|
PHP - Checking Input
So basically I have a site, and on that site, I have a page that submits a form and updates a database. I have it set up so that someone can enter in Multiple values into a textarea, one on each line, and it will submit each of those values as a new row in the database, but for the life of me, I cannot figure out how to check those values against the actual users.
It is basically a point system, where the staff can award points users of the site. But at the moment, a Staff member could enter in Jibberish, and it would insert that into the database, but I want it to check my users table to make sure the user exists before it inserts it into the database. here is my code: <?php include 'global.php'; echo $headersidebar; if ($_COOKIE['access'] == $accessstaff) { if(count($_POST)) { $array = preg_split('/(\r?\n)+/', $_POST['studentname']); foreach($array as $students) { $statusmsg = '<center><span style="background: #A6FF9E;">You have successfully submitted points to the database.</span></center>'; mysql_query("INSERT INTO points (giver, receiver, points, category, reason, date, status) VALUES ('{$_COOKIE['username']}', '{$students}', '{$_POST['pointamt']}', '{$_POST['pointcat']}', '{$_POST['pointreason']}', '{$date}', 'Validating')"); } } $addpointspage = $statusmsg . ' <form action="submit_points.php" method="post"> <table class="table" > <tr> <td colspan="10"> <h1><strong><center>Submit Points</center></strong></h1> </td> </tr> <tr> <td colspan="10" rowspan="100"> <center>Please remember to follow the house point limits when submitting house points.</center> </td> </tr> </table> <table class="table"> <tr> <td style="width: 15%;" valign="top"> Student Name:<br> <span style="font-size: 60%;">(List as many as you want; One per Line)</span> </td> <td colspan="10"> <center><textarea name="studentname" cols="60" rows="10"></textarea></center> </td> </tr> <tr> <td style="width: 15%;" valign="top"> Amount of Points: </td> <td> <input style="position: relative; left: 16px;" type="text" size="15" name="pointamt" /> </td> <td> Do not put anything that is not a number into this box. </td> </tr> <tr> <td style="width: 15%;" valign="top"> Point Category: </td> <td colspan="10"> <select name="pointcat" style="position: relative; left: 16px;"> <option SELECTED value="">-------</option> <option>Class Work</option> <option>Class Exam</option> <option>Extra Work</option> <option>Contests</option> <option>Teacher\'s Assistant</option> <option>Negative Points</option> </select> </td> </tr> <tr> <td style="width: 15%;" valign="top"> Reason: </td> <td colspan="10"> <input style="position: relative; left: 16px;" name="pointreason" type="text" size="80" /> </td> </tr> <tr> <td> </td> <td colspan="10"> <input style="position: relative; left: 16px;" type="submit" value="Submit Points" /> </td> </tr> </table </form> '; } elseif (1==1) { $addpointspage = $accessdenied; } echo ' <!-- start content --> <div id="content"> <div class="post"> <div class="entry"> <p><strong>' . $addpointspage . '</p> <p class="links">' . $addpointslink . '</p> </div> </div> </div> <!-- end content --> <div style="clear: both;"> </div> </div> <!-- end page --> </div>'; echo $footer; ?> I am fairly new to PHP, so I would appreciate any help someone could give me; I am not too good with arrays and such, so this one has got me stumped. Similar TutorialsHi Guys, This should be a simple one. I am looking for the best way to ensure that any illegal characters are removed from an input. I have a user registration form and login page. What I want to do is prevent against sql injection and therefore should be limiting the characters that can be entered. For example I want a username to include only letters and numbers so I ideally want to strip out any white space, illegal characters such as " ' ( ) etc... My issue with this is with the password, I would ideally like the user to be able to put as complex a password as they would like, so how would i prevent against illegal characters in this instance?? Cheers Hey guys and gals! This is my first post here and needing a bit of help with my php code! So here is the deal, i have 3 tables in ms sql 2000 which i will be using on this project. i have an employee table that has the regular information such as: TABLE