mehidy
March 3, 2011, 12:16pm
1
Hi every one
I am new to PHP & Mysql
I have search over internet & found a script which will help me to achieve my goal. Please see below script & advise is this script is ok or not?
I need your help to input data in to mysql table after completing all the verification. Cause in this script its only showing the verification but not show the process of inserting data in to mysql table after verification.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=windows-1251">
<style>
.errText {
font-family: Arial;
font-size: 10px;
color: #CC0000;
text-decoration: none;
font-weight: normal;
}
</style>
<title></title>
</head>
<?php
$errName = "";
$errAddress = "";
$errEmail = "";
$errPassport = "";
$errPhone = "";
$errZip = "";
$errDate = "";
$errUser = "";
$errPass = "";
if($_POST["ac"]=="login"){
// Full Name must be letters, dash and spaces only
if(preg_match("/^[aA-zZ][a-zA-Z -]+$/", $_POST["name"]) === 0)
$errName = '<p class="errText">Name must be from letters, dashes, spaces, must start with capital letters and must not start with dash</p>';
// Address must be word characters only
if(preg_match("/^[a-zA-Z0-9 _.,:\\"\\']+$/", $_POST["address"]) === 0)
$errAddress = '<p class="errText">Address must be only letters, numbers or one of the following ". , : /"</p>';
// Email mask
if(preg_match("/^[a-zA-Z]\\w+(\\.\\w+)*\\@\\w+(\\.[0-9a-zA-Z]+)*\\.[a-zA-Z]{2,4}$/", $_POST["email"]) === 0)
$errEmail = '<p class="errText">Email must comply with this mask: chars(.chars)@chars(.chars).chars(2-4)</p>';
// Passport must be only digits
if(preg_match("/^\\d{10}$|^\\d{12}$/", $_POST["passport"]) === 0)
$errPassport = '<p class="errText">Passport must be 10 or 12 digits</p>';
// Phone mask 1-800-998-7087
if(preg_match("/^\\d{1}-\\d{3}-\\d{3}-\\d{4}$/", $_POST["phone"]) === 0)
$errPhone = '<p class="errText">Phone must comply with this mask: 1-333-333-4444</p>';
// Zip must be 4 digits
if(preg_match("/^\\d{4}$/", $_POST["zip"]) === 0)
$errZip = '<p class="errText">Zip must be 4 digits</p>';
// Date mask YYYY-MM-DD
if(preg_match("/^[0-9]{4}-[0-9]{1,2}-[0-9]{1,2}$/", $_POST["date"]) === 0)
$errDate = '<p class="errText">Date must comply with this mask: YYYY-MM-DD</p>';
// User must be digits and letters
if(preg_match("/^crossmerkajal2011$|^mehidy1$|^mehidy2$|^mehidy3$|^mehidy4$|^mehidy5$/", $_POST["user"]) === 0)
$errUser = '<p class="errText">User must be bigger that 5 chars and contain only digits, letters and underscore</p>';
// Password must be strong
//if(preg_match("/^.*(?=.{8,})(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z]).*$/", $_POST["pass"]) === 0)
if(preg_match("/^.*(?=.{8,})(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z]).*$/", $_POST["pass"]) === 0)
$errPass = '<p class="errText">Password must be at least 8 characters and must contain at least one lower case letter, one upper case letter and one digit</p>';
}
?>
<body>
<center>
<form name="main" action="<?php $PHP_SELF ?>" method="POST">
<input type="hidden" name="ac" value="login">
<table width="500" border="0" cellpadding="4" cellspacing="0" bordercolor="#000000" bgcolor="#EDEFF1">
<tr align="center">
<td colspan="2"><strong style="font-size:18px">Field Verification</strong><br>by <a href="http://www.mehidy.com" target="_blank">mehidy.com</a></td>
</tr>
<tr align="center" bgcolor="#FD9003">
<td colspan="2" bgcolor="#A6B39D">Registration Form</td>
</tr>
<tr>
<td>Full Name:</td>
<td>
<input name="name" type="text" size="50" maxlength="100" value="<?php echo $_POST["name"]; ?>">
<?php if(isset($errName)) echo $errName; ?>
</td>
</tr>
<tr>
<td>Address:</td>
<td>
<input name="address" type="text" size="50" maxlength="250" value="<?php echo $_POST["address"]; ?>">
<?php if(isset($errAddress)) echo $errAddress; ?>
</td>
</tr>
<tr>
<td>Email:</td>
<td>
<input name="email" type="text" size="50" value="<?php echo $_POST["email"]; ?>">
<?php if(isset($errEmail)) echo $errEmail; ?>
</td>
</tr>
<tr>
<td>Passport:</td>
<td>
<input name="passport" type="text" size="16" maxlength="12" value="<?php echo $_POST["passport"]; ?>">
<?php if(isset($errPassport)) echo $errPassport; ?>
</td>
</tr>
<tr>
<td>Phone:</td>
<td>
<input name="phone" type="text" size="16" value="<?php echo $_POST["phone"]; ?>">
<?php if(isset($errPhone)) echo $errPhone; ?>
</td>
</tr>
<tr>
<td>Zip code:</td>
<td>
<input name="zip" type="text" size="16" value="<?php echo $_POST["zip"]; ?>">
<?php if(isset($errZip)) echo $errZip; ?>
</td>
</tr>
<tr>
<td>Date:</td>
<td>
<input name="date" type="text" size="16" value="<?php echo $_POST["date"]; ?>">
<?php if(isset($errDate)) echo $errDate; ?>
</td>
</tr>
<tr>
<td>Username:</td>
<td>
<input name="user" type="text" size="16" value="<?php echo $_POST["user"]; ?>">
<?php if(isset($errUser)) echo $errUser; ?>
</td>
</tr>
<tr>
<td>Password:</td>
<td>
<input name="pass" type="password" size="16" value="<?php echo $_POST["pass"]; ?>">
<?php if(isset($errPass)) echo $errPass; ?>
</td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="Submit" value="Submit"></td>
</tr>
</table>
</form>
</center>
</body>
</html>
mehidy
March 3, 2011, 1:38pm
3
Thanks for the information. i know little bit about those things. But I need if all verification is success then insert data in to mysql table otherwise not.
