Learn VBA & Macros in 1 Week!

PHP - Input Box Not Registering Value

Full Excel VBA Course - Beginner to Expert

Input Box Not Registering Value	View Content

I have a form where members on my site can update their display name among other things. However, my script is returning the error for if nothing was inputted in the display name input box (members must provide a display name, can't leave that box blank) even though my text input box definitely has a value.

The section of my form with the input box:
Code: [Select]
<tr>
<td class='sidebardark' width=40%><b>Display Name</td>
<td class='D' width=60%><input type=text name=newdisplayname class='inputtext' value="<? echo $currentname;?>"></td>
</tr>

And the section in my form-submitted script that has the error that's displaying:
Code: [Select]
$newdisplay = strip_tags(mysql_real_escape_string($POST['newdisplayname']));
if ($newdisplay == "" || !isset($POST['newdisplayname'])){
errorbox("You must set a display name!");
}

Normally I'd think it was a typo on my part but I honestly can't see anything wrong with it. The current display name is showing up just fine in the input box.

I asked it to echo $newdisplay above the error box and it echoed nothing so I have to assume it's not passing the variable correctly for some reason.

Edit: If it matters, I haven't had any issues with text input boxes on this particular site before. Only this specific one.

Full Excel VBA Course - Beginner to Expert

Similar Tutorials

About Registering Globals...

Using Escape On A Registering Form?

Information Not Registering In Sql Database

After Registering Go To Main.php And Be Logged In?!

Form Registering....country/state/province Etc

Adding Email To Registering Account + Db + Config File Etc

Escaping Php Input -- Not Normal Input

Two Input Forms - One Based Upon Input To The Other

Form Input With Two Date Formats In Two Different Input Fields From Select Date

Text Input Correct = Go To One Page, Text Input Incorrect = Go To Another Page

Need Some Input On How To Do This

Dom Input Value Not Changing.

Php Getting Form Input

Set Input Text To A Php Value?

Help: Secure Input

Sanitizing Input

Php Adding [ ] To Input

Learn VBA & Macros for Excel in 1 Week!

About Registering Globals...

Similar Tutorials

Well I heard that registering $GLOBALS is a bad practice in general since their values can be changed by anyone at anytime. However, the usage of $GLOBALS does simplify the script considerably at times when a certain column in a table needs to be retrieved repeatedly. A good example is user's money data stored in table prefix_users as shown below:

Code: [Select]
$result = mysql_query( "SELECT * FROM {$prefix}users WHERE uid = '$uid'");
$GLOBALS['usersettings'] = mysql_fetch_array($result);
$GLOBALS['money'] = $GLOBALS['usersettings']['money'];

If the above code is included in a function file, it will be possible to simply use $GLOBALS['money'] to retrieve user's money data without having to write lines of mysql commands everytime. So I was wondering, is there another way to retrieve database info from a certain column easily but not to register $GLOBALS? Just curious.

Using Escape On A Registering Form?

Similar Tutorials

Hi, I have a site where users can register etc. I was wondering should I use mysql_real_escape_string() for the elements on my registration form example email, name and so on or is it no necessary?
One more question could some one tell is this the proper way to use it before inserting into the database.

$name=$_POST['name'];

mysql_real_escape_string($name)

?

Information Not Registering In Sql Database

Similar Tutorials

Hi there I would be most grateful is someone could tell me why my data is not being entered into my database and not responding with an email confirmation link. Thanks in advance.