employee( uniqueid, employee_number, lastname, firstname, dob, address, city, state, zip ) TABLE employee_docs( uniqueid, employee_number, doc_type int, date_received, date_issued, date_expired ) TABLE doc_type(uniqueid, description, valid_month) so basically from the employee_doc table, the doc_type column is an int and will have the description of the document as well as valid month column which will tell you how long the document type is valid until. the Description gives a brief description of what the product is. The uniqueid is used as what ever number is chose from the employee_docs table will represent the document type from table doc_type. ok so now that i gave a brief explanation of the tables i am working with, I can tell you what i need. i need a php page that will display: employee number, lastname, firstname, doc_type, date_received, date_issued, date_expired. Code: [Select] select pn.empnum as employeeid, (pn.lastname + ', ' + pn.firstname)as [Full Name], dt.description as doc_type, formatDate(pd.received) as [Date Received], formatDate(pd.expired)as [Date Expired], formatDate(pd.issued) as [Date In Service] from personnel_document pd left join document_types dt on (dt.uniqueid = pd.doc_type) left join personnel pn on (pd.empnum = pn.empnum) where pd.empnum = '$EmpNum' now, I went ahead and did this for the html part: Code: [Select] <table border=0> <tr> <td height=20px weight=1px valign=bottom><span class=underline>DESCRIPTION</span></td> <td height=20px weight=1px valign=bottom><span class=underline>DATE RECEIVED</span></td> <td height=20px weight=1px valign=bottom><span class=underline>LICENSE NUMBER</span></td> <td height=20px weight=1px valign=bottom><span class=underline>DATE IN SERVICE</span></td> <td height=20px weight=1px valign=bottom><span class=underline>DATE EXPIRED</span></td> </tr> <tr> </tr> <tr> <td height=20px valign=bottom><span class=label_text>PHYSICAL EXAM</span></td> <td valign=top><input class=demog_box type=text size=10 name= phexam_dr id=phexam_dr onBlur= 'formatDate(this)' value='<?php echo $phexam_dr; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name= phexam_ln id=phexam_ln onBlur='formatDate(this)' value='<?php echo $phexam_ln; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name= phexam_is id=phexam_is onBlur= 'formatDate(this)' value='<?php echo $phexam_is; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name= phexam_ex id=phexam_ex onBlur='formatDate(this)' value='<?php echo $phexam_ex; ?>'> </td> </tr> <tr> </tr> <tr> <td height=20px valign=bottom><span class=label_text>PROFESSIONAL LICENSE</span></td> <td valign=top><input class=demog_box type=text size=10 name= prolic_dr id=prolic_dr onBlur='formatDate(this)' value='<?php echo $prolic_dr; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name= prolic_ln id=prolic_ln onBlur='formatDate(this)' value='<?php echo $prolic_ln; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name= prolic_is id=prolic_is onBlur='formatDate(this)' value='<?php echo $prolic_is; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name= prolic_ex id=prolic_ex onBlur='formatDate(this)' value='<?php echo $prolic_ex; ?>'> </td> </tr> <tr> </tr> <tr> <td height=20px valign=bottom><span class=label_text>PROFESSIONAL INSURANCE</span></td> <td valign=top><input class=demog_box type=text size=10 name= proins_dr id=proins_dr onBlur='formatDate(this)' value='<?php echo $proins_dr; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name= proins_ln id=proins_ln onBlur='formatDate(this)' value='<?php echo $proins_ln; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name= proins_is id=proins_is onBlur='formatDate(this)' value='<?php echo $proins_is; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name= proins_ex id=proins_ex onBlur='formatDate(this)' value='<?php echo $proins_ex; ?>'> </td> </tr> <tr> </tr> <tr> <td height=20px valign=bottom><span class=label_text>DRIVER'S LICENSE</span></td> <td valign=top><input class=demog_box type=text size=10 name=dl_dr id=dl_dr onBlur='formatDate(this)' value='<?php echo $dl_dr; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name=dl_ln id=dl_ln onBlur='formatDate(this)' value='<?php echo $dl_ln; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name=dl_is id=dl_is onBlur='formatDate(this)' value='<?php echo $dl_is; ?