When doing php validation should I First do the filter sanitizing/validating or is it okay to do it as part of an if statement see the examples below
First Example
$vvalidation = 0;
if (isset($_POST['db9_name']) && $_POST['db9_name'] != ''){
$name = $_POST['db9_name'];
if (filter_var($name, FILTER_SANITIZE_STRING === null)){
$vvalidation++;
}
} else{
$vvalidation++;
}
Second Example
$vvalidation = 0;
if (isset($_POST['db9_name']) && $_POST['db9_name'] != ''){
$name = $_POST['db9_name'];
$vname = filter_var($name, FILTER_SANITIZE_STRING);
if ($vname === null)){
$vvalidation++;
}
} else{
$vvalidation++;
}
and for email ?
example 1
if (isset($_POST['txtemail']) && $_POST['txtemail'] !== '') {
$vEmail = strtolower(strip_tags(trim($_POST['txtemail'])));
$vEmail = str_replace(' ', '', $vEmail);
if (filter_var($vEmail, FILTER_SANITIZE_EMAIL) === null) {
$vValidation++;
} elseif (filter_var($vEmail, FILTER_VALIDATE_EMAIL) === null) {
$vValidation++;
}
} else {
$vValidation++;
}
example 2
if (isset($_POST['txtemail']) && $_POST['txtemail'] !== '') {
$vEmail = strtolower(strip_tags(trim($_POST['txtemail'])));
$vEmail = str_replace(' ', '', $vEmail);
$email = (filter_var($vEmail, FILTER_SANITIZE_EMAIL);
$email .= (filter_var($vEmail, FILTER_VALIDATE_EMAIL);
if (email === null){
$vValidation++;
} else {
$vValidation++;
}
or does it not really matter?
Related
I am doing custom search for table. I have three search parameters: from, to and status. I have used eval() to filter result according to received parameter. Below is my code:
$search = ($from != "" || $to != "" || $status != "" );
if ($search) {
if ($from != '') {
$condition[] = '$from == $res["from_number"]';
}
if ($to != '') {
$condition[] = '$to == $res["to_number"]';
}
if ($status != '') {
$condition[] = '$status == $log["status"]';
}
$search = "if(" . implode(' && ', $condition) . '){ return false; } else { return true; }';
}
After getting the conditions I am using eval
if (eval($search)) {
}
My problem is I don't want to use eval(). It may cause security issues. Ladder if else is not possible, it would be very lengthy. Any other solution?
e.g. If i have passed value for status then i want check like
if($status == $log["status"]) {
}
if i have passed to & from number then it should be like:
if($from == $res["from_number"] && $to == $res["to_number"]) {
}
Don't use eval - it is potentially dangerous and not recommended to use.
Your code can be like this:
$result = false;
if ($from != "" || $to != "" || $status != "") {
if ($from != '' && $from != $res["from_number"]) $result = true;
if ($to != '' && $to != $res["to_number"]) $result = true;
if ($status != '' && $status != $log["status"]) $result = true;
}
if ($result) {
// ........
}
I have a post form on front end where users can post (post_type = product) from the form. As a part of it I have tried implementing few server side validations as in below code. The issue is that the validations are all working fine but the data is getting saved on form submission even when the validation fails.
Ideally the form submission should fail when there is a field validation failure.
I am not sure if $hasError = true is working or not, there might be a very simple logic I am missing which I am not getting. Any help regarding this?
Thanks in advance.
$postTitleError = '';
if (isset($_POST['submitted']) && isset($_POST['post_nonce_field']) && wp_verify_nonce($_POST['post_nonce_field'], 'post_nonce')) {
if (trim($_POST['postTitle']) === '') {
$postTitleError = 'msg 1';
$hasError = true;
}
if (trim($_POST['postCat1']) === '') {
$postTitleError = 'msg2';
$hasError = true;
}
if (trim($_POST['postPrice']) === '') {
$postTitleError = 'msg3';
$hasError = true;
}
if (trim($_POST['postTime']) === '') {
$postTitleError = 'msg4';
$hasError = true;
}
if (trim($_POST['postTimeMin']) === '') {
$postTitleError = 'msg5';
$hasError = true;
}
if (trim($_POST['postContent']) === '') {
$postTitleError = 'msg6';
$hasError = true;
}
<?php
//$postTitleError = '';
$resultArr = array();
$error_msg = false;
if (isset($_POST['submitted']) && isset($_POST['post_nonce_field']) && wp_verify_nonce($_POST['post_nonce_field'], 'post_nonce')) {
if (isset($_POST['postTitle']) && !empty($_POST["postTitle"])) {
//$postTitleError = 'msg 1';
//$hasError = true;
$postTitle=$_POST['postTitle'];
}
else
{
$resultArr['status'] = 'failure';
$resultArr['error_msg_postTitle']= "msg 1";
$error_msg = true;
}
if (isset($_POST['postCat1']) && !empty($_POST["postCat1"]) ) {
// $postTitleError = 'msg2';
// $hasError = true;
$postCat1=$_POST['postCat1'];
}
else
{
$resultArr['status'] = 'failure';
$resultArr['error_msg_postCat1']= "msg2";
$error_msg = true;
}
if (isset($_POST['postPrice']) && !empty($_POST["postPrice"]) ) {
// $postTitleError = 'msg3';
//$hasError = true;
$postPrice=$_POST['postPrice'];
}
else
{
$resultArr['status'] = 'failure';
$resultArr['error_msg_postPrice']= "msg3";
$error_msg = true;
}
if (isset($_POST['postTime']) && !empty($_POST["postTime"]) ) {
//$postTitleError = 'msg4';
//$hasError = true;
$postTime=$_POST['postTime'];
}
else
{
$resultArr['status'] = 'failure';
$resultArr['error_msg_postTime']= "msg4";
$error_msg = true;
}
if (isset($_POST['postTimeMin']) && !empty($_POST["postTimeMin"]) ) {
// $postTitleError = 'msg5';
// $hasError = true;
$postTimeMin=$_POST['postTimeMin'];
}
else
{
$resultArr['status'] = 'failure';
$resultArr['error_msg_postTimeMin']= "msg5";
$error_msg = true;
}
if (isset($_POST['postContent']) && !empty($_POST["postContent"]) ) {
//$postTitleError = 'msg6';
// $hasError = true;
$postContent=$_POST['postContent'];
}
else
{
$resultArr['status'] = 'failure';
$resultArr['error_msg_postContent']= "msg6";
$error_msg = true;
}
if($error_msg == false)
{
//here publish post code
}
else
{
//here Error message prine
}
?>
i am validating three types of input(string,email,url):
string-validating:
if ($_POST['string'] != "") {
$string = filter_var($_POST['string'], FILTER_SANITIZE_STRING);
if ($string != "") {
// valid
} else {
// not valid
}
} else {
// empty
}
email-validating:
if ($_POST['email'] != "") {
$email = filter_var($_POST['email'], FILTER_SANITIZE_EMAIL);
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
// valid
} else {
// not valid
} else {
// empty
}
url-validating:
if ($_POST['url'] != "") {
$url = filter_var($_POST['url'], FILTER_SANITIZE_URL);
if (filter_var($url, FILTER_VALIDATE_URL)) {
// valid
} else {
// not valid
}
} else {
// empty
}
After doing this checks i use PDO - Prepared statements to inserate in database.
You think this is secure enough or did i missed some points?
Hope for your answers, thanks and greetings!