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>
<body>
<?
include('config.php');

// table name
$tbl_name="temp_members_db";

// Random confirmation code
$confirm_code=md5(uniqid(rand()));

// values sent from form
$name=$_POST['name'];
$email=$_POST['email'];
$country=$_POST['country'];

// Insert data into database
$sql="INSERT INTO $tbl_name(confirm_code,name,email,password,country) VALUES('$confirm_code','$name','$email','$password','$country')";
$result=mysql_query($sql);

// if suceesfully inserted data into database, send confirmation link to email
if($result){

// ---------------- SEND MAIL FORM ----------------

// send e-mail to ...
$to=$email;

// Your subject
$subject="Your confirmation link here";

// From
$header="from: your name <your email>";

// Your message
$message="Your Comfirmation link \r\n";
$message.="Click on this link to activate your account \r\n";
$message.="http://www.yourweb.com/confirmation.php?passkey=$confirm_code";

// send email
$sentmail = mail($to,$subject,$message,$header);

}

// if not found
else {
echo "Not found your email in our database";
}

// if your email succesfully sent
if($sentmail){
echo "Your Confirmation link Has Been Sent To Your Email Address.";
}
else {
echo "Cannot send Confirmation link to your e-mail address";
}

?>
</body>
</html>

After Registering Go To Main.php And Be Logged In?!

Similar Tutorials

Please help with my register page: http://www.retroandvintage.co.uk/register.php

after someone has registered they are stuck on reg_script.php and don't get redirected back to main.php being already logged in?!

here is my code:

Code: [Select]
<?php
  session_start();
include_once("config.php");
//include_once("functions.php");
  require_once('captcha/recaptchalib.php');
  $privatekey = "6Ldhhr4SAAAAAKFoL2INOZV0_VuF6_z3OwDjVFNn";
  $resp = recaptcha_check_answer ($privatekey,
                                $_SERVER["REMOTE_ADDR"],
                                $_POST["recaptcha_challenge_field"],
                                $_POST["recaptcha_response_field"]);

  if (!$resp->is_valid) {
    // What happens when the CAPTCHA was entered incorrectly
    die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." .
         "(reCAPTCHA said: " . $resp->error . ")");
  } else {
    // Your code here to handle a successful verification
$rsPostCode = $_POST['rsPostCode'];
$rsGender = $_POST['rsGender'];
$rsUser = $_POST['rsUser'];
   $rsPass = $_POST['rsPass'];
$rsEmail = $_POST['rsEmail'];
$rsMobile = $_POST['rsMobile'];
$rsAge = $_POST['rsAge'];

   $sql = "INSERT INTO members_copy (RSPOSTCODE, RSGENDER, RSUSER, RSPASS, RSEMAIL, RSMOBILE, RSAGE) VALUES ('$rsPostCode', '$rsGender', '$rsUser', '$rsPass', '$rsEmail', '$rsMobile', '$rsAge');";
//echo $sql;
mysql_query($sql);

$ebits = ini_get('error_reporting');
error_reporting($ebits ^ E_NOTICE);
/*
Login script:
This script does the following:

Checks that the user is NOT already logged in - if they are they
are redirected to the members page by the 'checkLoggedIn()' function.

Checks if the login form has been submitted - if so, the 'login' and
'password' fields are checked to ensure they are of the correct format and length.
If there are any problems here an error is added to the $messages array and
then the script executes the 'doIndex()' function - this function basically
outputs the main 'index' page for this script - ie the login form.

If there are no problems with the previous step, the 'login' and 'password'
field data is passed to the 'checkPass' function to check that an entry
exists in the 'users' table for that login/password pair.
If nothing is returned from the 'checkPass()' function, an error is
added to the $messages array and the 'doIndex()' function is called as above.

If a row of data is returned from the 'users' table, the data is passed to
the 'cleanMemberSession()' function - which initializes session variables and
logs the user in.  The user is then forwarded to the members page.

If the form hasn't yet been submitted, then the 'doIndex()' function is called
and the login page is displayed.
*/
// Check user not logged in already:
checkLoggedIn("no");

// Page title:
$title="Member Login Page";

// if $submit variable set, login info submitted:
if(isset($_POST["Register"])) {
//
// Check fields were filled in
//
// login must be between 4 and 15 chars containing alphanumeric chars only:
field_validator("rsUser", $_POST["rsUser"], "alphanumeric", 4, 15);
// password must be between 4 and 15 chars - any characters can be used:
field_validator("rsPass", $_POST["rsPass"], "string", 4, 15);