>'> </td> <td valign=top><input class=demog_box type=text size=10 name=dl_ex id=dl_ex onBlur='formatDate(this)' value='<?php echo $dl_ex; ?>'> </td> </tr> <tr> </tr> <tr> </table> I am now doing the the sql statement to insert into my db but i am stuck. i basically want to get the information that the user enters for each field and save it on the employees profile. $querydoc = "update personnel_document set empnum = '$EmpNum' , doc_type = ???, date_received = ????, date_expired = ????, date issued = ??? where empnum = '$EmpNum' "; The problem is that since each description has a different variable im not sure how to update it.... would I have to create a new update for each description? also I hard coded the name of each description but i believe it is better if i echo the description name from the db as i cant use taht as the doc_type... i am pretty confused, if anyone has a better way of doing this i would really appreciate it! eventually i also want to make sure that the description is expired to to with the fields I have there and promp the user of something that is expired. Once again, any help given is much appreciated!!! Set up: * XAMPP 1.7.3 * Apache 2.2.14 (IPv6 enabled) + OpenSSL 0.9.8l * MySQL 5.1.41 + PBXT engine * PHP 5.3.1 * phpMyAdmin 3.2.4 * Perl 5.10.1 * FileZilla FTP Server 0.9.33 * Mercury Mail Transport System 4.72 I'm trying to set up a multipage registration script. It's tuff! I've set up some basic scripts to distribute variables into the correct tables from previous forms using a session. But I want the script to check the input from form one is valid before it moves on to form 2. Here are my scripts: form 1: <html> <head> <title>Register</title> <style type="text/css"> td { vertical-align: top; } </style> </head> <body> <form action="form2.php" method="post"> <table> <tr> <td><label for="name">Username:</label></td> <td><input type="text" name="name" id="name" size="20" maxlength="20" value=""/></td> </tr><tr> <td><label for="password">Password:</label></td> <td><input type="password" name="password" id="password" size="20" maxlength="20" value=""/></td> </tr><tr> <td><label for="first_name">First name:</label></td> <td><input type="text" name="first_name" id="first_name" size="20" maxlength="20" value=""/></td> </tr><tr> <td><label for="last_name">Last name:</label></td> <td><input type="text" name="last_name" id="last_name" size="20" maxlength="20" value=""/></td> </tr><tr> <td><label for="email">Email:</label></td> <td><input type="text" name="email" id="email" size="20" maxlength="50" value=""/></td> </tr><tr> <td><label for="address">Address:</label></td> <td><input type="text" name="address" id="address" size="20" maxlength="20" value=""/></td> </tr><tr> <td><label for="city">City/Town:</label></td> <td><input type="text" name="city" id="city" size="20" maxlength="20" value=""/></td> </tr><tr> <td><label for="county">County:</label></td> <td><input type="text" name="county" id="county" size="20" maxlength="20" value=""/></td> </tr><tr> <td><label for="post">Postcode:</label></td> <td><input type="text" name="post" id="post" size="20" maxlength="20" value=""/></td> </tr><tr> <td><label for="home">Home Number:</label></td> <td><input type="text" name="home" id="home" size="20" maxlength="20" value=""/></td> </tr><tr> <td><label for="mobile">Mobile:</label></td> <td><input type="text" name="mobile" id="mobile" size="20" maxlength="20" value=""/></td> </tr><tr> <td> </td> <td><input type="submit" name="submit" value="Sumbit"/></td> </tr> </table> </form> </body> </html> Form 2: <?php //let's start the session session_start(); //now, let's register our session variables session_register('name'); session_register('password'); session_register('first_name'); session_register('last_name'); session_register('email'); session_register('address'); session_register('city'); session_register('county'); session_register('post'); session_register('home'); session_register('mobile'); //finally, let's store our posted values in the session variables $_SESSION['name'] = $_POST['name']; $_SESSION['password'] = $_POST['password']; $_SESSION['first_name'] = $_POST['first_name']; $_SESSION['last_name'] = $_POST['last_name']; $_SESSION['email'] = $_POST['email']; $_SESSION['address'] = $_POST['address']; $_SESSION['city'] = $_POST['city']; $_SESSION['county'] = $_POST['county']; $_SESSION['post'] = $_POST['post']; $_SESSION['home'] = $_POST['home']; $_SESSION['mobile'] = $_POST['mobile']; ?