|
PHP - Form Validation And Info To Table
Think I made a post about this earlier but doesn't show so dont think it posted successfully but if it did, my bad haha. Basicly I have a form which sends info to my database table after submitted. I added some form validation so when the user didn't enter a required field, text appears stating that the field needs to be entered. However, whether the field is entered or not, if the user submits the info still goes to the database. How do I fix it so that it only sends the info to the database once the required fields are entered? Do I go about it with an if statement?
Heres my code up until now: Code: [Select] <?php if (isset($_POST['submit'])) { // forms inputs set to variables $cname = mysql_real_escape_string($_POST['cname']); $sname = mysql_real_escape_string($_POST['sname']); $init = mysql_real_escape_string($_POST['init']); $fname = mysql_real_escape_string($_POST['fname']); $title = mysql_real_escape_string($_POST['title']); $msname = mysql_real_escape_string($_POST['msname']); $dob = mysql_real_escape_string($_POST['dob']); $sex = mysql_real_escape_string($_POST['sex']); $lang = mysql_real_escape_string($_POST['lang']); $idno = mysql_real_escape_string($_POST['idno']); $telh = mysql_real_escape_string($_POST['telh']); $telw = mysql_real_escape_string($_POST['telw']); $cell = mysql_real_escape_string($_POST['cel']); $fax = mysql_real_escape_string($_POST['fax']); $email = mysql_real_escape_string($_POST['email']); $address = mysql_real_escape_string($_POST['address']); $errorstring =""; //default value of error string if (!$sname) $errorstring = $errorstring . "Surname<br>"; if (!$fname) $errorstring = $errorstring . "First name<br>"; if (!$title) $errorstring = $errorstring . "title<br>"; if (!$dob) $errorstring = $errorstring . "date of birth<br>"; if (!$sex) $errorstring = $errorstring . "sex<br>"; if (!$idno) $errorstring = $errorstring . "id number<br>"; if (!$email) $errorstring = $errorstring . "email address<br>"; if (!$address) $errorstring = $errorstring . "address<br>"; if ($errorstring!="") echo "Please fill out the following fields:<br>$errorstring"; else { //run code die("success!"); } // query $sql = "INSERT INTO student (sno, cname, sname, init, fname, title, msname, dob, sex, lang, idno, telh, telw, cel, fax, email, address ) VALUES ('', '$cname', '$sname', '$init', '$fname', '$title', '$msname', '$dob', '$sex','$lang', '$idno', '$telh', '$telw', '$$cell', '$fax', '$email', '$address')"; mysql_query($sql) or die('Error:' . mysql_error()); } mysql_close($link); ?> It's a project, first time I'm attempting form validation so this is rather new for me. With that being said, please feel free to give any tips and criticism as this is a learning curve for me. Also I'm probably going to add some security later for sql injection etc. so if anyone has some tips on that it would be great. Almost done with that damn project, thanks in advance Similar TutorialsHi, I have a website where users can log on and edit their profile pic, name, biography etc. I was wondering about the correct way to:- Add data to the database through forms (Register.php) Display the data on a page Using mysql escape sting, however, the way I am currently using will display a '\' before any ' symbol. So it's >> it\'s ... Here is a snippet of the code I am using... Code: [Select] //insert data $about1 = mysql_real_escape_string($_POST['about']); //get $query = mysql_query("SELECT * FROM `staff` WHERE username='$username'"); $row = mysql_fetch_array($query); $about = $row['about']; echo $about; I have two different tables and I am trying to condense them into one table.
The structure of the tables is
cc
-- ci
-- cc
-- cn
-- alpha_2
countries
-- id
-- cn
-- alpha_2
-- alpha_3
What I want to do is place the info from the column alpha_2 in the countries table into the alpha_2 column in the cc table.
I have tried inner joins, left joins, Insert and Select index. Everything that I have tried gives me an error message. I do not know what I am doing wrong and I was hoping that someone would be able to give me a hand.