// if there are $messages, errors were found in validating form data
// show the index page (where the messages will be displayed):
if($messages){
doIndex();
// note we have to explicity 'exit' from the script, otherwise
// the lines below will be processed:
exit;
}

// OK if we got this far the form field data was of the right format;
// now check the user/pass pair match those stored in the db:
/*
If checkPass() is successful (ie the login and password are ok),
then $row contains an array of data containing the login name and
password of the user.
If checkPass() is unsuccessful however, $row will simply contain
the value 'false' - and so in that case an error message is
stored in the $messages array which will be displayed to the user.
*/
    if( !($row = checkPass($_POST["rsUser"], $_POST["rsPass"])) ) {
// login/passwd string not correct, create an error message:
        $messages[]="Incorrect login/password, try again";
    }

/*
If there are error $messages, errors were found in validating form data above.
Call the 'doIndex()' function (which displays the login form) and exit.
*/
if($messages){
doIndex();
exit;
}

/*
If we got to this point, there were no errors - start a session using the info
returned from the db:
*/
cleanMemberSession($row["rsUser"], $row["rsPass"]);

// and finally forward user to members page (populating the session id in the URL):
header("Location: main.php");

/*
This function displays the default 'index' page for this script.  This consists of just a simple
login form for the user to submit their username and password.
*/
}
}
?>

Form Registering....country/state/province Etc

Similar Tutorials

hey guys

just wondering what u think the best way to do this.....on my form registration for users....I have a drop down for countrys....but I dont want to have 2 drop downs 1 for state and 1 for province if they choose canada/usa....I have seen alot of java scrit on such sites where if you choose Canada for country, then it switches to a drop down for just provinces, not states. Same for zip code/postal code...american zip code would be like 90210 where as a postal code would be like n5j2S1. Is there a script or something already I can use with all the countrys/provinces/states etc already entered so im not re-inventing the wheel here? If someone can point me in right directon id appreciate it.
Thanks

Adding Email To Registering Account + Db + Config File Etc

Similar Tutorials

Hey guys, Just lately I have been trying to start a specific project for myself. I started off by designing the pages etc on HTML, and then a friend of mine helped me convert them to PHP. At the moment, when a user registers to the site, they only require to enter a Username and Password. I would like to add their email to it too, due to adding slightly extra security. It would also be used for future reasons such as sending emails out etc. I'm not sure about adding this, I know that most likely it is going to be VERY similar to how it already is, but I couldn't seem to get it to work when I tried. Ill give the coding which I am using for this below (the documents which I believe would need editing) : Register.php

<?php

require($_SERVER['DOCUMENT_ROOT'] . '/TruckWorld/includes/config.php');

$sOutput .= '<div id="register-body">';

if (isset($_GET['action'])) {
	switch (strtolower($_GET['action'])) {
		case 'register':
			// If the form was submitted lets try to create the account.
			if (isset($_POST['username']) && isset($_POST['password'])) {
				if (createAccount($_POST['username'], $_POST['password'])) {
					$sOutput .= '<h1>Account Created</h1><br />Your account has been created. 
								You can now login <a href="login.php">here</a>.';
				}else {
					// unset the action to display the registration form.
					unset($_GET['action']);
				}				
			}else {
				$_SESSION['error'] = "Username and or Password was not supplied.";
				unset($_GET['action']);
			}
		break;
	}
}

// If the user is logged in display them a message.
if (loggedIn()) {
	$sOutput .= '<h2>Already Registered</h2>
				You have already registered and are currently logged in as: ' . $_SESSION['username'] . '.
				<h4>Would you like to <a href="login.php?action=logout">logout</a>?</h4>
				<h4>Would you like to go to <a href="index.php">site index</a>?</h4>';
				
// If the action is not set, we want to display the registration form
}elseif (!isset($_GET['action'])) {
	// incase there was an error 
	// see if we have a previous username
	$sUsername = "";
	if (isset($_POST['username'])) {
		$sUsername = $_POST['username'];
	}
	