> <html> <head> <title>Register</title> <style type="text/css"> td { vertical-align: top; } </style> </head> <body> <form action="form3.php" method="post"> <table> <tr> <td><label for="bio">Biography:</label></td> <td><input type="text" name="bio" id="bio" size="400" maxlength="500" value=""/></td> </tr><tr> <td> </td> <td><input type="submit" name="submit" value="Sumbit"/></td> </tr> </table> </form> </body> </html> I've also got form3.php and process_forms.php(that's where I mysql_real_escape_string and input the data) but that's probably not relevant. How would I get this to work? Are there any sites I should look at that you'd recommend? Any help appreciated. I am writing a script that will parse my PHP classes and check for things like coupling, visualize my objects and connections, dependencies, check for convention usage, etc.
So, I have a simple file upload. I'm never saving the files, just get contents and dump the file and work with the string version.
I'm writing it for me, but I figure I might want to open it for others to use in the future, so I may as well write it that way to begin with -- so I need to validate user input. Problem is, the user input is supposed to be valid PHP code. I'm thinking that, as long as I'm careful, I shouldn't be executing any code contained in strings, but I'm no security expert and I want a warm fuzzy that my thought on this is correct. What kinds of things do I need to look out for? Is it possible to inject when working with strings?
My initial thought is to regex the entire file and replace key portions with known replacements. So ( and ) would become !* and !^ or $ would become @~ (combinations that -- I think -- don't make sense to php?) But that may be completely unnecessary processing time if I'm not in any danger, here. Thanks ahead of time for any help.
PS - as a side question -- what's the best way to verify a file is a php file? I know of getimagesize for images, but should I just check for <? to verify it's php? That seems like it would be too easy to fool -- then again, it might not matter much.
-Adam
I hope I can explain what is happening. I have created two forms in PHP. The first 'almost' works, i.e. it shows the data. But I have two problems - 1) the second pulldown menu is always empty and 2) $value from the first pulldown menu ALWAYS equals the last entry thus the last 'if' in the function subdomains ($domains) is always called (but still empty). The code may explain this better than me:
<!DOCTYPE html>
<html>
<body>
<!-- processDomains.php is this file - it calls itself (for testing purposes so I can see what is happening) -->
<form action="processDomains.php" method="post">
<?php
// create the domains array (there are actually several entries in the array but I cut it down for testing)
$domains = array (1 => 'Decommission', 'Migration');
echo "Select Domain:";
echo "<br>";
// Make the domain pull-down menu - this displays correctly
echo '<select name="domain">';
foreach ($domains as $key => $value) {
echo "<option value=\"$key\">$value</option>\n";
}
echo '</select>';
// input doesn't matter what is 'submitted', always goes to last $value
echo '<input type="submit" name="submit" value="Submit">';
// call function subdomains
subdomains ($value);
function subdomains ($domains) {
// define values for each array - each array contains available choices for the subdomain pulldown menu
$migration = array (1 => 'Application Migration', 'Application Patch', 'Application Upgrade');
$decommission = array (1 => 'Applications', 'Servers', 'Storage');
if ($domains === 'Migration') {
echo "Select subdomain:";
echo "<br>";
// Make the Migration pull-down menu
echo '<select name="migration">';
foreach ($migration as $key => $value) {
echo "<option value=\"$key\">$value</option>\n";
}
echo '</select>';
} else if ($domains === 'Decommission') {
/* ===
* since 'Decommission' is the last entry in the 'Domains' pulldown list, $value ALWAYS equals
* 'Decommission' and $domains equals $value. So this menu SHOULD work but is always
* empty. Thus, two problems - the pulldown menu is always empty and $value isn't based
* upon user input.
*/
echo "Select subdomain:"; // this prints so I know I'm in 'Decommission (I eliminated the echo "$domain" to show I'm always coming here)'
echo "<br>";
// Make the 'Decommission' pull-down menu
echo '<select name="decommission">';
foreach ($decommission as $key => $value) {
echo "<option value=\"$key\">$value</option>\n";
}
echo '</select>';
echo '<input type="submit" name="submit" value="Submit">'
) // end of 'if-else'
} // end of function 'subdomain'
?>
</form>
</body>
</html>
Let me say thank you in advance and I appreciate the help! I know I'm doing something (or more than one thing) wrong and I hope someone can tell me what it is.
Best Regards!
Edited by mac_gyver, 19 January 2015 - 09:37 PM. code tags around posted code please I need to query a database for a starting time for a meeting, and if the start time is at 7pm, I need to allow access to a page from 6pm til 11pm. Not a problem. The problem lies when the ending time (4 hours after the start time) crosses over to a new day. Here's what I have: Code: [Select] <?php elseif ($row['meeting'] == "7:00pm") { $starthour = 18; $endhour = 23; } elseif ($row['meeting'] == "8:00pm") { $starthour = 19; $endhour = 0; } if ($thishour <= $endhour && $thishour >= $starthour) { include "meeting_ok.php"; } else { echo "Meeting room is unavailable at this time...."; } ?> The "0" for endhour is throwing things off. How should I best account for a new day? Thanks! Hey In my spare time, I am working on my PHP framework. Now, to help with development and quickly discover where I miss a type cast, I have adopted to check all parameters that are passed to a method using a function. For instance: public function __construct(&$target = null, $depth = 1){ $this->validateArguments( array(1 => 'int'), array(1 => $depth) ); And the code that triggers the exception: public function testPhpFreakType(){ $obj = 1; $p = new Xcms_DataStructures_Pointer($obj, "1"); } Code: [Select] 0: |--------------------------------------------------| 1: |--Exception: 4cfe2e86ca5970.22624423 - Full Trace | 2: | Tue, 07 Dec 2010 13:54:30 +0100 3: |-Class: 4: | Xcms_Exceptions_InvalidArgument 5: |-Message: 6: | Argument #1 of Xcms_DataStructures_Pointer:__construct() is no _null:int 7: | Stack offset: 3 8: | 9: |-Trace 10: | #0 D:\www\xcms_rev\core\exceptions\invalid.argument.helper.class.php(133): Xcms_Exceptions_InvalidArgumentHelper::factory(1, '_null:int', NULL, 2) 11: | #1 D:\www\xcms_rev\core\basic.class.php(80): Xcms_Exceptions_InvalidArgumentHelper::validateArguments(Array, Array, Array, 1) 12: | #2 D:\www\xcms_rev\core\data.structures\pointer.class.php(49): Xcms_Basic->validateArguments(Array, Array) 13: | #3 D:\www\xcms_rev\core\data.structures\pointer.test.php(73): Xcms_DataStructures_Pointer->__construct(1, '1') 14: | #4 [internal function]: Xcms_DataStructures_PointerTest->testPhpFreakType() 15: | #5 C:\xampp\php\PEAR\PHPUnit\Framework\TestCase.php(737): ReflectionMethod->invokeArgs(Object(Xcms_DataStructures_PointerTest), Array) 16: | #6 C:\xampp\php\PEAR\PHPUnit\Framework\TestCase.php(627): PHPUnit_Framework_TestCase->runTest() 17: | #7 C:\xampp\php\PEAR\PHPUnit\Framework\TestResult.php(629): PHPUnit_Framework_TestCase->runBare() 18: | #8 C:\xampp\php\PEAR\PHPUnit\Framework\TestCase.php(575): PHPUnit_Framework_TestResult->run(Object(Xcms_DataStructures_PointerTest)) 19: | #9 C:\xampp\php\PEAR\PHPUnit\Framework\TestSuite.php(766): PHPUnit_Framework_TestCase->run(Object(PHPUnit_Framework_TestResult)) 20: | #10 C:\xampp\php\PEAR\PHPUnit\Framework\TestSuite.php(742): PHPUnit_Framework_TestSuite->runTest(Object(Xcms_DataStructures_PointerTest), Object(PHPUnit_Framework_TestResult)) 21: | #11 D:\www\xcms_rev\core\testing\manager.class.php(83): PHPUnit_Framework_TestSuite->run() 22: | #12 D:\www\xcms_rev\core\testing\manager.class.php(56): Xcms_Testing_Manager->testClass(Object(ReflectionClass)) 23: | #13 D:\www\xcms_rev\cache\pkg\scripting\script_1.php(3): Xcms_Testing_Manager->run(Object(Xcms_Url_DefaultRequest)) 24: | #14 D:\www\xcms_rev\core\util.lib.php(340): include('D:\www\xcms_rev...') 25: | #15 D:\www\xcms_rev\core\packages\scripting\controllers\scripting.controller.php(66): Xcms_Util::sandboxedInclude('cache/pkg/scrip...', Array) 26: | #16 D:\www\xcms_rev\core\mvc\controllers\default.controller.php(210): Xcms_Packages_Scripting_Controllers_ScriptingController->execute(Object(Xcms_Packages_Scripting_Models_ScriptModel), Object(Xcms_Templating_Context)) 27: | #17 D:\www\xcms_rev\core\mvc\controllers\default.controller.php(170): Xcms_Mvc_Controllers_DefaultController->runScript(1, 0, Object(Xcms_Templating_Context)) 28: | #18 D:\www\xcms_rev\core\mvc\controllers\default.controller.php(132): Xcms_Mvc_Controllers_DefaultController->runScripts(0, 0, Array, Array, 1, 0) 29: | #19 D:\www\xcms_rev\index.php(15): Xcms_Mvc_Controllers_DefaultController->run() 30: | #20 {main} 31: |--------------------------------------------------| I think this speeds up my development quite a bit, because I can catch errors very early in the development process. I can give multipe possibilities of what is allowed for each parameter, not just a single possibility. Also, it is possible to register custom type/validity-checks on both global and local scope. One thing I do worry about, however, is the the performance. Of course, I could just make the funciton do nothing in production code, if it takes too much time, or I could write a script to remove all calls to that function. When I started learning python a while back, the concept to just code to interfaces instead of types seemed very intuitive and made my code much more flexible. Of course that is what I do with PHP as well, but I it's not entirely the same. So now, coming back at my PHP code and having introduced features of static languages such as type checking, I worry about whether that is the right approach. What are your thoughts on the matter? Scenario: each row contains an ID, title, description, price, and up to 5 images. There are not always 5 images stored in each row. The images are stored as a file path which is then pulled out of the DB and used to display an image via HTML. I need to do some sort of loop/check that looks at the contents of a particular row (actually all rows in this particular table) and then decide how many times to loop through the images to display them all correctly on the webpage. I could statically set a variable for each column but then it would have a space for an image but nothing would show. I really want this to be able to only load the images that are stored in the DB. Any help on how I can go about this? thanks -beemer Hi friends I have following code Code: [Select] function UseOfSSL($domain_name) { $site = ($domain_name); $port = 443; $fp = fsockopen($site,$port,$errno,$errstr,10); if(!$fp) { echo "Not Installed"; } else{ echo "Yes, it is installed"; fclose($fp); } } If domain name from $domain_name has installed SSL, it will show it is installed else not installed. Problem is that I tried this with both types of sites, those who are using SSL and those who are not and always, it says Yes, it is installed. 443 is used because https uses port 443 What is the cause ? I have written the code for email check, but how and where can I put the code to check if a username has been used twice? Thanks in advance. Code: [Select] <?php $servername = "localhost"; $username = ""; $password = ""; //validate fields if(!$_POST["username"] || !