|
PHP - Form Not Processing After Submit
I have a form that is not doing anything after I click "submit". The code is below and a demo with the code is he http://communitycouch.com/index.php?action=register
Code: [Select] <?php /* Things to do: Create error to show error when special characters are inputted in First and Last Name Fields Verify Dates to be true upon submit (for bithdays) Create birthday variable to be submitted into database, also add is_numberic() change activate.php to index?action=activate */ if($action == 'register') { if (isset($_POST['submit'])) { $errors = array(); require_once('connection.php'); //////////Checks Username //////////Makes sure username is 4-20 characters and contains only letters and numbers if(ereg("[[:alnum:]]{4,20}",stripslashes(trim($_POST['username'])))) { $user = mysql_real_escape_string($_POST['username']); $query = "SELECT username FROM reg_vars WHERE username = '$username'"; $result = @mysql_query($query); $num = @mysql_num_rows($result); if ($num> 0) { $errors[] = '<font color="red">The username you have chosen has already been taken, please try again.</font>'; } else { $username = mysql_real_escape_string($_POST['username']); } } else { $errors[] = '<font color="red">Please provide a valid username between 4 and 30 characters.</font>'; } //////////Checks E-mail if (!eregi('^[a-zA-Z]+[a-zA-Z0-9_-]*@([a-zA-Z0-9]+){1}(\.[a-zA-Z0-9]+){1,2}', stripslashes(trim($_POST['email'])) ) || empty($_POST['email'])) { $errors[] = '<font color="red">Please provide a valid email address.</font>'; } else { $email = mysql_real_escape_string($_POST['email']); } ///////// Check Names if (empty($f_name)) { $error["f_name"] = "First Name is blank."; } if (empty($l_name)) { $error["l_name"] = "Last Name is blank."; } ////////// Check PASSWORDS if (!empty($_POST['password'])) { if ($_POST['password'] != $_POST['cpassword']) { $errors[] = '<font color="red">The passwords you have entered do not match.</font>'; } else { $password = $_POST['password']; } } else { $errors[] = '<font color="red">Please provide a password.</font>'; } /////////Send Activation E-mail //////// Add Birthday to the registrarion Variables if (empty($errors)) { $a = md5(uniqid(rand(), true)); $query = "INSERT INTO reg_vars (username, f_name, l_name, email, password, active) VALUES ('$username', '$email', SHA1('$password'), '$a')"; $result = @mysql_query($query); if (mysql_affected_rows() == 1) { ////////// Send the Activation email $body = "Thank you for registering at the User Registration site. To activate your account, please click on this link:\n\n"; $body .= "http://www.communitycouch.com/activate.php?x=" . mysql_insert_id() . "&y=$a"; mail($_POST['email'], 'Registration Confirmation', $body, 'From: noreply@communitycouch.com'); ////////// Show thank you message echo '<h3>Thank You!</h3> You have been registered, you have been sent an e-mail to the address you specified before. Please check your e-mails to activate your account.'; } else { echo '<font color="red">You could not be registered, please contact us about the problem and we will fix it as soon as we can.</font>'; } } else { echo '<h3>Error!</h3> The following error(s) occured:<br />'; foreach ($errors as $msg) { echo " <div id=\"success_or_fail\"><font color=\"red\">$msg</font><br />\n</div>"; } } } echo " <div id=\"register_container\" class=\"Container\"> <div id=\"register_Center\" class=\"BoxCenter\"> "; echo" <div id=\"register_BoxContainer\" class=\"Container\"> <div class=\"HeaderLeft\"></div><div id=\"register_Header\" class=\"HeaderCenter\">Register for Community Couch</div><div class=\"HeaderRight\"></div><br /> <div id=\"register_Content\" class=\"BoxContent\"> <form name=\"reg_form\" action=\"";$_SERVER['PHP_SELF']; echo"\" method=\"post\" style=\"margin: 0;\"> <div class=\"Container FormBoxLeft\"> <b>Username:</b> </div> <div class=\"Container FormBoxRight\"> <input name=\"username\" size=\"30\" type=\"text\" /> </div> <br class=\"EndColumn\" /> <div class=\"Container FormBoxLeft\"> <b>First Name:</b> </div> <div class=\"Container FormBoxRight\"> <input name=\"f_name\" size=\"30\" type=\"text\" /> </div> <br class=\"EndColumn\" /> <div class=\"Container FormBoxLeft\"> <b>Last Name:</b> </div> <div class=\"Container FormBoxRight\"> <input name=\"l_name\" size=\"30\" type=\"text\" /> </div> <br class=\"EndColumn\" /> <div class=\"Container FormBoxLeft\"> <b>Birthdate:</b> </div> <div class=\"Container FormBoxRight\"> <select name=\"month\"><option value=\"\">-Month-</option> <option value=\"01\">January</option> <option value=\"02\">February</option> <option value=\"03\">March</option> <option value=\"04\">April</option> <option value=\"05\">May</option> <option value=\"06\">June</option> <option value=\"07\">July</option> <option value=\"08\">August</option> <option value=\"09\">September</option> <option value=\"10\">October</option> <option value=\"11\">November</option> <option value=\"12\">December</option> </select> <select name=\"day\"> <option value=\"\"> -Day-</option>'; //Print 31 Days "; for ($x=1; $x<=31; $x++) { echo "<option value='".$x."'"; if(isset($_POST['submit']) && $day == $x) { echo " selected"; } echo ">".$x."</option>\n"; } echo "</select> <input name=\"year\" size=\"2\" maxlength=\"4\" type=\"text\"> </div> <br class=\"EndColumn\" /> <div class=\"Container FormBoxLeft\"> <b>E-Mail:</b> </div> <div class=\"Container FormBoxRight\"> <input name=\"email\" size=\"30\" type=\"text\" /> </div> <br class=\"EndColumn\" /> <div class=\"Container FormBoxLeft\"> <b>Display E-Mail to the Public:</b> </div> <div class=\"Container FormBoxRight\"> <input name=\"disp_email\" value=\"yes\" type=\"radio\" /> Yes <input name=\"disp_email\" value=\"no\" type=\"radio\" checked /> No </div> <br class=\"EndColumn\" /> <div class=\"Container FormBoxLeft\"> <b>Password:</b> </div> <div class=\"Container FormBoxRight\"> <input name=\"password\" size=\"30\" type=\"password\" /> </div> <br class=\"EndColumn\" /> <div class=\"Container FormBoxLeft\"> <b>Confirm Password:</b> </div> <div class=\"Container FormBoxRight\"> <input name=\"cpassword\" size=\"30\" type=\"password\" /> </div> <br class=\"EndColumn\" /> <div id=\"register_submit\" class=\"Container\"> <input name=\"tos\" type=\"checkbox\" /> I have read and agree to the Terms of Use and Privacy Policy<br /> <input type=\"submit\" value=\"Submit\"><input type=\"reset\" value=\"Reset\"> </div> <br class=\"EndColumn\" /> </form> </div> <div class=\"FooterLeft\"></div><div id=\"register_Footer\" class=\"FooterCenter\"></div><div class=\"FooterRight\"></div> </div> </div> </div> <br class=\"EndColumn\" /> <br />"; }?> [\code] Similar TutorialsCan you take a look at this page? It uses php code that I have been creating. I need it to accept the form even if checkboxes are left empty. Currently it comes up with an error. http://www.pilotrock.com/color_contact/ Here is the PHP code: <?php if(isset($_POST['Email_Address'])) { include 'lite_settings.php'; function died($error) { echo "Sorry, but there were error(s) found with the form you submitted. "; echo "These errors appear below.<br /><br />"; echo $error."<br /><br />"; echo "Please go back and fix these errors.<br /><br />"; die(); } if(!isset($_POST['organization']) || !isset($_POST['Full_Name']) || !isset($_POST['title']) || !isset($_POST['company']) || !isset($_POST['address']) || !isset($_POST['city_state']) || !isset($_POST['zip']) || !isset($_POST['Telephone_Number']) || !isset($_POST['cell_phone']) || !isset($_POST['fax']) || !isset($_POST['Email_Address']) || !isset($_POST['confirm_email']) || !isset($_POST['powder_coated_steel_blue']) || !isset($_POST['powder_coated_steel_black']) || !isset($_POST['powder_coated_steel_green']) || !isset($_POST['powder_coated_steel_brown']) || !isset($_POST['powder_coated_steel_yellow']) || !isset($_POST['powder_coated_steel_red']) || !isset($_POST['powder_coated_steel_gray']) || !isset($_POST['powder_coated_steel_burgendy']) || !isset($_POST['thermo_plastic_coated_type_expanded']) || !isset($_POST['thermo_plastic_coated_type_perforated']) || !isset($_POST['thermo_plastic_coated_black']) || !isset($_POST['thermo_plastic_coated_blue']) || !isset($_POST['thermo_plastic_coated_brown']) || !isset($_POST['thermo_plastic_coated_gray']) || !isset($_POST['thermo_plastic_coated_red']) || !isset($_POST['thermo_plastic_coated_green']) || !isset($_POST['recycle_plastic_red']) || !isset($_POST['recycle_plastic_yellow']) || !isset($_POST['recycle_plastic_black']) || !isset($_POST['recycle_plastic_blue']) || !isset($_POST['recycle_plastic_gold']) || !isset($_POST['recycle_plastic_redwood']) || !isset($_POST['recycle_plastic_cedar']) || !isset($_POST['recycle_plastic_green']) || !isset($_POST['recycle_plastic_gray']) || !isset($_POST['recycle_plastic_brown'])) { died('We are sorry, but there appears to be a problem with the form you submitted.'); } $organization = $_POST['organization']; // required $full_name = $_POST['Full_Name']; // required $title = $_POST['title']; // not required $company = $_POST['company']; // not required $address = $_POST['address']; // required $city_state = $_POST['city_state']; // required $zip = $_POST['zip']; // required $telephone = $_POST['Telephone_Number']; // required $cell_phone = $_POST['cell_phone']; // not required $fax = $_POST['fax']; // not required $email_from = $_POST['Email_Address']; // required $confirm_email = $_POST['confirm_email']; // required $powder_coated_steel_blue = $_POST['powder_coated_steel_blue']; // required $powder_coated_steel_black = $_POST['powder_coated_steel_black']; // required $powder_coated_steel_green = $_POST['powder_coated_steel_green']; // required $powder_coated_steel_brown = $_POST['powder_coated_steel_brown']; // required $powder_coated_steel_yellow = $_POST['powder_coated_steel_yellow']; // required $powder_coated_steel_red = $_POST['powder_coated_steel_red']; // required $powder_coated_steel_gray = $_POST['powder_coated_steel_gray']; // required $powder_coated_steel_burgendy = $_POST['powder_coated_steel_burgendy']; // required $thermo_plastic_coated_type_expanded = $_POST['thermo_plastic_coated_type_expanded']; // required $thermo_plastic_coated_type_perforated = $_POST['thermo_plastic_coated_type_perforated']; // required $thermo_plastic_coated_black = $_POST['thermo_plastic_coated_black']; // required $thermo_plastic_coated_blue = $_POST['thermo_plastic_coated_blue']; // required $thermo_plastic_coated_brown = $_POST['thermo_plastic_coated_brown']; // required $thermo_plastic_coated_gray = $_POST['thermo_plastic_coated_gray']; // required $thermo_plastic_coated_red = $_POST['thermo_plastic_coated_red']; // required $thermo_plastic_coated_green = $_POST['thermo_plastic_coated_green']; // required $recycle_plastic_red = $_POST['recycle_plastic_red']; // required $recycle_plastic_yellow = $_POST['recycle_plastic_yellow']; // required $recycle_plastic_black = $_POST['recycle_plastic_black']; // required $recycle_plastic_blue = $_POST['recycle_plastic_blue']; // required $recycle_plastic_gold = $_POST['recycle_plastic_gold']; // required $recycle_plastic_redwood = $_POST['recycle_plastic_redwood']; // required $recycle_plastic_cedar = $_POST['recycle_plastic_cedar']; // required $recycle_plastic_green = $_POST['recycle_plastic_green']; // required $recycle_plastic_gray = $_POST['recycle_plastic_gray']; // required $recycle_plastic_brown = $_POST['recycle_plastic_brown']; // required $error_message = ""; $email_exp = "^[A-Z0-9._%-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$"; if(!eregi($email_exp,$email_from)) { $error_message .= 'The Email Address you entered does not appear to be valid.<br />'; } if(strlen($full_name) < 2) { $error_message .= 'Your Name does not appear to be valid.<br />'; } if(strlen($address) < 2) { $error_message .= 'Your Address does not appear to be valid.<br />'; } if(strlen($city_state) < 2) { $error_message .= 'Your City/State does not appear to be valid.<br />'; } if(strlen($zip) < 2) { $error_message .= 'Your Zip/Postal Code does not appear to be valid.<br />'; } if(strlen($telephone) < 2) { $error_message .= 'Your Telephone Number does not appear to be valid.<br />'; } if(strlen($error_message) > 0) { died($error_message); } $email_message = "Form details below.\r\n"; function clean_string($string) { $bad = array("content-type","bcc:","to:","cc:","href"); return str_replace($bad,"",$string); } $email_message .= "Organization: ".clean_string($organization)."\r\n"; $email_message .= "Full Name: ".clean_string($full_name)."\r\n"; $email_message .= "Title: ".clean_string($title)."\r\n"; $email_message .= "Company Name: ".clean_string($company)."\r\n"; $email_message .= "Street Address: ".clean_string($address)."\r\n"; $email_message .= "City/State: ".clean_string($city_state)."\r\n"; $email_message .= "ZIP/Postal Code: ".clean_string($zip)."\r\n"; $email_message .= "Telephone: ".clean_string($telephone)."\r\n"; $email_message .= "Cell Phone: ".clean_string($cell_phone)."\r\n"; $email_message .= "Fax: ".clean_string($fax)."\r\n"; $email_message .= "Email: ".clean_string($email_from)."\r\n"; $email_message .= "Confirm Email: ".clean_string($confirm_email)."\r\n"; $email_message .= "Powder Coated Steel Blue: ".clean_string($powder_coated_steel_blue)."\r\n"; $email_message .= "Powder Coated Steel Black: ".clean_string($powder_coated_steel_black)."\r\n"; $email_message .= "Powder Coated Steel Green: ".clean_string($powder_coated_steel_green)."\r\n"; $email_message .= "Powder Coated Steel Brown: ".clean_string($powder_coated_steel_brown)."\r\n"; $email_message .= "Powder Coated Steel Yellow: ".clean_string($powder_coated_steel_yellow)."\r\n"; $email_message .= "Powder Coated Steel Red: ".clean_string($powder_coated_steel_red)."\r\n"; $email_message .= "Powder Coated Steel Gray: ".clean_string($powder_coated_steel_gray)."\r\n"; $email_message .= "Powder Coated Steel Burgendy: ".clean_string($powder_coated_steel_burgendy)."\r\n"; $email_message .= "Thermo Plastic Coated Type Expanded: ".clean_string($thermo_plastic_coated_type_expanded)."\r\n"; $email_message .= "Thermo Plastic Coated Type Perforated: ".clean_string($thermo_plastic_coated_type_perforated)."\r\n"; $email_message .= "Thermo Plastic Coated Black: ".clean_string($thermo_plastic_coated_black)."\r\n"; $email_message .= "Thermo Plastic Coated Blue: ".clean_string($thermo_plastic_coated_blue)."\r\n"; $email_message .= "Thermo Plastic Coated Brown: ".clean_string($thermo_plastic_coated_brown)."\r\n"; $email_message .= "Thermo Plastic Coated Gray: ".clean_string($thermo_plastic_coated_gray)."\r\n"; $email_message .= "Thermo Plastic Coated Red: ".clean_string($thermo_plastic_coated_red)."\r\n"; $email_message .= "Thermo Plastic Coated Green: ".clean_string($thermo_plastic_coated_green)."\r\n"; $email_message .= "Recycle Plastic Red: ".clean_string($recycle_plastic_red)."\r\n"; $email_message .= "Recycle Plastic Yellow: ".clean_string($recycle_plastic_yellow)."\r\n"; $email_message .= "Recycle Plastic Black: ".clean_string($recycle_plastic_black)."\r\n"; $email_message .= "Recycle Plastic Blue: ".clean_string($recycle_plastic_blue)."\r\n"; $email_message .= "Recycle Plastic Gold: ".clean_string($recycle_plastic_gold)."\r\n"; $email_message .= "Recycle Plastic Redwood: ".clean_string($recycle_plastic_redwood)."\r\n"; $email_message .= "Recycle Plastic Cedar: ".clean_string($recycle_plastic_cedar)."\r\n"; $email_message .= "Recycle Plastic Green: ".clean_string($recycle_plastic_green)."\r\n"; $email_message .= "Recycle Plastic Gray: ".clean_string($recycle_plastic_gray)."\r\n"; $email_message .= "Recycle Plastic Brown: ".clean_string($recycle_plastic_brown)."\r\n"; $headers = 'From: '.$email_from."\r\n". 'Reply-To: '.$email_from."\r\n" . 'X-Mailer: PHP/' . phpversion(); @mail($email_to, $email_subject, $email_message, $headers); header("Location: $thankyou"); ?> <script>location.replace('<?php echo $thankyou;?>')</script> <? } ?> So I know a little about PHP but I am no expert by any means. But I have a project that I am working on for a fantasy football league and need some help. My users pick players from a list and then their selections are put into a database. So more than one user is likely to pick the same player. Then I need to score the players based off their games for the week. So I have code that gets the Distinct PlayerID and creates a form to update the player score (see code below), but I have no idea how to process the form. It's a little more complicated then the forms I've used before because the MySQL query would need to UPDATE all the rows for each individual PlayerID. Am I making any sense? Anyway, here is the code. If anyone has suggestions on how to process this form or a better way of doing it then please let me know. <? print '<form id="form1" name="form1" method="post" action="update_player.php">'; // Connecting, selecting database $link = mysql_connect('localhost','user','pass'); if (!$link) { die('Could not connect: ' . mysql_error()); } //Query $query=mysql_query("select DISTINCT(PlayerID), PlayerName, Team From fantasy4.temp ORDER BY Team;") or die ('Could not connect: ' . mysql_error()); print' <center> <table align=center border=0 cellpadding=0 cellspacing=2 width=350> <tr align=center> <td width=50 align=center><b>Player ID </b></td> <td width=50 align=center><b>Team</b></td> <td width=200 align=center><b>Player Name</b></td> <td width=50 align=center><b>Score</b></td> <tr><td colspan="10" bgcolor="black" height="1"></td></tr> '; while($row=mysql_fetch_array($query)){ if($color == 1) { print '<tr bgcolor=#dDdDdD> <td align=center> ' . $row['PlayerID'] . ' </td> <td align=center> ' . $row['Team'] . ' </td> <td align=center> ' . $row['PlayerName'] . ' </td> <td align=center> <input name="' . $row['PlayerID'] . '" type="text" id="' . $row['PlayerID'] . '" size="5" maxlength="5" /> </td> </tr>'; $color=0; } else { print '<tr> <td align=center> ' . $row['PlayerID'] . ' </td> <td align=center> ' . $row['Team'] . ' </td> <td align=center> ' . $row['PlayerName'] . ' </td> <td align=center> <input name="' . $row['PlayerID'] . '" type="text" id="' . $row['PlayerID'] . '" size="5" maxlength="5" /> </td> </tr>'; $color=1; } } print '</table>'; print '<input type="submit" name="button" id="button" value="Update Player Scores" /></form>'; ?> This is what I tried that did not work <? // Connecting, selecting database $link = mysql_connect('localhost','user','pass'); if (!$link) { die('Could not connect: ' . mysql_error()); } //Query $query=mysql_query("select DISTINCT(PlayerID) From fantasy4.temp;") or die ('Could not connect: ' . mysql_error()); while($row=mysql_fetch_array($query)){ $PlayerID = $_POST[$row['PlayerID']]; } while($score = array($_POST['$PlayerID'])){ //Insert Query $query2=mysql_query("UPDATE fantasy4.temp set Score='$score' where PlayerID='$PlayerID'") or die ('Yikes could not connect: ' .mysql_error()); $result = @mysql_query($query2); } //Check whether the query was successful or not if($result) { header("location: register-success.php"); exit(); }else { die("Query failed - " .mysql_error()); } ?> I've read the php manual and a good few posts with similar but not identical problems and I am struggling to understand how to do this. Ive tailored my test site to help describe the problems that I have. www.peterod.co.uk the form is the first link in the left hand bar. Here is the code that creates the form. <?php // make connection require_once "../classes/sqlconselfbuild.php"; $query = mysql_query("SELECT * FROM `materials` ORDER BY `id` ASC"); ?> <form action="../engines/testengine1.php" method="post"> <?php // results while ($row = mysql_fetch_array($query)): $id = $row['id']; ?> <p> id number: <input type="text" name="materials[<?php echo $id; ?>][name]" value="<?php echo $row['id']; ?>" /> Material: <input type="text" name="materials[<?php echo $id; ?>][material]" value="<?php echo $row['material']; ?>" /> Stage: <input type="text" name="materials[<?php echo $id; ?>] [stage]" value="<?php echo $row['stage']; ?>" /> Qantity: <input type="text" name="materials[<?php echo $id; ?>][quantity]" value="<?php echo $row['quantity']; ?>" /> Unit: <input type="text" name="materials[<?php echo $id; ?>][unit]" value="<?php echo $row['unit']; ?>" /> <br /> </p> <?php endwhile; ?> <input type="submit" name="submit" value="Submit" /> </form> I am unsure how to get this information to insert into the database. How do you use the UPDATE query with a loop generated form ? [php] Per usual, I'm having an issue wrapping my head an issue, or I'm just not able to narrow the search well enough.
I have a form... method = post action = /process.php Upon hitting process.php, it will UPDATE a data table with the $_POST data it gets from the form. After that, I want to send it to PayPal.