	$sError = "";
	if (isset($_SESSION['error'])) {
		$sError = '<span id="error">' . $_SESSION['error'] . '</span><br />';
	}
	
	$sOutput .= '<!DOCTYPE html>
	<html>
	
	<head>
	
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
	
    <title>Truck World - Register</title>
	
    <!-- Core CSS - Include with every page -->
    <link href="css/bootstrap.min.css" rel="stylesheet">
    <link href="font-awesome/css/font-awesome.css" rel="stylesheet">
	
    <!-- SB Admin CSS - Include with every page -->
    <link href="css/sb-admin.css" rel="stylesheet">
	
	
	</head>
	
	<body>
	
	<div align=center><img src="images/logintitle.png" alt="LoginTitle" /></div>
	
    <div class="container">
	<div class="row">
	<div class="col-md-4 col-md-offset-4">
	<div class="login-panel panel panel-default">
	<div class="panel-heading">
	<h3 class="panel-title">Register To Join Truck World!</h3>
	</div>
	<div class="panel-body">
		' . $sError . '
		<form name="register" method="post" action="' . $_SERVER['PHP_SELF'] . '?action=register">
			<fieldset>
			<div class="form-group">
				<input class="form-control" placeholder="Username" name="username" type="username" autofocus="">
			</div>
			<div class="form-group">
				<input class="form-control" placeholder="Password" name="password" type="password" value="">
			</div>
			<div class="form-group">
				<input class="form-control" placeholder="Email" name="email" type="email" value="">
			</div>
			<!-- Change this to a button or input when using this as a form -->
			<input type="submit" class="btn btn-lg btn-success btn-block" name="submit" value="Register" />
			<a href="login.php"class="btn btn-lg btn-success btn-block">Login</a>
		</fieldset>';
}

$sOutput .= '</div>
</div>
</div>
</div>
</div>

<div align=center><h5><small>Copyright - Lewis Pickles 2014 - All Rights Reserved</small></h5></div>

<!-- Core Scripts - Include with every page -->
<script src="js/jquery-1.10.2.js"></script>
<script src="js/bootstrap.min.js"></script>
<script src="js/plugins/metisMenu/jquery.metisMenu.js"></script>

<!-- SB Admin Scripts - Include with every page -->
<script src="js/sb-admin.js"></script>

</body>

</html>
';

// display our output.
echo $sOutput;
?>

Functions.php (Not sure if this would need editing, I think it might, Correct me if I'm wrong)

<?php

function createAccount($pUsername, $pPassword) {
	// First check we have data passed in.
	if (!empty($pUsername) && !empty($pPassword)) {
		$uLen = strlen($pUsername);
		$pLen = strlen($pPassword);
		
		// escape the $pUsername to avoid SQL Injections
		$eUsername = mysql_real_escape_string($pUsername);
		$sql = "SELECT username FROM users WHERE username = '" . $eUsername . "' LIMIT 1";

		// Note the use of trigger_error instead of or die.
		$query = mysql_query($sql) or trigger_error("Query Failed: " . mysql_error());

		// Error checks (Should be explained with the error)
		if ($uLen <= 4 || $uLen >= 11) {
			$_SESSION['error'] = "Username must be between 4 and 11 characters.";
		}elseif ($pLen < 6) {
			$_SESSION['error'] = "Password must be longer then 6 characters.";
		}elseif (mysql_num_rows($query) == 1) {
			$_SESSION['error'] = "Username already exists.";
		}else {
			// All errors passed lets
			// Create our insert SQL by hashing the password and using the escaped Username.
			$sql = "INSERT INTO users (`username`, `password`) VALUES ('" . $eUsername . "', '" . hashPassword($pPassword, SALT1, SALT2) . "');";
			
			$query = mysql_query($sql) or trigger_error("Query Failed: " . mysql_error());
			
			if ($query) {
				return true;
			}	
		}
	}
	
	return false;
}

/***********
	string hashPassword (string $pPassword, string $pSalt1, string $pSalt2)
		This will create a SHA1 hash of the password
		using 2 salts that the user specifies.
************/
function hashPassword($pPassword, $pSalt1="2345#$%@3e", $pSalt2="taesa%#@2%^#") {
	return sha1(md5($pSalt2 . $pPassword . $pSalt1));
}