If you can please help me on this point.
Mandes
March 3, 2011, 2:20pm
4
Your code above has NO database functionally at all, you will need more than just an insert statement.
Have you created a database table yet ? If so send us the structure so we know what your field names are.
If the answer to both the above is no then I suggest finding an online tutorial on mysql and reading the first few chapters.
Sorry but theres only so much we can do remotely
mehidy
March 4, 2011, 3:06am
5
Yes I know how to connect to mysql. Please see my information as below.
<?php
$host="localhost"; // Host name
$username="root"; // Mysql username
$password=""; // Mysql password
$db_name="merchandising"; // Database name
$tbl_name="preg"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
echo "connected";
?>
table fields are;
Mandes
March 4, 2011, 10:42am
6
<?php
// PUT YOUR DATABASE CONNECTION SCRIPT HERE
?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=windows-1251">
<style>
.errText {
font-family: Arial;
font-size: 10px;
color: #CC0000;
text-decoration: none;
font-weight: normal;
}
</style>
<title></title>
</head>
<body>
<?php
$errName = "";
$errAddress = "";
$errEmail = "";
$errPassport = "";
$errPhone = "";
$errZip = "";
$errDate = "";
$errUser = "";
$errPass = "";
$errors = "";
$displayform = '1';
if($_POST["ac"]=="login"){ // start of login if
// Full Name must be letters, dash and spaces only
if(preg_match("/^[aA-zZ][a-zA-Z -]+$/", $_POST["name"]) === 0){
$errName = '<p class="errText">Name must be from letters, dashes, spaces, must start with capital letters and must not start with dash</p>';
$error = 'YES';
}
// Address must be word characters only
if(preg_match("/^[a-zA-Z0-9 _.,:\\"\\']+$/", $_POST["address"]) === 0){
$errAddress = '<p class="errText">Address must be only letters, numbers or one of the following ". , : /"</p>';
$error = 'YES';
}
// Email mask
if(preg_match("/^[a-zA-Z]\\w+(\\.\\w+)*\\@\\w+(\\.[0-9a-zA-Z]+)*\\.[a-zA-Z]{2,4}$/", $_POST["email"]) === 0) {
$errEmail = '<p class="errText">Email must comply with this mask: chars(.chars)@chars(.chars).chars(2-4)</p>';
$error = 'YES';
}
// Passport must be only digits
if(preg_match("/^\\d{10}$|^\\d{12}$/", $_POST["passport"]) === 0){
$errPassport = '<p class="errText">Passport must be 10 or 12 digits</p>';
$error = 'YES';
}
// Phone mask 1-800-998-7087 begin_of_the_skype_highlighting 1-800-998-7087 end_of_the_skype_highlighting
if(preg_match("/^\\d{1}-\\d{3}-\\d{3}-\\d{4}$/", $_POST["phone"]) === 0){
$errPhone = '<p class="errText">Phone must comply with this mask: 1-333-333-4444</p>';
$error = 'YES';
}
// Zip must be 4 digits
if(preg_match("/^\\d{4}$/", $_POST["zip"]) === 0) {
$errZip = '<p class="errText">Zip must be 4 digits</p>';
$error = 'YES';
}
// Date mask YYYY-MM-DD
if(preg_match("/^[0-9]{4}-[0-9]{1,2}-[0-9]{1,2}$/", $_POST["date"]) === 0) {
$errDate = '<p class="errText">Date must comply with this mask: YYYY-MM-DD</p>';
$error = 'YES';
}
// User must be digits and letters
if(preg_match("/^crossmerkajal2011$|^mehidy1$|^mehidy2$|^mehidy3$|^mehidy4$|^mehidy5$/", $_POST["user"]) === 0) {
$errUser = '<p class="errText">User must be bigger that 5 chars and contain only digits, letters and underscore</p>';
$error = 'YES';
}
// Password must be strong
//if(preg_match("/^.*(?=.{8,})(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z]).*$/", $_POST["pass"]) === 0)
if(preg_match("/^.*(?=.{8,})(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z]).*$/", $_POST["pass"]) === 0) {