It seems like at some point I was able to complete two 'actions' at once, but it's so long since I've created my own forms. Then again, maybe it was a redirect after executing the UPDATE. I just don't remember, and anything I search for doesn't seem to produce results of something that worked. Hi, I am just looking for some input on how I could make this form processing script more secure. In fact extremely secure. Like the most secure server side filtering can get! Code: [Select] <?php // Mail header removal function remove_headers($string) { $headers = array( "/to\:/i", "/from\:/i", "/bcc\:/i", "/cc\:/i", "/Content\-Transfer\-Encoding\:/i", "/Content\-Type\:/i", "/Mime\-Version\:/i" ); if (preg_replace($headers, '', $string) == $string) { return $string; } else { die('Spam much?'); } } // Build the email $to = 'info@example.com'; $subject = "Secure contact form message from: $subject"; $message = "$name said: $message"; $headers = "From: $email"; // field validation if ($subject=="" || $message=="" || $name=="") { print ("All form fields are required. Please go back and try again."); } else { // email validation if(!eregi('^([._a-z0-9-]+[._a-z0-9-]*)@(([a-z0-9-]+\.)*([a-z0-9-]+)(\.[a-z]{2,3})?)$', $email)) { print ("Your email address does not appear to be valid. Please go back and try again."); exit; } // Send the mail mail($to, $subject, $message, $headers); // Redirect header('Location: ../submitted.php'); } ?> Having some issues getting this to work properly... I keep getting my own error message I know where it fails, but I can't seem to figure out why it fails. The test file I'm using is an MP3 file, which is why I'm here asking if anyone other than I can shed some experienced light on this :p Code: [Select] File Upload Failed! No File Exists!The file type or extension you are trying to upload is not allowed! You can only upload MP3 files to the server! My upload form looks like: <?php session_start(); define('PITCHFORK', true); if(!isset($_SESSION['USERS_AUTHENTICATED'])) { die("You must be logged in to do that"); } if(isset($_POST['upload'])) { include("config.php"); include("classes/class.media.upload.php"); $file = $_GET['file']; $upload = new Upload; $upload->doAudio($file); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>PITCHFORK Login</title> <link rel="stylesheet" href="style/login.css" type="text/css" media="all"> <meta name="robots" content="noindex,nofollow"> </head> <body> <div id="login"><h1><a title="A SpaazZ Industries Concept"></a></h1> <form name="loginform" id="loginform" action="<?php $_SERVER['PHP_SELF']; ?>" method="post"> <p> <label>File (one at a time for now)<br> <input name="file" id="user_login" class="input" size="20" tabindex="10" type="file" /> </label> </p> <p> </p> <?php if(isset($_SESSION['errMessage'])) { echo("<div id=\"login_error\"><strong>ERROR</strong>:<br />"); echo($_SESSION['errMessage']); unset($_SESSION['errMessage']); echo("</div>"); } ?> <p class="submit"> <input name="upload" id="submit" class="button-primary" value="Upload File" tabindex="100" type="submit"> </p> </form> </div> </body> </html> My Upload Class looks liks: <?php // TO DO : ERROR HANDLING // AJAX INTERFACING session_start(); define('PITCHFORK', true); class Upload { // The path to local (relivent to the user uploading - on their computer) file var $file; public function doAudio($file) { $target_path = $_SESSION['USERS_Media_Folder']."/"; // Set at login in class.users.php $flag = 0; // Safety net, if this gets to 1 at any point in the process, we don't upload. $filename = $_FILES[$file]['name']; $filesize = $_FILES[$file]['size']; $mimetype = $_FILES[$file]['type']; $filename = htmlentities($filename); $filesize = htmlentities($filesize); $mimetype = htmlentities($mimetype); $target_path = $target_path . basename( $filename ); if($filename != ""){ echo "Beginning upload process for file named: ".$filename."<br>"; echo "Filesize: ".$filesize."<br>"; echo "Type: ".$mimetype."<br><br>"; } //First generate a MD5 hash of what the new file name will be //Force a MP3 extention on the file we are uploading $hashedfilename = md5_file($filename); $hashedfilename = $hashedfilename.".mp3"; //Check for empty file if($filename == ""){ $_SESSION['errMessage'] .= "No File Exists!"; $flag = $flag + 1; } //Now we check that the file doesn't already exist. $existname = $target_path.$hashedfilename; if(file_exists($existname)) { if($flag == 0) { $_SESSION['errMessage'] .= "Your file already exists on the server! Please choose another file to upload or rename the file on your computer and try uploading it again!"; } $flag = $flag + 1; } //Whitelisted files - Only allow files with MP3 extention onto server... $whitelist = array(".mp3"); foreach ($whitelist as $ending) { if(substr($filename, -(strlen($ending))) != $ending) { $_SESSION['errMessage'] .= "The file type or extention you are trying to upload is not allowed! You can only upload MP3 files to the server!"; $flag++; } } //Now we check the filesize. If it is too big or too small then we reject it //MP3 files should be at least 1MB and no more than 6.5 MB if($filesize > 6920600) { //File is too large if($flag == 0) { $_SESSION['errMessage'] .= "The file you are trying to upload is too large! Your file can be up to 6.5 MB in size only. Please upload a smaller MP3 file or encode your file with a lower bitrate."; } $flag = $flag + 1; } if($filesize < 1048600) { //File is too small if($flag == 0) { $_SESSION['errMessage'] .= "The file you are trying to upload is too small! Your file has been marked as suspicious because our system has determined that it is too small to be a valid MP3 file. Valid MP3 files must be bigger than 1 MB and smaller than 6.5 MB."; } $flag = $flag + 1; } //Check the mimetype of the file if($mimetype != "audio/x-mp3" and $mimetype != "audio/mpeg") { if($flag == 0) { $_SESSION['errMessage'] .= "The file you are trying to upload does not contain expected data. Are you sure that the file is an MP3?"; } $flag = $flag + 1; } //Check that the file really is an MP3 file by reading the first few characters of the file $f = @fopen($_FILES[$file]['tmp_name'],'r'); $s = @fread($f,3); @fclose($f); if($s != "ID3") { if($flag == 0){ $_SESSION['errMessage'] .= "The file you are attempting to upload does not appear to be a valid MP3 file."; } $flag++; } //All checks are done, actually move the file... if($flag == 0) { if(move_uploaded_file($_FILES[$file]['tmp_name'], $target_path)) { //Change the filename to MD5 hash and FORCE a MP3 extention. if(@file_exists($target_path.$filename)) { //Rename the file to an MD5 version rename($target_path.$filename, $target_path.$hashedfilename); echo "The file ". basename( $filename ). " has been uploaded. Your file is <a href='$target_path$hashedfilename'>here</a>."; } else{ echo "There was an error uploading the file, please try again!"; } } else { echo "There was an error uploading the file, please try again!"; } } else { echo "File Upload Failed!<br>"; if($error != "") { echo $error; } } } // Close function doAudio } // Close Class audioUpload ?> Hi, I'm new to php and just trying to make sense of things by trying stuff. I'm trying to make a very rudimentary CMS where form values are added to a mysql database. One of the inputs in the form ($body) is a textarea. I've messed around with this but there's a glitch somewhere-when I press the submit button I just get a blank page (the page for the form processing script). My guess is there's something not right with the "safety measures" I'm taking: trim,stripslashes,etc. Any help would be appreciated Code: [Select] <?php session_start(); if(!isset($_POST['Submit'])){ header("Location: home_manage.php"); exit(); } else{ $headline=$_POST['headline']; $author=$_POST['author']; $body=$_POST['body']; $headline=trim($headline); $author=trim($author); $body=trim($body); $message=array(); if((strlen($headline)!=0)&&(strlen($author)!=0)&&(strlen($body)!=0)){ $time=time(); $date=date('Y-m-d H:i:s',$time); $headline=strip_tags($headline); $author=strip_tags($author); $body="<p>".$body."</p>"; $order=array("\r\n", "\n", "\r"); $replace='</p><p>'; $body=str_ireplace($order,$replace,$body); $body=strip_tags($body,'<p><br />'); if(get_magic_quotes_gpc()) { $headline=stripslashes($headline); $author=stripslashes($author); $body=stripslashes($body); } $headline=htmlentities(mysql_real_escape_string($headline)); $author=htmlentities(mysql_real_escape_string($author)); $body=htmlentities(mysql_real_escape_string($body)); require('storage.inc'); $link = mysql_connect($host,$user,$db_password); $db = mysql_select_db($post_database,$link); $query= "INSERT INTO entry (entry_date,entry_head,entry_author,entry_text) VALUES ('$date','$headline','$author','$body')"; mysql_query($query); $message[]="<p class='announce'><b>Post titled ".$headline." has been added to the database.</b></p>"; } else{ if(strlen($headline)<1){$message[]="<p class='announce'><b>You must include a headline for this post.</b></p>";} if(strlen($author)<1){$message[]="<p class='announce'><b>You must include an author name for this post.</b></p>";} if(strlen($body)<1){$message[]="<p class='announce'><b>You must include some body text for this post.</b></p>";} } $_SESSION['msg']['up_err']=implode($message); header("Location: home_manage.php"); exit(); } ?> Can someone give me some guidance of how to separate Form Display from Form Processing? I have always used forms that submitted back to themselves which isn't so bad, but then trying to cram in code to display the form, validation errors, and messages after the form is processed all in one file is insane?! Currently I am working on a simple "Add a Comment" form. It would be nice to have a separate form processing script, but I don't know where to begin... Debbie I have a html for that posts to a form processing script which is fully functional atm, in the processing script i have if statements, if the condition is met it updates tables in database, if there not met i echo a "not met" statment. problem is my form processing script just goes straight back to the index.php page using the following code; header('Location: index.php'); here is the form processing script: <?php session_start(); header('Location: index.php'); include "connect.php"; $id = $_SESSION['id']; $user = $_SESSION['user']; $ticketNumber = $_POST[ticketNumber]; //echo $_POST[ticketNumber]; $today = date('Y-m-d H:i:s', time() - 3600); // Query "Ticket" Table to check if user has purchased a "regular" ticket within the last 24 hours $query24hour = mysql_query("SELECT * FROM tickets WHERE username = '$user' AND HOUR(TIMEDIFF(NOW() , purchaseDate)) < 24;") or die(mysql_error()); // Query "promoTickets" table to grab information of previous tickets bought to the "promotional" auction and LIMIT tickets to 1 per user for "promotional" auctions. $querySold = mysql_query("SELECT * FROM promoTickets WHERE promoID='$_POST[promoID]' AND (ticketNumber='$ticketNumber' OR username = '$user');") or die(mysql_error()); //echo $querySold; $sold = mysql_fetch_assoc($querySold); //print_r($sold); //echo $sold; //echo query24hour; $querycount24hour = mysql_num_rows($query24hour); //echo $querycount24hour; //check if ticket is sold and if user has purchased a "regular" ticket within 24 hours if(empty($sold)!=FALSE and $querycount24hour >= 1){ //Checks users balance to see if they have enough for the ticket $queryBal = mysql_query("SELECT user_iskbalance FROM users WHERE username = '$user';") or die(mysql_error()); //echo $querySold; //echo $user; //echo $queryBal; $balArray = mysql_fetch_assoc($queryBal); $bal = $balArray[user_iskbalance]; $newBal = $bal-$_POST[ticketPrice]; //check if he has the money to buy the ticket if($bal>=$_POST[ticketPrice]){ //remove the money $queryBalRemoveal = mysql_query("UPDATE `users` SET `user_iskbalance`='$newBal' WHERE `username`='$user';") or die(mysql_error()); //buy ticket & insert data into "promoTickets" table $query = mysql_query("INSERT INTO promoTickets(promoID, username, charID, ticketNumber, ticketPrice, purchaseDate) VALUES ('$_POST[promoID]', '$user', '$id', '$_POST[ticketNumber]', '$_POST[ticketPrice]', '$today');") or die(mysql_error()); } else{ die("Insufficent balance. Please add more ISK") ; } } else{ die("Ticket has already been Sold or you have already bought a ticket to this promotion..!"); } ?> any way i can get the errors to be passed onto the index.php (with the form) and echo them there? as it stands errors arnt shown to the users and its confusing people I have this code <?php session_start(); $error = 0; $valError = ""; // Form Page Submit Security $domain_list = explode(',',""); $ip_limit = 0; $active = 1; $active_message = <<<EOT Sorry, this form is currently disabled. EOT; include_once 'security/secure_submit.php'; include_once 'lib/utility.php'; $_SESSION["entry_key"] = isset($_SESSION["entry_key"]) ? $_SESSION["entry_key"] : md5(time() + rand(10000, 1000000)); // cname - text if(isset($_POST['cname']) && $_POST['cname'] != '') { $cname = isset($_POST['cname']) ? $_POST['cname'] : ''; $_SESSION['cname'] = $cname; } else { $error = '1'; $valError .= 'Company Name : is required.<br/>'; } if(isset($_SESSION['cname_is'])) { $_SESSION['cname_is'] = 0; } $cname = isset($_SESSION['cname']) ? $_SESSION['cname'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['cname'] = $cname; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Company Name :'] = $cname; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['cname'] = "Company Name :"; // dname - text if(isset($_POST['dname']) && $_POST['dname'] != '') { $dname = isset($_POST['dname']) ? $_POST['dname'] : ''; $_SESSION['dname'] = $dname; } else { $error = '1'; $valError .= 'Domain Name : is required.<br/>'; } if(isset($_SESSION['dname_is'])) { $_SESSION['dname_is'] = 0; } $dname = isset($_SESSION['dname']) ? $_SESSION['dname'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['dname'] = $dname; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Domain Name :'] = $dname; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['dname'] = "Domain Name :"; // ipaddress - text if(isset($_POST['ipaddress']) && $_POST['ipaddress'] != '') { $ipaddress = isset($_POST['ipaddress']) ? $_POST['ipaddress'] : ''; $_SESSION['ipaddress'] = $ipaddress; } else { $error = '1'; $valError .= 'IP Address : is required.<br/>'; } if(isset($_SESSION['ipaddress_is'])) { $_SESSION['ipaddress_is'] = 0; } $ipaddress = isset($_SESSION['ipaddress']) ? $_SESSION['ipaddress'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['ipaddress'] = $ipaddress; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['IP Address :'] = $ipaddress; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ipaddress'] = "IP Address :"; // ns1 - text if(isset($_POST['ns1']) && $_POST['ns1'] != '') { $ns1 = isset($_POST['ns1']) ? $_POST['ns1'] : ''; $_SESSION['ns1'] = $ns1; } else { $error = '1'; $valError .= 'Name Server 1 : is required.<br/>'; } if(isset($_SESSION['ns1_is'])) { $_SESSION['ns1_is'] = 0; } $ns1 = isset($_SESSION['ns1']) ? $_SESSION['ns1'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['ns1'] = $ns1; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Name Server 1 :'] = $ns1; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ns1'] = "Name Server 1 :"; // ns2 - text if(isset($_POST['ns2']) && $_POST['ns2'] != '') { $ns2 = isset($_POST['ns2']) ? $_POST['ns2'] : ''; $_SESSION['ns2'] = $ns2; } else { $error = '1'; $valError .= 'Name Server 2 : is required.<br/>'; } if(isset($_SESSION['ns2_is'])) { $_SESSION['ns2_is'] = 0; } $ns2 = isset($_SESSION['ns2']) ? $_SESSION['ns2'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['ns2'] = $ns2; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Name Server 2 :'] = $ns2; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ns2'] = "Name Server 2 :"; // ftpserver - text if(isset($_POST['ftpserver']) && $_POST['ftpserver'] != '') { $ftpserver = isset($_POST['ftpserver']) ? $_POST['ftpserver'] : ''; $_SESSION['ftpserver'] = $ftpserver; } else { $error = '1'; $valError .= 'FTP Server Address : is required.<br/>'; } if(isset($_SESSION['ftpserver_is'])) { $_SESSION['ftpserver_is'] = 0; } $ftpserver = isset($_SESSION['ftpserver']) ? $_SESSION['ftpserver'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['ftpserver'] = $ftpserver; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['FTP Server Address :'] = $ftpserver; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ftpserver'] = "FTP Server Address :"; // ftpuname - text if(isset($_POST['ftpuname']) && $_POST['ftpuname'] != '') { $ftpuname = isset($_POST['ftpuname']) ? $_POST['ftpuname'] : ''; $_SESSION['ftpuname'] = $ftpuname; } else { $error = '1'; $valError .= 'FTP Username : is required.