I am currently making a simple login page. I am using preg_match to check if a username contains only letters and whitespace. If it helps, I am basing it off w3schools example: https://www.w3schools.com/php/php_form_url_email.asp
PHP
<?php
$username = $password = "";
$usernameErr = $passwordErr = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["username"])) {
$usernameErr = "A Username Is Required!";
} elseif (!preg_match("/^[a-zA-Z ]*$/",$username) === 0) {
$usernameErr = "Letters and White Space Only!";
} else {
$username = input(isset($_POST["username"]));
}
if (empty($_POST["password"])) {
$passwordErr = "A Password Is Required!";
}
else {
$password = input(isset($_POST["password"]));
}
}
function input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
}
?>
HTML
<!DOCTYPE HTML>
<html>
<head>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<h2>PHP Form Validation Example</h2>
<p><span class="error">* required field.</span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
Username: <input type="text" name="username">
<span class="error">* <?php echo $usernameErr;?></span>
<br><br>
Password: <input type="text" name="password">
<span class="error">* <?php echo $passwordErr;?></span>
<br><br>
<input type="submit" name="submit" value="Submit">
</form>
</body>
</html>
The value of $username is not changed between
$username = $password = "";
and
} elseif (!preg_match("/^[a-zA-Z ]*$/",$username) === 0) {
I think you meant to write
} elseif (!preg_match("/^[a-zA-Z ]*$/",$_POST['username']) === 0) {
Further, attempting to do an explicit integer type match on the return value for preg_match() is a bit silly. Particuarly if you perform a boolean negate on the value. This would be better:
} elseif (!preg_match("/^[a-zA-Z ]+$/",trim($_POST['username']))) {
Then just when we though it couldn't get any worse...
$username = input(isset($_POST["username"]));
Are you aware of what isset() does? It returns a boolean which you are processing with your input function. But since your function doesn't return a value you are setting $username to null.
Consider
$username = input($_POST["username"]);
...
function input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
There's a lot more wrong with the code, but that is enough clues.
I would strongly recommend that you when experimenting with code you put
error_reporting(E_ALL | E_STRICT);
at the top of your code and clean out all the warnings PHP will tell you about (the "| E_STRICT" is redundant if your PHP install is up to date).
Related
This question already has answers here:
How can I get useful error messages in PHP?
(41 answers)
Closed 19 days ago.
I'm trying to make a concept sign up page in PHP, and I need to require the user to enter in text for ALL inputs. If not, it would say for example, "You need a valid email address!" or something like that.
My problem is getting the text to actually show. When I submit, it doesn't show the error, it rather just stays with a star.
My code:
<html>
<head>
<link rel="stylesheet" href="style.css">
<title>Test</title>
</head>
<body>
<?php
$emailErr = $usernameErr = $passwordErr = "";
$email = $username = $password = "";
if ($_SERVER["REQUIRED_METHOD"] == "POST") {
if (empty($_POST["email"])) {
$emailErr = "You must enter a valid email address!";
} else {
$email = testData($_POST["email"]);
}
if (empty($_POST["username"])) {
$usernameErr = "You must create a username!";
} else {
$username = testData($_POST["username"]);
}
if (empty($_POST["password"])) {
$passwordErr = "You must create a password!";
} else {
$password = testData($_POST["password"]);
}
}
function testData($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<p><span class="error">* Required Field(s)</span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
<label for="email">Email Address:</label>
<span class="error">* <?php echo $emailErr;?></span>
<br>
<input type="email" name="email" placeholder="someone#organization.com" />
<br><br>
<label for="username">Username:</label>
<span class="error">* <?php echo $usernameErr;?></span>
<br>
<input type="text" name="username" />
<br><br>
<label for="password">Password:</label>
<span class="error">* <?php echo $passwordErr;?></span>
<br>
<input type="password" name="password" />
<br><br>
<input type="submit" value="Create Account!">
</form>
</body>
</html>
Can anyone please help me find out a solution to my situation?
It is not $_SERVER["REQUIRED_METHOD"] it should be $_SERVER["REQUEST_METHOD"]
So your if conditional block will be
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["email"])) {
$emailErr = "You must enter a valid email address!";
} else {
$email = testData($_POST["email"]);
}
if (empty($_POST["username"])) {
$usernameErr = "You must create a username!";
} else {
$username = testData($_POST["username"]);
}
if (empty($_POST["password"])) {
$passwordErr = "You must create a password!";
} else {
$password = testData($_POST["password"]);
}
}
Also, another quick and easy way of debugging is using var_dump() and see if the code block is being executed and has desired data in the variables is set.