I forgot to mention that I want the placement of the alpha_2 column to be based on the cn columns in both tables. So that the information in the alpha_2 column lines up with the right name in the cn column
Edited by mdmartiny, 09 August 2014 - 01:07 PM. Hello, me again. I have created a little forum - very very basic. main_forum.php : Code: [Select] <?php $host="localhost"; // Host name $username="yvonnedp"; // Mysql username $password="yvonne"; // Mysql password $db_name="forum"; // Database name $tbl_name="forum_question"; // Table name // Connect to server and select databse. mysql_connect('localhost', 'yvonnedp', 'yvonne')or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); $sql="SELECT * FROM $tbl_name ORDER BY id"; // OREDER BY id DESC is order result by descending $result=mysql_query($sql); ?> <table width="90%" border="0" align="center" cellpadding="3" cellspacing="1" bgcolor="#CCCCCC"> <tr> <td width="6%" align="center" bgcolor="#E6E6E6"><strong>#</strong></td> <td width="53%" align="center" bgcolor="#E6E6E6"><strong>Topic</strong></td> <td width="15%" align="center" bgcolor="#E6E6E6"><strong>Views</strong></td> <td width="13%" align="center" bgcolor="#E6E6E6"><strong>Replies</strong></td> <td width="13%" align="center" bgcolor="#E6E6E6"><strong>Date/Time</strong></td> </tr> <?php while($rows=mysql_fetch_array($result)){ // Start looping table row ?> <tr> <td bgcolor="#FFFFFF"><? echo $rows['id']; ?></td> <td bgcolor="#FFFFFF"><a href="view_topic.php?id=<? echo $rows['id']; ?>"><? echo $rows['topic']; ?></a><BR></td> <td align="center" bgcolor="#FFFFFF"><? echo $rows['view']; ?></td> <td align="center" bgcolor="#FFFFFF"><? echo $rows['reply']; ?></td> <td align="center" bgcolor="#FFFFFF"><? echo $rows['datetime']; ?></td> </tr> <?php // Exit looping and close connection } mysql_close(); ?> create_topic.php : Code: [Select] <table width="400" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC"> <tr> <form id="form1" name="form1" method="post" action="add_topic.php"> <td> <table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF"> <tr> <td colspan="3" bgcolor="#E6E6E6"><strong>Create New Topic</strong> </td> </tr> <tr> <td width="14%"><strong>Topic</strong></td> <td width="2%">:</td> <td width="84%"><input name="topic" type="text" id="topic" size="50" /></td> </tr> <tr> <td valign="top"><strong>Detail</strong></td> <td valign="top">:</td> <td><textarea name="detail" cols="50" rows="3" id="detail"></textarea></td> </tr> <tr> <td><strong>Name</strong></td> <td>:</td> <td><input name="name" type="text" id="name" size="50" /></td> </tr> <tr> <td> </td> <td> </td> <td><input type="submit" name="Submit" value="Submit" /> <input type="reset" name="Submit2" value="Reset" /></td> </tr> </table> </td> </form> </tr> </table> add_topic.php : Code: [Select] <?php $host="localhost"; // Host name $username="yvonnedp"; // Mysql username $password="yvonne"; // Mysql password $db_name="forum"; // Database name $tbl_name="forum_question"; // Table name // Connect to server and select database. mysql_connect('localhost', 'yvonnedp', 'yvonne')or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // get data that sent from form $topic=$_POST['topic']; $detail=$_POST['detail']; $name=$_POST['name']; $datetime=date("d/m/y h:i:s"); //create date time $sql="INSERT INTO $tbl_name(topic, detail, name, datetime)VALUES('$topic', '$detail', '$name', '$datetime')"; $result=mysql_query($sql); if($result){ echo "Successful<BR>"; echo "<a href=main_forum.php>View your topic</a>"; $email_from = "forums@thenewme.co.za"; $email_to = "info@thenewme.co.za"; $email_subject = "The New Me - New Forum Topic"; $email_message = "A new topic has been posted on the Forum!\n"; $email_message .= "Check it out : http://www.thenewme.co.za/forum/main_forum.php"; $headers = 'From: '.$email_from."\r\n"; 'Reply-To: '.$email_from."\r\n" . 'X-Mailer: PHP/' . phpversion(); @mail($email_to, $email_subject, $email_message, $headers); } else { echo "ERROR"; } mysql_close(); ?> add_answer.php : Code: [Select] <?php $host="localhost"; // Host name $username="yvonnedp"; // Mysql username $password="yvonne"; // Mysql password $db_name="forum"; // Database name $tbl_name="forum_answer"; // Table name // Connect to server and select databse. mysql_connect('localhost', 'yvonnedp', 'yvonne')or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // Get value of id that sent from hidden field $id=$_POST['id']; // Find highest answer number. $sql="SELECT MAX(a_id) AS Maxa_id FROM $tbl_name WHERE question_id='$id'"; $result=mysql_query($sql); $rows=mysql_fetch_array($result); // add + 1 to highest answer number and keep it in variable name "$Max_id". if there no answer yet set it = 1 if ($rows) { $Max_id = $rows['Maxa_id']+1; } else { $Max_id = 1; } // get values that sent from form $a_name=$_POST['a_name']; $a_answer=$_POST['a_answer']; $datetime=date("d/m/y H:i:s"); // create date and time // Insert answer $sql2="INSERT INTO $tbl_name(question_id, a_id, a_name, a_answer, a_datetime)VALUES('$id', '$Max_id', '$a_name', '$a_answer', '$datetime')"; $result2=mysql_query($sql2); if($result2){ echo "Successful<BR>"; echo "<a href='view_topic.php?id=".$id."'>View your answer</a>"; // If added new answer, add value +1 in reply column $tbl_name2="forum_question"; $sql3="UPDATE $tbl_name2 SET reply='$Max_id' WHERE id='$id'"; $result3=mysql_query($sql3); $email_from = "forums@thenewme.co.za"; $email_to = "info@thenewme.co.za"; $email_subject = "The New Me - New Forum Answer"; $email_message = "A new answer to a forum topic has been posted on the Forum!\n"; $email_message .= "Check it out : http://www.thenewme.co.za/forum/main_forum.php"; $headers = 'From: '.$email_from."\r\n"; 'Reply-To: '.$email_from."\r\n" . 'X-Mailer: PHP/' . phpversion(); @mail($email_to, $email_subject, $email_message, $headers); } else { echo "ERROR"; } mysql_close(); ?> view_topic : Code: [Select] <?php $tbl_name2="forum_answer"; // Switch to table "forum_answer" $sql2="SELECT * FROM $tbl_name2 WHERE question_id='$id'"; $result2=mysql_query($sql2); while($rows=mysql_fetch_array($result2)){ ?> <table width="400" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC"> <tr> <td><table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF"> <tr> <td bgcolor="#F8F7F1"><strong>ID</strong></td> <td bgcolor="#F8F7F1">:</td> <td bgcolor="#F8F7F1"><? echo $rows['a_id']; ?></td> </tr> <tr> <td width="18%" bgcolor="#F8F7F1"><strong>Name</strong></td> <td width="5%" bgcolor="#F8F7F1">:</td> <td width="77%" bgcolor="#F8F7F1"><? echo $rows['a_name']; ?></td> </tr> <tr> <td bgcolor="#F8F7F1"><strong>Answer</strong></td> <td bgcolor="#F8F7F1">:</td> <td bgcolor="#F8F7F1"><? echo $rows['a_answer']; ?></td> </tr> <tr> <td bgcolor="#F8F7F1"><strong>Date/Time</strong></td> <td bgcolor="#F8F7F1">:</td> <td bgcolor="#F8F7F1"><? echo $rows['a_datetime']; ?></td> </tr> </table></td> </tr> </table><br> <? } $sql3="SELECT view FROM $tbl_name WHERE id='$id'"; $result3=mysql_query($sql3); $rows=mysql_fetch_array($result3); $view=$rows['view']; // if have no counter value set counter = 1 if(empty($view)){ $view=1; $sql4="INSERT INTO $tbl_name(view) VALUES('$view') WHERE id='$id'"; $result4=mysql_query($sql4); } // count more value $addview=$view+1; $sql5="update $tbl_name set view='$addview' WHERE id='$id'"; $result5=mysql_query($sql5); mysql_close(); ?> the problem is. With add_answer, I am not able to insert an answer. This has worked for the very first question, but all subsequent questions, I am unable to add answers. It keeps telling me ERROR. This is where the live forum is : http://www.thenewme.co.za/forum/main_forum.php Can it be an issue with the field that gets autmatically incremented? i have echo'd the data which get entered in when someone types in an answer, and everything is perfect! Can anyone help me? Hi, okee so I'm new to everything that has to do with scripting, especially when it comes to PHP and stuff, but what is the best way to display information from a table on a page? I'm creating this site where users can post their events, but I want the Location to be based on the Location they inserted during the registration process, so that the location will be displayed directly. How am I able to do that? I've already got an login script, it looks like this: Code: [Select] <?php ob_start(); $host="localhost"; // Host name $username="root"; // Mysql username $password=""; // Mysql password $db_name="whats_happening_db"; // Database name $tbl_name="members"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // Define $myusername and $mypassword $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" session_register("myusername"); session_register("mypassword"); header("location:membersarea.php?user=$myusername"); } else { echo "Wrong Username or Password"; } ob_end_flush(); ?> Sorry if my English is terrible haha. Dante. Hello I'm trying to set up a user area for my site where it displays the current logged in users ranking and other information in the future.
<?
ini_set('display_errors', 1);
require_once "header.php";
$sql = "SELECT * FROM users WHERE username = ?";
if($stmt = mysqli_prepare($link, $sql)){
mysqli_stmt_bind_param($stmt, 's', $_SESSION['username']);
if(mysqli_stmt_execute($stmt)){
$info = mysqli_fetch_array($stmt);
echo "Current rank:" . $info['rank'];
} else {
echo "Can't find user";
}
}
mysqli_stmt_close($stmt);
?>
