Reply to Re: validating data from forms

Your name:

Reply:


Posted by Kevin Raleigh on 07/07/07 17:43

I was able to resolve my problems on both fronts.
I was using a tutorial script that I found on the net that had the
header(location: xx) in the body of the document sandwiched between blocks
of HTML. This I finally figured out was what was causing my problem. I took
your advice and I completely rewrote the page and removed all of the php
from the body. I placed it the top of the document, used an if else to
decide when to display what, and it solved my header() error problems as
well as my validation problems. Previously I could validate on the first
pass, but on the second submit the validation failed. I don't know why, but
what is important is that it works beautifully now.

I thank you for your time and effort
Kevin Raleigh

"Gleep" <Gleep@Gleep.com> wrote in message
news:3kts835k43hn1lqc5646k9ejgiukbcemln@4ax.com...
> On Fri, 6 Jul 2007 01:01:33 -0700, "Kevin Raleigh"
<kraleigh@sbcglobal.net> wrote:
>
> >I have a set of function that work beautifully the first time that the
form
> >is processed, but the second time that I hit the submit button if any
field
> >contains data the form by passes all of my carefully planned validation
and
> >dumps the data into the DB.
> >
> >Have to tell you this is very disconcerting. I Have Been working with
this
> >for a couple of days now. And...
> >
> >Can you take a look at my logic and tell me if I over looked anything
> >obvious?
> >I should clue you in to what I am attempting to do.
> >
> >Nothing complicated, I just make several function calls and if their is
> >output from the calls then I have an error somewhere.
> >
> >It should call my JS window.location function to redirect to the same
page
> >so that they can make corrections.
> >
> >However, for some reason the validation functions do exactly what they
are
> >supposed to do the first time around, but like I said above, the second
time
> >if any fields are loaded with data it completely by passes my validation
> >proceedures. :-(
> >
> >code:
> >--------------------------------------
> > // looking at some function calls here, nothing special...
> >
> > if ($userNameErr = userNameCheck(trimWhiteSpace($_POST['username']))){
> > $_SESSION['SES_userNameErr'] = $userNameErr;
> > }
> >
> > if($userPassErr = userPassCheck(trimWhiteSpace($_POST['pass']),
> >trimWhiteSpace($_POST['pass2']))){
> > $_SESSION['SES_userPassErr'] = $userPassErr;
> > }
> >
> > if($nameErr = nameCheck(trimWhiteSpace($_POST['fName']),
> >trimWhiteSpace($_POST['lName']))){
> > $_SESSION['SES_nameErr'] = $nameErr;
> > }
> >
> > if($passHintErr = passHintCheck(trimWhiteSpace($_POST['passHint']))){
> > $_SESSION['SES_passHintErr'] = $passHintErr;
> > }
> >
> > if($emailErr = emailCheck(trimWhiteSpace($_POST['email']))){
> > $_SESSION['SES_emailErr'] = $emailErr;
> > }
> >
> >// my err check statement that only works on the first pass
> >
> > if($emailErr | $passHintErr | $nameErr | $userPassErr | $userNameErr){
> > ?>
> > <script language="javascript">
> > window.location = "register.php";
> > </script>
> > <?php
> > }else{
> >//
>
>***************************************************************************
*
> >**************
> >//
> >// here we encrypt the password and add slashes if needed
> >//
> >//
>
>***************************************************************************
*
> >**************
> >
> >
> >$_POST['pass'] = md5($_POST['pass']);
> >
> > if (!get_magic_quotes_gpc()) {
> > $_POST['pass'] = addslashes($_POST['pass']);
> > $_POST['username'] = addslashes($_POST['username']);
> > $_POST['fName'] = addslashes($_POST['fName']);
> > $_POST['lName'] = addslashes($_POST['lName']);
