PHP - Check Mysql Field?

Hey all. What is the best way to check if a form field has been entered by the user? Because a field left blank by the user still shows up as set with the isset function.

Example:
if (isset($_POST['name']))
{
echo "The field is set";
}

This is a problem if I'm checking if the user has skipped over the name field on a form because an empty value gets passed to the POST array even if the field is left blank.

Do people use empty or a regular expression instead?

Cheers!

so I have this code:
Code: [Select]
<input type='checkbox' name='title8' value='$title8' /></td><td><strong>$title8</strong> <br /> $date8 <br />$ $price8<input type='hidden' name='price8' value='$price8'> how do I make is so that the hidden field is only going to submit if the checkbox is checked........

Hi there once again, sry for previous wrong section, i guess this time i'm on the right place ;p

Well i need following:

I have few forms (input fields) with requested informations, also i have other .php file which i'm calling to send a form. Now i need to know how can i do a check for those fields if they are empty or not. If they are, i need to STOP submiting the form (calling the other .php).

Codes:

Form:
Code: [Select]
<form name="f1" form method="post" action="posalji.php"/>Field:
Code: [Select]
<input type="text" name="hp1" size="20"/>Submit:
Code: [Select]
<input name="f1" type="image" src="registruj.png" onclick="if(f1.hp1.value.length==0) alert('Error: field can't be empty'); else f1.submit(); if(f1.hp2.value.length==0) alert('Error: field can't be empty'); else f1.submit();"/>There are more than one field, that's why you can see more errors in submit. Well all i need is "die" or "stop" calling the "posalji.php" from action above.

Sry 4 poor english.

Pehaps this is kidstuff but i'm a kid at heart.

I have only 1 form field on a form
User enters a special code in the form.
Once submitted the form is queried against a mysql database to see if the code exists.
If code does not exist it must be reentered.
If code exists then redirected.

basically its like "get to the next page if you have the code"

thanks

I am building a system where people are able to choose a food menu, they can modify each dish if needed and then say how many of each item they need for the order.

So when they pick the breakfast menu, it selects all starters, mains and desserts.  Should something need to be edited (sausages changed to vegitarian sausages) the user should be able to overtype what has been populated from the select statement)

When the form is submitted, the order needs to be linked to the current job which is in a field ssm_job.job_id but the changes to the menu items need to be stored somewhere for the current order only.  This obviously needs to be accessile later so further changes can be made if needed.  I am not sure of the best way to go about this as i am trying not to save every item in another database (just trying to be tidy)

Any advise on this would be greatly appreciated.

I have had help on this project in relation to an sql and the background can be found below, the help has been amazing but as this is a very different question i thought i would start a new thread.

 

Kind Regards

Hello there,

My current song request form process looks like:

<?php
                if(isset($_POST['submit'])) {
                $to = 'address@website.com' ;  
$name = trim($_POST['name']);
                $message = trim($_POST['message']);
                $artist = trim($_POST['artist']);
                $song = trim($_POST['song']);
$subject="Name:$name - Message:$message - Artist:$artist - Song:$song";
                $headers  = 'MIME-Version: 1.0' . "\r\n";
                $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
                $message = "<table>
                <tr><td>Name</td><td>".$_POST['name']."</td></tr>
                <tr><td>Message</td><td>".$_POST['message']."</td></tr>
                <tr><td>Artist</td><td>".$_POST['artist']."</td></tr>
                <tr><td>Song</td><td>".$_POST['song']."</td></tr>
                </tr></table>" ;
                mail($to, $subject, $message, $headers);
                header('Location: song-requests-success.php');
               }
?>

I'm currently using Javascript for blank validation, however, people seem to be getting through it somehow.

I'm looking to implement PHP checkers that will output back to the request form with something like: Name field blank.

Would this method work?

$name = trim($_POST['name']);
$artist = trim($_POST['artist']);
$song = trim($_POST['song']);
if(empty($name)){
$name1 .= "<br>Name is empty.";
}
if(empty($artist)){
$artist1 .= "<br>Artist is empty.";
}
if(empty($song)){
$song1 .= "<br>Song is empty.";
}

On form:

<?php if(!empty($name)){ echo "".($name1).""; } ?>
<?php if(!empty($artist)){ echo "".($artist1).""; } ?>
<?php if(!empty($song)){ echo "".($song1).""; } ?>

Would recalling the trim's be nessessary as they have already been specified for the email title. Would this need to be implemented into 'isset'.

Many thanks.

Hello everybody, i try to check if the unique field inventar exists or not before i insert new record. if the inventar exits the user should get error message. but i dont know how to do this.   thank you very much for your help. Rafal   here is my code

<?php
include("123.php");
$inventar = $link1->real_escape_string($_POST["inp_inventar"]);
$product = $link1->real_escape_string($_POST["inp_product"]);
$price = $link1->real_escape_string($_POST["inp_price"]);

$link1 = new mysqli("$hoster", "$nameuser", "$password", "$basedata") or die ("Connection Error!"); error_reporting (0);
$check_inventar = mysqli_query($link1, "SELECT inventar FROM products WHERE inventar='$inventar'");
$check_inventar_num = mysqli_num_rows($check_inventar);
if (isset($_POST['inp_submit']) AND $check_inventar_num = 0)
{
$query1 = "INSERT INTO products
(inventar, product, price)
VALUES ('$inventar', '$product', '$price')";
$result1 = $link1->query($query1) or die("Database Error!");
if ($result1 == true)
{
header ( 'Location:insert.php' );
}
}
else { echo "there is already product with same inventar id!"; }
mysqli_close($link1);
?>

I have a register script, and I am wanting to make it so that if the username field contains, lets say "mod", "ass", and more, then it'll return an error and wont let them register.

Now this one is a bit of a shit head. I am using a really comprehensive class i found on on the web for upload / re-size / crop but i want to be able to override it's error handling and i am not good enough to start modifying the code in the class with out fucking it up.

Firstly i will show you how i have invoked the class.
Code: [Select]
if( isset($_FILES['image'] ) ) {

//Class includes
include("../scrips/php/cms/database.insert.class.php");
include ("../scrips/php/cms/img.upload.resize.crop.class.php.php");


//----------|Start: upload, resize & save
$your_image = new _image;

//----------| Upload orginal image
$your_image->uploadTo = 'uploads/';
$upload = $your_image->upload($_FILES['image']);


//----------| Resize and upload small thumbnail
$your_image->newPath = 'thums/';
$your_image->newWidth = 50;
$your_image->newHeight = 50;
$resized = $your_image->resize();



//----------| Resize and upload medium thumbnail
$your_image->newPath = 'thums2/';
$your_image->newWidth = 100;
$your_image->newHeight = 100;
$resized = $your_image->resize();
//----------| Getting the image name to insert into the database futher on in the code
$name = $resized;
$img_str = explode("/",$name);
$final_img_name = $img_str['1'];

echo "Article has been added!";

//----------------|end

//----------------| Start database insert (class manipulation)
$table = "blog_posts";
$title = "'".$_POST['ArticleTitle']."',";
$img = "'".$final_img_name."',";
$post = "'".$_POST['ArticleBody']."',";
$aurthor_id = "'1',";
$category_id = "'".$_POST['Category']."',";
$date_posted = "NOW()";


$values = array("$title","$img","$post","$aurthor_id","$category_id","$date_posted");
$fields = array('title,','img,','post,','aurthor_id,','category_id,','date_posted');
$obj= new DatabaseInsert;
$obj->DatabaseConnectionRequire();
$obj->ArticleInsert($values,$fields,$table);
//----------------|end
}


As you can see it's fairly basic. What i want to do is before it runs this script and starts including/invoking the class etc, i want to be able to check to see if there is a value been posted from a FILE FORM OBJECT and if there is to proceed with this script, alternatively i want it to execute another code which will handle it in regards to the concept of my page. A simple javascript alert with be ok providing it reloaded the page to it's default state. If any one can help me here i would appreciate it a lot. Thanks
 

I have a form with a gender control made up of two radio buttons.

If the user doesn't fill out this form, nothing gets submitted (i.e name='gender') in the $_POST array.

So how ae you supposed to verify that the form field was left blank, and use that information to say display an error message on the form?

Edited February 16 by SaranacLake

Hello,

I'm currently using this code to check for blank fields:

if(isset($_POST['submit']))
{
$emailconfirm = $_POST['emailconfirm'];
$user_message = $_POST['message'];
$name = $_POST['name'];
$visitor_email = $_POST['email'];
if(empty($name)|| empty($visitor_email)|| empty($user_message))
{
$errors .= "<div id='contact_form_errorloc' class='err1'>Some of the above fields have not been filled in.</div><br>";
}

This however, does not check for valid emails, I've found this code:

function is_valid_email($email) {
  $result = TRUE;
  if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$", $email)) {
    $result = FALSE;
  }
  return $result;
}

My question was if the above is possible aswell as incorporating the blank field checks.

Many thanks!

I am using a captcha like image verification for my form fields.
I want to make my check case insensitive:
For example,
if the security word is 1A3e then 1a3e or 1a3E should work.(Upper Case or lower case does not matter)
Here is the check I am doin so far to see if my security word matches.

Code: [Select]
if(md5($_POST['security_word']).'a4xn' == $_COOKIE['tntcon'])

Hi Guys

What code would you use to check that a form field does not exceed 100 characters? 

Thanks for any help.

I want to add a note field and a checkbox to my list/grid page and save this information to a json file using uomptrucknumber as the key. The note information will be information for the whole truck not by order. The check box will let them know that the truck is ready to have paper work printed.

I have not add the note field or checkbox because I did not want to start off wrong.

echo "<table>";
echo "<tr style='background:#82fbfd'>";

echo "<th>ShipDate</th>";
echo "<th>ShipMeth</th>";
echo "<th>Name</th>";
echo "<th>LoadID</th>";
echo "<th>Drop</th>";
echo "<th>OrderID</th>";
echo "<th>Status</th>";
echo "<th>FGI</th>";
echo "<th>FGM</th>";
echo "<th>TotalBox</th>";
echo "<th>Cubes</th>";
echo "<th>Total</th>";
echo "<th>Notes \n</th>";
//echo "<table>"; 
echo "<tr style='background:#82fbfd'>";

$result =odbc_exec($connect,$sql);
if(!$result){
exit("Error in SQL");
}


	
function ShowDetail($row){
       
    if($row['ompclosed']==-1){

        $theColor="#AAF0D2";
            }else{
                $theColor="#FFFFFF";

            }
     if($row['ompclosed']==0 && $row['date'] < date("m/d/Y")) {
        $theColor="#FF0000";
     }    
     
        
		echo "<tr style='background-color :$theColor'><td>" .$row['date'] ."</td>";
        echo "<td>" .$row['ompshippingmethodid'] ."</td>";
        echo "<td style='text-align:left'>" .$row['cmoname'] ."</td>";
        echo "<td>" .$row['uomptrucknumber'] ."</td>";
		echo "<td>" .$row['uompdropsequence'] ."</td>";
        echo "<td>" .$row['ompsalesorderid'] ."</td>";
        echo "<td>" .$row['ompclosed'] ."</td>";
        echo "<td>" .round($row['FGIqty'],0) ."</td>";
        echo "<td>" .round($row['FGMqty'],0) ."</td>";
        echo "<td>" .round($row['uomptotalboxcount'],0) ."</td>";
        echo "<td>" . number_format($row['uompvolumetotal'],2) ."</td>";
        echo "<td>" .  number_format($row['ompordertotalbase'],2) ."</td>";
        echo "<td style='text-align:left'>" .$row['ompordercommentstext'] ."</td></tr>" ;
			  }
			  

	
//****************************************************************

while ($row = odbc_fetch_array($result))
{
    if($row['ompclosed']==-1){

        $theColor="#AAF0D2";
            }else{
                $theColor="#FFFFFF";

            }
     if($row['ompclosed']==0 && $row['date'] < $today) {
        $theColor="#FF0000";
     }    

    if($row['uomptrucknumber'] != $loadid) {
        
        if ($loadid !== 0) {
            echo "<tr style='background:#eee'>
                     <td colspan='7'>TOTAL</td>
                     <td>$TotalFGI</td>
                     <td>$TotalFGM</td>
                     <td>&nbsp;</td>
                     <td>&nbsp;</td>
                  
                     <td>$loadTotal</td>
                   
                  </tr>";
        } 
        
       
      
        $TotalFGI=0;
        $TotalFGM=0;
        $loadTotal=0;
    }

    ShowDetail($row);
    $loadid = $row['uomptrucknumber'];
    $TotalFGI+=round($row['FGIqty'],0);
    $TotalFGM+=round($row['FGMqty'],0);
	$loadTotal +=$row['ompordertotalbase'];
   
    
   
}    
echo "<tr style='background:#eee'>
         <td colspan='7'>TOTAL</td>
         <td>$TotalFGI</td>
         <td>$TotalFGM</td>
         <td>&nbsp;</td>
         <td>&nbsp;</td>
         <td>$loadTotal</td>
      </tr>
      </table>";
	
		

odbc_close($connect);

?>

 

Hi guys,

I need your help. I am checking on a database as I want to see if I have the same value in the url and in the database.


Code: [Select]
<?php
session_start();
    define('DB_HOST', 'localhost');
    define('DB_USER', 'mydbuser');
    define('DB_PASSWORD', 'mydbpass');
    define('DB_DATABASE', 'mydbtable');
       
    $errmsg_arr = array();
    $errflag = false;

    $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
    if(!$link) {
  die('Failed to connect to server: ' . mysql_error());
    }

    $db = mysql_select_db(DB_DATABASE);
    if(!$db) {
  die("Unable to select database");
    }

   function clean($var){

return mysql_real_escape_string(strip_tags($var));
    }
  
    $username = clean($_GET['user']);
    $password = clean($_GET['pass']);
    $test = clean($_GET['test']);
    $public = clean($_GET['public']);
   
   
   if (isset($_GET['user']) && (isset($_GET['pass']))) {
    if($username == '' || $password == '') {
  $errmsg_arr[] = 'username or password are missing';
  $errflag = true;
    }
} elseif (isset($_GET['user']) || (isset($_GET['test'])) || (isset($_GET['public']))) {
    if($username == '' || $test == '' || $public == '') {
  $errmsg_arr[] = 'user or others are missing';
  $errflag = true;
    }
  }

    if($errflag) {
  $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
  echo implode('<br />',$errmsg_arr);
   }
   else {
  $qry="SELECT * FROM members WHERE username='$username' AND passwd='$password'";
  $result=mysql_query($qry) or die('Error:<br />' . $qry . '<br />' . mysql_error());


if ($username && $password) {
  if(mysql_num_rows($result) > 0) {
     $qrytable1="SELECT images, id, test, links, Public FROM user_list WHERE username='$username'";
    $result1=mysql_query($qrytable1) or die('Error:<br />' . $qry . '<br />' . mysql_error());

    while ($row = mysql_fetch_array($result1)) {
        echo "<p id='test'>";
        echo $row['test'] . "</p>";
        echo '<p id="images"> <a href="images.php?test=test&id='.$row['id'].'">Images</a></td> | <a href="http://' .  $row["links"] . '">Link</a> </td> | <a href="delete.php?test=test&id='.$row['id'].'">Delete</a> </td> | <span id="test">'.$row['Public'].'</td>';
     }
   } else {
    echo "user not found";
  }
} elseif($username && $test && $public) {
    $qry="SELECT * FROM members WHERE username='$username'";
    $result1=mysql_query($qry) or die('Error:<br />' . $qry . '<br />' . mysql_error());
    
    if(mysql_num_rows($result1) > 0) {     
      $qrytable1="SELECT Public FROM user_list WHERE username='$username' && test='$test'";
      $result2=mysql_query($qrytable1) or die('Error:<br />' . $qry . '<br />' . mysql_error());
      
      if(mysql_num_rows($result2) > 0) {
        $row = mysql_fetch_row($result2);
        mysql_query("UPDATE user_list SET Public=('$_GET[public]') WHERE username='$username' AND test='$test'");
        echo "update!";
      } else {
        echo "already updated!";
      }
    } else {
      echo "user not found";
    }
  }
} 
?>
This is the function I use to check the value in the database:

Code: [Select]
if (mysql_affected_rows($result2) > 0) {
         mysql_query("UPDATE user_list SET Public=('$_GET[public]') WHERE username='$username' AND test='$test'");
         echo "you have update it!";
       } else if (mysql_affected_rows($result2) < 0) {
         echo "it is not on the database";
       } else {
         echo "you have already updated!";
       }

When i input the different value in a url bar while the records are not the same as the value in the url and in the database, i can't get passed and I am keep getting "you have already updated!!" when the value in a database are different than I have input in a url.

Do you know how i can get pass it when I have input the different value in the url while it is not the same in the database?

Any advice would be much appreicated.

Thanks,
Mark