SitePoint Sponsor

User Tag List

Results 1 to 25 of 25

Thread: form validation

  1. #1
    SitePoint Evangelist
    Join Date
    May 2007
    Location
    Kent in Uk
    Posts
    538
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    form validation

    Hi,

    I have been trying to create a form with php. Its on two pages. The actual form and the proccessing form. I have managed to set up the form so that the info the user inputs is sent to my database.
    I have been trying to add validation so that if there are any errors it will redirect to the form. The form calls itself. I tried the validation out but after an error is made it does not hold onto the data the info has inputted. This could be a problem as one of the fields "article" is very large and would be very frustrating for the user.
    Is there any way using the method I am using I can redirect to the form but hold onto the inputed text?
    The php processing is as follows:

    PHP Code:
    <?php $connection mysqli_connect("*****stuff***********"); 
    require_once(
    "../includes/functions.php");
    //form validation
    if(isset($_POST['submit'])){
    $errors = array();
    $requiredfields = array('first_name','surname','address','town','county','post_code','email',
    'age','summary','title','article');
    foreach(
    $requiredfields as $fieldname){
    if(!isset(
    $_POST[$fieldname]) || empty($_POST[$fieldname])){
    $errors[] = $fieldname;
    }
    }
    }
    if(!empty(
    $errors)){
    redirect_to("articleForm.php");
    }
    //end form validation

    $first_name =  mysqli_prep($_POST['first_name']);
    $surname =  mysqli_prep($_POST['surname']);
    $address =  mysqli_prep($_POST['address']);
    $town =  mysqli_prep($_POST['town']);
    $county =  mysqli_prep($_POST['county']);
    $post_code =  mysqli_prep($_POST['post_code']);
    $email =   mysqli_prep($_POST['email']);
    $age =  mysqli_prep($_POST['age']);
    $summary =  mysqli_prep($_POST['summary']);
    $title =  mysqli_prep($_POST['title']);
    $article =  mysqli_prep($_POST['article']);
    $query "INSERT INTO articleform (
    first_name,surname,address,town,county,post_code,email,age,summary,title,article
    ) Values (
    '
    {$first_name}','{$surname}','{$address}','{$town}','{$county}','{$post_code}','{$email}',{$age},
    '
    {$summary}','{$title}','{$article}'
    )"
    ;
    $result mysqli_query($connection$query);
    if(
    $result){
    header("Location:contactSoon.php");
    exit;
    }else{
    echo 
    "<p>Insertion into Database Failed</p>";
    echo 
    "<p>".mysqli_error($connection)."</p>";
      }
    ?>

  2. #2
    SitePoint Enthusiast
    Join Date
    Jun 2008
    Posts
    62
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I would post to $_SERVER['PHP_SELF'] then you can use this for the values of the form then when there are errors you can echo the post values into the form input values.

  3. #3
    Twitter: @AnthonySterling silver trophy AnthonySterling's Avatar
    Join Date
    Apr 2008
    Location
    North-East, UK.
    Posts
    6,111
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    You could store each valid entry into $_SESSION...

    formProcessor.php
    PHP Code:
    <?php
    $errors 
    = array();
    $requiredfields = array('first_name','surname','address','town','county','post_code','email','age','summary','title','article');
    foreach(
    $requiredfields as $fieldname){
        if(!isset(
    $_POST[$fieldname]) || empty($_POST[$fieldname])){
            
    $errors[] = $fieldname;
        }else{
            
    $_SESSION['formEntries'][$fieldname] = $_POST[$fieldname];
        }
    }
    ?>
    formPage.php
    PHP Code:
    <input type="text" name="surname" value="<?php echo isset($_SESSION['formEntries']['surname']) ? htmlentities($_SESSION['formEntries']['surname']) : null ;?>" />
    @AnthonySterling: I'm a PHP developer, a consultant for oopnorth.com and the organiser of @phpne, a PHP User Group covering the North-East of England.

  4. #4
    SitePoint Evangelist
    Join Date
    May 2007
    Location
    Kent in Uk
    Posts
    538
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi,

    This may sound a silly question but as users do not have to log on to use the form, can I still use sessions?

    Silvergulletuk wrote:

    <input type="text" name="surname" value="<?php echo isset($_SESSION['formEntries']['surname']) ? htmlentities($_SESSION['formEntries']['surname']) : null ;?>" />
    I take it I would need to do the above for all the fields?

    Also,

    markup2go wrote:

    I would post to $_SERVER['PHP_SELF'] then you can use this for the values of the form then when there are errors you can echo the post values into the form input values.
    Today 11:35
    Would I need to do this as well? At the moment the form page is pointing to the processor page (i.e. action="areticleform").

    Thanks for your help

  5. #5
    SitePoint Wizard bronze trophy
    Join Date
    Jul 2008
    Posts
    5,757
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I would just have the form post to itself like markup2go suggested.
    PHP Code:
    <?php
    if (form submitted) {
        if (
    data validates) {
            
    // process & redirect to success page
        
    } else {
            
    // create some error messages
        
    }
    }

    // show form, and show error messages, if any
    ?>
    <form>
    <input name=surname value="<?php echo htmlspecialchars($_POST['surname'], ENT_QUOTES); ?>">
    ...etc...

  6. #6
    SitePoint Evangelist
    Join Date
    May 2007
    Location
    Kent in Uk
    Posts
    538
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    ok guys, getting a little confused now.

    I will have the form post to itself (but in that case it will never link to the process page will it?)

    But these terms you have used:


    htmlspecialchars and ENT_QUOTES what are they for. I would rather know what they do rather than just put it in mindlessly.

    Also Silverbulletuk used

    htmlentities. This is diff from the above what atrre they used for?

    And again I do the above to all fields, not just surname?

  7. #7
    SitePoint Guru risoknop's Avatar
    Join Date
    Feb 2008
    Location
    end($world)
    Posts
    834
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I will have the form post to itself (but in that case it will never link to the process page will it?)
    The process page will be the page with the form itself... just put PHP code on the top of the page... and HTML markup bellow it.

  8. #8
    Twitter: @AnthonySterling silver trophy AnthonySterling's Avatar
    Join Date
    Apr 2008
    Location
    North-East, UK.
    Posts
    6,111
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    This may make it somewhat clearer.

    PHP Code:
    <?php
    if(isset($_POST['submit']))
    {
        
    $aErrors = array();
        
    $aRequiredItems = array(
            
    'firstName' => 'The first name field needs to be completed.',
            
    'lastName' => 'The last name field needs to be completed.'
        
    );
        foreach (
    $aRequiredItems as $sRequiredItem => $sRequiredItemMessage)
        {
            if(!isset(
    $_POST[$sRequiredItem]) || empty($_POST[$sRequiredItem]) || strlen(trim($_POST[$sRequiredItem])) == 0)
            {
                
    $aErrors[] = $sRequiredItemMessage;
            }
        }
        if(
    count($aErrors) == 0)
        {
            
    header('Location: http://www.yourserver.com/yourSuccessPage/');
            exit;
        }
    }
    ?>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
        "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
        <head>
            <title>
                Self Posting Form Sample
            </title>
        </head>
        <body>
            <?php
            
    if(count($aErrors) != 0)
            {
                echo 
    '<h3>Sorry, please address the following errors:-</h3>';
                echo 
    '<ul>';
                foreach (
    $aErrors as $sError)
                {
                    echo 
    '<li>' $sError '</li>';
                }
                echo 
    '</ul>';
            }
            
    ?>
            <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
                <p>Firstname:- <input type="text" name="firstName" value="<?php echo htmlspecialchars($_POST['firstName'],ENT_QUOTES); ?>" /></p>
                <p>Lastname:- <input type="text" name="lastName" value="<?php echo htmlspecialchars($_POST['lastName'],ENT_QUOTES); ?>" /></p>
                <input type="submit" name="submit" value="Submit Form" />
            </form>
        </body>
    </html>
    @AnthonySterling: I'm a PHP developer, a consultant for oopnorth.com and the organiser of @phpne, a PHP User Group covering the North-East of England.

  9. #9
    SitePoint Evangelist
    Join Date
    May 2007
    Location
    Kent in Uk
    Posts
    538
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi SilverB

    Thanks that does make it a lot clearer. But for future ref so I understand what is happening here. What is htmlspecialcharecters and ENT Quote. I have never come accross this before. What do they do?

  10. #10
    SitePoint Guru risoknop's Avatar
    Join Date
    Feb 2008
    Location
    end($world)
    Posts
    834
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    htmlspecialchars() replaces all occurances of following characters with their HTML entities:

    1) & becomes &amp;
    2) " becomes &quot;
    3) ' becomes & #39; (without space) *
    4) < becomes &lt;
    5) > becomes &gt;

    * Note that unless you set ENT_QUOTES, single quotes won't be affected.

  11. #11
    SitePoint Evangelist
    Join Date
    May 2007
    Location
    Kent in Uk
    Posts
    538
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks risoknop. I'll let you know how it goes.

  12. #12
    SitePoint Evangelist
    Join Date
    May 2007
    Location
    Kent in Uk
    Posts
    538
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    ok. I've managed to change the form to a one page form instead of having the proccessing on a different page. It now submits to itself. The validation appears to work using SilverBulletuk's basic script. Except:

    I have a textarea rather than a text box and it wont accept value="<?php echo htmlspecialchars($_POST['firstName'],ENT_QUOTES); ?>"

    big red line underneath in the code and it doesnt say {form.article} in the textarea. Also in testing it if I leave the textarea empty it doesnt show up as an error.

    any ideas?

  13. #13
    SitePoint Evangelist
    Join Date
    May 2007
    Location
    Kent in Uk
    Posts
    538
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    sorry forgot!

    The script for the page now looks like this:

    PHP Code:
    <?php $connection mysqli_connect("*********stuff***********"); 
    require_once(
    "../includes/functions.php");
    //form validation
    if(isset($_POST['submit'])){
    $errors = array();
    $requiredfields = array('first_name'=> 'Please enter your FIRST NAME','surname'=> 'Please enter your SURNAME','address'=> 'Please enter your ADDRESS','town'=> 'Please enter your TOWN','county'=> 'Please enter your COUNTY','post_code'=> 'Please enter your POST CODE','email'=> 'Please enter your E Mail ADDRESS','age'=> 'Please confirm your AGE','summary'=> 'Please enter a SUMMARY of your article','title'=> 'Please enter a TITLE for your article','article'=> 'Please enter your ARTICLE');
    foreach(
    $requiredfields as $fieldname => $requiredfieldsmessage){
    if(!isset(
    $_POST[$fieldname]) || empty($_POST[$fieldname])) {
    $errors[] = $requiredfieldsmessage;
    }
    }
    }
    //end form validation

    $first_name =  mysqli_prep($_POST['first_name']);
    $surname =  mysqli_prep($_POST['surname']);
    $address =  mysqli_prep($_POST['address']);
    $town =  mysqli_prep($_POST['town']);
    $county =  mysqli_prep($_POST['county']);
    $post_code =  mysqli_prep($_POST['post_code']);
    $email =   mysqli_prep($_POST['email']);
    $age =  mysqli_prep($_POST['age']);
    $summary =  mysqli_prep($_POST['summary']);
    $title =  mysqli_prep($_POST['title']);
    $article =  mysqli_prep($_POST['article']);
    $query "INSERT INTO articleform (
    first_name,surname,address,town,county,post_code,email,age,summary,title,article
    ) Values (
    '
    {$first_name}','{$surname}','{$address}','{$town}','{$county}','{$post_code}','{$email}','{$age}',
    '
    {$summary}',
    '
    {$title}','{$article}'
    )"
    ;