$errPass = '<p class="errText">Password must be at least 8 characters and must contain at least one lower case letter, one upper case letter and one digit</p>';
$error = 'YES';
}
if ($error != 'YES'){ // only insert data if no errors
$displayform = '0'; // disable form show
$name = mysql_real_escape_string($_POST['name']);
$address = mysql_real_escape_string($_POST['address']);
$email = mysql_real_escape_string($_POST['email']);
$passport = mysql_real_escape_string($_POST['passport']);
$phone = mysql_real_escape_string($_POST['phone']);
$zip = mysql_real_escape_string($_POST['zip']);
$date = mysql_real_escape_string($_POST['date']);
$user = mysql_real_escape_string($_POST['user']);
$pass = mysql_real_escape_string($_POST['pass']);
$sql = mysql_query = ("INSERT INTO yourtablename
SET name = $name,
address = $address,
email = $email,
passport = $passport,
phone = $phone,
zip = $zip,
date = $date,
user = $user,
pass = $pass
");
if (!$sql) {
echo 'Mysql error, data not saved, try again';
$displayform = '1'; // show form to try again
}else{
echo 'Your data was inserted';
}
} // end of insert if
} // end of login if
if ($displayform = '1') { // only show form if required
?>
<center>
<form name="main" action="<?php $PHP_SELF ?>" method="POST">
<input type="hidden" name="ac" value="login">
<table width="500" border="0" cellpadding="4" cellspacing="0" bordercolor="#000000" bgcolor="#EDEFF1">
<tr align="center">
<td colspan="2"><strong style="font-size:18px">Field Verification</strong><br>by <a href="http://www.mehidy.com" target="_blank">mehidy.com</a></td>
</tr>
<tr align="center" bgcolor="#FD9003">
<td colspan="2" bgcolor="#A6B39D">Registration Form</td>
</tr>
<tr>
<td>Full Name:</td>
<td>
<input name="name" type="text" size="50" maxlength="100" value="<?php echo $_POST["name"]; ?>">
<?php if(isset($errName)) echo $errName; ?>
</td>
</tr>
<tr>
<td>Address:</td>
<td>
<input name="address" type="text" size="50" maxlength="250" value="<?php echo $_POST["address"]; ?>">
<?php if(isset($errAddress)) echo $errAddress; ?>
</td>
</tr>
<tr>
<td>Email:</td>
<td>
<input name="email" type="text" size="50" value="<?php echo $_POST["email"]; ?>">
<?php if(isset($errEmail)) echo $errEmail; ?>
</td>
</tr>
<tr>
<td>Passport:</td>
<td>
<input name="passport" type="text" size="16" maxlength="12" value="<?php echo $_POST["passport"]; ?>">
<?php if(isset($errPassport)) echo $errPassport; ?>
</td>
</tr>
<tr>
<td>Phone:</td>
<td>
<input name="phone" type="text" size="16" value="<?php echo $_POST["phone"]; ?>">
<?php if(isset($errPhone)) echo $errPhone; ?>
</td>
</tr>
<tr>
<td>Zip code:</td>
<td>
<input name="zip" type="text" size="16" value="<?php echo $_POST["zip"]; ?>">
<?php if(isset($errZip)) echo $errZip; ?>
</td>
</tr>
<tr>
<td>Date:</td>
<td>
<input name="date" type="text" size="16" value="<?php echo $_POST["date"]; ?>">
<?php if(isset($errDate)) echo $errDate; ?>
</td>
</tr>
<tr>
<td>Username:</td>
<td>
<input name="user" type="text" size="16" value="<?php echo $_POST["user"]; ?>">
<?php if(isset($errUser)) echo $errUser; ?>
</td>
</tr>
<tr>
<td>Password:</td>
<td>
<input name="pass" type="password" size="16" value="<?php echo $_POST["pass"]; ?>">
<?php if(isset($errPass)) echo $errPass; ?>
</td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="Submit" value="Submit"></td>
</tr>
</table>
</form>
</center>
<?php
} // end of form display if
?>
</body>
</html>
Mandes
March 4, 2011, 12:39pm
7
change line
echo 'Mysql error, data not saved, try again';
to
echo 'Mysql error, data not saved, try again -' . mysql_error();
then post back the error message
mehidy
March 4, 2011, 12:23pm
8
Dear Thank you.
All is working fine, but data is not inserting in to mysql table. Showing below error msg
“'Mysql error, data not saved, try again”
<?php
// PUT YOUR DATABASE CONNECTION SCRIPT HERE
$host="localhost"; // Host name
$username="root"; // Mysql username
$password=""; // Mysql password
$db_name="merchandising"; // Database name
$tbl_name="preg"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
echo "connected";
?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=windows-1251">
<style>
.errText {
font-family: Arial;
font-size: 10px;
color: #CC0000;
text-decoration: none;
font-weight: normal;
}
</style>
<title></title>
</head>
<body>
<?php
$errName = "";
$errAddress = "";
$errEmail = "";
$errPassport = "";
$errPhone = "";
$errZip = "";
$errDate = "";
$errUser = "";
$errPass = "";
$errors = "";
$displayform = '1';
if($_POST["ac"]=="login"){ // start of login if
// Full Name must be letters, dash and spaces only
if(preg_match("/^[aA-zZ][a-zA-Z -]+$/", $_POST["name"]) === 0){
$errName = '<p class="errText">Name must be from letters, dashes, spaces, must start with capital letters and must not start with dash</p>';
$error = 'YES';
}
// Address must be word characters only
if(preg_match("/^[a-zA-Z0-9 _.,:\\"\\']+$/", $_POST["address"]) === 0){
$errAddress = '<p class="errText">Address must be only letters, numbers or one of the following ". , : /"</p>';
$error = 'YES';
}
// Email mask
if(preg_match("/^[a-zA-Z]\\w+(\\.\\w+)*\\@\\w+(\\.[0-9a-zA-Z]+)*\\.[a-zA-Z]{2,4}$/", $_POST["email"]) === 0) {
$errEmail = '<p class="errText">Email must comply with this mask: chars(.chars)@chars(.chars).chars(2-4)</p>';
$error = 'YES';
}
// Passport must be only digits
if(preg_match("/^\\d{10}$|^\\d{12}$/", $_POST["passport"]) === 0){
$errPassport = '<p class="errText">Passport must be 10 or 12 digits</p>';
$error = 'YES';
}
// Phone mask 1-800-998-7087 begin_of_the_skype_highlighting 1-800-998-7087 end_of_the_skype_highlighting
if(preg_match("/^\\d{1}-\\d{3}-\\d{3}-\\d{4}$/", $_POST["phone"]) === 0){
$errPhone = '<p class="errText">Phone must comply with this mask: 1-333-333-4444</p>';
$error = 'YES';
}
// Zip must be 4 digits
if(preg_match("/^\\d{4}$/", $_POST["zip"]) === 0) {
$errZip = '<p class="errText">Zip must be 4 digits</p>';
$error = 'YES';
}
// Date mask YYYY-MM-DD
if(preg_match("/^[0-9]{4}-[0-9]{1,2}-[0-9]{1,2}$/", $_POST["date"]) === 0) {
$errDate = '<p class="errText">Date must comply with this mask: YYYY-MM-DD</p>';
$error = 'YES';
}
// User must be digits and letters
if(preg_match("/^crossmerkajal2011$|^mehidy1$|^mehidy2$|^mehidy3$|^mehidy4$|^mehidy5$/", $_POST["user"]) === 0) {
$errUser = '<p class="errText">User must be bigger that 5 chars and contain only digits, letters and underscore</p>';
$error = 'YES';
}
// Password must be strong
//if(preg_match("/^.*(?=.{8,})(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z]).*$/", $_POST["pass"]) === 0)
if(preg_match("/^.*(?=.{8,})(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z]).*$/", $_POST["pass"]) === 0) {
$errPass = '<p class="errText">Password must be at least 8 characters and must contain at least one lower case letter, one upper case letter and one digit</p>';
$error = 'YES';
}
if ($error != 'YES'){ // only insert data if no errors
$displayform = '0'; // disable form show
$name = mysql_real_escape_string($_POST['name']);
$address = mysql_real_escape_string($_POST['address']);
$email = mysql_real_escape_string($_POST['email']);
$passport = mysql_real_escape_string($_POST['passport']);
$phone = mysql_real_escape_string($_POST['phone']);
$zip = mysql_real_escape_string($_POST['zip']);
$date = mysql_real_escape_string($_POST['date']);
$user = mysql_real_escape_string($_POST['user']);
$pass = mysql_real_escape_string($_POST['pass']);
$sql = mysql_query("INSERT INTO $tbl_name
SET name = $name,
address = $address,
email = $email,
passport = $passport,
phone = $phone,
zip = $zip,
date = $date,
user = $user,
pass = $pass
");
if (!$sql) {
echo 'Mysql error, data not saved, try again';
$displayform = '1'; // show form to try again
}else{
echo 'Your data was inserted';
}
} // end of insert if
} // end of login if
if ($displayform = '1') { // only show form if required
?>
<center>
<form name="main" action="<?php $PHP_SELF ?>" method="POST">
<input type="hidden" name="ac" value="login">
<table width="500" border="0" cellpadding="4" cellspacing="0" bordercolor="#000000" bgcolor="#EDEFF1">
<tr align="center">
<td colspan="2"><strong style="font-size:18px">Field Verification</strong><br>by <a href="http://www.mehidy.com" target="_blank">mehidy.com</a></td>
</tr>
<tr align="center" bgcolor="#FD9003">
<td colspan="2" bgcolor="#A6B39D">Registration Form</td>
</tr>
<tr>
<td>Full Name:</td>
<td>
<input name="name" type="text" size="50" maxlength="100" value="<?php echo $_POST["name"]; ?>">
<?php if(isset($errName)) echo $errName; ?>
</td>
</tr>
<tr>
<td>Address:</td>
<td>
<input name="address" type="text" size="50" maxlength="250" value="<?php echo $_POST["address"]; ?>">
<?php if(isset($errAddress)) echo $errAddress; ?>
</td>
</tr>
<tr>
<td>Email:</td>
<td>
<input name="email" type="text" size="50" value="<?php echo $_POST["email"]; ?>">
<?php if(isset($errEmail)) echo $errEmail; ?>
</td>
</tr>
<tr>
<td>Passport:</td>
<td>
<input name="passport" type="text" size="16" maxlength="12" value="<?php echo $_POST["passport"]; ?>">
<?php if(isset($errPassport)) echo $errPassport; ?>
</td>
</tr>
<tr>
<td>Phone:</td>
<td>
<input name="phone" type="text" size="16" value="<?php echo $_POST["phone"]; ?>">
<?php if(isset($errPhone)) echo $errPhone; ?>
</td>
</tr>
<tr>
<td>Zip code:</td>
<td>
<input name="zip" type="text" size="16" value="<?php echo $_POST["zip"]; ?>">
<?php if(isset($errZip)) echo $errZip; ?>
</td>
</tr>
<tr>
<td>Date:</td>
<td>
<input name="date" type="text" size="16" value="<?php echo $_POST["date"]; ?>">
<?php if(isset($errDate)) echo $errDate; ?>
</td>
</tr>
<tr>
<td>Username:</td>
<td>
<input name="user" type="text" size="16" value="<?php echo $_POST["user"]; ?>">
<?php if(isset($errUser)) echo $errUser; ?>
</td>
</tr>
<tr>
<td>Password:</td>
<td>
<input name="pass" type="password" size="16" value="<?php echo $_POST["pass"]; ?>">
<?php if(isset($errPass)) echo $errPass; ?>
</td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="Submit" value="Submit"></td>
</tr>
</table>
</form>
</center>
<?php
} // end of form display if
?>
</body>
</html>
r937
March 4, 2011, 12:41pm
9
you need to fix the many syntax errors in your query
it would be a lot easier on you if you always test your query outside of php and get it working properly, before you write php code around it
mehidy
March 4, 2011, 1:02pm
10
Mandes:
change line
echo 'Mysql error, data not saved, try again';
to
echo 'Mysql error, data not saved, try again -' . mysql_error();
then post back the error message
Please see the msg as below;
Mysql error, data not saved, try again -You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Hsasn, address = 1888 bANGLADESH, ’ at line 2
Mandes
March 4, 2011, 1:05pm
11
Whoops, sorry, in too much of a hurry for lunch
<?php
// PUT YOUR DATABASE CONNECTION SCRIPT HERE
$host="localhost"; // Host name
$username="root"; // Mysql username
$password=""; // Mysql password
$db_name="merchandising"; // Database name
$tbl_name="preg"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
echo "connected";
?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=windows-1251">
<style>
.errText {
font-family: Arial;
font-size: 10px;
color: #CC0000;
text-decoration: none;
font-weight: normal;
}
</style>
<title></title>
</head>
<body>
<?php
$errName = "";
$errAddress = "";
$errEmail = "";
$errPassport = "";
$errPhone = "";
$errZip = "";
$errDate = "";
$errUser = "";
$errPass = "";
$errors = "";
$displayform = '1';
if($_POST["ac"]=="login"){ // start of login if
// Full Name must be letters, dash and spaces only
if(preg_match("/^[aA-zZ][a-zA-Z -]+$/", $_POST["name"]) === 0){
$errName = '<p class="errText">Name must be from letters, dashes, spaces, must start with capital letters and must not start with dash</p>';
$error = 'YES';
}
// Address must be word characters only
if(preg_match("/^[a-zA-Z0-9 _.,:\\"\\']+$/", $_POST["address"]) === 0){
$errAddress = '<p class="errText">Address must be only letters, numbers or one of the following ". , : /"</p>';
$error = 'YES';
}
// Email mask
if(preg_match("/^[a-zA-Z]\\w+(\\.\\w+)*\\@\\w+(\\.[0-9a-zA-Z]+)*\\.[a-zA-Z]{2,4}$/", $_POST["email"]) === 0) {
$errEmail = '<p class="errText">Email must comply with this mask: chars(.chars)@chars(.chars).chars(2-4)</p>';
$error = 'YES';
}
// Passport must be only digits
if(preg_match("/^\\d{10}$|^\\d{12}$/", $_POST["passport"]) === 0){
$errPassport = '<p class="errText">Passport must be 10 or 12 digits</p>';
$error = 'YES';
}
// Phone mask 1-800-998-7087
if(preg_match("/^\\d{1}-\\d{3}-\\d{3}-\\d{4}$/", $_POST["phone"]) === 0){
$errPhone = '<p class="errText">Phone must comply with this mask: 1-333-333-4444</p>';
$error = 'YES';
}
// Zip must be 4 digits
if(preg_match("/^\\d{4}$/", $_POST["zip"]) === 0) {
$errZip = '<p class="errText">Zip must be 4 digits</p>';
$error = 'YES';
}
// Date mask YYYY-MM-DD
if(preg_match("/^[0-9]{4}-[0-9]{1,2}-[0-9]{1,2}$/", $_POST["date"]) === 0) {
$errDate = '<p class="errText">Date must comply with this mask: YYYY-MM-DD</p>';
$error = 'YES';
}
// User must be digits and letters
if(preg_match("/^crossmerkajal2011$|^mehidy1$|^mehidy2$|^mehidy3$|^mehidy4$|^mehidy5$/", $_POST["user"]) === 0) {
$errUser = '<p class="errText">User must be bigger that 5 chars and contain only digits, letters and underscore</p>';
$error = 'YES';
}
// Password must be strong
//if(preg_match("/^.*(?=.{8,})(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z]).*$/", $_POST["pass"]) === 0)
if(preg_match("/^.*(?=.{8,})(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z]).*$/", $_POST["pass"]) === 0) {
$errPass = '<p class="errText">Password must be at least 8 characters and must contain at least one lower case letter, one upper case letter and one digit</p>';
$error = 'YES';
}
if ($error != 'YES'){ // only insert data if no errors
$displayform = '0'; // disable form show
$name = mysql_real_escape_string($_POST['name']);
$address = mysql_real_escape_string($_POST['address']);
$email = mysql_real_escape_string($_POST['email']);
$passport = mysql_real_escape_string($_POST['passport']);
$phone = mysql_real_escape_string($_POST['phone']);
$zip = mysql_real_escape_string($_POST['zip']);
$date = mysql_real_escape_string($_POST['date']);
$user = mysql_real_escape_string($_POST['user']);
$pass = mysql_real_escape_string($_POST['pass']);
$sql = mysql_query("INSERT INTO '$tbl_name'
SET name = '$name',
address = '$address',
email = '$email',
passport = '$passport',
phone = '$phone',
zip = '$zip',
date = '$date',
user = '$user',
pass = '$pass'
");
if (!$sql) {
echo 'Mysql error, data not saved, try again -' . mysql_error(); $displayform = '1'; // show form to try again
}else{
echo 'Your data was inserted';
}
} // end of insert if
} // end of login if
if ($displayform = '1') { // only show form if required
?>
<center>
<form name="main" action="<?php $PHP_SELF ?>" method="POST">
<input type="hidden" name="ac" value="login">
<table width="500" border="0" cellpadding="4" cellspacing="0" bordercolor="#000000" bgcolor="#EDEFF1">
<tr align="center">
<td colspan="2"><strong style="font-size:18px">Field Verification</strong><br>by <a href="http://www.mehidy.com" target="_blank">mehidy.com</a></td>
</tr>
<tr align="center" bgcolor="#FD9003">
<td colspan="2" bgcolor="#A6B39D">Registration Form</td>
</tr>
<tr>
<td>Full Name:</td>
<td>
<input name="name" type="text" size="50" maxlength="100" value="<?php echo $_POST["name"]; ?>">
<?php if(isset($errName)) echo $errName; ?>
</td>
</tr>
<tr>
<td>Address:</td>
<td>
<input name="address" type="text" size="50" maxlength="250" value="<?php echo $_POST["address"]; ?>">
<?php if(isset($errAddress)) echo $errAddress; ?>
</td>
</tr>
<tr>
<td>Email:</td>
<td>
<input name="email" type="text" size="50" value="<?php echo $_POST["email"]; ?>">
<?php if(isset($errEmail)) echo $errEmail; ?>
</td>
</tr>
<tr>
<td>Passport:</td>
<td>
<input name="passport" type="text" size="16" maxlength="12" value="<?php echo $_POST["passport"]; ?>">
<?php if(isset($errPassport)) echo $errPassport; ?>
</td>
</tr>
<tr>
<td>Phone:</td>
<td>
<input name="phone" type="text" size="16" value="<?php echo $_POST["phone"]; ?>">
<?php if(isset($errPhone)) echo $errPhone; ?>
</td>
</tr>
<tr>
<td>Zip code:</td>
<td>
<input name="zip" type="text" size="16" value="<?php echo $_POST["zip"]; ?>">
<?php if(isset($errZip)) echo $errZip; ?>
</td>
</tr>
<tr>
<td>Date:</td>
<td>
<input name="date" type="text" size="16" value="<?php echo $_POST["date"]; ?>">
<?php if(isset($errDate)) echo $errDate; ?>
</td>
</tr>
<tr>
<td>Username:</td>
<td>
<input name="user" type="text" size="16" value="<?php echo $_POST["user"]; ?>">
<?php if(isset($errUser)) echo $errUser; ?>
</td>
</tr>
<tr>
<td>Password:</td>
<td>
<input name="pass" type="password" size="16" value="<?php echo $_POST["pass"]; ?>">
<?php if(isset($errPass)) echo $errPass; ?>
</td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="Submit" value="Submit"></td>
</tr>
</table>
</form>
</center>
<?php
} // end of form display if
?>
</body>
</html>
Thanks Rudy
mehidy
March 4, 2011, 1:13pm
12
Now showing this error.