<br/>'; } if(isset($_SESSION['ftpuname_is'])) { $_SESSION['ftpuname_is'] = 0; } $ftpuname = isset($_SESSION['ftpuname']) ? $_SESSION['ftpuname'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['ftpuname'] = $ftpuname; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['FTP Username :'] = $ftpuname; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ftpuname'] = "FTP Username :"; // ftppword - text if(isset($_POST['ftppword']) && $_POST['ftppword'] != '') { $ftppword = isset($_POST['ftppword']) ? $_POST['ftppword'] : ''; $_SESSION['ftppword'] = $ftppword; } else { $error = '1'; $valError .= 'FTP Password : is required.<br/>'; } if(isset($_SESSION['ftppword_is'])) { $_SESSION['ftppword_is'] = 0; } $ftppword = isset($_SESSION['ftppword']) ? $_SESSION['ftppword'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['ftppword'] = $ftppword; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['FTP Password :'] = $ftppword; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ftppword'] = "FTP Password :"; // pop - text if(isset($_POST['pop']) && $_POST['pop'] != '') { $pop = isset($_POST['pop']) ? $_POST['pop'] : ''; $_SESSION['pop'] = $pop; } else { $error = '1'; $valError .= 'POP : is required.<br/>'; } if(isset($_SESSION['pop_is'])) { $_SESSION['pop_is'] = 0; } $pop = isset($_SESSION['pop']) ? $_SESSION['pop'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['pop'] = $pop; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['POP :'] = $pop; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['pop'] = "POP :"; // smtp - text if(isset($_POST['smtp']) && $_POST['smtp'] != '') { $smtp = isset($_POST['smtp']) ? $_POST['smtp'] : ''; $_SESSION['smtp'] = $smtp; } else { $error = '1'; $valError .= 'SMTP : is required.<br/>'; } if(isset($_SESSION['smtp_is'])) { $_SESSION['smtp_is'] = 0; } $smtp = isset($_SESSION['smtp']) ? $_SESSION['smtp'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['smtp'] = $smtp; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['SMTP :'] = $smtp; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['smtp'] = "SMTP :"; // webmailaddy - text if(isset($_POST['webmailaddy']) && $_POST['webmailaddy'] != '') { $webmailaddy = isset($_POST['webmailaddy']) ? $_POST['webmailaddy'] : ''; $_SESSION['webmailaddy'] = $webmailaddy; } else { $error = '1'; $valError .= 'Webmail Address : is required.<br/>'; } if(isset($_SESSION['webmailaddy_is'])) { $_SESSION['webmailaddy_is'] = 0; } $webmailaddy = isset($_SESSION['webmailaddy']) ? $_SESSION['webmailaddy'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['webmailaddy'] = $webmailaddy; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Webmail Address :'] = $webmailaddy; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['webmailaddy'] = "Webmail Address :"; // adiskspace - text if(isset($_POST['adiskspace']) && $_POST['adiskspace'] != '') { $adiskspace = isset($_POST['adiskspace']) ? $_POST['adiskspace'] : ''; $_SESSION['adiskspace'] = $adiskspace; } else { $error = '1'; $valError .= 'Allocated Disk Space : is required.<br/>'; } if(isset($_SESSION['adiskspace_is'])) { $_SESSION['adiskspace_is'] = 0; } $adiskspace = isset($_SESSION['adiskspace']) ? $_SESSION['adiskspace'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['adiskspace'] = $adiskspace; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Allocated Disk Space :'] = $adiskspace; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['adiskspace'] = "Allocated Disk Space :"; // ambw - text if(isset($_POST['ambw']) && $_POST['ambw'] != '') { $ambw = isset($_POST['ambw']) ? $_POST['ambw'] : ''; $_SESSION['ambw'] = $ambw; } else { $error = '1'; $valError .= 'Allocated Monthly Bandwidth : is required.<br/>'; } if(isset($_SESSION['ambw_is'])) { $_SESSION['ambw_is'] = 0; } $ambw = isset($_SESSION['ambw']) ? $_SESSION['ambw'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['ambw'] = $ambw; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Allocated Monthly Bandwidth :'] = $ambw; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['ambw'] = "Allocated Monthly Bandwidth :"; // amboxes - text if(isset($_POST['amboxes']) && $_POST['amboxes'] != '') { $amboxes = isset($_POST['amboxes']) ? $_POST['amboxes'] : ''; $_SESSION['amboxes'] = $amboxes; } else { $error = '1'; $valError .= 'Allocated MailBoxes : is required.<br/>'; } if(isset($_SESSION['amboxes_is'])) { $_SESSION['amboxes_is'] = 0; } $amboxes = isset($_SESSION['amboxes']) ? $_SESSION['amboxes'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['amboxes'] = $amboxes; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Allocated MailBoxes :'] = $amboxes; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['amboxes'] = "Allocated MailBoxes :"; // amboxquota - text if(isset($_POST['amboxquota']) && $_POST['amboxquota'] != '') { $amboxquota = isset($_POST['amboxquota']) ? $_POST['amboxquota'] : ''; $_SESSION['amboxquota'] = $amboxquota; } else { $error = '1'; $valError .= 'Allocated MailBox Quoted : is required.<br/>'; } if(isset($_SESSION['amboxquota_is'])) { $_SESSION['amboxquota_is'] = 0; } $amboxquota = isset($_SESSION['amboxquota']) ? $_SESSION['amboxquota'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['amboxquota'] = $amboxquota; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Allocated MailBox Quoted :'] = $amboxquota; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['amboxquota'] = "Allocated MailBox Quoted :"; // adbase - text if(isset($_POST['adbase']) && $_POST['adbase'] != '') { $adbase = isset($_POST['adbase']) ? $_POST['adbase'] : ''; $_SESSION['adbase'] = $adbase; } else { $error = '1'; $valError .= 'Allocated Databases : is required.<br/>'; } if(isset($_SESSION['adbase_is'])) { $_SESSION['adbase_is'] = 0; } $adbase = isset($_SESSION['adbase']) ? $_SESSION['adbase'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['adbase'] = $adbase; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Allocated Databases :'] = $adbase; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['adbase'] = "Allocated Databases :"; // exp - text if(isset($_POST['exp']) && $_POST['exp'] != '') { $exp = isset($_POST['exp']) ? $_POST['exp'] : ''; $_SESSION['exp'] = $exp; } else { $error = '1'; $valError .= 'Expires On : is required.<br/>'; } if(isset($_SESSION['exp_is'])) { $_SESSION['exp_is'] = 0; } $exp = isset($_SESSION['exp']) ? $_SESSION['exp'] : ''; $_SESSION['qs']["{$_SESSION['entry_key']}"]['exp'] = $exp; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['Expires On :'] = $exp; $_SESSION['qs-label']["{$_SESSION['entry_key']}"]['exp'] = "Expires On :"; if($error){ if(isset($_SESSION['pages']['page5.php'])) { unset($_SESSION['pages']['page5.php']); } $_SESSION["e_message"] = $valError; header("Location: index.php?section-hostingedit"); } else { $_SESSION['pages']['page5.php'] = 'pass'; // custom route code //DATABASE INTERACTION //Setup database connection $dbserver = "localhost"; $dbuname = "vri_dev"; $dbpword = "emit098nice054" //Connect to DB Server $con = mysql_connect($dbserver, $dbuname, $dbpword); if(!$con){ die('Could not connect to the database server :' . mysql_error()); echo"1"; }else{ echo"1.2"; //Select Database mysql_select_db("vri_inkcontrol", $con); //Get idcname $q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$_POST['cname']' AND dname='$_POST['dname']'"; $r = mysql_query($q); //Put idcname query into an array $r_array = mysql_fetch_assoc($r); //Store idcname result from previouse query $idcname = $r_array['idcname']; //trap duplicate records //If the number of rows returned by above query is not greater then we if(mysql_num_rows($r) == 0){ echo"2"; //Insert idcname in `tbl_hosting_cname` since id doesn't exist $q = "INSERT INTO `tbl_hosting_cname` SET cname='$_POST['cname']"; mysql_query($q); //grab the cname id in `tbl_hosting_cname` $q = "SELECT idcname FROM `tbl_hosting_cname WHERE cname='$_POST['cname']'"; $r = mysql_query($q); //now we must grab the id cname from array $q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$_POST['cname']'"; $r = mysql_query($q); $row = mysql_fetch_assoc($r); $idcname = $row['idcname']; $r = mysql_query("SELECT * FROM `tbl_hosting_domain` WHERE cname='$idcname' AND dname='$_POST['dname']'"); if(mysql_num_rows($r) !== 1){ echo"3"; $q = "INSERT INTO `tbl_hosting_domain` (idcname, dname, ip, ns1, ns2, ftpaddress, ftpuname, ftppword, pop, smtp, webmailaddress, diskspace, bandwidth, nummailboxes, mailboxquota, numdatabases, exp) VALUES ('$idcname', '$_POST['dname']', '$_POST['ip']', '$_POST['ns1']', '$_POST['ns2']', '$_POST['ftpserver']', '$_POST['ftpuname']', '$_POST['ftppword']', '$_POST['pop']', '$_POST['smtp']', '$_POST['webmailaddy']', '$_POST['adiskspace']', '$_POST['ambw']', '$_POST['amboxes']', '$_POST['amboxesquota']', '$_POST['adbases']', '$_POST['exp']')"; mysql_query($q); $route = "Location: index.php?section=newaddyes"; }elseif(mysql_num_rows($r) == 1){ echo"3.2"; $q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$_POST['cname']'"; $r = mysql_query($q); $row = mysql_fetch_assoc($r); $idcname = $row['idcname']; $q = "UPDATE `tbl_hosting_domain` SET ( ip = '$_POST['ip']', ns1 = '$_POST['ns1']', ns2 = '$_POST['ns2']', ftpaddress = '$_POST['ftpserver']', ftpuname = '$_POST['ftpuname']', ftppword = '$_POST['ftppword']', pop = '$_POST['pop']', smtp = '$_POST['smtp']', webmailaddress = '$_POST['webmailaddy']', diskspace = '$_POST['adiskspace']', bandwidth = '$_POST['ambw']', nummailboxes = '$_POST['amboxes']', mailboxquota = '$_POST['amboxesquota']', numdatabases = '$_POST['adbases']', exp = '$_POST['exp']' WHERE cname='$idcname'"; $route = "Location: index.php?section=newaddyes"; }else{ echo"lsr1" $route = "Location: index.php?section=newaddno"; } // conditional route code // default action header($route); } ?> the code that will not run is // custom route code //DATABASE INTERACTION //Setup database connection $dbserver = "localhost"; $dbuname = "vri_dev"; $dbpword = "emit098nice054" //Connect to DB Server $con = mysql_connect($dbserver, $dbuname, $dbpword); if(!$con){ die('Could not connect to the database server :' . mysql_error()); echo"1"; }else{ echo"1.2"; //Select Database mysql_select_db("vri_inkcontrol", $con); //Get idcname $q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$_POST['cname']' AND dname='$_POST['dname']'"; $r = mysql_query($q); //Put idcname query into an array $r_array = mysql_fetch_assoc($r); //Store idcname result from previouse query $idcname = $r_array['idcname']; //trap duplicate records //If the number of rows returned by above query is not greater then we if(mysql_num_rows($r) == 0){ echo"2"; //Insert idcname in `tbl_hosting_cname` since id doesn't exist $q = "INSERT INTO `tbl_hosting_cname` SET cname='$_POST['cname']"; mysql_query($q); //grab the cname id in `tbl_hosting_cname` $q = "SELECT idcname FROM `tbl_hosting_cname WHERE cname='$_POST['cname']'"; $r = mysql_query($q); //now we must grab the id cname from array $q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$_POST['cname']'"; $r = mysql_query($q); $row = mysql_fetch_assoc($r); $idcname = $row['idcname']; $r = mysql_query("SELECT * FROM `tbl_hosting_domain` WHERE cname='$idcname' AND dname='$_POST['dname']'"); if(mysql_num_rows($r) !== 1){ echo"3"; $q = "INSERT INTO `tbl_hosting_domain` (idcname, dname, ip, ns1, ns2, ftpaddress, ftpuname, ftppword, pop, smtp, webmailaddress, diskspace, bandwidth, nummailboxes, mailboxquota, numdatabases, exp) VALUES ('$idcname', '$_POST['dname']', '$_POST['ip']', '$_POST['ns1']', '$_POST['ns2']', '$_POST['ftpserver']', '$_POST['ftpuname']', '$_POST['ftppword']', '$_POST['pop']', '$_POST['smtp']', '$_POST['webmailaddy']', '$_POST['adiskspace']', '$_POST['ambw']', '$_POST['amboxes']', '$_POST['amboxesquota']', '$_POST['adbases']', '$_POST['exp']')"; mysql_query($q); $route = "Location: index.php?section=newaddyes"; }elseif(mysql_num_rows($r) == 1){ echo"3.2"; $q = "SELECT idcname FROM `tbl_hosting_cname` WHERE cname='$_POST['cname']'"; $r = mysql_query($q); $row = mysql_fetch_assoc($r); $idcname = $row['idcname']; $q = "UPDATE `tbl_hosting_domain` SET ( ip = '$_POST['ip']', ns1 = '$_POST['ns1']', ns2 = '$_POST['ns2']', ftpaddress = '$_POST['ftpserver']', ftpuname = '$_POST['ftpuname']', ftppword = '$_POST['ftppword']', pop = '$_POST['pop']', smtp = '$_POST['smtp']', webmailaddress = '$_POST['webmailaddy']', diskspace = '$_POST['adiskspace']', bandwidth = '$_POST['ambw']', nummailboxes = '$_POST['amboxes']', mailboxquota = '$_POST['amboxesquota']', numdatabases = '$_POST['adbases']', exp = '$_POST['exp']' WHERE cname='$idcname'"; $route = "Location: index.php?section=newaddyes"; }else{ echo"lsr1" $route = "Location: index.php?section=newaddno"; } If everything on the form passes it should process the data into the database. However it is not. I placed echo statements to see where it was getting to in the database interaction portion of the code but no dice. Any help is apreciated, thanks in advance. Say I have an "Entries" table. I want to submit same multiple entries using a form submission. And If I have other queries submitted in the same form, I want those quarries to be submitted only once. Is that possible to do? Here's my code.
if(isset($_POST['submit'])) {
$entries = 10;
$id = 55;
$name = 'Smith';
$insert = $db->prepare("INSERT INTO entries(id, name) VALUES(:id, :name)");
$insert->bindParam(':id', $id);
$insert->bindParam(':name', $name);
$result_insert = $insert->execute();
if($result_insert == false) {
echo 'Fail';
} else {
echo 'Success';
}
}
?>
<form action="" method="post">
<input type="submit" name="submit" value="SUBMIT" />
</form>
Edited January 13, 2019 by imgrooot Hi. Pretty straight forward I guess but as the name suggests am a newbie. I have a form that requires the user to enter certain parameters. If the values are blank it submits to itself and loads the error messages. What I want to do is create PHP code that submits the form to a different url. What I thought was create two forms (the second with hidden fields replicating the first form), each form having a different url in the action"" code. What I cant work out is the PHP IF ELSE code to submit form 2 if Form1 is is validated correctly. This is the PHP code relevant to the form validation. Help? <?php //If form was submitted if ($_POST['submitted']==1) { $errormsg = ""; //Initialize errors if ($_POST[width]){ $title = $_POST[width]; //If title was entered } else{ $errormsg = "Please enter width"; } if ($_POST[drop]){ $textentry = $_POST[drop]; //If comment was entered } else{ if ($errormsg){ //If there is already an error, add next error $errormsg = $errormsg . " & content"; }else{ $errormsg = "Please enter drop"; } } } if ($errormsg){ //If any errors display them echo "<div class=\"box red\">$errormsg</div>"; } //If all fields present if ($title && $textentry){ //Do something echo 'THIS IS WHERE I WANT THE CODE TO SUBMIT FORM 2 or SUBMIT FORM 1 TO A DIFFERENT URL'; } ?> Hello I code by hand (HTML & CF -14 years now), and some of my customers want the ability to do updates to their sites themselves using Adobe Contribute, and I can build any app they need that Contribute can't handle in CF if they host on my server - however, in this particular case, the site is hosted by GoDaddy which is no longer supporting CF. The site is PHP-enabled, and the client was using WordPress to update his entire site. Because of the blogging-centric features of Wordpress, a user can enter a "headline" then an associated story (commentary) - publish, and the headline ends up on one page linked to the page where the headline and story live. So, I need a simple form handler written in PHP that allows the client to enter his "headline" (which is a hard-coded link to the "rest of the story" page), the headline showing up above the story content (using a second form field) - not necessarily targeting <a href="#end-up-here"> - just simply land on the page where the content gets dynamically displayed. Thanks in advance for your patience and be kind---- I have never written a line of PHP- just thousands of lines of CF..... Norman Hello, first time poster.. I've looked the web over for a long time and can't figure this one out. - Below is basic code that successfully checks MySQL for a match and displays result. I was debugging and forced the "height" and "width" to be 24 and 36 to make sure that wasn't the problem. That's good.. - I'd like to give the user ability to select width and height from a form.. and have it do an onchange this.form.submit so the form can be changing as fields are altered (thus the onchange interaction) - In a normal coding environment I've done this numerous times with no "Page cannot be displayed" problems. It would simply change one select-option value at a time til they get down the form and click submit... but in WordPress I'm having trouble making even ONE single onchange work! - I've implemented the plugins they offer which allows you to "copy+paste" your php code directly into their wysiwyg editor. That works with basic tests like my first bullet point above. - I've copied and pasted the wordpress url (including the little ?page_id=123) into the form "action" url... that didn't work... tried forcing it into an <option value=""> tag.. didn't work. I'm just not sure. I've obviously put xx's in place of private info.. Why does this form give me Page Cannot Be Displayed in WordPress every time? It won't do anything no matter how simple.. using onchange.. Code.. $con = mysql_connect("xxxx.xxxxxxx.com","xxxxxx","xxxxx"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("xxxxxx", $con); $myprodwidth=24; $myprodheight=36; $result = mysql_query("SELECT * FROM product_sizes WHERE prodwidth='$myprodwidth' and prodheight='$myprodheight'"); while($row = mysql_fetch_array($result)) { echo $row['prodprice']; } mysql_close($con); <form method="post" action=""> <select name="myheight" onchange="this.form.submit();"> <option selected="selected" value="">select height</option> <option value="xxxxxxxxx.com/wordpress/?page_id=199&height=36">36</option> <option value="xxxxxxxxx.com/wordpress/?page_id=199&height=36">48</option> </select> Hi all, What I am trying to achieve is, I thought quite simple! Basically, a user signs up and chooses a package, form is submitted, details added to the database, email sent to customer, then I want to direct them to a paypal payment screen, this is where I am having issues! Is their any way in php to submit a form without user interaction? Here is my code for the form process page Code: [Select] <?php include('config.php'); require('scripts/class.phpmailer.php'); $package = $_POST['select1']; $name = $_POST['name']; $email = $_POST['email']; $password = md5($_POST['password']); $domain = $_POST['domain']; $a_username = $_POST['a_username']; $a_password = $_POST['a_password']; $query=mysql_query("INSERT INTO orders (package, name, email, password, domain, a_username, a_password) VALUES ('$package', '$name', '$email', '$password', '$domain', '$a_username', '$a_password')"); if (!$query) { echo "fail<br>"; echo mysql_error(); } else { $id = mysql_insert_id(); $query1=mysql_query("INSERT INTO customers (id, name, email, password) values ('$id', '$name', '$email', '$password')"); if (!$query1) { echo "fail<br>"; echo mysql_error(); } if($package=="Reseller Hosting") { //email stuff here - all works - just cutting it to keep the code short if(!$mail->Send()) { echo "Message could not be sent. <p>"; echo "Mailer Error: " . $mail->ErrorInfo; exit; } ?> <form name="_xclick" action="https://www.paypal.com/cgi-bin/webscr" method="post"> <input type="hidden" name="cmd" value="_xclick-subscriptions"> <input type="hidden" name="business" value="subscription@jollyhosting.com"> <input type="hidden" name="currency_code" value="USD"> <input type="hidden" name="item_name" value="Jolly Hosting Reseller Packages"> <input type="hidden" name="no_shipping" value="1"> <!--1st month --> <input type="hidden" name="currency_code" value="USD"> <input type="hidden" name="a3" value="3.00"> <input type="hidden" name="p3" value="1"> <input type="hidden" name="t3" value="M"> <input type="hidden" name="src" value="1"> <input type="hidden" name="sra" value="1"> </form>'; <?php } //last } //end ?> Hi- the code below lets me upload a CSV file to my database if I have 1 field in my database and 1 column in my CSV. I need to add to my db "player_id" from the CVS file and "event_name" and "event_type" from the form... any ideas??? here's the code: Code: [Select] <?php $hoststring =""; $database = ""; $username = ""; $password = ""; $makeconnection = mysql_pconnect($hoststring, $username, $password); ?> <?php ob_start(); mysql_select_db($database, $makeconnection); $sql_get_players=" SELECT * FROM tabel ORDER BY player_id ASC"; // $get_players = mysql_query($sql_get_players, $makeconnection) or die(mysql_error()); $row_get_players = mysql_fetch_assoc($get_players); // $message = null; $allowed_extensions = array('csv'); $upload_path = '.'; //same directory if (!empty($_FILES['file'])) { if ($_FILES['file']['error'] == 0) { // check extension $file = explode(".", $_FILES['file']['name']); $extension = array_pop($file); if (in_array($extension, $allowed_extensions)) { if (move_uploaded_file($_FILES['file']['tmp_name'], $upload_path.'/'.$_FILES['file']['name'])) { if (($handle = fopen($upload_path.'/'.$_FILES['file']['name'], "r")) !== false) { $keys = array(); $out = array(); $insert = array(); $line = 1; while (($row = fgetcsv($handle, 0, ',', '"')) !== FALSE) { foreach($row as $key => $value) { if ($line === 1) { $keys[$key] = $value; } else { $out[$line][$key] = $value; } } $line++; } fclose($handle); if (!empty($keys) && !empty($out)) { $db = new PDO( 'mysql:host=host;dbname=db', 'user', 'pw'); $db->exec("SET CHARACTER SET utf8"); foreach($out as $key => $value) { $sql = "INSERT INTO `table` (`"; $sql .= implode("`player_id`", $keys); $sql .= "`) VALUES ("; $sql .= implode(", ", array_fill(0, count($keys), "?")); $sql .= ")"; $statement = $db->prepare($sql); $statement->execute($value); } $message = '<span>File has been uploaded successfully</span>'; } } } } else { $message = '<span>Only .csv file format is allowed</span>'; } } else { $message = '<span>There was a problem with your file</span>'; } } ob_flush();?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <title>CSV File Upload</title> </head> <body> <form class="form" action="" method="post" enctype="multipart/form-data"> <h3>Select Your File</h3> <p><?php echo $message; ?></p> <input type="file" name="file" id="file" size="30" /> <br/> <label>Event Name:</label><input name="event_name" type="text" value="" /> <br/> <label>Event Type:</label><input name="event_type" type="text" value="" /> <br/> <input type="submit" id="btn" class="button" value="Submit" /> </form> <br/> <h3>Results:</h3> <?php do { ?> <p><?php echo $row_get_players['player_id'];?></p> <?php } while ($row_get_players = mysql_fetch_assoc($get_players)); ?> </body> </html> Can anybody see as to why, if any, this form takes forever to execute? Code: [Select] <?php if(isset($_POST['submitted'])){ $z = $_POST['zipcode']; $r = $_POST['radius']; $sql = mysql_query("SELECT DISTINCT m.LocAddZip, m.MktName,m.LocAddSt,m.LocAddCity,m.LocAddState,m.x1,m.y1,z1.lat,z2.long FROM mrk m, zip z1, zip z2 WHERE m.LocAddZip = z1.zipcode AND z2.zipcode = $z AND ( 3963 * acos( truncate( sin( z2.lat / 57.2958 ) * sin( z1.lat / 57.2958 ) + cos( z2.lat / 57.2958 ) * cos( z1.lat / 57.2958 ) * cos( z1.long / 57.2958 - z2.long / 57.2958 ) , 8 ) ) ) <= $r ") or die(mysql_error()); while($row = mysql_fetch_array( $sql )) { $store = $row['MktName']."<br />"; $store .= $row['LocAddSt']."<br />"; $store .= $row['LocAddCity'].", ".$row['LocAddState']." ".$row['LocAddZip']; $lat1 = $row['lat']; $lon1 = $row['long']; $lat2 = $row['y1']; $lon2 = $row['x1']; $dis = distance($lat1, $lon1, $lat2, $lon2); echo "<p>".$store."</p>"; echo ceil($dis) . " mile(s) away"; echo "<hr/>"; } } ?> I get a timeout error sometimes, and sometimes I don't. Is it the form, or would it be on the server? Thanks in advance I can't submit php form using IE 8. This works fine on Firefox very well. I tried following code but none of them is working. 1. <button type="submit">Submit</button> 2. <input type="submit" value="Submit" name="submit"> I would appreciate if any one help me in this. Code: [Select] <?php if (isset($_POST['checking'])) { echo $_POST['checking']; } if (isset($_POST['test'])) { echo $_POST['test']; } ?> <form id="testform2" action="testform.php" method="post"> <select name="checking" onchange="this.form.submit()"><option value="5">5</option><option value="6">6</option></select> <input type="text" name"test" id="test"> <a href="#" onclick="this.form.submit()">submit it!</a> </form> It works when I try to submit by selecting a new value from the dropdown box but when I try to click the link it won't display the text field value. That is a test case for a problem I m having in one of my codes. Hi, I want to submit a form using ajax ans jquery with two fields input text and file. Code: [Select] <script> $(document).ready( function() { $('#basicinfofrm').ajaxForm(function() { url: ''+PN+'.php', type:'POST', data:'action=yes&'+frmFeilds, success: function(html) { alert(html); } }).submit(); </script> <form action='' method='post'> <label>name</label> <input type='text' name='txtname' /> <input type='file' name = 'txtfile' /> <input type='submit' value='save' /> </form> but is is not working... can anyone tell me how to? i don't want to refresh my page Thanks |
|||||||