> > $_POST['passHint'] = addslashes($_POST['passHint']);
> > $_POST['email'] = addslashes($_POST['email']);
> > }
> > //
>
>***************************************************************************
*
> >**************
> > //
> > //if there are no errors in data validation load the data into the
database
> > // now we insert it into the database
> > //
> > //
>
>***************************************************************************
*
> >**************
> > $insert = "INSERT INTO user (username, password, fName, lName, passHint,
> >email, bMonth)
> > VALUES ('".$_POST['username']."',
>
>'".$_POST['pass']."','".$_POST['fName']."','".$_POST['lName']."','".$_POST[
'
> >passHint']."','".$_POST['email']."','".$_POST['bMonth']."')";
> > $add_member = mysql_query($insert);
> >
> >
> >
> >?>
> >
> ><p>Thank you, <?php $fName = $_POST['fName']; $lName = $_POST['lName'];
> >print "$fName $lName" ?> you have registered - you may now <a
> >href="login.php">login</a>.</p>
> ><?php
> > }// end if error
> >
> >insight would be greatly appreciated
> >thank you
> >Kevin
> >
>
>
>
>
> Well first off , in my opnion the validation logic seems a little
convoluted, but the thing i
> noticed first is if($emailErr | $passHintErr | $nameErr | $userPassErr
| $userNameErr) {...
> the ors should be || or OR not |
>
> your saving session data if there is an error, why there is no need to
save that data.
> here is the logic pattern I'd use
>
> the user fills out the form and submits..
> (there might be errors i'm just gonna whip it out)....
>
>
> if(isset($_POST['Submit'] AND $_POST['Submit']=='Submit' ) {
>
> // collect form vars
> if (!get_magic_quotes_gpc()) {
> $pass = addslashes($_POST['pass']);
> $username = addslashes($_POST['username']);
> $fName = addslashes($_POST['fName']);
> $lName = addslashes($_POST['lName']);
> $passHint = addslashes($_POST['passHint']);
> $email = addslashes($_POST['email']);
> $bMonth = addslashes($_POST['bMonth']);
> } else {
> $pass = $_POST['pass'];
> $username = $_POST['username'];
> $fName = $_POST['fName'];
> $lName = $_POST['lName'];
> $passHint = $_POST['passHint'];
> $email = $_POST['email'];
> $bMonth = $_POST['bMonth'];
> }
>
> // validate vars
> $error = false;
> if(!$pass) $error .= "password is required<br />";
> if(!$username) $error .= "username is required<br />";
> if(!$fName) $error .= "first name is required<br />";
> if(!$lName) $error .= "last name is required<br />";
> if(!$passHint) $error .= "password hint is required<br />";
> if(!$enail) $error .= "email hint is required<br />";
> if(userNameCheck(trimWhiteSpace($username))) $error .= "username failed<br
/>";
> if(userPassCheck(trimWhiteSpace($pass))) $error .= "password failed<br
/>";
> if(nameCheck(trimWhiteSpace($fName))) $error .= "first name failed<br />";
> if(passHintCheck(trimWhiteSpace($passHint))) $error .= "pass hint
failed<br />";
> if(emailCheck(trimWhiteSpace($email))) $error .= "email failed<br />";
>
> if(!$error) {
> mysql_query("INSERT INTO user (username, password, fName, lName,
passHint, email, bMonth) VALUES
> ('$username','$pass', '$fName', '$lName', '$passHint', '$email',
'$bMonth')") or die(mysql_error());
> // if everything is cool go to thank you page else return to same page
> header("location: thank_you.php");
> exit;
> }
>
> }
>
>
> <form name="form1" method="post" action="<?=$_SERVER['PHP_SELF']?>" >
> <lable>Username</lable> <input type="text" name="username"
value="<?=$username?>"><br />
> //repeat for all fields
> <input type="submit" name="Submit" value="Submit">
> <? if($error) echo "<p>$error</p>";?>
> </form>
>
>
>
> i think the logic here is easier to follow and tweakable if needed
>

[Back to original message]
Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация