|
|
Posted by Kevin Raleigh on 07/06/07 08:01
I have a set of function that work beautifully the first time that the form
is processed, but the second time that I hit the submit button if any field
contains data the form by passes all of my carefully planned validation and
dumps the data into the DB.
Have to tell you this is very disconcerting. I Have Been working with this
for a couple of days now. And...
Can you take a look at my logic and tell me if I over looked anything
obvious?
I should clue you in to what I am attempting to do.
Nothing complicated, I just make several function calls and if their is
output from the calls then I have an error somewhere.
It should call my JS window.location function to redirect to the same page
so that they can make corrections.
However, for some reason the validation functions do exactly what they are
supposed to do the first time around, but like I said above, the second time
if any fields are loaded with data it completely by passes my validation
proceedures. :-(
code:
--------------------------------------
// looking at some function calls here, nothing special...
if ($userNameErr = userNameCheck(trimWhiteSpace($_POST['username']))){
$_SESSION['SES_userNameErr'] = $userNameErr;
}
if($userPassErr = userPassCheck(trimWhiteSpace($_POST['pass']),
trimWhiteSpace($_POST['pass2']))){
$_SESSION['SES_userPassErr'] = $userPassErr;
}
if($nameErr = nameCheck(trimWhiteSpace($_POST['fName']),
trimWhiteSpace($_POST['lName']))){
$_SESSION['SES_nameErr'] = $nameErr;
}
if($passHintErr = passHintCheck(trimWhiteSpace($_POST['passHint']))){
$_SESSION['SES_passHintErr'] = $passHintErr;
}
if($emailErr = emailCheck(trimWhiteSpace($_POST['email']))){
$_SESSION['SES_emailErr'] = $emailErr;
}
// my err check statement that only works on the first pass
if($emailErr | $passHintErr | $nameErr | $userPassErr | $userNameErr){
?>
<script language="javascript">
window.location = "register.php";
</script>
<?php
}else{
//
****************************************************************************
**************
//
// here we encrypt the password and add slashes if needed
//
//
****************************************************************************
**************
$_POST['pass'] = md5($_POST['pass']);
if (!get_magic_quotes_gpc()) {
$_POST['pass'] = addslashes($_POST['pass']);
$_POST['username'] = addslashes($_POST['username']);
$_POST['fName'] = addslashes($_POST['fName']);
$_POST['lName'] = addslashes($_POST['lName']);
$_POST['passHint'] = addslashes($_POST['passHint']);
$_POST['email'] = addslashes($_POST['email']);
}
//
****************************************************************************
**************
//
//if there are no errors in data validation load the data into the database
// now we insert it into the database
//
//
****************************************************************************
**************
$insert = "INSERT INTO user (username, password, fName, lName, passHint,
email, bMonth)
VALUES ('".$_POST['username']."',
'".$_POST['pass']."','".$_POST['fName']."','".$_POST['lName']."','".$_POST['
passHint']."','".$_POST['email']."','".$_POST['bMonth']."')";
$add_member = mysql_query($insert);
?>
<p>Thank you, <?php $fName = $_POST['fName']; $lName = $_POST['lName'];
print "$fName $lName" ?> you have registered - you may now <a
href="login.php">login</a>.</p>
<?php
}// end if error
insight would be greatly appreciated
thank you
Kevin
[Back to original message]
|