That's the code I currently have but it gives me the error "but get an error message of mysqli_fetch_array() expects parameter 1 to be mysqli_result" How can i use single quote for values? $qry='insert into tablename values('a','b');'; well I know the standard way of retrieving mysql data was through the following codes: Code: [Select] $query = "SELECT * FROM {$tablename} WHERE columnmame = '{$var}'"; $result = mysql_query($query); $row = mysql_fetch_array($result); This will return all properties inside a table row by an associative array indexed by column names. I am, however, wondering if there is an easier way to retrieve database info from more than one table. For now, what I am doing is: Code: [Select] $result = mysql_query( "SELECT * FROM {$tablename} WHERE columnmame = '{$var}'"); $row = mysql_fetch_array($result); $result2 = mysql_query( "SELECT * FROM {$tablename2} WHERE columnmame2 = '{$var2}'"); $row2 = mysql_fetch_array($result2); which is a bit tedious and can cause problems when two or more coders work on the same project(it will be difficult to tell what is $row1, $row2 and $row3...). Is there away to write a simpler code than the one above? I mean, if it is possible to run mysql_fetch_array only once and retrieve database info from multiple tables? Hi all, I have a number of tables within a mysql database and I'm stuck on how to pull information from one based on the results being displayed by another. The site shows items for sale where by all the product information is held in tablea, when an individual item is being displayed I need to be able to pull a manufacturer profile from tableb based on the manufacturer name stored in tablea column profile. The manufacturer name is already being called into the page by existing code as the site has always shown the manufacturer name, I just can't work out out to pull the new profile information in as well from the new table. Any help appreciated Iain Hi.. been a while since I have touched php and need some help. What I am trying to do is have my links pull text from separate php files, and load them into main table. Here is my old php code..used to work.. I had my index.php with my website template on it. In the table I want my info to appear i put this code. <?php /* START MAIN AREA HERE */ if($news) include("news.php"); elseif($bio) include("bio.php"); elseif($draw) include("draw.php"); elseif($pic) include("pic.php"); else include("news.php"); /* END HERE */?> My link looks like this. <A HREF="?news=x" ONMOUSEOVER="changeImages('home', 'images/home-over.gif'); return true;" ONMOUSEOUT="changeImages('home', 'images/home.gif'); return true;"> <IMG NAME="home" SRC="images/home.gif" WIDTH=69 HEIGHT=31 BORDER=0 ALT=""></A> Any help much appreciated! this is my code:
<?php
include 'sqlconnect.php';
$sql = mysqli_query($con,"SELECT * FROM aktiviteter");
$data = array();
while ($row = mysqli_fetch_assoc($sql))
{
$data[$row['id']] = array(
'title' => $row['title'],
'pris' => $row['pris'],
'beskrivelse' => $row['beskrivelse'],
);
}
print_r(error_get_last());
?>
<html>
<head>
<title>Polterplanner Bestilling</title>
<link rel="stylesheet" type="text/css" href="style.css">
<script>
var jsArray = [];
<?php
foreach($data as $key => $value):
echo 'jsArray["'.$key.'"] = [];';
echo "\r\n";
foreach($value as $infoType => $info):
echo 'jsArray["'.$key.'"]["'.$infoType.'"] = "'.$info.'";';
echo "\r\n";
endforeach;
endforeach;
print_r(error_get_last());
?>
function activitySelectionChanged(elementID) {
var activitySelect = document.getElementById('activity' + elementID);
var selectedValue = activitySelect.value;
var priceOutputBox = document.getElementById('activityPrice' + elementID);
priceOutputBox.innerHTML = jsArray[selectedValue]["pris"];
var price1 = document.getElementById('activityPrice').innerHTML;
var price2 = document.getElementById('activityPrice2').innerHTML;
var total = document.getElementById('activityTotal');
if(price1!='Pris' && price2!='Pris') {
total.innerHTML = parseInt(price1) + parseInt(price2);
}
}
</script>
</head>
<body>
<div id"wrapper">
<div id="tableWrapper">
<table class="tables" width="349" height="27" border="0">
<tr>
<td width="174" height="23">
<select class="styled-select" name="activity" id="activity" onChange="activitySelectionChanged('')">
<option value="">-----------------</option>
<?php
foreach($data as $key => $value):
echo '<option value="'.$key.'">'.$value['title'].'</option>';
echo "\r\n";
endforeach;
print_r(error_get_last());
?>
</select></td>
<td width="86"> </td>
<td width="75"><span class="Pris" id="activityPrice">Pris</span>,-</td>
</tr>
</table>
<table class="tables" width="349" height="27" border="0">
<tr>
<td width="174" height="23">
<select class="styled-select" name="activity2" id="activity2" onChange="activitySelectionChanged(2)">
<option value="">-----------------</option>
<?php
foreach($data as $key => $value):
echo '<option value="'.$key.'">'.$value['title'].'</option>';
echo "\r\n";
print_r(error_get_last());
endforeach;
?>
</select></td>
<td width="86"> </td>
<td width="75"><span class="Pris" id="activityPrice2">Pris</span>,-</td>
</tr>
</table>
<table class="tables" width="349" height="27" border="0">
<tr>
<td width="174" height="27">Total:</td>
<td width="86"> </td>
<td width="75"><span class="Pris" id="activityTotal">Total</span>,-</td>
</tr>
</table>
</div> <!-- tableWrapper ends -->
</div> <!-- wrapper ends -->
</body>
</html>
what i want is the info send through a form, so that im ale to send this via an email.
would i use: document.getElementById( ...... ); ?