below is a snippet of code that I started with... then I made some changes based on the commented suggestion from stackoverflow user. (Please see below for my progress so far)
ORIGINAL
$valid = true;
// basic validation
$phoneNumber = str_replace( ' ', '', $phoneNumber );
if ( strlen( $phoneNumber ) < 10 || !is_numeric( $phoneNumber ) ) {
$valid = false;
}
$areaCode = substr($phoneNumber, 0, 3);
$prefix = substr($phoneNumber, 3, 3);
$mainPhone = substr($phoneNumber, 3, 7);
// perform the same regex matching:
if ($valid) {
$regex = '/^(?:\([2-9]\d{2}\)\ ?|[2-9]\d{2}(?:\-?|\ ?))/';
$valid = preg_match($regex, $areaCode);
}
if ($valid) {
$regex = '/^(?!\d[1]{2}|[5]{3})([2-9]\d{2})([. -]*)\d{4}$/';
$valid = preg_match($regex, $mainPhone);
}
// perform the original web validation:
if ( $valid ) {
// validate area code
if (
$areaCode == '000' ||
$areaCode == '111' ||
$areaCode == '222' ||
$areaCode == '333' ||
$areaCode == '444' ||
$areaCode == '555' ||
$areaCode == '666' ||
$areaCode == '777' ||
$areaCode == '999' ||
$areaCode == '123' || (is_string($areaCode) && !is_numeric($areaCode))) {
$valid = false;
}
}
if ( $valid ) {
// validate prefix
if ( $prefix == '123' ||
$prefix == '000' ||
$prefix == '111' ||
$prefix == '555' || (is_string($prefix) && !is_numeric($prefix))) {
$valid = false;
}
}
if ( $valid ) {
// validate main phone number
if ( $mainPhone == '2222222' ||
$mainPhone == '3333333' ||
$mainPhone == '4444444' ||
$mainPhone == '6666666' ||
$mainPhone == '7777777' ||
$mainPhone == '8888888' ||
$mainPhone == '9999999' || (is_string($phoneNumber) && !is_numeric($phoneNumber))) {
$valid = false;
}
}
return $valid;
NEW JAVASCRIPT VERSION (SO FAR)
below is a snippet of code that I am converting so far... I still have some PHP stuff in there can you guys help me out to remove/replace what this snippet needs to say to make it work?
function is_numeric(n) {
return !isNaN(parseFloat(n)) && isFinite(n);
}
function phonenumberIsValid(phonenumber)
{
var valid = true;
// basic validation
var phonetest = phonenumber.replace(' ','');
if ( strlen( phonetest ) < 10 || !is_numeric( phonetest ) ) {
valid = false;
}
var areaCode = phonetest.substr(0,3);
var prefix = phonetest.substr(3,3);
var mainPhone = phonetest.substr(3,7);
// perform the same regex matching that LeadMaster does:
if(valid){
valid = areaCode.match('/^(?:\([2-9]\d{2}\)\ ?|[2-9]\d{2}(?:\-?|\ ?))/');
}
if(valid){
valid = mainPhone.match('/^(?!\d[1]{2}|[5]{3})([2-9]\d{2})([. -]*)\d{4}$/');
}
// perform the original web validation:
if(valid){
// validate area code
if (
areaCode == '000' ||
areaCode == '111' ||
areaCode == '222' ||
areaCode == '333' ||
areaCode == '444' ||
areaCode == '555' ||
areaCode == '666' ||
areaCode == '777' ||
areaCode == '999' ||
areaCode == '123' || (!is_numeric(areaCode)) {
valid = false;
}
}
if(valid) {
// validate prefix
if ( prefix == '123' ||
prefix == '000' ||
prefix == '111' ||
prefix == '555' || (!is_numeric(prefix)) {
valid = false;
}
}
if(valid) {
// validate main phone number
if ( mainPhone == '2222222' ||
mainPhone == '3333333' ||
mainPhone == '4444444' ||
mainPhone == '6666666' ||
mainPhone == '7777777' ||
mainPhone == '8888888' ||
mainPhone == '9999999' || (!is_numeric(phoneNumber)) {
valid = false;
}
}
return valid;
}
PregMatch can be replaced with "myString".match so for instance.
if ($valid) {
$regex = '/^(?:\([2-9]\d{2}\)\ ?|[2-9]\d{2}(?:\-?|\ ?))/';
$valid = preg_match($regex, $areaCode);
}
would become
if(valid){
valid = areaCode.match('/^(?:\([2-9]\d{2}\)\ ?|[2-9]\d{2}(?:\-?|\ ?))/');
}
and
str_replace("search","replace",$myString)
becomes
myString.replace("search","replace")
In fact most of this can be worked out yourself by typing things like "str_replace javascript" into google and looking for the previous stack overflow answer :)
i am working on Codigniter,i have a issue with posting form's data..
