Page 1 of 1

Trouble validating on multiple forms

Posted: Thu May 15, 2008 11:45 am
by KaneNY250
Hi,

I have this code I'm working with. I want it to validate each of the text fields, and if they all pas, then submit to the database. Otherwise, I want error messages to be revealed and not allow insertion into the database. For some reason the error messages are automatically showing up once I navigate to the page, and it is not validating correctly - allowing insertion of blank fields and such.

Can someone take a look and tell me what I'm doing wrong here?

Thanks!

Code: Select all

 
<?php
 
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$emailaddy = $_POST['email'];
$doubleaddycheck = "SELECT * FROM emaillist WHERE email = $emailaddy";
$doubleaddycheck = mysql_query($doubleaddycheck);
$insertcontactdata = "INSERT INTO emaillist (email, firstname, lastname) VALUES ('$emailaddy2', '$firstname2', '$lastname2')";
 
$errors = array();
 
if (!empty($_POST['email'])) {
    if (!preg_match('/^[^\x00-\x20()<>@,;:\\".[\]\x7f-\xff]+(?:\.[^\x00-\x20()<>@,;:\\".[\]\x7f-\xff]+)*\@[^\x00-\x20()<>@,;:\\".[\]\x7f-\xff]+(?:\.[^\x00-\x20()<>@,;:\\".[\]\x7f-\xff]+)+$/i', $emailaddy)) {
        $errors[] = "Please enter a valid e-mail address.";
    } elseif (mysql_num_rows($doubleaddycheck) > 0) {
        $errors[] = "That e-mail address has already been added!";
    } else {
        $emailaddy2 = $_POST['email'];
    }
} else {
  $errors[] = "Please enter an e-mail address";
}
 
if (!empty($_POST['firstname'])) {
    if (!preg_match("/^[a-z\\\'\-\s]+$/i", $firstname)) {
        $errors[] = "Please enter a valid first name.";
    } elseif (strlen($firstname) < 1) {
        $errors[] = "Please enter a valid first name.";
    } else {
        $firstname2 = $_POST['firstname'];
    }
} else {
  $errors[] = "Please enter a first name.";
}
 
if (!empty($_POST['lastname'])){
    if (!preg_match("/^[a-z\\\'\-\s]+$/i", $lastname)) {
        $errors[] = "Please enter a valid last name.";
    } elseif (strlen($lastname)< 1) {
        $errors[] = "Please enter a valid last name.";
    } else {
        $lastname2 = $_POST['lastname'];
    }
} else {
  $errors[] = "Please Enter a last name.";
}
 
 
if (empty($errors)) { //if the array $errors is empty(everything passed) continue with the script and add the person.
    mysql_query($insertcontactdata);
    print "Welcome to the list<b> $firstname! </b><br />\n";
    print "Your e-mail address: <b> $emailaddy </b>will be included in future e-mails.";
 
} else { //the array has an error in it, print the error.
    foreach ($errors as $msg) {
        echo " - $msg\n";
    }
}
 
?>
 

Re: Trouble validating on multiple forms

Posted: Thu May 15, 2008 12:16 pm
by JacobT
It looks like your regex is failing. I would remove it for the first and last name. Seems overly complicated to me.

Re: Trouble validating on multiple forms

Posted: Thu May 15, 2008 12:22 pm
by JacobT
BTW, this is the regex I use for validating emails, much simpler than the one you have:

Code: Select all

if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) { }
cheers!

Re: Trouble validating on multiple forms

Posted: Thu May 15, 2008 12:23 pm
by Dutchben
First i notice you are not quoting $emailaddy in
$doubleaddycheck = "SELECT * FROM emaillist WHERE email = $emailaddy";
i think to get a result it should read
$doubleaddycheck = "SELECT * FROM emaillist WHERE email = '$emailaddy'";
Also your building your insert string when the variables arent set yet.
$insertcontactdata = "INSERT INTO emaillist (email, firstname, lastname) VALUES ('$emailaddy2', '$firstname2', '$lastname2')";
Should be after instead of before your errorchecking.

The regular expression i don't know about, they alsways give me a headache

Re: Trouble validating on multiple forms

Posted: Thu May 15, 2008 12:42 pm
by KaneNY250
Thanks. I don't think the quotes are necessary, since it has done successful inserts in the past without them. Also, I thought order didn't matter when defininig variables, since I don't actually call that variable until much later?

I suppose I can remove the regex for the names though...

Re: Trouble validating on multiple forms

Posted: Thu May 15, 2008 12:55 pm
by Chalks
KaneNY250 wrote:Thanks. I don't think the quotes are necessary, since it has done successful inserts in the past without them. Also, I thought order didn't matter when defininig variables, since I don't actually call that variable until much later?

I suppose I can remove the regex for the names though...
The order definitely matters. Try echoing $insertcontactdata and see what it says.

Re: Trouble validating on multiple forms

Posted: Thu May 15, 2008 1:04 pm
by Dutchben
You should quote the email adres in your SELECT query otherwise its doesn't give you a result. Your insert querys are fine

$doubleaddycheck = "SELECT * FROM emaillist WHERE email = '$emailaddy'";

Re: Trouble validating on multiple forms

Posted: Thu May 15, 2008 1:16 pm
by KaneNY250
ok, thanks.

I print out the insert statement at the beginning and it is empty (as expected) but if I print out out at the end, it only contains the email address, but not the other two fields. So since I'm not calling the insert until later on, I don't think that's an issue. I have added the quotes around the '$emailaddy' now though. Still having issues getting it to loop correctly though...

Re: Trouble validating on multiple forms

Posted: Thu May 15, 2008 2:00 pm
by KaneNY250
I worked on my code a bit, and now everything validates correctly. However, the one last issue I'm having is that all the error messages show up immediately when I navigate to the page, and I only want them to show up if the submit button has been pressed. I tried nesting everything into another if ($_POST){ but that didn't change anything.

Thoughts?

New Code:

Code: Select all

 
 
if (!empty($_POST['email'])) {
    $emailaddy = $_POST['email'];
    $doubleaddycheck = "SELECT * FROM emaillist WHERE email = '$emailaddy'";
    $doubleaddycheck = mysql_query($doubleaddycheck);
        if (!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $_POST['email'])) {
            print "Please enter a valid e-mail address<br />";} 
            elseif (mysql_num_rows($doubleaddycheck) > 0) {
                print "That e-mail address has already been added!<br />";} 
            else {
                $emailaddy2 = $_POST['email'];
    }
} else {
  print "Please enter an e-mail address<br />";
}
 
if (!empty($_POST['firstname'])) {    
        $firstname = $_POST['firstname'];}
  else {
        print "Please enter a first name.<br />";
}
 
if (!empty($_POST['lastname'])){
        $lastname = $_POST['lastname'];}
  else {
        print "Please Enter a last name.<br />";
}
 
if ((strlen($emailaddy2)>0) && (strlen($firstname)>0) && (strlen($lastname)>0)) {
    $insertcontactdata = "INSERT INTO emaillist (email, firstname, lastname) VALUES ('$emailaddy2', '$firstname', '$lastname')";
    mysql_query($insertcontactdata);
    print "Welcome to the list<b> $firstname! </b><br />\n";
    print "Your e-mail address: <b> $emailaddy2 </b>will be included in future e-mails.";
}
 

Re: Trouble validating on multiple forms

Posted: Thu May 15, 2008 2:07 pm
by KaneNY250
Neverming, got it!

if (isset($_POST['submit'])

All fixed! Thanks for all your help!