You could have done var_dump($_SERVER); too to quick check what data this super global variable has or inside the if block so you will be sure that truth condition did passed or not.
Change index of $_SERVER["REQUIRED_METHOD"] to REQUEST_METHOD.
For more details go to https://www.php.net/manual/en/reserved.variables.server.php
$_SERVER["REQUIRED_METHOD"] == "POST" will raise an error.
$_SERVER["REQUEST_METHOD"] == "POST" will be right answer for your question.
if ($_SERVER['REQUEST_METHOD'] === 'POST')
I want to validate the input of a user so only letters/number and whitespace is allowed. I found a few examples on google and this is what I made out of it. For me this code is logic and should work but whenever I put a special character inside the form and after that press the submit button it wont show the error.
Does anyone know what I missed here or what I did wrong?
<?php
$Input1 = "";
$Input1Err = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if(empty($_POST["Input1"])){
$Input1Err = "Enter something.";
}else{
$Input1 = test_input($_POST["Input1"]);
if(!preg_match("/[^a-z0-9 _]+$/i", $Input1)){
$Input1Err = "Only letters and space is allowed.";
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
and here is the html code i use:
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" method="POST">
<p>Enter your name <input type="text" required name="Input1" placeholder="Enter here.."></p>
<span class="error">*<?php echo $Input1Err;?></span>
Try this :
<?php
if(isset($_POST['submit']) && $_POST['name'] != "")
{
$name = $_POST['name'];
$pattern = "/[^a-z0-9 _]+$/i";
$result = htmlspecialchars(stripslashes(preg_match($pattern, $name)));
echo $name;
} else {
echo "Please enter something.";
}
?>
HTML Form :
<form method="post" action="<?= $_SERVER['PHP_SELF']; ?>">
<input type="text" name="name" required="">
<input type="submit" name="submit" value="Submit Form">
</form>
Regular Expression to allow only letters numbers and space
^[a-z0-9 .\-]+$
Also there is one closing parenthesis missing in if else condition
$Input1 = "";
$Input1Err = "";
if ($_SERVER["REQUEST_METHOD"] == "POST")
{
if(empty($_POST["Input1"]))
{
$Input1Err = "Enter something.";
}
else
{
$Input1 = test_input($_POST["Input1"]);
if(!preg_match('/^[a-z0-9 .\-]+$/i', $Input1))
{
$Input1Err = "Only letters and space is allowed.";
}
}
}
I am attempting to display the results without the form being shown at the same time. So, initially when they go to the URL they see the form, and after they fill out the form and the form validation and required fields and URL is valid. Here is what I started with.
<!DOCTYPE HTML>
<html>
<head>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<?php
// define variables and set to empty values
$TXTlinknameErr = $TXTurlErr = "";
$TXTlinkname = $TXTurl = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["TXTlinkname"])) {
$TXTlinknameErr = "Name is required";
} else {
$TXTlinkname = test_input($_POST["TXTlinkname"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$TXTlinkname)) {
$TXTlinknameErr = "Only letters and white space allowed";
}
}
if (empty($_POST["TXTurl"])) {
$TXTurl = "";
} else {
$TXTurl = test_input($_POST["TXTurl"]);
// check if URL address syntax is valid (this regular expression also allows dashes in the URL)
if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&##\/%?=~_|!:,.;]*[-a-z0-9+&##\/%=~_|]/i",$TXTurl)) {
$TXTurlErr = "Invalid URL";
}
}
if (empty($_POST["TXTurl"])) {
$TXTurlErr = "URL is required";
} else {
$TXTurl = test_input($_POST["TXTurl"]);
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<h2>Create HTML Link</h2>
<p><span class="error">* required field</span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
Name: <input type="text" name="TXTlinkname" value="<?php echo $TXTlinkname;?>">
<span class="error">* <?php echo $TXTlinknameErr;?></span>
<br><br>
URL: <input type="text" name="TXTurl" value="<?php echo $TXTurl;?>">
<span class="error"><?php echo $TXTurlErr;?></span>
<br><br>
<input type="submit" name="submit" value="Submit">
</form>
<?php
echo "<h2>Your HTML Code:</h2>";
echo "<br>";
echo '<textarea name="htmlcode" rows="10" cols="60">' . $TXTlinkname . '</textarea>';
?>
</body>
</html>
Here is what I have tried.
I've tried adding else statements after body and before results. I'd like the results not to show until after form submitted.