in my form,there is different section,i have put array for that different section
Here is my code (Controller)
<?php
class Resume extends CI_Controller{
var $user_id;
function __construct(){
parent::__construct();
$this->user_id = $this->session->userdata('user_id');
$this->load->model("Resume_model");
if($this->session->userdata('user_id') == NULL){
redirect('user/login','refresh');
}
}
public function index(){
$this->Resume();
}
public function Resume(){
if($this->input->post('Skills')){
$Resume = $this->input->post();
$ResumeInsert=array();
$ResumeUpdate=array();
$Key_Resume__ExistIDs=array();
foreach($this->input->post('Person_id') as $key =>$value ){
$ResumeInsert[$key]['updated'] = Date("Y-m-d");
$ResumeInsert[$key]['Importance_JK'] = $Resume['Importance_JK'];
$ResumeInsert[$key]['user_FK'] = $user_id;
$ResumeInsert[$key]['Person_id'] = $Resume['Person_id'][$key];
$ResumeInsert[$key]['email_contact'] = $Resume['email_contact'][$key];
$ResumeInsert[$key]['Contact_Phone'] = $Resume['Contact_Phone'][$key];
$ResumeInsert[$key]['communication'] = $Resume['communication'][$key];
$ResumeInsert[$key]['creativity'] = $Resume['creativity'][$key];
$ResumeInsert[$key]['team_work'] = $Resume['team_work'][$key];
$ResumeInsert[$key]['organizational'] = $Resume['organizational'][$key];
$ResumeInsert[$key]['Leadership'] = $Resume['Leadership'][$key];
$ResumeInsert[$key]['Productivity'] = $Resume['Productivity'][$key];
$ResumeInsert[$key]['Postal_Address'] = $Resume['Postal_Address'][$key];
$ResumeInsert[$key]['Career_objective'] = $Resume['Career_objective'][$key];
}
foreach($this->input->post('emp_id') as $key =>$value ){
$ResumeInsert[$key]['resume_keyid'] = $Resume['emp_id'][$key];
$ResumeInsert[$key]['employer_name'] = $Resume['employer_name'][$key];
$ResumeInsert[$key]['start_Date'] = $Resume['start_Date'][$key];
$ResumeInsert[$key]['end_date'] = $Resume['end_date'][$key];
$ResumeInsert[$key]['type_id'] = $Resume['type_id'][$key];
$ResumeInsert[$key]['position'] = $Resume['position'][$key];
$ResumeInsert[$key]['responsibility'] = $Resume['responsibility'][$key];
$ResumeInsert[$key]['Skills'] = $Resume['Skills'][$key];
print_r ($ResumeInsert);exit;
}
foreach($this->input->post('resume_id1') as $key =>$value ){
$ResumeInsert[$key]['edu_id'] = $Resume['resume_id1'][$key];
$ResumeInsert[$key]['year_gain'] = $Resume['year_gain'][$key];
$ResumeInsert[$key]['qualification_name'] = $Resume['qualification_name'][$key];
$ResumeInsert[$key]['institution_name'] = $Resume['institution_name'][$key];
$ResumeInsert[$key]['outstanding_Ach'] = $Resume['outstanding_Ach'][$key];
$ResumeInsert[$key]['aquired_skill'] = $Resume['aquired_skill'][$key];
$ResumeInsert[$key]['expiry'] = $Resume['expiry'][$key];
$ResumeInsert[$key]['Application_of_Skill'] = $Resume['Application_of_Skill'][$key];
}
foreach($this->input->post('resume_id2') as $key =>$value ){
$ResumeInsert[$key]['resume_skillID'] = $Resume['resume_id2'][$key];
$ResumeInsert[$key]['skill_name'] = $Resume['skill_name'][$key];
$ResumeInsert[$key]['Licences_permits'] = $Resume['Licences_permits'][$key];
$ResumeInsert[$key]['date_Achived'] = $Resume['date_Achived'][$key];
$ResumeInsert[$key]['expiry_renewal'] = $Resume['expiry'][$key];
$ResumeInsert[$key]['skill_work'] = $Resume['application_of_skill'][$key];
