("/^[a-zA-Z]+$/", $_POST['Lname'], $matches) == 0)
{
$error = "Please enter the last name containing only letters.";
}
elseif(empty($_POST['Company']))
{
$error = "Please enter the company.";
}
elseif(preg_match("/^[a-zA-Z0-9\s.,]+$/", $_POST['Company'], $matches) == 0)
{
$error = "Please enter the company name in a proper format.";
}
elseif(empty($_POST['Address1']))
{
$error = "Please enter the company address.";
}
elseif(preg_match("/^[a-zA-Z0-9\s.,]+$/", $_POST['Address1'], $matches) == 0)
{
$error = "Please enter the company address in a proper format.";
}
elseif(!empty($_POST['Address2']))
{
if(preg_match("/^[a-zA-Z0-9\s.,]+$/", $_POST['Address2'], $matches) == 0)
{
$error = "Please enter the company address in a proper format.";
}
}
elseif(empty($_POST['Zip']))
{
$error = "Please enter the zip code.";
}
elseif(preg_match("/^[0-9]+$/", $_POST['Zip'], $matches) == 0)
{
$error = "Please enter the zip code in the proper format.";
}
elseif(empty($_POST['City']))
{
$error = "Please enter the City.";
}
elseif(preg_match("/^[a-zA-Z\s.]+$/", $_POST['City'], $matches) == 0)
{
$error = "Please enter the city in a proper format.";
}
elseif(empty($_POST['State']))
{
$error = "Please enter the state.";
}
elseif(preg_match("/^[\sa-zA-Z.]+$/", $_POST['State'], $matches) == 0)
{
$error = "Please enter the state in a proper format.";
}
elseif(empty($_POST['Email']))
{
$error = "Please enter the email address.";
}
elseif(preg_match("/^([a-zA-Z0-9_'+*$%\^&!\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9:]{2,4})+$/", $_POST['Email'], $matches) == 0)
{
$error = "Invalid email address";
}
elseif(empty($_POST['Website']))
{
$error = "Please enter the company address.";
}
elseif(empty($_POST['Phone']))
{
$error = "Please enter the phone number.";
}
elseif(preg_match("/(\d{3})\D*(\d{3})\D*(\d{4})\D*(\d*)$/", $_POST['Phone'], $matches) == 0)
{
$error = "Please enter the phone number in a correct format.";
}
elseif(!empty($_POST['Cell']))
{
if(preg_match("/(\d{3})\D*(\d{3})\D*(\d{4})\D*(\d*)$/", $_POST['Cell'], $matches) == 0)
{
$error = "Please enter the cell number in a correct format.";
}
}
elseif(!empty($_POST['Fax']))
{
if(preg_match("/(\d{3})\D*(\d{3})\D*(\d{4})\D*(\d*)$/", $_POST['Fax'], $matches) == 0)
{
$error = "Please enter the fax number in a correct format.";
}
}
if($error == '')
{
//transfer to shorter var
$Fname = $_POST['Fname'];
$Lname = $_POST['Lname'];
$Company = $_POST['Company'];
$Address1 = $_POST['Address1'];
$Zip = $_POST['Zip'];
$City = $_POST['City'];
$State = $_POST['State'];
$Email = $_POST['Email'];
$Website = $_POST['Website'];
$Phone = $_POST['Phone'];
if(!empty($_POST['Address2']))
$Address2 = $_POST['Address2'];
else
$Address2 = "--";
if(!empty($_POST['Cell']))
$Cell = $_POST['Cell'];
else
$Cell = "--";
if(!empty($_POST['Fax']))
$Fax = $_POST['Fax'];
else
$Fax = "--";
// Gets hidden varibles
if(!isset($_SESSION['SESSION'])) require ( "../include/session_SC.php");
// Connecting, selecting database
$connect = @mysql_connect($_SESSION['MYSQL_SERVER1'], $_SESSION['MYSQL_LOGIN1'], $_SESSION['MYSQL_PASS1'])
or die('Error! Connection failure......');
$db = $_SESSION['MYSQL_DB2'];
mysql_select_db($db) or die('Error! Could not select database.');
$query=sprintf( "INSERT INTO contact (ip, Fname, Lname, Company, Address1, Address2, Zip, City, State, Email, Website, Phone, Cell, Fax)
VALUES ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')", $_SESSION['ip'],
quote_smart($Fname), quote_smart($Lname), quote_smart($Company), quote_smart($Address1), quote_smart($Address2), quote_smart($Zip),
quote_smart($City), quote_smart($State), quote_smart($Email), quote_smart($Website), quote_smart($Phone), quote_smart($Cell), quote_smart($Fax));
if(mysql_query($query))
{
header ("Location: ContactAdded.php");
mysql_close();
}
else
$error = "Contact information could not be added!";
}//end if $error == '';
$showerror = $error;
}//if isset
?>Code: Select all
<!DOCTYPE html PUBLIC "-//W3C//XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Contact</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
</head>
<body class="sub" bgcolor="#FF6666" onLoad="document.forms.form1.Fname.focus()">
<h2 align="center">Contact Information</h2>
<p> <a href="Results.php">Back to Results</a><br /></p>
<p align="center"><?php echo $showerror; ?></p>
<form action="" method="post" name="form1" id="form1">
<table width="50%" border="0" cellspacing="2" cellpadding="2" align="center">
<tr style="vertical-align: top">
<td align="right">
<label for="Fname"><strong>* First Name:</strong></label> </td>
<td align="left">
<input id="Fname" name="Fname" type="text" size="30" /> </td>
</tr>