    ?>

    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
    <title>Article Form</title>
    <link href="../2testindex2.css" rel="stylesheet" type="text/css" />


    <script type="text/javascript" language="JavaScript1.2" src="../menu.js"></script>
    <style type="text/css">
    <!--
    .style3 {
        font-size: 10px;
        color: #000000;
    }
    .style4 {color: #FF0000}
    .style5 {color: #008000}
    .style6 {color: #808080}
    -->
    </style>
    </head>

    <body background="../images/catchatstuff/orangeback.jpg" >
    <div id="wrapper">
    <div id="banner"><img src="../images/catchatstuff/newbanner2.gif" align="left" alt="banner index" width="964" height="80" border="2" /></div>
    <div id="ccbox"><img src="../images/catchatstuff/catchatlogo3.gif" width="200" height="100" border="0" usemap="#Map" />
    <map name="Map" id="Map"><area shape="rect" coords="12,9,187,93" href="../phpbb/index.php" />
    </map></div>
    <div id="menu"><script type="text/javascript" language="JavaScript1.2">BuildLayer('v','','','','250','250','','','','0','20','1px Solid #ACA899','1px Solid #ACA899','1px Solid #ACA899','1px Solid #ACA899','left','#8080C0','','1','1','','Filter:progid:DXImageTransform.Microsoft.Fade(overlap=.5,enabled=0,Duration=0.5) progid:DXImageTransform.Microsoft.Fade(overlap=.5,enabled=0,Duration=0.5)','1','#C0C0C0','6','Default','Pointer','','100','0','#FFFFFF')
    SwapDiv('wme1','','Home','blank.gif','blank.gif','0','0','blank.gif','blank.gif','0','0','18','40','Comic Sans MS','Comic Sans MS','20px','20px','normal','normal','#FFFFFF','#80FF00','normal','normal','none','none','#8080C0','#8080C0','blank.gif','blank.gif','1','1','1','1','0px Solid #FFFFFF','0px Solid #FFFFFF','0px Solid #FFFFFF','0px Solid #FFFFFF','0px Solid #3A4057','0px Solid #3A4057','0px Solid #3A4057','0px Solid #3A4057','middle','left','http://www.louandelcats.co.uk/index.html','Where the cat bowl is','','_self','','','0','blank.gif','blank.gif','auto','auto','0','0','0')
    SwapDiv('wme4','wme1','Cat Chat!',_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,'http://www.louandelcats.co.uk/phpbb/index.php','The cat Lovers meeting place',_,_,_,_,'0',_,_,_,_,_,_,_)
    SwapDiv('wme5','wme1','Louie<br/> and<br/> Ellie',_,_,_,_,'arrow.gif','arrow.gif','7','7',_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,'','The trials and tribulations of lou and el',_,_,_,_,'0',_,_,_,_,_,_,_)
    FreeLayer('wme7','','5','v','5','-2','0','13','1px Solid #ACA899','1px Solid #ACA899','1px Solid #ACA899','1px Solid #ACA899','#8080C0','','1','1','','Filter:none(Duration=0.5)','1','#C0C0C0','6','100')
    SwapDiv('wme6','wme1','Chalk and Cheese',_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,'http://www.louandelcats.co.uk/2chalk2.html','Two very different cats....',_,_,_,_,'0',_,_,_,_,_,_,_)
    SwapDiv('wme8','wme1','Diary',_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,'http://www.louandelcats.co.uk/2diarytemp2.html','From kitten to monster...',_,_,_,_,'0',_,_,_,_,_,_,_)
    SwapDiv('wme9','wme1','Roots',_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,'http://www.louandelcats.co.uk/2rootsA2.html','Where it all began',_,_,_,_,'0',_,_,_,_,_,_,_)
    InitDiv();
    SwapDiv('wme10','wme1','Global<br/> Cats',_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,'http://www.louandelcats.co.uk/2glob2.html','Share your cat weith us',_,_,_,_,'0',_,_,_,_,_,_,_)
    SwapDiv('wme11','wme1','Fact Vault',_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,'http://www.louandelcats.co.uk/2archive2.html','a little midnight reading...',_,_,_,_,'0',_,_,_,_,_,_,_)
    SwapDiv('wme12','wme1','Links',_,_,_,_,_,_,_,_,_,'87',_,_,_,_,_,_,_,'#00FF00',_,_,_,_,_,_,_,_,_,_,_,_,'1px None #8080C0','1px None #8080C0','1px None #8080C0','1px None #8080C0','1px None #3A4057','1px None #3A4057','1px None #3A4057','1px None #3A4057',_,_,'http://www.louandelcats.co.uk/2links22.html','Useful cat sites',_,_,_,_,'0',_,_,_,_,_,_,_)
    HideDiv();
    </script>

    </div>
    <div id="marklogo"><a href="http://www.markets2000.co.uk"><img src="../images/catchatstuff/design graphic.gif" alt="web site design by markets2000" width="127" height="60" border="0" usemap="#Map11" /></a>
    <map name="Map11" id="Map11"><area shape="rect" coords="13,7,116,54" href="http://www.markets2000.co.uk" />
    </map></div>
      
        
       