Here's what I have so far...
I tried to add the below after the body
<?php
//If form not submitted, display form.
if (!isset($_POST['submit'])||(($_POST['name']) == "")){
?>
Then I added:
<?php
} else {
//Retrieve show string from form submission.
Just after
// define variables and set to empty values
Finally added:
<?php
} ?>
Before /body
Here is what I tried.
<!DOCTYPE HTML>
<html>
<head>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<?php
//If form not submitted, display form.
if (!isset($_POST['submit'])||(($_POST['TXTlinkname'] && $_POST['TXTurl']) == "")){
?>
<?php
// define variables and set to empty values
$TXTlinknameErr = $TXTurlErr = "";
$TXTlinkname = $TXTurl = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["TXTlinkname"])) {
$TXTlinknameErr = "Name is required";
} else {
$TXTlinkname = HTML_input($_POST["TXTlinkname"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$TXTlinkname)) {
$TXTlinknameErr = "Only letters and white space allowed";
}
}
if (empty($_POST["TXTurl"])) {
$TXTurl = "";
} else {
$TXTurl = HTML_input($_POST["TXTurl"]);
// check if URL address syntax is valid (this regular expression also allows dashes in the URL)
if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&##\/%?=~_|!:,.;]*[-a-z0-9+&##\/%=~_|]/i",$TXTurl)) {
$TXTurlErr = "Invalid URL";
}
}
if (empty($_POST["TXTurl"])) {
$TXTurlErr = "URL is required";
} else {
$TXTurl = HTML_input($_POST["TXTurl"]);
}
}
function HTML_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<h2>Create HTML Link</h2>
<p><span class="error">* required field</span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
Name: <input type="text" name="TXTlinkname" value="<?php echo $TXTlinkname;?>">
<span class="error">* <?php echo $TXTlinknameErr;?></span>
<br><br>
URL: <input type="text" name="TXTurl" value="<?php echo $TXTurl;?>">
<span class="error"><?php echo $TXTurlErr;?></span>
<br><br>
<input type="submit" name="submit" value="Submit">
</form>
<?php
} else {
echo "<h2>Your HTML Code:</h2>";
echo "<br>";
echo '<textarea name="htmlcode" rows="10" cols="60">' . $TXTlinkname . '</textarea>';
?>
<button onclick="location = location.href">Go Back</button>
<?php
} ?>
</body>
</html>
So, initially when they go to the URL they see the form, and after they fill out the form and the form validation and required fields and URL is valid.
The big issue I see with your code is the if statement. The variables are not defined unless form hasn't been submitted. What I've changed is moved the function to be defined globally along with the variable names, and inverted the if statement. PHP Tags, you don't need them everywhere. One wrapper is good enough.
I'm not sure about what your result is, but for what you asked, I shall provide.
<!DOCTYPE HTML>
<html>
<head>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<?php
function HTML_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
$TXTlinkname = $TXTurl = "";
$TXTlinknameErr = $TXTurlErr = "";
//If form not submitted, display form.
if (isset($_POST['submit'])){
if (empty($_POST['TXTurl'])) {
$TXTurlErr = "URL is required";
} else {
$TXTurl = HTML_input($_POST['TXTurl']);
// check if URL address syntax is valid (this regular expression also allows dashes in the URL)
if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&##\/%?=~_|!:,.;]*[-a-z0-9+&##\/%=~_|]/i",$TXTurl)) {
$TXTurlErr = "Invalid URL";
}
}
if (empty($_POST['TXTname'])) {
$TXTlinknameErr = "Name is required";
} else {
$TXTlinkname = HTML_input($_POST['TXTname']);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$TXTlinkname)) {
$TXTlinknameErr = "Only letters and white space allowed";
}
}
}
if (empty($TXTurlErr) && empty($TXTlinknameErr) && isset($_POST['submit'])) {
echo "<h2>Your HTML Code:</h2>";
echo "<br>";
echo '<textarea name="htmlcode" rows="10" cols="60">' . $TXTlinkname . '</textarea>';
echo '<button onclick="location = location.href">Go Back</button>';
} else {
echo '<h2>Create HTML Link</h2>
<p><span class="error">* required field</span></p>
<form method="post" action="'.htmlspecialchars($_SERVER["PHP_SELF"]).'">
Name: <input type="text" name="TXTname" value="'.$TXTlinkname.'">
<span class="error">* '. $TXTlinknameErr .'</span>
<br><br>
URL: <input type="text" name="TXTurl" value="'.$TXTurl.'">
<span class="error">'.$TXTurlErr.'</span>
<br><br>
<input type="submit" name="submit" value="Submit">
</form>';
}
?>
</body>
</html>
Tested locally on XAMPP
You have to have a variable that tells you if you're going to show the textarea or not...