$ResumeInsert[$key]['course_tilte'] = $Resume['course_tilte'][$key];
}
foreach($this->input->post('resume_id3') as $key =>$value ){
$ResumeInsert[$key]['hobbyId'] = $Resume['resume_id3'][$key];
$ResumeInsert[$key]['hobby_name'] = $Resume['hobby_name'][$key];
$ResumeInsert[$key]['achievement_name'] = $Resume['achievement_name'][$key];
$ResumeInsert[$key]['Application_OF_hobby_work'] = $Resume['Application_of_Skill'][$key];
}
foreach($this->input->post('resume_id4') as $key =>$value ){
$ResumeInsert[$key]['ref_resume_ID'] = $Resume['resume_id4'][$key];
$ResumeInsert[$key]['referee_name'] = $Resume['referee_name'][$key];
$ResumeInsert[$key]['Position_referee'] = $Resume['Position'][$key];
$ResumeInsert[$key]['company_name_ref'] = $Resume['company_name'][$key];
$ResumeInsert[$key]['phone_ref'] = $Resume['phone_ref'][$key];
$ResumeInsert[$key]['contact_email_ref'] = $Resume['contact_email'][$key];
$ResumeInsert[$key]['reference_Type'] = $Resume['reference_Type'][$key];
$ResumeInsert[$key]['Application_of_Skill_ref'] = $Resume['Application_of_Skill'][$key];
}
foreach($this->input->post('resume_id5') as $key =>$value ){
$ResumeInsert[$key]['Application_Id'] = $Resume['resume_id5'][$key];
$ResumeInsert[$key]['app_date_sent'] = $Resume['date_sent'][$key];
$ResumeInsert[$key]['app_busisness_name'] = $Resume['app_busisness_name'][$key];
$ResumeInsert[$key]['app_address'] = $Resume['app_address'][$key];
$ResumeInsert[$key]['app_contact_phone'] = $Resume['app_contact_phone'][$key];
$ResumeInsert[$key]['app_outcome'] = $Resume['app_outcome'][$key];
$ResumeInsert[$key]['app_date_closed'] = $Resume['app_date_closed'][$key];
}
if(isset($Resume['id'][$key]))
{
// echo "test";exit;
$Key_Resume__ExistIDs[]=$Resume['id'][$key];
if( $ResumeInsert[$key]['Person_id'] != ""){
$ResumeUpdate[$key]['Person_id'] = $ResumeInsert[$key]['Person_id'];
}
if( $ResumeInsert[$key]['email_contact'] != ""){
$ResumeUpdate[$key]['email_contact'] = $ResumeInsert[$key]['email_contact'];
}
if( $ResumeInsert[$key]['Contact_Phone'] != ""){
$ResumeUpdate[$key]['Contact_Phone'] = $ResumeInsert[$key]['Contact_Phone'];
}
if( $ResumeInsert[$key]['communication'] != ""){
$ResumeUpdate[$key]['communication'] = $ResumeInsert[$key]['communication'];
}
if( $ResumeInsert[$key]['creativity'] != ""){
$ResumeUpdate[$key]['creativity'] = $ResumeInsert[$key]['creativity'];
}
if( $ResumeInsert[$key]['team_work'] != ""){
$ResumeUpdate[$key]['team_work'] = $ResumeInsert[$key]['team_work'];
}
if( $ResumeInsert[$key]['organizational'] != ""){
$ResumeUpdate[$key]['organizational'] = $ResumeInsert[$key]['organizational'];
}
if( $ResumeInsert[$key]['Leadership'] != ""){
$ResumeUpdate[$key]['Leadership'] = $ResumeInsert[$key]['Leadership'];
}
if( $ResumeInsert[$key]['Productivity'] != ""){
$ResumeUpdate[$key]['Productivity'] = $ResumeInsert[$key]['Productivity'];
}
if( $ResumeInsert[$key]['Postal_Address'] != ""){
$ResumeUpdate[$key]['Postal_Address'] = $ResumeInsert[$key]['Postal_Address'];
}
if( $ResumeInsert[$key]['Career_objective'] != ""){
$ResumeUpdate[$key]['Career_objective'] = $ResumeInsert[$key]['Career_objective'];
}
if( $ResumeInsert[$key]['resume_keyid'] != ""){
$ResumeUpdate[$key]['resume_keyid'] = $ResumeInsert[$key]['resume_keyid'];
}
if( $ResumeInsert[$key]['employer_name'] != ""){
$ResumeUpdate[$key]['employer_name'] = $ResumeInsert[$key]['employer_name'];
}
if( $ResumeInsert[$key]['start_Date'] != ""){
$ResumeUpdate[$key]['start_Date'] = $ResumeInsert[$key]['start_Date'];
}
if( $ResumeInsert[$key]['end_date'] != "") {
$ResumeUpdate[$key]['end_date'] = $ResumeInsert[$key]['end_date'];
}
if( $ResumeInsert[$key]['type_id'] != ""){
$ResumeUpdate[$key]['type_id'] = $ResumeInsert[$key]['type_id'];
}
if( $ResumeInsert[$key]['position'] != ""){
$ResumeUpdate[$key]['position'] = $ResumeInsert[$key]['position'];
}
if( $ResumeInsert[$key]['edu_id'] != ""){
$ResumeUpdate[$key]['edu_id'] = $ResumeInsert[$key]['edu_id'];
}
if( $ResumeInsert[$key]['year_gain'] != ""){
$ResumeUpdate[$key]['year_gain'] = $ResumeInsert[$key]['year_gain'];
}
if( $ResumeInsert[$key]['qualification_name'] != ""){
$ResumeUpdate[$key]['qualification_name'] = $ResumeInsert[$key]['qualification_name'];
}
if( $ResumeInsert[$key]['institution_name'] != ""){
$ResumeUpdate[$key]['institution_name'] = $ResumeInsert[$key]['institution_name'];
}
if( $ResumeInsert[$key]['outstanding_Ach'] != ""){
$ResumeUpdate[$key]['outstanding_Ach']= $ResumeInsert[$key]['outstanding_Ach'];
}
if( $ResumeInsert[$key]['aquired_skill'] != ""){
$ResumeUpdate[$key]['aquired_skill'] = $ResumeInsert[$key]['aquired_skill'];
}
if( $ResumeInsert[$key]['expiry'] != ""){
$ResumeUpdate[$key]['expiry'] = $ResumeInsert[$key]['expiry'];
}
if( $ResumeInsert[$key]['Application_of_Skill'] != ""){
$ResumeUpdate[$key]['Application_of_Skill'] = $ResumeInsert[$key]['Application_of_Skill'];
}
if( $ResumeInsert[$key]['resume_skillID'] != ""){
$ResumeUpdate[$key]['resume_skillID'] = $ResumeInsert[$key]['resume_skillID'];
}
if( $ResumeInsert[$key]['skill_name'] != ""){
$ResumeUpdate[$key]['skill_name'] = $ResumeInsert[$key]['skill_name'];
}
if( $ResumeInsert[$key]['Licences_permits'] != ""){
$ResumeUpdate[$key]['Licences_permits'] = $ResumeInsert[$key]['Licences_permits'];
}
if( $ResumeInsert[$key]['date_Achived'] != ""){
$ResumeUpdate[$key]['date_Achived'] = $ResumeInsert[$key]['date_Achived'];
}
if( $ResumeInsert[$key]['expiry_renewal'] !="") {
$ResumeUpdate[$key]['expiry_renewal'] = $ResumeInsert[$key]['expiry_renewal'];
}
if( $ResumeInsert[$key]['skill_work'] != ""){
$ResumeUpdate[$key]['skill_work'] = $ResumeInsert[$key]['skill_work'];
}
if( $ResumeInsert[$key]['course_tilte'] != ""){
$ResumeUpdate[$key]['course_tilte'] = $ResumeInsert[$key]['course_tilte'];
}
if( $ResumeInsert[$key]['hobbyId'] != ""){
$ResumeUpdate[$key]['hobbyId'] = $ResumeInsert[$key]['hobbyId'];
}
if( $ResumeInsert[$key]['hobby_name'] != ""){
$ResumeUpdate[$key]['hobby_name'] = $ResumeInsert[$key]['hobby_name'];
}
if( $ResumeInsert[$key]['achievement_name'] != ""){
$ResumeUpdate[$key]['achievement_name'] = $ResumeInsert[$key]['achievement_name'];
}
if( $ResumeInsert[$key]['Application_OF_hobby_work'] != ""){
$ResumeUpdate[$key]['Application_OF_hobby_work'] = $ResumeInsert[$key]['Application_OF_hobby_work'];
}
if( $ResumeInsert[$key]['ref_resume_ID'] != ""){
$ResumeUpdate[$key]['ref_resume_ID'] = $ResumeInsert[$key]['ref_resume_ID'];
}
if( $ResumeInsert[$key]['referee_name'] != ""){
$ResumeUpdate[$key]['referee_name'] = $ResumeInsert[$key]['referee_name'];
}