/***********
	bool loggedIn
		verifies that session data is in tack
		and the user is valid for this session.
************/
function loggedIn() {
	// check both loggedin and username to verify user.
	if (isset($_SESSION['loggedin']) && isset($_SESSION['username'])) {
		return true;
	}
	
	return false;
}

/***********
	bool logoutUser 
		Log out a user by unsetting the session variable.
************/
function logoutUser() {
	// using unset will remove the variable
	// and thus logging off the user.
	unset($_SESSION['username']);
	unset($_SESSION['loggedin']);
	
	return true;
}

/***********
	bool validateUser
		Attempt to verify that a username / password
		combination are valid. If they are it will set
		cookies and session data then return true. 
		If they are not valid it simply returns false. 
************/
function validateUser($pUsername, $pPassword) {
	// See if the username and password are valid.
	$sql = "SELECT username FROM users 
		WHERE username = '" . mysql_real_escape_string($pUsername) . "' AND password = '" . hashPassword($pPassword, SALT1, SALT2) . "' LIMIT 1";
	$query = mysql_query($sql) or trigger_error("Query Failed: " . mysql_error());
	
	// If one row was returned, the user was logged in!
	if (mysql_num_rows($query) == 1) {
		$row = mysql_fetch_assoc($query);
		$_SESSION['username'] = $row['username'];
		$_SESSION['loggedin'] = true;
			
		return true;
	}
	
	
	return false;
}
?>

The Database for the email is as follows:
Edited by Lewis2212, 06 August 2014 - 10:20 AM.

Escaping Php Input -- Not Normal Input

Similar Tutorials

I am writing a script that will parse my PHP classes and check for things like coupling, visualize my objects and connections, dependencies, check for convention usage, etc. So, I have a simple file upload. I'm never saving the files, just get contents and dump the file and work with the string version. I'm writing it for me, but I figure I might want to open it for others to use in the future, so I may as well write it that way to begin with -- so I need to validate user input. Problem is, the user input is supposed to be valid PHP code. I'm thinking that, as long as I'm careful, I shouldn't be executing any code contained in strings, but I'm no security expert and I want a warm fuzzy that my thought on this is correct. What kinds of things do I need to look out for? Is it possible to inject when working with strings? My initial thought is to regex the entire file and replace key portions with known replacements. So ( and ) would become !* and !^ or $ would become @~ (combinations that -- I think -- don't make sense to php?) But that may be completely unnecessary processing time if I'm not in any danger, here. Thanks ahead of time for any help. PS - as a side question -- what's the best way to verify a file is a php file? I know of getimagesize for images, but should I just check for <? to verify it's php? That seems like it would be too easy to fool -- then again, it might not matter much. -Adam

Two Input Forms - One Based Upon Input To The Other

Similar Tutorials

I hope I can explain what is happening. I have created two forms in PHP. The first 'almost' works, i.e. it shows the data. But I have two problems - 1) the second pulldown menu is always empty and 2) $value from the first pulldown menu ALWAYS equals the last entry thus the last 'if' in the function subdomains ($domains) is always called (but still empty). The code may explain this better than me:

<!DOCTYPE html>
<html>
<body>
   <!-- processDomains.php is this file - it calls itself (for testing purposes so I can see what is happening) -->
   <form action="processDomains.php" method="post">
   <?php
       // create the domains array (there are actually several entries in the array but I cut it down for testing)
       $domains = array (1 => 'Decommission', 'Migration');
    
       echo "Select Domain:";
       echo "<br>";
    
       // Make the domain pull-down menu - this displays correctly
       echo '<select name="domain">';
       foreach ($domains as $key => $value) {
          echo "<option value=\"$key\">$value</option>\n";
       }
       echo '</select>';