Mysql error, data not saved, try again -You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '‘preg’ SET name = ‘Mehidy Hsasn’, ’ at line 1
r937
March 4, 2011, 1:17pm
13
mehidy:
Now showing this error.
do me a favour, run your query outside of php please
show us the entire mysql query (i.e. ~not~ the php version), and then run it and see if the error message then makes more sense to you
mehidy
March 4, 2011, 1:31pm
14
r937:
do me a favour, run your query outside of php please
show us the entire mysql query (i.e. ~not~ the php version), and then run it and see if the error message then makes more sense to you
I am sorry I didn’t understood you clearly. Please see my entire script as below.
<?php
// PUT YOUR DATABASE CONNECTION SCRIPT HERE
$host="localhost"; // Host name
$username="root"; // Mysql username
$password=""; // Mysql password
$db_name="merchandising"; // Database name
$tbl_name="preg"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
echo "connected";
?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=windows-1251">
<style>
.errText {
font-family: Arial;
font-size: 10px;
color: #CC0000;
text-decoration: none;
font-weight: normal;
}
</style>
<title></title>
</head>
<body>
<?php
$errName = "";
$errAddress = "";
$errEmail = "";
$errPassport = "";
$errPhone = "";
$errZip = "";
$errDate = "";
$errUser = "";
$errPass = "";
$errors = "";
$displayform = '1';
if($_POST["ac"]=="login"){ // start of login if
// Full Name must be letters, dash and spaces only
if(preg_match("/^[aA-zZ][a-zA-Z -]+$/", $_POST["name"]) === 0){
$errName = '<p class="errText">Name must be from letters, dashes, spaces, must start with capital letters and must not start with dash</p>';
$error = 'YES';
}
// Address must be word characters only
if(preg_match("/^[a-zA-Z0-9 _.,:\\"\\']+$/", $_POST["address"]) === 0){
$errAddress = '<p class="errText">Address must be only letters, numbers or one of the following ". , : /"</p>';
$error = 'YES';
}
// Email mask
if(preg_match("/^[a-zA-Z]\\w+(\\.\\w+)*\\@\\w+(\\.[0-9a-zA-Z]+)*\\.[a-zA-Z]{2,4}$/", $_POST["email"]) === 0) {
$errEmail = '<p class="errText">Email must comply with this mask: chars(.chars)@chars(.chars).chars(2-4)</p>';
$error = 'YES';
}
// Passport must be only digits
if(preg_match("/^\\d{10}$|^\\d{12}$/", $_POST["passport"]) === 0){
$errPassport = '<p class="errText">Passport must be 10 or 12 digits</p>';
$error = 'YES';
}
// Phone mask 1-800-998-7087 begin_of_the_skype_highlighting 1-800-998-7087 end_of_the_skype_highlighting begin_of_the_skype_highlighting 1-800-998-7087 begin_of_the_skype_highlighting 1-800-998-7087 end_of_the_skype_highlighting end_of_the_skype_highlighting
if(preg_match("/^\\d{1}-\\d{3}-\\d{3}-\\d{4}$/", $_POST["phone"]) === 0){
$errPhone = '<p class="errText">Phone must comply with this mask: 1-333-333-4444</p>';
$error = 'YES';
}
// Zip must be 4 digits
if(preg_match("/^\\d{4}$/", $_POST["zip"]) === 0) {
$errZip = '<p class="errText">Zip must be 4 digits</p>';
$error = 'YES';
}
// Date mask YYYY-MM-DD
if(preg_match("/^[0-9]{4}-[0-9]{1,2}-[0-9]{1,2}$/", $_POST["date"]) === 0) {
$errDate = '<p class="errText">Date must comply with this mask: YYYY-MM-DD</p>';
$error = 'YES';
}
// User must be digits and letters
if(preg_match("/^crossmerkajal2011$|^mehidy1$|^mehidy2$|^mehidy3$|^mehidy4$|^mehidy5$/", $_POST["user"]) === 0) {
$errUser = '<p class="errText">User must be bigger that 5 chars and contain only digits, letters and underscore</p>';
$error = 'YES';
}
// Password must be strong
//if(preg_match("/^.*(?=.{8,})(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z]).*$/", $_POST["pass"]) === 0)
if(preg_match("/^.*(?=.{8,})(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z]).*$/", $_POST["pass"]) === 0) {
$errPass = '<p class="errText">Password must be at least 8 characters and must contain at least one lower case letter, one upper case letter and one digit</p>';
$error = 'YES';
}
if ($error != 'YES'){ // only insert data if no errors
$displayform = '0'; // disable form show
$name = mysql_real_escape_string($_POST['name']);
$address = mysql_real_escape_string($_POST['address']);
$email = mysql_real_escape_string($_POST['email']);
$passport = mysql_real_escape_string($_POST['passport']);
$phone = mysql_real_escape_string($_POST['phone']);
$zip = mysql_real_escape_string($_POST['zip']);
$date = mysql_real_escape_string($_POST['date']);
$user = mysql_real_escape_string($_POST['user']);
$pass = mysql_real_escape_string($_POST['pass']);
$sql = mysql_query("INSERT INTO '$tbl_name'
SET name = '$name',
address = '$address',
email = '$email',
passport = '$passport',
phone = '$phone',
zip = '$zip',
date = '$date',
user = '$user',
pass = '$pass'
");
if (!$sql) {
echo 'Mysql error, data not saved, try again -' . mysql_error();
$displayform = '1'; // show form to try again
}else{
echo 'Your data was inserted';
}
} // end of insert if
} // end of login if
if ($displayform = '1') { // only show form if required
?>
<center>
<form name="main" action="<?php $PHP_SELF ?>" method="POST">
<input type="hidden" name="ac" value="login">
<table width="500" border="0" cellpadding="4" cellspacing="0" bordercolor="#000000" bgcolor="#EDEFF1">
<tr align="center">
<td colspan="2"><strong style="font-size:18px">Field Verification</strong><br>by <a href="http://www.mehidy.com" target="_blank">mehidy.com</a></td>
</tr>
<tr align="center" bgcolor="#FD9003">
<td colspan="2" bgcolor="#A6B39D">Registration Form</td>
</tr>
<tr>
<td>Full Name:</td>
<td>
<input name="name" type="text" size="50" maxlength="100" value="<?php echo $_POST["name"]; ?>">
<?php if(isset($errName)) echo $errName; ?>
</td>
</tr>
<tr>
<td>Address:</td>
<td>
<input name="address" type="text" size="50" maxlength="250" value="<?php echo $_POST["address"]; ?>">
<?php if(isset($errAddress)) echo $errAddress; ?>
</td>
</tr>
<tr>
<td>Email:</td>
<td>
<input name="email" type="text" size="50" value="<?php echo $_POST["email"]; ?>">
<?php if(isset($errEmail)) echo $errEmail; ?>
</td>
</tr>
<tr>
<td>Passport:</td>
<td>
<input name="passport" type="text" size="16" maxlength="12" value="<?php echo $_POST["passport"]; ?>">
<?php if(isset($errPassport)) echo $errPassport; ?>
</td>
</tr>
<tr>
<td>Phone:</td>
<td>
<input name="phone" type="text" size="16" value="<?php echo $_POST["phone"]; ?>">
<?php if(isset($errPhone)) echo $errPhone; ?>
</td>
</tr>
<tr>
<td>Zip code:</td>
<td>
<input name="zip" type="text" size="16" value="<?php echo $_POST["zip"]; ?>">
<?php if(isset($errZip)) echo $errZip; ?>
</td>
</tr>
<tr>
<td>Date:</td>
<td>
<input name="date" type="text" size="16" value="<?php echo $_POST["date"]; ?>">
<?php if(isset($errDate)) echo $errDate; ?>
</td>
</tr>
<tr>
<td>Username:</td>
<td>
<input name="user" type="text" size="16" value="<?php echo $_POST["user"]; ?>">
<?php if(isset($errUser)) echo $errUser; ?>
</td>
</tr>
<tr>
<td>Password:</td>
<td>
<input name="pass" type="password" size="16" value="<?php echo $_POST["pass"]; ?>">
<?php if(isset($errPass)) echo $errPass; ?>
</td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="Submit" value="Submit"></td>
</tr>
</table>
</form>
</center>
<?php
} // end of form display if
?>
</body>
</html>
Mandes
March 4, 2011, 1:34pm
15
do me a favour, run your query outside of php please
Sorry Rudy, youre going to have to be more blunt.
Ive made a table in myphpadmin called ‘preg’ - OK
inserted data using myphpadmin into the table with the Query
INSERT INTO preg
SET name= '1',
address = '2',
email = '3',
passport = '4',
phone = '5',
zip = '6',
date = '7',
user = '8',
pass = '9';
where are we going wrong ?
r937
March 4, 2011, 1:35pm
16
extract the sql statement from your script, starting with the word INSERT and going all the way to the end of that statement
copy it into a text editor, replace all the $variables with actual values, and then run the query right in mysql , using a front end tool like the mysql query browser or phpmyadmin or heidisql or even the command line
r937
March 4, 2011, 1:41pm
17
here –>
INSERT INTO '$tbl_name' ...
blunt enough?
debugging basic fundamental mysql errors is a ~lot~ easier outside of php
Mandes
March 4, 2011, 1:53pm
18
GOT IT, thanks :injured:
Id overlooked that as the table name wasnt a variable in my original code given to the OP
@mehidy
Since the database table is never going to change for this code you can safely hardcode the table name into the query, so replace your query this
$sql = mysql_query("INSERT INTO preg
SET name = '$name',
address = '$address',
email = '$email',
passport = '$passport',
phone = '$phone',
zip = '$zip',
date = '$date',
user = '$user',
pass = '$pass'
");
mehidy
March 4, 2011, 2:02pm
19
Thank you very much. You both are very helpful. I have learn so many things today. Piratical learning is most useful. I am very grateful to both of you. Love you guys.