if( $ResumeInsert[$key]['Position_referee'] != ""){
$ResumeUpdate[$key]['Position_referee'] = $ResumeInsert[$key]['Position_referee'];
}
if( $ResumeInsert[$key]['company_name_ref'] != ""){
$ResumeUpdate[$key]['company_name_ref'] = $ResumeInsert[$key]['company_name_ref'];
}
if( $ResumeInsert[$key]['phone_ref'] != ""){
$ResumeUpdate[$key]['phone_ref'] = $ResumeInsert[$key]['phone_ref'];
}
if( $ResumeInsert[$key]['contact_email_ref'] != ""){
$ResumeUpdate[$key]['contact_email_ref'] = $ResumeInsert[$key]['contact_email_ref'];
}
if( $ResumeInsert[$key]['reference_Type'] != ""){
$ResumeUpdate[$key]['reference_Type'] = $ResumeInsert[$key]['reference_Type'];
}
if( $ResumeInsert[$key]['Application_of_Skill_ref'] != ""){
$ResumeUpdate[$key]['Application_of_Skill_ref'] = $ResumeInsert[$key]['Application_of_Skill_ref'];
}
if( $ResumeInsert[$key]['app_date_sent'] != ""){
$ResumeUpdate[$key]['app_date_sent'] = $ResumeInsert[$key]['app_date_sent'];
}
if( $ResumeInsert[$key]['Application_Id'] != ""){
$ResumeUpdate[$key]['Application_Id'] = $ResumeInsert[$key]['Application_Id'];
}
if( $ResumeInsert[$key]['app_busisness_name'] != ""){
$ResumeUpdate[$key]['app_busisness_name'] = $ResumeInsert[$key]['app_busisness_name'];
}
if( $ResumeInsert[$key]['app_address'] != ""){
$ResumeUpdate[$key]['app_address'] = $ResumeInsert[$key]['app_address'];
}
if( $ResumeInsert[$key]['app_contact_phone'] != "")
{
$ResumeUpdate[$key]['app_contact_phone'] = $ResumeInsert[$key]['app_contact_phone'];
}
if( $ResumeInsert[$key]['app_outcome'] != ""){
$ResumeUpdate[$key]['app_outcome'] = $ResumeInsert[$key]['app_outcome'];
}
if( $ResumeInsert[$key]['app_date_closed'] != ""){
$ResumeUpdate[$key]['app_date_closed'] = $ResumeInsert[$key]['app_date_closed'];
}
if( $ResumeInsert[$key]['resume_id'] != ""){
$ResumeUpdate[$key]['resume_id'] = $ResumeInsert[$key]['resume_id'];
}
$ResumeUpdate[$key]['resume_id']=$Resume['id'][$key];
unset($ResumeInsert[$key]);
}
else{
$ResumeInsert[$key]['resume_id'] = $GetLastID;
$GetLastID++;
}
$status=$this->Resume_model->ProcessData($idsToDelete,$ResumeUpdate,$user_id,$ResumeInsert,$imgInsert,$imgUpdate);
redirect('Resume','refresh');
}
}
?>
Here the insert query (model)
function ProcessData($tbl_resumeInsert){
if(!empty($tbl_resumeInsert))
{
$this->insert_tbl_resume($user_id,$tbl_resumeInsert);
}
}
function insert_tbl_resume($id,$arrtbl_resume)
{
$this->db->insert_batch('tbl_resume', $arrtbl_resume);
}
in above code,when im going to submit the form only first Foreach loop's data can insert,when i print $ResumeInsert,it shows me only first foreach loop's data foreach($this->input->post('Person_id') as $key =>$value )
Rest foreach loop's data appears NULL in DB
please any help?
Thank You!
The function $this->input->post('something') is returning a value from the $_POST array with a key of 'something'. If the key 'something' does not exist it returns NULL. (or FALSE in CI version < 3.0)
$_POST is an associative array and will have at most only one item with any given key. So the code
foreach($this->input->post('Person_id') as $key =>$value )
{
...
will only run once as there is only one $_POST array item with the key 'Person_id'.
If your form html has more than one field named 'Person_id' only the value from the last field will be posted to the server.