You are here: validating data from forms « PHP Language « IT news, forums, messages
validating data from forms

Posted by Kevin Raleigh on 07/06/07 08:01

I have a set of function that work beautifully the first time that the form
is processed, but the second time that I hit the submit button if any field
contains data the form by passes all of my carefully planned validation and
dumps the data into the DB.

Have to tell you this is very disconcerting. I Have Been working with this
for a couple of days now. And...

Can you take a look at my logic and tell me if I over looked anything
obvious?
I should clue you in to what I am attempting to do.

Nothing complicated, I just make several function calls and if their is
output from the calls then I have an error somewhere.

It should call my JS window.location function to redirect to the same page
so that they can make corrections.

However, for some reason the validation functions do exactly what they are
supposed to do the first time around, but like I said above, the second time
if any fields are loaded with data it completely by passes my validation
proceedures. :-(

code:
--------------------------------------
// looking at some function calls here, nothing special...

if ($userNameErr = userNameCheck(trimWhiteSpace($_POST['username']))){
$_SESSION['SES_userNameErr'] = $userNameErr;
}

if($userPassErr = userPassCheck(trimWhiteSpace($_POST['pass']),
trimWhiteSpace($_POST['pass2']))){
$_SESSION['SES_userPassErr'] = $userPassErr;
}

if($nameErr = nameCheck(trimWhiteSpace($_POST['fName']),
trimWhiteSpace($_POST['lName']))){
$_SESSION['SES_nameErr'] = $nameErr;
}

if($passHintErr = passHintCheck(trimWhiteSpace($_POST['passHint']))){
$_SESSION['SES_passHintErr'] = $passHintErr;
}

if($emailErr = emailCheck(trimWhiteSpace($_POST['email']))){
$_SESSION['SES_emailErr'] = $emailErr;
}

// my err check statement that only works on the first pass

if($emailErr | $passHintErr | $nameErr | $userPassErr | $userNameErr){
?>
<script language="javascript">
window.location = "register.php";
</script>
<?php
}else{
//
****************************************************************************
**************
//
// here we encrypt the password and add slashes if needed
//
//
****************************************************************************
**************


$_POST['pass'] = md5($_POST['pass']);

if (!get_magic_quotes_gpc()) {
$_POST['pass'] = addslashes($_POST['pass']);
$_POST['username'] = addslashes($_POST['username']);
$_POST['fName'] = addslashes($_POST['fName']);
$_POST['lName'] = addslashes($_POST['lName']);
$_POST['passHint'] = addslashes($_POST['passHint']);
$_POST['email'] = addslashes($_POST['email']);
}
//
****************************************************************************
**************
//
//if there are no errors in data validation load the data into the database
// now we insert it into the database
//
//
****************************************************************************
**************
$insert = "INSERT INTO user (username, password, fName, lName, passHint,
email, bMonth)
VALUES ('".$_POST['username']."',
'".$_POST['pass']."','".$_POST['fName']."','".$_POST['lName']."','".$_POST['
passHint']."','".$_POST['email']."','".$_POST['bMonth']."')";
$add_member = mysql_query($insert);



?>

<p>Thank you, <?php $fName = $_POST['fName']; $lName = $_POST['lName'];
print "$fName $lName" ?> you have registered - you may now <a
href="login.php">login</a>.</p>
<?php
}// end if error

insight would be greatly appreciated
thank you
Kevin

 

Navigation:

[Reply to this message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация