|
|
Posted by Virginner on 07/06/07 08:39
"Kevin Raleigh" <kraleigh@sbcglobal.net> wrote in message
news:__GdnXgHRsh2aBDbnZ2dnUVZ_v23nZ2d@giganews.com...
>I have a set of function that work beautifully the first time that the form
> is processed, but the second time that I hit the submit button if any
> field
> contains data the form by passes all of my carefully planned validation
> and
> dumps the data into the DB.
<SNIP>
> if($emailErr | $passHintErr | $nameErr | $userPassErr | $userNameErr){
> ?>
> <script language="javascript">
> window.location = "register.php";
> </script>
> <?php
> }else{
The first thing I can ask is why do you have *any* JavaScript in this code?
If it's just for redirection, then use header('Location: xxx'). If you have
JavaScript, then nasty people can easily automate adding data by simply
switching off the JavaScript.
Next, it loks like you are using two scripts - one with the form
(register.php), which POSTs to the validation script, which then redirects
back to the to the form on errors. Howabout doing it all in one script?
if form submitted then process form
{
if form data OK add data to database, display thank you and link to
login
}
else
{
(re)display form, populating form fields with $_POSTed variables, and
display any hints
}
Navigation:
[Reply to this message]
|