link to working page: http://polterplanner.dk/bestiller.php
Hello. Basically the issue I am having is my feedback form is not grabbing the Company Name and ID from the URL. I have the php code set in place where it's supposed to post, but it's not getting it. Can someone please help me out? I'm pretty new with php, so I'm kind of at the brink of my knowledge. Thanks, Jess. Code: [Select] <?php //Modified because only email is required //if (empty($_POST['name']) || empty($_POST['email']) || empty($_POST['comments'])) { if (empty($_POST['email'])) { $error_msg .= "E-mail is a required field. \n"; } elseif (strlen($_POST['name']) > 15) { $error_msg .= "The name field is limited at 15 characters. Your first name or nickname will do! \n"; } elseif (!ereg("^[A-Za-z' -]*$", $_POST['name'])) { $error_msg .= "The name field must not contain special characters. \n"; } elseif (!ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$",strtolower($_POST['email']))) { $error_msg .= "That is not a valid e-mail address. \n"; } elseif (!empty($_POST['url']) && !preg_match('/^(http|https):\/\/(([A-Z0-9][A-Z0-9_-]*)(\.[A-Z0-9][A-Z0-9_-]*)+)(:(\d+))?\/?/i', $_POST['url'])) $error_msg .= "Invalid website url."; if ($error_msg == NULL && $points <= $maxPoints) { $subject = "Feedback for " . $_POST['Company']; $message = "You received this e-mail message through your website: \n\n"; foreach ($_POST as $key => $val) { $message .= ucwords($key) . ": $val \r\n"; } $message .= 'IP: '.$_SERVER['REMOTE_ADDR']."\r\n"; $message .= 'Browser: '.$_SERVER['HTTP_USER_AGENT']."\r\n"; $message .= 'Spam points: '.$points; if (strstr($_SERVER['SERVER_SOFTWARE'], "Win")) { $headers = "From: $yourEmail \r\n"; $headers .= "Reply-To: {$_POST['email']}"; } else { $headers = "From: $yourWebsite <$yourEmail> \r\n"; $headers .= "Reply-To: {$_POST['email']}"; } if (mail($yourEmail,$subject,$message,$headers)) { echo '<p>Thank you for taking the time to send us your feedback. Your comments are appreciated and help us provide the most current and accurate information possible.</p> <p>If you require further assistance, please visit our <a href="http://www.domain.com/" target="_blank">contact us</a> page.</p>'; $sentmail = 1; echo ' <script type="text/javascript"> var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src=\'" + gaJsHost + "google-analytics.com/ga.js\' type=\'text/javascript\'%3E%3C/script%3E")); </script> <script type="text/javascript"> var pageTracker = _gat._getTracker("analyticscode"); pageTracker._setDomainName(".domain.com"); pageTracker._trackPageview(); </script> '; } else { echo '<p>Your mail could not be sent this time.</p>'; } } } function get_data($var) { if (isset($_POST[$var])) echo htmlspecialchars($_POST[$var]); } ?> <?php foreach( $_POST as $checkbox ){ echo $checkbox .'<br />'; $checkbox = array("WebsiteLinkIsNotAccurate", "TelephoneNumberIsNotAccurate", "FaxNumberIsNotAccurate", "CompanyIsOutOfBusiness", "CompanyIsNoLongerAtThisLocation", "CompanyDoesNotProvideTheProductOrServiceAsFeatured", "Other(PleaseExplainBelow)"); } ?> <?php // DISPLAY ERROR MESSAGE - CHECK TO SEE IF USER HAS SUBMITTED THE FORM SUCCESSFULLY if ($error_msg != NULL) { echo '<p><strong style="color: red;">ERROR:</strong><br />'; echo nl2br($error_msg) . "</p>"; } if($sentmail == 0){ ?> <form id="feedback" name="feedback" method="post" action="feedback.php" onSubmit="return CheckForm()"> <noscript> <p><input type="hidden" name="nojs" id="nojs" /></p> </noscript> <input type="hidden" name="CompanyID" id="CompanyID" value="<?php echo $_POST['companyid']; ?>"> <input type="hidden" name="Company" id="Company" value="<?php echo $_POST['companyname']; ?>"> <p><strong>If you have different information about <u><?php echo $_POST['companyname']; ?></u>, or were unable to contact them, please let us know by completing the form below.</strong></p> ... Hi I have tried and tried and tried again to get this to work
in simple terms I have very little knowledge with PHP and even less with mysql
I have a paid subscription and domain in order to learn more and I feel I have made ok progress so far
then I realised how unsafe my current work is;
here is my experience this far
I created a site for a group of voluntary online game hosts where they can posts points from their tournaments in a forum
and some info pages to go with this,
however what I did was create a base template and style sheet and then an admin dashboard linked to individual forms to allow the group admin to edit the info pages they go to my form and enter the desired info and submit this then sends through and action file which posts the text and <BR> to a .txt file,
then the connecting page reads the .txt file using the PHP code of " <? php include ( 'index.txt'); ?>
yes you are seeing this correctly I have allowed a direct edit of text in a .txt file rather silly of me but I didn't realise how unsafe this was until now I guess its a good job I trust that the admin has no knowledge or skills in coding
ok since all this I have created a DB in MySQL on my server,
My server uses PHPMyAdmin I have create a DB named " mnvbcou1_content1 " and a table named " home " with rows " ID " and " home "
what I am trying to do:
I want my page to display the content of the table row home and a form once submitted to send to the table row home