       // input doesn't matter what is 'submitted', always goes to last $value
       echo '<input type="submit" name="submit" value="Submit">';

       // call function subdomains
       subdomains ($value);
    
       function subdomains ($domains) {
           // define values for each array - each array contains available choices for the subdomain pulldown menu
           $migration = array (1 => 'Application Migration', 'Application Patch', 'Application Upgrade');
           $decommission = array (1 => 'Applications', 'Servers', 'Storage');
    
           if ($domains === 'Migration') {
              echo "Select subdomain:";
              echo "<br>";
              // Make the Migration pull-down menu
              echo '<select name="migration">';
              foreach ($migration as $key => $value) {
                  echo "<option value=\"$key\">$value</option>\n";
              }
              echo '</select>';
           } else if ($domains === 'Decommission') {

              /* ===
               * since 'Decommission' is the last entry in the 'Domains' pulldown list, $value ALWAYS equals
               * 'Decommission' and $domains equals $value. So this menu SHOULD work but is always
               * empty.  Thus, two problems - the pulldown menu is always empty and $value isn't based
               * upon user input.
              */
              echo "Select subdomain:";  // this prints so I know I'm in 'Decommission (I eliminated the echo "$domain" to show I'm always coming here)'
              echo "<br>";
              // Make the 'Decommission' pull-down menu
              echo '<select name="decommission">';
              foreach ($decommission as $key => $value) {
                  echo "<option value=\"$key\">$value</option>\n";
              }
              echo '</select>';
              echo '<input type="submit" name="submit" value="Submit">'
           ) // end of 'if-else'
    } // end of function 'subdomain'
     
?>
</form>
</body>
</html>

Let me say thank you in advance and I appreciate the help! I know I'm doing something (or more than one thing) wrong and I hope someone can tell me what it is. Best Regards!
Edited by mac_gyver, 19 January 2015 - 09:37 PM.
code tags around posted code please

Form Input With Two Date Formats In Two Different Input Fields From Select Date

Similar Tutorials

I have a calendar select date function for my form that returns the date in the calendar format for USA: 02/16/2012. I need to have this appear as is for the form and in the db for the 'record_date' column, but I need to format this date in mysql DATE format (2012-02-16) and submit it at the same time with another column name 'new_date' in the database in a hidden input field. Is there a way to do this possibly with a temporary table or something?

Any ideas would be welcome.

Doug

Text Input Correct = Go To One Page, Text Input Incorrect = Go To Another Page

Similar Tutorials

Hi people, I really hope you guys can help me out today. I'm just a newbe at php and i'm having real trouble.

Bassically all I want to do is have a user type in a company name in a html form.

If what the user types in the form matches the company name in my php script i want the user to be sent to another page on my site.

If what the user types in the form doesnt match the company name in my php script i want the user to be sent to a differnt page like an error page for example.

this is my html form:

Code: [Select]
<form id="form1" name="form1" method="post" action="form_test.php">
<p>company name:
<input type="text" name="company_name" id="company_name" />
</p>
<p>
<input type="submit" name="button" id="button" value="Submit" />
</p>
</form>
And this is the php code I'm trying to process the information on:

Code: [Select]
<?php

$comp_name = abc;

if(isset ($_POST["company_name"])){
if($_POST["company_name"] == $comp_name){

     header("Location: http://www.hotmail.com");
exit();
}

else{
   header("Location: http://www.yahoo.com");
exit();
}
}
?>
The thing is i'm getting this error when i test it:
Warning: Cannot modify header information - headers already sent by (output started at D:\Sites\killerphp.com\form_test.php:10) in D:\Sites\killerphp.com\form_test.php on line 17

Please can some one help me out, i'm sure this is just basic stuff but i just cant get it to work

Cheers.