<!DOCTYPE HTML>
<html>
<head>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<?php
// define variables and set to empty values
$TXTlinknameErr = $TXTurlErr = "";
$TXTlinkname = $TXTurl = "";
$show_textarea = false; //DEFAULT
if (isset($_POST['submit'])) { //The form is sent...
$show_textarea = true; //Then this is DEFAULT!!
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["TXTlinkname"])) {
$show_textarea = false; //DON'T SHOW TEXTAREA
$TXTlinknameErr = "Name is required";
} else {
$TXTlinkname = test_input($_POST["TXTlinkname"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$TXTlinkname)) {
$show_textarea = false; //DON'T SHOW TEXTAREA
$TXTlinknameErr = "Only letters and white space allowed";
}
}
if (empty($_POST["TXTurl"])) {
$show_textarea = false; //DON'T SHOW TEXTAREA
$TXTurl = "";
} else {
$TXTurl = test_input($_POST["TXTurl"]);
// check if URL address syntax is valid (this regular expression also allows dashes in the URL)
if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&##\/%?=~_|!:,.;]*[-a-z0-9+&##\/%=~_|]/i",$TXTurl)) {
$show_textarea = false; //DON'T SHOW TEXTAREA
$TXTurlErr = "Invalid URL";
}
}
if (empty($_POST["TXTurl"])) {
$show_textarea = false; //DON'T SHOW TEXTAREA
$TXTurlErr = "URL is required";
} else {
$TXTurl = test_input($_POST["TXTurl"]);
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
if ($show_textarea === false) {
?>
<h2>Create HTML Link</h2>
<p><span class="error">* required field</span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
Name: <input type="text" name="TXTlinkname" value="<?php echo $TXTlinkname;?>">
<span class="error">* <?php echo $TXTlinknameErr;?></span>
<br><br>
URL: <input type="text" name="TXTurl" value="<?php echo $TXTurl;?>">
<span class="error"><?php echo $TXTurlErr;?></span>
<br><br>
<input type="submit" name="submit" value="Submit">
</form>
<?php
}
if (isset($_POST['submit'])) { //The form is sent...
if ($show_textarea === true ) { //...AND the form has valid values
echo "<h2>Your HTML Code:</h2>";
echo "<br>";
echo '<textarea name="htmlcode" rows="10" cols="60">
' . $TXTlinkname . '
</textarea>';
}
}
?>
</body>
</html>
try this one:
if (!$_POST) || $_POST['TXTlinkname'] == "" && $_POST['TXTurl']) == "")){
PHP portion, where variables are initialized and set to empty. As well as the post methods and isset functions
The functions seem to be right, no errors when running the code. However, nothing is processed when the user submits everything. This is just a small portion of the code.
<?php
//define variables and set them to empty values
$fname_error= $phone_error= $address1_error= $address2_error= $city_error= $state_error= $zipcode_error= "";
$fname= $phone= $address1= $address2= $city= $state= $zipcode= "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["fname"])) {
$fname_error = "Missing";
}
else {
$fname = test_input($_POST["fname"]);
//now we check to see that the name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$fname)) {
$fname_error = "Please use letters and white space only";
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
The Html portion:
<div class="userinput">
<label for="fname"><b>First Name</b></label>
<input type="text" name="fname" value="<?php
echo $fname ?>">
<span class="error">
<?php echo $fname_error;?></span>
</div>
Close the conditional REQUEST_METHOD.