$_POST["email"] || !$_POST["password1"] || !$_POST["password2"]){ echo "<p> </p><p> </p><p> </p><br />Please fill the required fields, <p> </p><p> </p><a href='register.php'>Go to register page</a>"; //validate password }else if($_POST["password1"] != $_POST["password2"]){ echo "<p> </p><p> </p><p> </p><br />Please go back, PASSWORDS do not match! <p> </p><p> </p><a href='register.php'>Go to register page</a>"; //validate email }else if(!(eregi("^.+@.+\\..+$", $_POST['email']))){ echo "<p> </p><p> </p><p> </p><br />Please enter a valid EMAIL! <a href='register.php'><p> </p><p> </p>Go to register page</a>"; //validate captcha }else if(($_SESSION['security_code'] != $_POST['security_code']) || (empty($_SESSION['security_code'])) ){ echo "<p> </p><p> </p><p> </p><br />CAPTCHA CODE does not match! <p> </p><p> </p><a href='register.php'>Go to register page</a>"; }else{ $conn= mysql_connect($servername,$username,$password)or die(mysql_error()); mysql_select_db("genesis_members",$conn); // check if already registered $sql_check = "SELECT * FROM users WHERE email = '".$_POST[email]."'"; $result_check = mysql_query($sql_check,$conn) or die(mysql_error()); $row = mysql_fetch_assoc($result_check); if($row['id']){ echo "<p> </p><p> </p><p> </p><br />EMAIL already registered! <p> </p><p> </p><a href='register.php'>Go to register page</a>"; }else{ // insert in db $sql = "INSERT INTO users (username, email, password, company, phone, services) VALUES ('".$_POST[username]."', '".$_POST[email]."', '".$_POST[password1]."', '".$_POST[company]."', '".$_POST[phone]."', '".$_POST[services]."')"; $result = mysql_query($sql,$conn) or die(mysql_error()); echo "<p> </p><p> </p><p> </p><br /><h1>You Have Successfully Registered</h1>"; echo "<p> </p><p> </p><br /><a href='main_login.php'>go to login page</a>"; } } ?> can somebody please tel me how to make sure a field is a number? I have some error checking like if(empty($postcode)) { $errors[] = "Please enter your postcode"; } if(strlen($tel)<11) { $errors[] = "Please enter a phone number that is the correct length"; } But I dont know and cant find how to check for a number only. Hello all, it's been a while! Good to be back. I am having trouble with a script I'm trying to modify to seach for domains with specific extensions. Now, I have never done any domain checking before and I'm a little bewildered. The script uses an array and checks the input against each extension using the array. Each line looks similar to: Code: [Select] '.com' => array('whois.crsnic.net','No match for'), What does the whois.crsnic.net mean? I assume it's a register/database of domains? I coded small funny script I tested it in three hosting ww.rufaa.net dallawat.com/new ibuj.org but I don't know why in the first link, my script seem slow not like the other second and third links php5.2, mysql server5.02: if record exists,append random digit to end of information in rows column then add to database If user mike already exists and another mike is trying to create a user id I would like to keep the old mike record like it is, then add a new mike record, but add a unique digit to the end of the name mike before the record gets added to the database as a new row. Thank you kindly! Okay I need some help. I want to check a MySQL DB and then if it says 0 then don't do anything if it says anything else echo out what's there. I have tried for about a hour now. Hello! Does anyone know an effective way to track inactive idlers in daily basis? So that it will count the amount of days no data has been posted to the table. E.g. User posts latest data and inserts timestamp 1282228120 which reads Thursday, August 19th 2010, 14:28:40 (GMT) The days for inactivity should output as 8 days because no data has been posted from 20th August to today - 28th August. Anyway I can achieve this? Any information is appreciated, thanks. I have textfield for signature in my form, I m checking if the signature was sent ( if(!empty($_POST['signature'])) and if it's not empty I m putting it into the db. The problem is that, I have noticed a greek user has entered something in greek letters, and function could not deal with it and saved it as it is.