Need Some Input On How To Do This

Similar Tutorials

i'm not sure how to ask this question on google, so i'm going to ask for your help.

here's the code that i have the question about

<form action='findMovie.php' method='post'>
<table>
<?php
$result = mysql_query ("SELECT genre FROM genres ORDER BY genre");
while ($row = mysql_fetch_array($result)) {
$genre = $row['genre'];
echo "<tr><td>" .$genre ."</td><td><input type='hidden' name='" .$genre ."' value='" .$genre ."'><input type='submit' name='listMovies'></td></tr>";
}
?>
</table>
</form>

so i have this form that creates a list of submits from a table that i have created. the form works perfectly fine (i realize the design is not that great... i'm just going for functionality now)

what i need is to turn the value of the hidden field (which is dynamically created by a variable) into a variable in the handler so that I can search my movie table and get the movies by genre.

does this make sense? and any help is greatly appreciated. i'm not a great programmer, but i do it in my spare time as a hobby. so go easy on my coding, it works and that's the most i'm concerned with at the moment.

thanks ahead of time

Input Form

Similar Tutorials

Hello friends
i need to make the following idea

Code: [Select]
<form method="post">
Enter ID : <input type="text" name="id" />
<input type="submit" value="Submit" />
</form>
and the input id should goes to php code on same page as $id

$ORGtext= file_get_contents('NewsID=$id');

how to write it correct

thanks

Checking Input

Similar Tutorials

So basically I have a site, and on that site, I have a page that submits a form and updates a database. I have it set up so that someone can enter in Multiple values into a textarea, one on each line, and it will submit each of those values as a new row in the database, but for the life of me, I cannot figure out how to check those values against the actual users.

It is basically a point system, where the staff can award points users of the site. But at the moment, a Staff member could enter in Jibberish, and it would insert that into the database, but I want it to check my users table to make sure the user exists before it inserts it into the database.

here is my code:
<?php
include 'global.php';

echo $headersidebar;

if ($_COOKIE['access'] == $accessstaff)
{

if(count($_POST))
{

$array = preg_split('/(\r?\n)+/', $_POST['studentname']);
foreach($array as $students)
   {

   $statusmsg = '<center><span style="background: #A6FF9E;">You have successfully submitted points to the database.</span></center>';

   mysql_query("INSERT INTO points (giver, receiver, points, category, reason, date, status) VALUES ('{$_COOKIE['username']}', '{$students}', '{$_POST['pointamt']}', '{$_POST['pointcat']}', '{$_POST['pointreason']}', '{$date}', 'Validating')");
   }
}

$addpointspage = $statusmsg . '

<form action="submit_points.php" method="post">

<table class="table" >

<tr>

<td colspan="10">

<h1><strong><center>Submit Points</center></strong></h1>

</td>

</tr>

<tr>

<td colspan="10" rowspan="100">

<center>Please remember to follow the house point limits when submitting house points.</center>

</td>

</tr>

</table>

<table class="table">

<tr>

<td style="width: 15%;" valign="top">

Student Name:<br> <span style="font-size: 60%;">(List as many as you want; One per Line)</span>

</td>

<td colspan="10">

<center><textarea name="studentname" cols="60" rows="10"></textarea></center>

</td>

</tr>

<tr>

<td style="width: 15%;" valign="top">

Amount of Points:

</td>

<td>

<input style="position: relative; left: 16px;" type="text" size="15" name="pointamt" />

</td>

<td>

Do not put anything that is not a number into this box.

</td>

</tr>

<tr>

<td style="width: 15%;" valign="top">

Point Category:

</td>

<td colspan="10">

<select name="pointcat" style="position: relative; left: 16px;">

<option SELECTED value="">-------</option>

<option>Class Work</option>

<option>Class Exam</option>

<option>Extra Work</option>

<option>Contests</option>

<option>Teacher\'s Assistant</option>

<option>Negative Points</option>

</select>

</td>

</tr>

<tr>

<td style="width: 15%;" valign="top">

Reason:

</td>

<td colspan="10">

<input style="position: relative; left: 16px;" name="pointreason" type="text" size="80" />

</td>

</tr>

<tr>

<td>

</td>

<td colspan="10">

<input style="position: relative; left: 16px;" type="submit" value="Submit Points" />

</td>

</tr>

</table

</form>

';

}

elseif (1==1)
{
$addpointspage = $accessdenied;
}

echo

'

<div id="content">

<div class="post">

<div class="entry">

<p><strong>' . $addpointspage . '</p>

<p class="links">' . $addpointslink . '</p>

</div>

</div>

</div>

<div style="clear: both;"> </div>

</div>

</div>';

echo $footer;

?>

I am fairly new to PHP, so I would appreciate any help someone could give me; I am not too good with arrays and such, so this one has got me stumped.

Dom Input Value Not Changing.

Similar Tutorials

Hi, I'm having a problem with a hidden input value not changing on the browser after a request. I can change the value and alert or console log the new value but it won't change the DOM. Here's the section I'm having problems with:

xhr.onload = function() {
	if (xhr.status === 200) {
		var data = JSON.parse(this.responseText);
		$(".token").attr('value', data.token);
		alert($(".token").val());
	} else {
		console.log('Something went terribly wrong...');
	}
};

Edited by Millertime1, 16 August 2014 - 03:34 PM.

Php Getting Form Input

Similar Tutorials

Whit my code it only appear a list of 1 or 0 and the id but I don't know how to get to show only the id
Like so:

submit
0
60/
0
59/
0
58/
0
57/
0
56/
0
45/
0
38/
1
37/

on my first page:
Code: [Select]
<table border="2">
<tr>

<th>Id</th>
<th>User</th>
<th>Comment</th>
<th>Yes</th>
<th>No</th>
</tr>
<form method="post" action="admincommentdelete.php" id="formc">
<?php

  $vv = array();
  $st = Comment::test($result['article']->id,0,999);
  $vv['comment'] = $st['comment'];
  $i = 0;
foreach($vv['comment'] as $p)
{
$i++;
echo "<tr>";
echo "<td>".$p->id."</td>";
echo "<td>".$p->usern."</td>";
echo "<td>".$p->com."</td>";
echo "<td><input name=$i type=radio value='1'/></td>";
echo "<td><input name=$i type=radio value='0'/></td>";
         echo "<input type=hidden name=h".$i." value=$p->id/>";
echo "</tr>";

}

  ?>
<input type="submit" value="submit" name="submit">
</form>

</table>

second:
Code: [Select]
<?php

$id = array();
if(isset($_POST['submit']))
{

$data = array();
$data = $_POST;
foreach($data as $key)
{

echo $key."</br>";
}
}

?>

Loop Input.

Similar Tutorials

hi , i have build an search engine .
i don't know really how to output the results.
i have done something like this .

$qry = mysql_fetch_assoc(mysql_query("SELECT `search2`FROM `search` WHERE `search1`='%".$search."%' "));
echo $qry['search2'];

but it output only 1 result , i wanna know to to output all the results he find.
thanks , Mor.

Set Input Text To A Php Value?

Similar Tutorials

I'm new to PHP So sorry if this is a nooby question, But i have 3 php pages, one asks for username, pass, database and host, and then posts it on the next php page. The next PHP Page asks if all the information is correct, with hidden inputs, and the values as the PHP settings, but wrapped in <?php ?>

Example:
<input type="hidden" name="user" value=<?php $user; ?> />

Will the above set the value of user to the PHP Value of $user?

Help: Secure Input

Similar Tutorials

Hi,
I'm inserting data into database. which is going fine. but i want to make sure how to insert secure data into database to avoid sql injection.
what function should i use to insert secure data into database. can any one guide me please???
Thanks

Sanitizing Input

Similar Tutorials

I'm researching ways that my server can be vulnerable. So far, I've strongly relied on regex to sanitize anything susceptible to user input/manipulation. Should I be trying other methods? Should I be changing input to html entities, even though they're bypassed w/ regex?

Any recommendations on other methods to secure my server besides securing user input?

Php Adding [ ] To Input

Similar Tutorials

need to add

Code: [Select]
$ibforums->input['[u'] != "")
something like that
i need to add

$_GET[''];

but it's not working when i use &=

do ineed to use html entities?