Your code should look like this:
<!DOCTYPE HTML>
<html>
<head>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<?php
//define variables and set them to empty values
$fname_error = $phone_error = $address1_error = $address2_error = $city_error = $state_error = $zipcode_error = "";
$fname = $phone = $address1 = $address2 = $city = $state = $zipcode = "";
//flag to validate and allow SQL insert if true
$valid=true;
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["fname"])) {
$fname_error = "Missing";
$valid=false;
} else {
$fname = test_input($_POST["fname"]);
//now we check to see that the name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/", $fname)) {
$valid=false;
$fname_error = "Please use letters and white space only";
}
}
}
//filter your input for security reason
function test_input($data) {
$data1 = trim($data);
$data2 = stripslashes($data1);
$data3 = htmlspecialchars($data2);
return $data3;
}
if($valid){
//Add you insert SQL
}
?>
<h2>PHP Form Validation Example</h2>
<p><span class="error">* required field</span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>">
<label for="fname"><b>First Name</b></label>
<input type="text" name="fname" value="<?php echo $fname ?>">
<span class="error">
<?php echo $fname_error; ?></span>
<br><br>
<input type="submit" name="submit" value="Submit">
</form>
<?php
//For testing porpuses:
echo "<h2>Your Input:</h2>";
echo $fname;
?>
</body>
Reference: https://www.w3schools.com/php/php_form_complete.asp
Form validation
hi guys i need your help Im new in this field
i have created a form and i want to validate it using php then after validation
i want to insert it in my database but the validation didnt work please help me :(
<?php
$fname = "";
$fnameErr = "";
if ($_SERVER['REQUEST_METHOD'] == "POST")
{
if (empty($_POST['firstname'])) {
$fnameErr = "Firsname required";
}else{
$fname = test_input($_POST["firstname"]);
if (!preg_match("/^[a-zA-Z ]*$/",$fname)) {
$fnameErr = "Only letters and white space allowed";
}
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
mysql_connect('localhost','root','G0cl');
mysql_select_db('db') or die ('Unable to connect to database');
$insert_query = "INSERT into tbl values('$fname')" ;
$record_insert = mysql_query($insert_query);
?>
<?php
include "process.php";
?>
<!DOCTYPE html>
<html>
<head>
<title>practice</title>
</head>
<body>
<h2>Absolute classes registration</h2>
<form method = "post" action = "<?php echo htmlspecialchars($_SERVER["PHP_SELF"]) ?>">
<input type = "text" name = "firstname" placeholder=" Firsname ">
<span class = "error">* <?php echo $fnameErr;?></span>
<input type = "submit" name = "submit" value = "Submit">
</form>
</body>
</html>
Your code reads:
If POST:
Do validation.
Do database insert.
Display form (with errors/feedback).
In other words it doesn't matter if validation fails or not.
You want logic along the lines of:
If POST
Do validation
If no validation errors:
Do database insert.
If insert success:
Redirect.
Display form (with errors/feedback).
Example here:
<?php
$errors = [];
if ($_SERVER['REQUEST_METHOD'] == "POST")
{
$firstname = isset($_POST['firstname']) ? trim($_POST['firstname']) : null;
if (empty($firstname)) {
$errors['firstname'] = "Firstname required.";
}
elseif (!preg_match("/^[a-zA-Z ]*$/", $firstname)) {
$errors['firstname'] = "Only letters and white space allowed.";
}
// etc.
if(! count($errors)) {
echo 'Passed validation, do database insert and then redirect here.';
}
}
$show_error = function($key) use ($errors) {
if(isset($errors[$key])) {
return '<span class = "error">*' . $errors[$key] . '</span>';
}
};
?>
<!DOCTYPE html>
<html>
<head>
<title>Form</title>
</head>
<body>
<h2>Absolute beginners</h2>
<form method = "POST" action = "">
<input type = "text" name = "firstname" placeholder="e.g. Joe.">
<?= $show_error('firstname'); ?>
<input type = "submit" name = "submit" value = "Submit">
</form>
</body>
</html>
try this one
<?php
$fname = "";
$fnameErr = "";
if ($_SERVER['REQUEST_METHOD'] == "POST")
{
if (empty($_POST['firstname'])) {
$fnameErr = "Firsname required";
}else{
$fname = test_input($_POST["firstname"]);
if (!preg_match("/^[a-zA-Z ]*$/",$fname)) {
$fnameErr = "Only letters and white space allowed";
}
else{
mysql_connect('localhost','root','G0cl');
mysql_select_db('db') or die ('Unable to connect to database');
$insert_query = "INSERT into tbl values('$fname')" ;
$record_insert = mysql_query($insert_query);
}
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<?php
include "process.php";
?>
<!DOCTYPE html>
<html>
<head>
<title>practice</title>
</head>
<body>
<h2>Absolute classes registration</h2>
<form method = "post" action = "<?php echo htmlspecialchars($_SERVER["PHP_SELF"]) ?>">
<input type = "text" name = "firstname" placeholder=" Firsname ">
<span class = "error">* <?php echo $fnameErr;?></span>
<input type = "submit" name = "submit" value = "Submit">
</form>
</body>
</html>
You need to include your insert query code after the preg_match. If preg_match false then then the firstname can be inserted to database table.