( DB field supports greek charset ) I just want to allow english and german chars with special chars ( ",',< etc. ) , no other charset like greek. How can I do that? any function for this purpose ? so here's the thing, ive downloaded mysql front and easy php , the HTML code ive written till now is <html> <head> </head> <body> <h1>Registration Page</h1> <form name="form" method="post" action="final-SignUp1.php"> <p>UserName <input type="text" name="username" /></p> <p>Password <input type="password" name="password" /></p> <p>Confirm Password<input type="password" name="confirm_password" /></p> <p>Firstname <input type="text" name="firstname" /></p> <p>Middlename <input type="text" name="middlename" /></p> <p>Lastname <input type="text" name="lastname" /></p> <p>address <input type="text" name="address" /></p> <p>city <input type="text" name="city" /></p> <p>Zipcode <input type="text" name="zip_code" /></p> <p>Phone number <input type="text" name="telephone_number" /></p> <p>Email address <input type="text" name="email" /></p> <p>Confirm Email <input type="text" name="confirm_email" /></p> <input type="submit" value="Register"> <input type="reset" value="Clear" /></p> </form> </body> </html> which i would like to link to this php code <?php $usr=$_POST["username"]; $pass=$_POST["password"]; $confirm=$_POST["confirm_password"]; $firstname=$_POST["firstname"]; $middlename=$_POST["middlename"]; $lastname=$_POST["lastname"]; $address=$_POST["address"]; $city=$_POST["city"]; $zipcode=$_POST["zip_code"]; $phonenumber=$_POST["`telephone_number`"]; $emailaddress=$_POST["email"]; $confirmemailaddress=$_POST["confirm_email"]; $db=mysql_connect("localhost","root",""); mysql_select_db("final-signup1",$db); $q="INSERT INTO final-signup1 VALUES ('$usr','$pass','$confirm','$firstname','$middlename','$lastname','$address','$city','$zipcode', '$phonenumber','$emailaddress','$cofirmemailaddress')"; mysql_query($q); mysql_close(); ?> now on mysql-front the database ive set till now is as follows i know something is wrong with my code, because the data i enter in the register page isnt going to the database. any help is greatly appreciated thank you Can someone help me to get this code working... Code: [Select] public function getBowlContents(){ if is_null($this->contents) { return "The bowl is empty!"; } else { return "The bowl contains " . $this->contents . " soup!"; } TomTees I don't know precisely how to put it so i will give an example: suppose you have a search form with input fields for: -an age range, -a data range, -for the sex, -postal code as soon as the user would fill in one of these input fields, a query should be generated including a condition doing something with the inputted value. For example, the user fills in maxAge, the the query should say: SELECT * FROM table WHERE age >= maxAge; Filling more than one criterion then would do .= " AND criteria (condition) inputvalue " etc... My question comes to the part about: how to check if there is already a WHERE in the clause and how to put WHERE or AND for every criterion. Since doing like above, i won't be able to search for another criterion if i don't select maxAge first because then there would be no WHERE in the sql clause. Hopefully i've put it clear thanks in advance |
|||||||