<tr style="vertical-align: top">
<td align="right">
<label for="Lname"><strong>* Last Name:</strong></label> </td>
<td align="left">
<input id="Lname" name="Lname" type="text" size="30" /> </td>
</tr>
<tr style="vertical-align: top">
<td align="right">
<label for="Company"><strong>* Company:</strong></label> </td>
<td align="left">
<input id="Company" name="Company" type="text" size="30" /> </td>
</tr>
<tr style="vertical-align: top">
<td align="right">
<label for="Address"><strong>* Address1:</strong></label> </td>
<td align="left">
<input id="Address1" name="Address1" type="text" size="30" /> </td>
</tr>
<tr style="vertical-align: top">
<td align="right">
<label for="Address"><strong> Address2:</strong></label> </td>
<td align="left">
<input id="Address2" name="Address2" type="text" size="30" /> </td>
</tr>
<tr style="vertical-align: top">
<td align="right">
<label for="Address"><strong>* Zip Code:</strong></label> </td>
<td align="left">
<input id="Zip" name="Zip" type="text" size="5" maxlength="5" /> </td>
</tr>
<tr style="vertical-align: top">
<td align="right">
<label for="City"><strong>* City:</strong></label> </td>
<td align="left">
<input id="City" name="City" type="text" size="30" /> </td>
</tr>
<tr style="vertical-align: top">
<td align="right">
<label for="State"><strong>* State:</strong></label> </td>
<td align="left"><select id="State" name="State">
<option selected="selected" value="">Select State</option>
<option value="AK">ALASKA</option>
<option value="AL">ALABAMA</option>
<option value="AR">ARKANSAS</option>
<option value="AZ">ARIZONA</option>
<option value="CA">CALIFORNIA</option>
<option value="CO">COLORADO</option>
<option value="CT">CONNECTICUT</option>
<option value="DC">DISTRICT OF COLUMBIA</option>
<option value="DE">DELAWARE</option>
<option value="FL">FLORIDA</option>
<option value="GA">GEORGIA</option>
<option value="HI">HAWAII</option>
<option value="IA">IOWA</option>
<option value="ID">IDAHO</option>
<option value="IL">ILLINOIS</option>
<option value="IN">INDIANA</option>
<option value="KS">KANSAS</option>
<option value="KY">KENTUCKY</option>
<option value="LA">LOUISIANA</option>
<option value="MA">MASSACHUSETTS</option>
<option value="MD">MARYLAND</option>
<option value="ME">MAINE</option>
<option value="MI">MICHIGAN</option>
<option value="MN">MINNESOTA</option>
<option value="MO">MISSOURI</option>
<option value="MS">MISSISSIPPI</option>
<option value="MT">MONTANA</option>
<option value="NC">NORTH CAROLINA</option>
<option value="ND">NORTH DAKOTA</option>
<option value="NE">NEBRASKA</option>
<option value="NH">NEW HAMPSHIRE</option>
<option value="NJ">NEW JERSEY</option>
<option value="NM">NEW MEXICO</option>
<option value="NV">NEVADA</option>
<option value="NY">NEW YORK</option>
<option value="OH">OHIO</option>
<option value="OK">OKLAHOMA</option>
<option value="OR">OREGON</option>
<option value="PA">PENNSYLVANIA</option>
<option value="RI">RHODE ISLAND</option>
<option value="SC">SOUTH CAROLINA</option>
<option value="SD">SOUTH DAKOTA</option>
<option value="TN">TENNESSEE</option>
<option value="TX">TEXAS</option>
<option value="UT">UTAH</option>
<option value="VA">VIRGINIA</option>
<option value="VT">VERMONT</option>
<option value="WA">WASHINGTON</option>
<option value="WI">WISCONSIN</option>
<option value="WV">WEST VIRGINIA</option>
<option value="WY">WYOMING</option>
</select></td>
</tr>
<tr style="vertical-align: top">
<td align="right">
<label for="Email"><strong>* Email:</strong></label> </td>
<td align="left">
<input id="Email" name="Email" type="text" size="30" /> </td>
</tr>
<tr style="vertical-align: top">
<td align="right">
<label for="Phone"><strong>* Phone:</strong></label> </td>
<td align="left">
<input id="Phone" name="Phone" type="text" size="30" /> </td>
</tr>
<tr style="vertical-align: top">
<td align="right">
<label for="Phone"><strong>* Website:</strong></label> </td>
<td align="left">
<input id="Website" name="Website" type="text" size="30" /> </td>
</tr>
<tr style="vertical-align: top">
<td align="right">
<label for="Cell"><strong>Cell:</strong></label> </td>
<td align="left">
<input id="Cell" name="Cell" type="text" size="30" /> </td>
</tr>
<tr style="vertical-align: top">
<td align="right">
<label for="Fax"><strong>Fax:</strong></label> </td>
<td align="left">
<input id="Fax" name="Fax" type="text" size="30" /> </td>
</tr>
<tr style="vertical-align: top">
<td align="right">
<input type="submit" name="Submit" value="Submit" onclick="setTimeout('delayer()', 2000);" /> </td>
</tr>
<tr style="vertical-align: top">
<td align="left">* Required Fields</td>
</tr>
</table>
</form>
</body>
</html>
Code: Select all
<?php
ob_end_flush();
?>