I have not idea what is wrong, i got an example from a site and made the changes here’s my code so far:
(connecting to the database works and submits data, but i can’t get the validation to work)
validation.php
<?php
// define variables and set to empty values
$u_nameError = $u_emailError = "";
$u_name = $u_email = $message = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["u_name"])) {
$u_nameError = "Name is required";
} else {
$u_name = test_input($_POST["u_name"]);
// check if u_name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$u_name)) {
$u_nameError = "Only letters and white space allowed";
}
}
if (empty($_POST["u_email"])) {
$u_emailError = "Email is required";
} else {
$u_email = test_input($_POST["u_email"]);
// check if e-mail address is well-formed
if (!filter_var($u_email, FILTER_VALIDATE_EMAIL)) {
$u_emailError = "Invalid email format";
}
}
if (empty($_POST["message"])) {
$message = "";
} else {
$message = test_input($_POST["message"]);
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
thankyou.php
<?php
error_reporting(E_ALL);
ini_set('display_errors', 'true');
require 'connection.php';
require 'validation.php';
$conn = Connect();
/* skip testing for the POST array for now */
/* Prepare an insert statement */
$query = "INSERT INTO tb_cform (u_name, u_email, subj, message) VALUES (?,?,?,?)";
$stmt = $conn->prepare($query);
$stmt->bind_param("ssss", $_POST['u_name'], $_POST['u_email'], $_POST['subj'], $_POST['message']);
/* Execute the statement */
$stmt->execute();
if ($stmt->affected_rows > 0) {
echo "Thank You For Contacting Us <br>";
printf("rows inserted: %d\n", $stmt->affected_rows);
} else {
echo "Did not enter data";
}
/* close statement */
$stmt->close();
$conn->close();
?>
If you don’t understand the logic it might be better to copy the script verbatim and get that working first. Only then try to incorporate it into the code you already have.
I’m finding this very stressfull every example i’ve come that suppose to work is not working for me, I’ve changed the variables and various so called solutions. But I’m getting no where.
Well i’ve scrapped the validation.php code and started again. So with form going to thankyou.php how do i code a validation with only u_name to make things simple.
As I posted in your other topic, unless they are “anything goes” - which is rarely the case - you need to do some critical thinking regarding the input values
If you can describe what an input value needs to be in the form of a sentence then “translating” to code will not be that difficult.
As a contrived example
Must have a minimum of three characters and a maximum of ten characters.
Only numeric characters, spaces and dashes are allowed.
A space can not be adjacent to another space or a dash
If there are dashes, there must be a minimum of two digits and a maximum of four digits between and outside of the dashes.
Perhaps you would like to demonstrate to us how effective your design logic is because so far, I only see legacy logic which is if(isset($_POST['submit'])). This is an amateur hack that most new PHP users use.
No, I know it’s bad and I know what is acceptable as input, all i want to know is where should i put the validation code in either: index.php, thankyou.php, connection.php (unlikely) or create a new file like validation.php. Also any links to any recent php validation that works and is best adaptable to my current code.