or if needed I can re make this DB if the names are not suitable
I have tried to create the needed coding to make this work but for some reason this just will not work I have already added 2 rows to my table to try and make the page to display the content but it just is not working I got an error every time
so I hope that someone out there is rather patient and is willing to help me learn how to do this correctly and safely,
also this is a closed group website the address to this site is only known by a handful of none programmers I am mainly trying to make this work for my own personal knowledge and server safety please help me
I am trying to build a form that will process all the user inputted information, and put those contents into an html table so that I can send the info to both my customer and myself. I figured out how to send an email to myself as html, but the user email is arriving as plain text with all the html tags. Someone had suggested PHPMailer, but I cannot figure out how to format it properly to work with my setup. I am new to PHP so this is a learning curve. I have included a sample of my process form with fictitious email addresses. Any help is much appreciated. Thank you in advance for the help! Code: [Select] <?php header("Location: ../contactthank.php"); ?> <?PHP $field_Type = $_POST['field_Type']; $field_Service_Provider = $_POST['field_Service_Provider']; $field_Brand = $_POST['field_Brand']; $field_Model = htmlspecialchars($_POST['field_Model']); $field_Size = $_POST['field_Size']; $field_Charger = $_POST['field_Charger']; $field_Case = $_POST['field_Case']; $field_Software = $_POST['field_Software']; $field_Manual = $_POST['field_Manual']; $field_Box = $_POST['field_Box']; $field_Condition = $_POST['field_Condition']; $field_FirstName = htmlspecialchars($_POST['field_FirstName']); $field_LastName = htmlspecialchars($_POST['field_LastName']); $field_Email = $_POST['field_Email']; $field_ZipCode = (int)$_POST['field_ZipCode']; $field_Comments = $_POST['field_Comments']; ?> <?php $reference = (rand(100000000000,99999999999999)); echo $reference; ?> <?php $to = "email@mail.com"; $subject = "Submission# $reference"; $headers = 'From: $field_Email' . "\r\n"; $message = '<html> <head> <title>Cell Phone Form Submission</title> </head> <body> <h1>Thank you for your submission. We will get back to you shortly</h1> <table border="1"> <tr> <td>Reference#</td> <td>' . $reference . '</td> </tr> <tr> <td>I want to</td> <td><b>Sell</b></td> </tr> <tr> <td>Service Provider</td> <td>' . $field_Service_Provider . '</td> </tr> <tr> <td>Model</td> <td>' . $field_Model . '</td> </tr> <tr> <td>Size</td> <td> ' . $field_Size . '</td> </tr> <tr> <td>Accessories</td> <td>' . $field_Charger . " " . $field_Case . " " . $field_Software . " " . $field_Manual . " " . $field_Box . '</td> </tr> <tr> <td>Condition</td> <td>' . $field_Condition . '</td> </tr> <tr> <td>Name</td> <td>' . $field_FirstName . " " . $field_LastName . '</td> </tr> <tr> <td>Email</td> <td>' . $field_Email . '</td> </tr> <tr> <td>Zip Code</td> <td>' . $field_ZipCode . '</td> </tr> <tr> <td>Comments</td> <td>' . $field_Comments . '</td> </tr> </table></body> </html> '; $headers = 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; $user = "$field_Email"; $usersubject = "Form Submission# $reference"; $userheaders = "From: email@mail.com\n"; $usermessage = '<html> <head> <title>Form Submission</title> </head> <body> <h1>Thank you. We will get back to you shortly</h1> <table border="1"> <tr> <td>Reference#</td> <td>' . $reference . '</td> </tr> <tr> <td>I want to</td> <td><b>Sell</b></td> </tr> <tr> <td>Service Provider</td> <td>' . $field_Service_Provider . '</td> </tr> <tr> <td>Model</td> <td>' . $field_Model . '</td> </tr> <tr> <td>Size</td> <td> ' . $field_Size . '</td> </tr> <tr> <td>Accessories</td> <td>' . $field_Charger . " " . $field_Case . " " . $field_Software . " " . $field_Manual . " " . $field_Box . '</td> </tr> <tr> <td>Condition</td> <td>' . $field_Condition . '</td> </tr> <tr> <td>Name</td> <td>' . $field_FirstName . " " . $field_LastName . '</td> </tr> <tr> <td>Email</td> <td>' . $field_Email . '</td> </tr> <tr> <td>Zip Code</td> <td>' . $field_ZipCode . '</td> </tr> <tr> <td>Comments</td> <td>' . $field_Comments . '</td> </tr> </table></body> </html> '; mail($to,$subject,$message,$headers); mail($user,$usersubject,$usermessage,$userheaders,$headers); ?> I have a contact form with a file upload button, when you click on “submit” you are redirected on Paypal everything works fine but, I would like to send the contact form only when visitors have paid on Paypal. I’ve searched on google but I have not found a way to do this. Can anyone help? Cheers, Aidan. I am asking for some simple help, please. :-) I have a form that I would like to validate very specific information on - without having it validate in the php and loose what the client just put into the site. I have found an example in this "validation" process. However, when I open this up in Dreamweaver CS4, I have an error on line 67 as a syntex error. I am unable to see where this would be. All I need is a verification on the name, the phone number, and the email address. Here is what I have so far.... **This is contact form** Code: [Select] <script language="JavaScript"> function checkForm() { var cname, cemail, cphone with(window.document.Contact1) { cname = name; cemail = EmailFrom; cphone = phone; } if(trim(cname.value) == '') { alert('Please enter your name'); cname.focus(); return false; } else if(trim(cemail.value) == '') { alert('Please enter your email'); cemail.focus(); return false; } else if(!isEmail(trim(cemail.value))) { alert('Email address is not valid'); cemail.focus(); return false; } else if(trim(cphone.value) == '') { alert('Please enter message subject'); csubject.focus(); return false; } } else { cname.value = trim(cname.value); cemail.value = trim(cemail.value); cphone.value = trim(cphone.value); return true; } } function trim(str) { return str.replace(/^\s+|\s+$/g,''); } function isEmail(str) { var regex = /^[-_.a-z0-9]+@(([-_a-z0-9]+\.)+(ad|ae|aero|af|ag| ai|al|am|an|ao|aq|ar|arpa|as|at|au|aw|az|ba|bb|bd|be|bf|bg| bh|bi|biz|bj|bm|bn|bo|br|bs|bt|bv|bw|by|bz|ca|cc|cd|cf|cg| ch|ci|ck|cl|cm|cn|co|com|coop|cr|cs|cu|cv|cx|cy|cz|de|dj|dk| dm|do|dz|ec|edu|ee|eg|eh|er|es|et|eu|fi|fj|fk|fm|fo|fr|ga|gb| gd|ge|gf|gh|gi|gl|gm|gn|gov|gp|gq|gr|gs|gt|gu|gw|gy|hk|hm|hn| hr|ht|hu|id|ie|il|in|info|int|io|iq|ir|is|it|jm|jo|jp|ke|kg| kh|ki|km|kn|kp|kr|kw|ky|kz|la|lb|lc|li|lk|lr|ls|lt|lu|lv|ly| ma|mc|md|mg|mh|mil|mk|ml|mm|mn|mo|mp|mq|mr|ms|mt|mu|museum| mv|mw|mx|my|mz|na|name|nc|ne|net|nf|ng|ni|nl|no|np|nr|nt|nu| nz|om|org|pa|pe|pf|pg|ph|pk|pl|pm|pn|pr|pro|ps|pt|pw|py|qa| re|ro|ru|rw|sa|sb|sc|sd|se|sg|sh|si|sj|sk|sl|sm|sn|so|sr|st| su|sv|sy|sz|tc|td|tf|tg|th|tj|tk|tm|tn|to|tp|tr|tt|tv|tw|tz| ua|ug|uk|um|us|uy|uz|va|vc|ve|vg|vi|vn|vu|wf|ws|ye|yt|yu|za| zm|zw)|(([0-9][0-9]?|[0-1][0-9][0-9]|[2][0-4][0-9]|[2][5][0-5])\.){3}([0-9][0-9]?|[0-1][0-9][0-9]|[2][0-4][0-9]|[2][5][0-5]))$/i; return regex.test(str); } </script> Below is the php file that I am using.... Code: [Select] <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Emailing Form Data</title> </head> <body> <?php ini_set ("display_errors", "1"); error_reporting(E_ALL); //declaration of variables $EmailFrom = trim(stripslashes($_POST['EmailFrom'])); $EmailTo = "ornclo@aol.com"; $Subject = "Women United Contact"; $Name = trim(stripslashes($_POST['name'])); $Address = trim(stripslashes($_POST['address'])); $City = trim(stripslashes($_POST['city'])); $State = trim(stripslashes($_POST['state'])); $Phone1 = trim(stripslashes($_POST['phone1'])); $Phone2 = trim(stripslashes($_POST['phone2'])); $Phone3 = trim(stripslashes($_POST['phone3'])); $email = trim(stripslashes($_POST['email'])); foreach ($_POST['visit'] as $value) { $Church = trim(stripslashes($value)); } foreach ($_POST['hear'] as $hear) { $About = trim(stripslashes($hear)); } foreach ($_POST['help'] as $help) { $Ask = trim(stripslashes($help)); } $Comments = trim(stripslashes($_POST['comments'])); // validation $validationOK=true; if (($EmailFrom)=="") $validationOK=false; if (($Name)=="") $validationOK=false; if (($Phone1)=="") $validationOK=false; if (($Phone2)=="") $validationOK=false; if (($Phone3)=="") $validationOK=false; if (($email)=="") $validationOK=false; if (($Comments)=="") $validationOK=false; if (!$validationOK) { print "<meta http-equiv=\"refresh\" content=\"0;URL=WUerror.html\">"; exit; } // prepare email body text $Body = "\n"; $Body .= "Name: "; $Body .= $Name; $Body .= "\n"; $Body .= "Address: "; $Body .= $Address; $Body .= "\n"; $Body .= "City: "; $Body .= $City; $Body .= "\n"; $Body .= "State: "; $Body .= $State; $Body .= "\n"; $Body .= "Phone: "; $Body .= $Phone1; $Body .= "-"; $Body .= $Phone2; $Body .= "-"; $Body .= $Phone3; $Body .= "\n"; $Body .= "Attended Church of God?: "; $Body .= $Church; $Body .= "\n"; $Body .= "How did you hear about us?: "; $Body .= $About; $Body .= "\n"; $Body .= "What can we do to help you?: "; $Body .= $Ask; $Body .= "\n"; $Body .= "Comments: "; $Body .= $Comments; $Body .= "\n"; // send email $success = mail($EmailTo, $Subject, $Body, "From: <$EmailFrom>"); // redirect to success page if ($success){ print "<meta http-equiv=\"refresh\" content=\"0;URL=WUok.html\">"; } else{ print "<meta http-equiv=\"refresh\" content=\"0;URL=WUerror.html\">"; } ?> </body> </html> Unless there is a way to change this line: print "<meta http-equiv=\"refresh\" content=\"0;URL=WUerror.html\">"; to have it keep in the same window - or even possibly open a NEW window with the "error.html" - that would be fine as well. Again - when I open up Contact1.html in DW CS4, I get a syntext error on line 67. When I use just straight form, it opens to new window with php - > error.html, which in turns looses everything the client just typed. Any help is greatly appreciated and thank you in advance. Blessings! If asked, I can attach the files if needed as well, but the code is pretty self-explain. I want in my form to validate on the fly(when the user enters the user name) to validate if the user name exists or not. How am i supposed to check if the field name is the same or not with a name in the database.Should i use ajax or javascript? is there any simple example on how to do that. I'm trying to get validation messages to display on the same page as my login form without any PHP within my login page, is that possible?
Okay with some help I was able to create a working guestbook! How ever I need a bit of help with validation. I would like to have it so that when someone doesn't fill out a required field a message is displayed next to the improperly filled out field. How would I go about adding this to my form or process code? So for example: if someone doesn't fill out the "name" field and clicks "sign" it will not submit but instead will display a message such as "Please fill out your name" next to the form field. Also will I am here I wanted to ask. How can I make it so that when a non-required field is left empty and posted it will fill that section out with default text? So for example: if someone decides they do not wish to fill out the "Favorite part of my site" or "Favorite Pat Song" field than submits the form than it will fill that section with a default message like this: Posted by: someone (someone@domain.com) 2011/04/09 Favorite Pat Song: -- Favorite Part of the Site: -- comments here And I promise this is my very last question. I would like for email to be required but would like to allow the user to decide whether it is kept private or not. How do I make it so that when someone doesn't type their email in it does like what I stated above, it will show a message next to the field telling them to fill out a valid email but also if they select to keep their email private it will than post a default value in place of where the email would have been. for example: if the email field is left empty or is an invalid email it will display a message such as "Please fill out a valid email address" next to the form field. and than if they do so but also check the "private" box it will post their message in the guestbook with a default value in place of the email like this: Posted by: someone (Private) 2011/04/09 Favorite Pat Song: -- Favorite Part of the Site: -- comments here so that was a lot here's my guestbook code: Code: [Select] <?php <span style='color:#ff0000'><b>*</b></span><span> = required field</span><br /><br /> <form name='guestbook' action='process.php' method='post'> <table width='550' border='0' cellspacing='2' cellpadding='0'> <tr valign='top'> <td width='550px' class='what'><span style='color:#ff0000'><b>*</b></span> Your Name:</td> <td width='550px'><input name='name' type='text' id='name' size='32' /></td> </tr> <tr valign='top'> <td width='550px' class='what'><span style='color:#ff0000'><b>*</b></span> Email Address:</td> <td width='550px'><input name='email' type='text' id='email' size='32' /><input type='checkbox' name='private' value='Private' />Private</td> </tr> <tr valign='top'> <td width='550px' class='what'>Your Favorite Pat Song?:</td> <td width='550px'><input name='song' type='text' id='song' size='32' /></td> </tr> <tr valign='top'> <td width='550px' class='what'>Your Favorite Part of my Site?:</td> <td width='550px'><input name='part' type='text' id='part' size='32' /></td> </tr> <tr valign='top'> <td width='550px' class='what'><span style='color:#ff0000'><b>*</b></span> Comment:</td> <td width='550px'><textarea name='comments' cols='28' rows='6' id='comments' class='bodytext'></textarea></td> </tr> <tr> <td class='bodytext'> </td> <td align='left' valign='top'><input name='submit' type='submit' class='btn' value='Sign' /></td> </tr> </table> </form>"; }else{ $connect = mysql_connect("127.0.0.1","patben_admin","pepsi_1990") or die('Error connecting'); $db = mysql_select_db("patben_db") or die('Error selecting db'); $query = mysql_query("SELECT * FROM guestbook order by id desc"); $num_rows = mysql_num_rows($query); if($num_rows > 0) { //display entries while($row = mysql_fetch_array($query)){ echo ' <table> <tr> <td> <b>Posted by:</b> '.$row['name'].' ('.$row['email'].')<br /> <b>'.$row['date'].'</b><br /> <b>Favorite Pat Song:</b> '.$row['song'].'<br /> <b>Favorite Part of the Site:</b> '.$row['part'].' </td> </tr> <tr> <td> '.nl2br($row['comments']).' <hr /> </td> </tr> </table>'; } }else{ echo "No Entries... <a href='guestbook.php?page=sign'>Be the first!</a>"; } } ?> and here's the code that processes the form (separate file): Code: [Select] <?php if($_POST['submit']) { $connect = mysql_connect('127.0.0.1','patben_admin','pepsi_1990') or die('Error connecting'); $db = mysql_select_db('patben_db') or die('Error selecting db'); $date = date("Y-m-d"); $name = strip_tags($_POST['name']); $email = strip_tags($_POST['email']); $song = strip_tags($_POST['song']); $part = strip_tags($_POST['part']); $comments = nl2br($_POST['comments']); $query = mysql_query("insert into guestbook values('','$date','$name','$email','$song','$part','$comments')"); header("location: guestbook.php"); }else{ header("location: guestbook.php"); } ?> I have not added a section in my database for the check box so I am also unsure how to do that (if I need to). Any help would be greatly appreciated! Thank you |
|||||||