    <div id="mainarea">
    <div id="contentind"><div id="contentbox"><?php
    if(count($errors) != 0){ 
    echo 
    '<h3>Sorry, please address the following errors:-</h3>';
    echo 
    '<ul>'
    foreach (
    $errors as $error) { 
    echo 
    '<li>' $error '</li>';}echo '</ul>';
    }
    ?>
    <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" >
    <p>First Name: <input type="text" name="first_name" value="<?php echo htmlspecialchars($_POST['first_Name'],ENT_QUOTES); ?>" id="fname" /></p>
    <p>Surname: <input type="text" name="surname" value="<?php echo htmlspecialchars($_POST['surname'],ENT_QUOTES); ?>" id="sname" /></p>
    <p>Address:<input type="text" name="address" value="<?php echo htmlspecialchars($_POST['address'],ENT_QUOTES); ?>" id="address" /></p>
    <p>Town:<input type="text" name="town" value="<?php echo htmlspecialchars($_POST['town'],ENT_QUOTES); ?>" id="town" /></p>
    <p>County:<input type="text" name="county" value="<?php echo htmlspecialchars($_POST['county'],ENT_QUOTES); ?>" id="county" /></p>
    <p>Post Code:<input type="text" name="post_code" value="<?php echo htmlspecialchars($_POST['post_code'],ENT_QUOTES); ?>" id="post_code" /></p>
    <p>E mail:<input type="text"  name="email" value="<?php echo htmlspecialchars($_POST['email'],ENT_QUOTES); ?>" id="email" /></p><br/>
    <p>I am over 16 years of age:  <input type="radio" name="age" value="0"  />No
    <input type="radio" name="age" value="1"  />Yes</p>
    <p>Summary of Article:<br/>
      <textarea name="summary" value="<?php echo htmlspecialchars($_POST['summary'],ENT_QUOTES); ?>"  cols="20" rows="10"  ></textarea>
    </p>
    <br/>
    <p>Title:<input type="text"   name="title" value="<?php echo htmlspecialchars($_POST['title'],ENT_QUOTES); ?>" id="title" /></p>
    <p>Article:<br/>
      <textarea name="article" value="<?php echo htmlspecialchars($_POST['article'],ENT_QUOTES); ?>" cols="50" rows="30"></textarea>
    </p>
    <br/>
     <input type="submit" name="submit" value="Submit article" />
     
    </form>
    </div>
    </div> 
      
        
    <div id="columntwo"><a class="thirdcol" href="../2spot2.html"><p align="center" class="facts4">Pedigree Highlight</p></a><a href="../2vote2.html"><p align="center" class="facts4">Talking Point</p></a><a class="thirdcol" href="../2shownews2.html"><p align="center" class="facts4">Show News</p></a><a class="thirdcol" href="../2catcare2.html"><p align="center" class="facts4">Cat Care Tips</p></a><a class="thirdcol" href="../2products2.php"> <p align="center" class="facts4">Product review</p></a></div>
    <div id="footer"><p align="center" class="style3">copyright markets2000 2007</p></div>

    </div>


    </div>
    </div>
    </body>
    </html>
    Last edited by cass27; Dec 27, 2008 at 06:56.

  14. #14
    SitePoint Member
    Join Date
    Oct 2008
    Posts
    18
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks very much cass. However you might consider removing your connection username and and password from the above post as you could be the target of malicious hackers. I once got my site attacked because of a similar mistake.

  15. #15
    SitePoint Evangelist
    Join Date
    May 2007
    Location
    Kent in Uk
    Posts
    538
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by moniqu View Post
    Thanks very much cass. However you might consider removing your connection username and and password from the above post as you could be the target of malicious hackers. I once got my site attacked because of a similar mistake.
    Thanks moniqu. Rushing to get it up.

    So any ideas as to why textarea in the form wont accept "value"?

  16. #16
    SitePoint Evangelist
    Join Date
    May 2007
    Location
    Kent in Uk
    Posts
    538
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Question

    Well. The validation works BUT!

    when I click the submit button to put the data to the database only a row is created in the database. No data is actually passed up to the database. The new row is empty.
    The script looks like this:

    PHP Code:
    <?php $connection mysqli_connect("**********stuff*******"); 
    require_once(
    "../includes/functions.php");
    //form validation
    if(isset($_POST['submit'])){
    $errors = array();
    $requiredfields = array('first_name'=> 'Please enter your FIRST NAME','surname'=> 'Please enter your SURNAME','address'=> 'Please enter your ADDRESS','town'=> 'Please enter your TOWN','county'=> 'Please enter your COUNTY','post_code'=> 'Please enter your POST CODE','email'=> 'Please enter your E Mail ADDRESS','age'=> 'Please confirm your AGE','summary'=> 'Please enter a SUMMARY of your article','title'=> 'Please enter a TITLE for your article','article'=> 'Please enter your ARTICLE');
    foreach(
    $requiredfields as $fieldname => $requiredfieldsmessage){
    if(!isset(
    $_POST[$fieldname]) || empty($_POST[$fieldname])) {
    $errors[] = $requiredfieldsmessage;
    }
    }
     if(
    count($errors) == 0){
     
    header('Location: contactSoon.php'); exit;}
    }
    //end form validation

    $first_name =  mysqli_prep($_POST['first_name']);
    $surname =  mysqli_prep($_POST['surname']);
    $address =  mysqli_prep($_POST['address']);
    $town =  mysqli_prep($_POST['town']);
    $county =  mysqli_prep($_POST['county']);
    $post_code =  mysqli_prep($_POST['post_code']);
    $email =   mysqli_prep($_POST['email']);
    $age =  mysqli_prep($_POST['age']);
    $summary =  mysqli_prep($_POST['summary']);
    $title =  mysqli_prep($_POST['title']);
    $article =  mysqli_prep($_POST['article']);
    $query "INSERT INTO articleform (
    first_name,surname,address,town,county,post_code,email,age,summary,title,article
    ) Values (
    '
    {$first_name}','{$surname}','{$address}','{$town}','{$county}','{$post_code}','{$email}','{$age}',
    '
    {$summary}',
    '
    {$title}','{$article}'
    )"
    ;
    $result mysqli_query($connection$query);

    ?>

    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
    <title>Article Form</title>
    <link href="../2testindex2.css" rel="stylesheet" type="text/css" />


    <script type="text/javascript" language="JavaScript1.2" src="../menu.js"></script>
    <style type="text/css">
    <!--
    .style3 {
        font-size: 10px;
        color: #000000;
    }
    .style4 {color: #FF0000}
    .style5 {color: #008000}
    .style6 {color: #808080}
    -->
    </style>
    </head>

    <body background="../images/catchatstuff/orangeback.jpg" >
    <div id="wrapper">
    <div id="banner"><img src="../images/catchatstuff/newbanner2.gif" align="left" alt="banner index" width="964" height="80" border="2" /></div>
    <div id="ccbox"><img src="../images/catchatstuff/catchatlogo3.gif" width="200" height="100" border="0" usemap="#Map" />
    <map name="Map" id="Map"><area shape="rect" coords="12,9,187,93" href="../phpbb/index.php" />
    </map></div>
    <div id="menu"><script type="text/javascript" language="JavaScript1.2">BuildLayer('v','','','','250','250','','','','0','20','1px Solid #ACA899','1px Solid #ACA899','1px Solid #ACA899','1px Solid #ACA899','left','#8080C0','','1','1','','Filter:progid:DXImageTransform.Microsoft.Fade(overlap=.5,enabled=0,Duration=0.5) progid:DXImageTransform.Microsoft.Fade(overlap=.5,enabled=0,Duration=0.5)','1','#C0C0C0','6','Default','Pointer','','100','0','#FFFFFF')
    SwapDiv('wme1','','Home','blank.gif','blank.gif','0','0','blank.gif','blank.gif','0','0','18','40','Comic Sans MS','Comic Sans MS','20px','20px','normal','normal','#FFFFFF','#80FF00','normal','normal','none','none','#8080C0','#8080C0','blank.gif','blank.gif','1','1','1','1','0px Solid #FFFFFF','0px Solid #FFFFFF','0px Solid #FFFFFF','0px Solid #FFFFFF','0px Solid #3A4057','0px Solid #3A4057','0px Solid #3A4057','0px Solid #3A4057','middle','left','http://www.louandelcats.co.uk/index.html','Where the cat bowl is','','_self','','','0','blank.gif','blank.gif','auto','auto','0','0','0')
    SwapDiv('wme4','wme1','Cat Chat!',_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,'http://www.louandelcats.co.uk/phpbb/index.php','The cat Lovers meeting place',_,_,_,_,'0',_,_,_,_,_,_,_)
    SwapDiv('wme5','wme1','Louie<br/> and<br/> Ellie',_,_,_,_,'arrow.gif','arrow.gif','7','7',_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,'','The trials and tribulations of lou and el',_,_,_,_,'0',_,_,_,_,_,_,_)
    FreeLayer('wme7','','5','v','5','-2','0','13','1px Solid #ACA899','1px Solid #ACA899','1px Solid #ACA899','1px Solid #ACA899','#8080C0','','1','1','','Filter:none(Duration=0.5)','1','#C0C0C0','6','100')
    SwapDiv('wme6','wme1','Chalk and Cheese',_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,'http://www.louandelcats.co.uk/2chalk2.html','Two very different cats....',_,_,_,_,'0',_,_,_,_,_,_,_)
    SwapDiv('wme8','wme1','Diary',_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,'http://www.louandelcats.co.uk/2diarytemp2.html','From kitten to monster...',_,_,_,_,'0',_,_,_,_,_,_,_)
    SwapDiv('wme9','wme1','Roots',_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,'http://www.louandelcats.co.uk/2rootsA2.html','Where it all began',_,_,_,_,'0',_,_,_,_,_,_,_)
    InitDiv();
    SwapDiv('wme10','wme1','Global<br/> Cats',_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,'http://www.louandelcats.co.uk/2glob2.html','Share your cat weith us',_,_,_,_,'0',_,_,_,_,_,_,_)
    SwapDiv('wme11','wme1','Fact Vault',_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,'http://www.louandelcats.co.uk/2archive2.html','a little midnight reading...',_,_,_,_,'0',_,_,_,_,_,_,_)
    SwapDiv('wme12','wme1','Links',_,_,_,_,_,_,_,_,_,'87',_,_,_,_,_,_,_,'#00FF00',_,_,_,_,_,_,_,_,_,_,_,_,'1px None #8080C0','1px None #8080C0','1px None #8080C0','1px None #8080C0','1px None #3A4057','1px None #3A4057','1px None #3A4057','1px None #3A4057',_,_,'http://www.louandelcats.co.uk/2links22.html','Useful cat sites',_,_,_,_,'0',_,_,_,_,_,_,_)
    HideDiv();
    </script>

    </div>
    <div id="marklogo"><a href="http://www.markets2000.co.uk"><img src="../images/catchatstuff/design graphic.gif" alt="web site design by markets2000" width="127" height="60" border="0" usemap="#Map11" /></a>
    <map name="Map11" id="Map11"><area shape="rect" coords="13,7,116,54" href="http://www.markets2000.co.uk" />
    </map></div>
      
        
       
    <div id="mainarea">
    <div id="contentind"><div id="contentbox"><?php
    if(count($errors) != 0){ 
    echo 
    '<h3>Sorry, please address the following errors:-</h3>';
    echo 
    '<ul>'
    foreach (
    $errors as $error) { 
    echo 
    '<li>' $error '</li>';}echo '</ul>';
    }
    ?>
    <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" >
    <p>First Name: <input type="text" name="first_name" value="<?php echo htmlspecialchars($_POST['first_Name'],ENT_QUOTES); ?>" id="fname" /></p>
    <p>Surname: <input type="text" name="surname" value="<?php echo htmlspecialchars($_POST['surname'],ENT_QUOTES); ?>" id="sname" /></p>
    <p>Address:<input type="text" name="address" value="<?php echo htmlspecialchars($_POST['address'],ENT_QUOTES); ?>" id="address" /></p>
    <p>Town:<input type="text" name="town" value="<?php echo htmlspecialchars($_POST['town'],ENT_QUOTES); ?>" id="town" /></p>
    <p>County:<input type="text" name="county" value="<?php echo htmlspecialchars($_POST['county'],ENT_QUOTES); ?>" id="county" /></p>
    <p>Post Code:<input type="text" name="post_code" value="<?php echo htmlspecialchars($_POST['post_code'],ENT_QUOTES); ?>" id="post_code" /></p>
    <p>E mail:<input type="text"  name="email" value="<?php echo htmlspecialchars($_POST['email'],ENT_QUOTES); ?>" id="email" /></p><br/>
    <p>I am over 16 years of age:  <input type="radio" name="age" value="0"  />No
    <input type="radio" name="age" value="1"  />Yes</p>
    <p>Summary of Article:<br/>
      <textarea name="summary" value="<?php echo htmlspecialchars($_POST['summary'],ENT_QUOTES); ?>"  cols="20" rows="10"  ></textarea>
    </p>
    <br/>
    <p>Title:<input type="text"   name="title" value="<?php echo htmlspecialchars($_POST['title'],ENT_QUOTES); ?>" id="title" /></p>
    <p>Article:<br/>
      <textarea name="article" value="<?php echo htmlspecialchars($_POST['article'],ENT_QUOTES); ?>" cols="50" rows="30"></textarea>
    </p>
    <br/>
     <input type="submit" name="submit" value="Submit article" />
     
    </form>
    </div>
    </div> 
      
        
    <div id="columntwo"><a class="thirdcol" href="../2spot2.html"><p align="center" class="facts4">Pedigree Highlight</p></a><a href="../2vote2.html"><p align="center" class="facts4">Talking Point</p></a><a class="thirdcol" href="../2shownews2.html"><p align="center" class="facts4">Show News</p></a><a class="thirdcol" href="../2catcare2.html"><p align="center" class="facts4">Cat Care Tips</p></a><a class="thirdcol" href="../2products2.php"> <p align="center" class="facts4">Product review</p></a></div>
    <div id="footer"><p align="center" class="style3">copyright markets2000 2007</p></div>

    </div>


    </div>
    </div>
    </body>
    </html>
    Help!

  17. #17
    Twitter: @AnthonySterling silver trophy AnthonySterling's Avatar
    Join Date
    Apr 2008
    Location
    North-East, UK.
    Posts
    6,111
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    Here you go, your database actions were located in the wrong place.
    PHP Code:
    <?php
    $connection 
    mysqli_connect("**********stuff*******"); 
    require_once(
    "../includes/functions.php");
    //form validation
    if(isset($_POST['submit']))
    {
        
    $errors = array();
        
    $requiredfields = array('first_name'=> 'Please enter your FIRST NAME','surname'=> 'Please enter your SURNAME','address'=> 'Please enter your ADDRESS','town'=> 'Please enter your TOWN','county'=> 'Please enter your COUNTY','post_code'=> 'Please enter your POST CODE','email'=> 'Please enter your E Mail ADDRESS','age'=> 'Please confirm your AGE','summary'=> 'Please enter a SUMMARY of your article','title'=> 'Please enter a TITLE for your article','article'=> 'Please enter your ARTICLE');
        foreach(
    $requiredfields as $fieldname => $requiredfieldsmessage)
        {
            if(!isset(
    $_POST[$fieldname]) || empty($_POST[$fieldname]))
            {
                
    $errors[] = $requiredfieldsmessage;
            }
        }
        if(
    count($errors) == 0)
        {
            
    //--> Run the mysqli_prep function on all post entries.
            
    $_POST array_map('mysqli_prep'$_POST);
            
            
    $query "INSERT INTO articleform (
            first_name,surname,address,town,county,post_code,email,age,summary,title,article
            ) Values (
            '
    {$first_name}','{$surname}','{$address}','{$town}','{$county}','{$post_code}','{$email}','{$age}',
            '
    {$summary}',
            '
    {$title}','{$article}'
            )"
    ;
            
    $result mysqli_query($connection$query);
            
    header('Location: contactSoon.php');
            exit;
        }
    }
    ?>
    @AnthonySterling: I'm a PHP developer, a consultant for oopnorth.com and the organiser of @phpne, a PHP User Group covering the North-East of England.

  18. #18
    SitePoint Enthusiast
    Join Date
    Jun 2008
    Posts
    62
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    textarea's don't have a value attribute, the correct usage is <textarea name="thename"><?php echo $value; ?></textarea>

  19. #19
    SitePoint Evangelist
    Join Date
    May 2007
    Location
    Kent in Uk
    Posts
    538
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    SilverB wrote:

    PHP Code:
    Here you goyour database actions were located in the wrong place 
    Too right. It now works perfect. Thanks for staying with it Silverb. And Im learning so much. The easy way to map an array to all posts (I like that!);how to validate using the => sign;and how to do a form on one page.
    It must be a nice feeling to be so god damned useful.

    markup2go wrote:

    PHP Code:
    textarea's don't have a value attribute, the correct usage is <textarea name="thename"><?php echo $value?></textarea>
    ...and I've also learned how to place a php value in a text area.

    thanks people. Have a really good new year if im not back before.....

  20. #20
    SitePoint Evangelist
    Join Date
    May 2007
    Location
    Kent in Uk
    Posts
    538
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by markup2go View Post
    textarea's don't have a value attribute, the correct usage is <textarea name="thename"><?php echo $value; ?></textarea>
    I placed this into the form:

    PHP Code:
     <textarea rows="3" cols="60" name="summary"><?php echo htmlspecialchars($_POST['summary'],ENT_QUOTES); ?> </textarea>
    But it does not pick up when i do not enter anything into the field.

    What could i be doing wrong?

    The rest of the form is the same as above.

  21. #21
    SitePoint Wizard bronze trophy
    Join Date
    Jul 2008
    Posts
    5,757
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    What does "pick up" mean?
    What output did you expect? What output did you observe?

  22. #22
    SitePoint Evangelist
    Join Date
    May 2007
    Location
    Kent in Uk
    Posts
    538
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    when i tested the form by not entering any text in the "summary" field, the form did not pick up the error by passing back the error. It passed the information into the database. Nothing obviously was passed to the summary field. I can't work out why its not picking up on the error. The form is not picking up on any of the <textarea> fields.

    The full script for the form is:



    PHP Code:
    <?php $connection mysqli_connect("***********stuff*******"); 
    require_once(
    "../includes/functions.php");
    //form validation
    if(isset($_POST['submit'])){
    $errors = array();
    $requiredfields = array('first_name'=> 'Please enter your FIRST NAME','surname'=> 'Please enter your SURNAME','address'=> 'Please enter your ADDRESS','town'=> 'Please enter your TOWN','county'=> 'Please enter your COUNTY','post_code'=> 'Please enter your POST CODE','email'=> 'Please enter your E Mail ADDRESS','age'=> 'You must be over 16 to enter an article','biog'=> 'Please enter a short biography(40 words)','summary'=> 'Please enter a SUMMARY of your article','title'=> 'Please enter a TITLE for your article','article'=> 'Please enter your ARTICLE','terms'=>'You must read and accept the TERMS AND CONDITIONS');
    foreach(
    $requiredfields as $fieldname => $requiredfieldsmessage){
    if(!isset(
    $_POST[$fieldname]) || empty($_POST[$fieldname])) {
    $errors[] = $requiredfieldsmessage;
    }
    }
     if(
    count($errors) == 0){
     
     
    //end form validation

    $first_name =  mysqli_prep($_POST['first_name']);
    $surname =  mysqli_prep($_POST['surname']);
    $address =  mysqli_prep($_POST['address']);
    $town =  mysqli_prep($_POST['town']);
    $county =  mysqli_prep($_POST['county']);
    $post_code =  mysqli_prep($_POST['post_code']);
    $email =   mysqli_prep($_POST['email']);
    $age =  mysqli_prep($_POST['age']);
    $biog =   mysqli_prep($_POST['biog']);
    $summary =  mysqli_prep($_POST['summary']);
    $title =  mysqli_prep($_POST['title']);
    $article =  mysqli_prep($_POST['article']);
    $terms =  mysqli_prep($_POST['terms']);
    $query "INSERT INTO articleform (
    first_name,surname,address,town,county,post_code,email,age,biog,summary,title,article,terms
    ) Values (
    '
    {$first_name}','{$surname}','{$address}','{$town}','{$county}','{$post_code}','{$email}','{$age}',
    '
    {$biog}','{$summary}','{$title}','{$article}','{$terms}'
    )"
    ;
    $result mysqli_query($connection$query);
    header('Location: contactSoon.php');
    exit;
    }
    }
    ?>

    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
    <title>Article Form</title>
    <link href="../2testindex2.css" rel="stylesheet" type="text/css" />



    </head>

    <body background="../images/catchatstuff/orangeback.jpg" >
    <div id="wrapper">
    <div id="banner"><img src="../images/catchatstuff/newbanner2.gif" align="left" alt="banner index" width="964" height="80" border="2" /></div>
    <div id="ccbox"><img src="../images/catchatstuff/catchatlogo3.gif" width="200" height="100" border="0" usemap="#Map" />
    <map name="Map" id="Map"><area shape="rect" coords="12,9,187,93" href="../phpbb/index.php" />
    </map></div>
        
       
    <div id="mainarea">
    <div id="contentind"><div id="contentbox3"><?php
    if(count($errors) != 0){ 
    echo 
    '<h3>Sorry, please address the following errors:-</h3>';
    echo 
    '<ul>'
    foreach (
    $errors as $error) { 
    echo 
    '<li>' $error '</li>';}echo '</ul>';
    }
    ?>
     <h2 align="center"><u>Write an Article For the Cat Community</u></h2>
      <ul>
      <li>Please fill in all fields</li>
      <li>Short Biog: A short profile of the author to be placed at the end of the article (60 words)</li>
      <li>You must be over 16</li>
      <li>Summary: (80 words) </li>
      <li>Article: It is reccommended draft is written on a word document and then cut and pasted inbto the form.</li>
      </ul>
    <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" >
    <table width="560" border="0">
      <tr>
        <td width="259"><p>First Name:<br/> <input type="text" size="30" name="first_name" value="<?php echo htmlspecialchars($_POST['first_Name'],ENT_QUOTES); ?>" id="fname" /></p></td>
        <td width="281"><p> Surname:<br/><input type="text" size="30" name="surname" value="<?php echo htmlspecialchars($_POST['surname'],ENT_QUOTES); ?>" id="sname" /></p></td>
      </tr>
      <tr>
        <td><p>Address:<br/><input type="text" size="40" name="address" value="<?php echo htmlspecialchars($_POST['address'],ENT_QUOTES); ?>" id="address" /></p></td>
        <td><p>Town:<br/><input type="text"size="30" name="town" value="<?php echo htmlspecialchars($_POST['town'],ENT_QUOTES); ?>" id="town" /></p></td>
      </tr>
      <tr>
        <td><p>County:<br/><input type="text" size="30" name="county" value="<?php echo htmlspecialchars($_POST['county'],ENT_QUOTES); ?>" id="county" /></p></td>
        <td><p>Post Code:<br/><input type="text" name="post_code" value="<?php echo htmlspecialchars($_POST['post_code'],ENT_QUOTES); ?>" id="post_code" /></p></td>
      </tr>
      <tr>
        <td colspan="2"><p>E mail:<br/><input type="text" size="40" name="email" value="<?php echo htmlspecialchars($_POST['email'],ENT_QUOTES); ?>" id="email" /></p></td>
        </tr>
      <tr>
        <td colspan="2"><p>I am over 16 years of age:  <input type="radio" name="age" value="0"  />No
    <input type="radio" name="age" value="1"  />Yes</p></td>
        </tr>
      <tr>
        <td colspan="2"><p>Short Biog:<br/>
      <textarea rows="3" cols="60" name="biog"><?php echo htmlspecialchars($_POST['biog'],ENT_QUOTES); ?> </textarea></p></td>
        </tr>
      <tr>
        <td colspan="2"><p>Summary of Article:<br/>
      <textarea rows="3" cols="60" name="summary"><?php echo htmlspecialchars($_POST['summary'],ENT_QUOTES); ?> </textarea>
    </p></td>
        </tr>
      <tr>
        <td colspan="2"><p>Title:<br/><input type="text" size="50"  name="title" value="<?php echo htmlspecialchars($_POST['title'],ENT_QUOTES); ?>" id="title" /></p></td>
        </tr>
      <tr>
        <td colspan="2"><p>Article:<br/>
      <textarea name="article" cols="70" rows="30" > <?php echo htmlspecialchars($_POST['article'],ENT_QUOTES); ?> </textarea>
    </p></td>
        </tr>
      <tr>
        <td colspan="2"><h5><u>Terms and Conditions</u></h5><p>Any article offered to louandelcats can not be returned. All articles considered of high enough standard will be published on the site. The author will be notified beforehand by email within 14 days. If successful the author will be asked to foreward a  picture of themselves by e mail, to be placed next to thier biog. The original article under copyright law remains the property of the author. By submitting the article the author accepts that louandelcats is given the right to edit the article to fit the needs of the web site and the layout of the page and to referance parts of it for promotion. Once submitted this right cannot be reversed. The article will not be placed on any other web site but cannot be responsible for plagurism by third parties.  Two articles considered of an especially high standard will win 20 each. This will be judged after March 31st 2008 and the two winners will be notified within 14 days of this date. </p></td>
        </tr>
      <tr>
        <td colspan="2"><p>I have read and accept the terms and conditions:
          <input type="checkbox" name="terms" value="1">
        </td>
        </tr>
      <tr>
        <td colspan="2"> <input type="submit" name="submit" value="Submit article" />
    </td>
        </tr>
    </table>
    <br/>

    </form>
    </div>
    </div> 
      
        
    <div id="columntwo"><a class="thirdcol" href="../2spot2.html"><p align="center" class="facts4">Pedigree Highlight</p></a><a href="../2vote2.html"><p align="center" class="facts4">Talking Point</p></a><a class="thirdcol" href="../2shownews2.html"><p align="center" class="facts4">Show News</p></a><a class="thirdcol" href="../2catcare2.html"><p align="center" class="facts4">Cat Care Tips</p></a><a class="thirdcol" href="../2products2.php"> <p align="center" class="facts4">Product review</p></a></div>
    <div id="footer"><p align="center" class="style3">copyright markets2000 2007</p></div>

    </div>


    </div>
    </div>
    </body>
    </html>

  23. #23
    SitePoint Enthusiast
    Join Date
    Jun 2008
    Posts
    62
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Check your foreach, replace it with this:

    foreach($requiredfields as $fieldname => $requiredfieldsmessage){
    if(!isset($_POST[$fieldname]) || $_POST[$fieldname] == '') {
    $errors[] .= $requiredfieldsmessage;
    }
    }

  24. #24
    Twitter: @AnthonySterling silver trophy AnthonySterling's Avatar
    Join Date
    Apr 2008
    Location
    North-East, UK.
    Posts
    6,111
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    This is why I put the following within the foreach loop, but you removed it.
    PHP Code:
    if(!isset($_POST[$sRequiredItem]) || empty($_POST[$sRequiredItem]) || strlen(trim($_POST[$sRequiredItem])) == 0
    @AnthonySterling: I'm a PHP developer, a consultant for oopnorth.com and the organiser of @phpne, a PHP User Group covering the North-East of England.

  25. #25
    SitePoint Evangelist
    Join Date
    May 2007
    Location
    Kent in Uk
    Posts
    538
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by SilverBulletUK View Post
    This is why I put the following within the foreach loop, but you removed it.
    PHP Code:
    if(!isset($_POST[$sRequiredItem]) || empty($_POST[$sRequiredItem]) || strlen(trim($_POST[$sRequiredItem])) == 0
    I read it the wrong way. I thought at first it was an extra bit of validation code to ensure text was a certain length, which i wasnt bothered about so I took it out.

    Now I can see it checks to make sure string length is 0. I am an idiot.

    Cheers silverb. Happy New Year!


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •