This php file is using server side validation via post method as the user enters data into the input devices. The only problem I'm having is inserting the data into the customers table as it doesn't work. I know this because i have created test php file that displays all the customer tables content and the data the user enters is not there. Where have i gone wrong?
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-
strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Prac 2 Task 12</title>
</head>
<body>
<?php
$conn = mysql_connect("localhost", "twa291", "......");
mysql_select_db("factory291", $conn)
or die ('Database not found ' . mysql_error() );
$sql = "SELECT * FROM customer";
$rs = mysql_query($sql, $conn)
or die ('Problem with query' . mysql_error());
$ename = $elname = $ecus = $epcode = "";
$fnamecus = $lnamecus = $idcus = $pcde = "";
$error_report = false;
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["customerid"])) {
$ecus = "Customer ID is required";
$error_report = true;
} else {
$idcus = input_t($_POST["customerid"]);
// check if numeric
if (preg_match("/[^0-9]/",$idcus)) {
$ecus = "Only numbers allowed";
$error_report = true;
}
if(strlen($idcus) != 6 && ($idcus) != null)
{
$ecus = "Customer ID must be 6 digits";
$error_report = true;
}
}
if (empty($_POST["customerfname"])) {
$ename = "First name is required";
$error_report = true;
} else {
$fnamecus= input_t($_POST["customerfname"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z-]*$/",$fnamecus)) {
$ename = "Only alphabetic letters and hyphen";
$error_report = true;
}
if(strlen($fnamecus) > 20 && ($fnamecus) != null)
{
$ename = "First name can't be more that 20 characters long";
$error_report = true;
}
}
if (empty($_POST["customerlname"])) {
$elname = "Last name is required";
$error_report = true;
} else {
$lnamecus = input_t($_POST["customerlname"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z-]*$/",$lnamecus)) {
$elname = "Only alphabetic letters and hyphen";
$error_report = true;
}
if(strlen($lnamecus) > 20 && ($lnamecus) != null)
{
$elname = "Last name can't be more that 20 characters long";
$error_report = true;
}
}
if (!is_null($_POST["postcode"])) {
$pcde = input_t($_POST["postcode"]);
// check if name only contains letters and whitespace
if (preg_match("/[^0-9]/",$pcde)) {
$epcode = "Only numbers allowed";
$error_report = true;
}
if(strlen($pcde) != 4 && ($pcde) != null)
{
$epcode = "Post code must be 4 digits";
$error_report = true;
}
}
}
if($error_report != true) {
$query="INSERT INTO customer (customerID, firstName, lastName, Address, suburb, state, postcode)
VALUES ('customerid', 'customerfname', ‘customerlname', 'customeraddress', 'suburb',
'state', 'postcode')";
$queryResult = mysql_query($query, $conn)
or die ('Problem with query' . mysql_error());
echo "correct";
}
function input_t($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<h1>Customer Information Collection <br /></h1>
<p><span class="error">* required field.</span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" id="custinfo" >
<table>
<tr>
<td><label for="customerid">Customer ID (integer value): </label></td>
<td><input type="text" id="customerid" name="customerid" size=11 value="<?php
echo $idcus;?>"/><span class="error">* <?php echo $ecus;?></span></td>
</tr>
<tr>
<td><label for="customerfname">Customer Frist Name: </label></td>
<td><input type="text" id="customerfname" name="customerfname" size=50 value="<?php
echo $fnamecus;?>"/><span class="error">* <?php echo $ename;?></span></td>
</tr>
<tr>
<td><label for="customerlname">Customer Last Name: </label></td>
<td><input type="text" id="customerlname" name="customerlname" size=50 value="<?php
echo $lnamecus;?>"/><span class="error">* <?php echo $elname;?></span></td>
</tr>
<tr>
<td><label for="customeraddress">Customer Address: </label></td>
<td><input type="text" id="customeraddress" name="customeraddress" size=65/></td>
<td><label for="suburb"> Suburb: </label></td>
<td><input type="text" id="suburb" name="suburb"/></td>
</tr>
<tr>
<td>
State:<select name="state" id="state">
<option value="select">--</option>
<option value="ACT">ACT</option>
<option value="NSW">NSW</option>
<option value="NT">NT</option>
<option value="QLD">QLD</option>
<option value="SA">SA</option>
<option value="TAS">TAS</option>
<option value="VIC">VIC</option>
<option value="WA">WA</option>
</select>
</td>
<td><label for="postcode"> Post Code: </label><input type="text" id="postcode"
name="postcode" size=4 value="<?php
echo $pcde;?>"/><span class="error"><?php echo $epcode;?></span></td>
</tr>
</table>
<p><input type="submit" value="Save Data"/> <input type="reset" value="Clear Form" />
</tr>
</form>
</body>
</html>
You need to call mysql_query on your $query -- right now you're just defining the $query object and then ignoring it for the rest of the page.
Add something like the following on the line before echo "correct";
$queryResult = mysql_query($query, $conn)
or die ('Problem with query' . mysql_error());
n.b. I'll echo #Ozmah's comment about looking into PDO or mysqli functions - learning the deprecated plain mysql functions will be of dubious value.
Related
Hi this is my PHP code for attendance sign in, but it enters multiple entry when i remove the while loop.
Please help me to get which loop is better to this coding...
It is working fine when i remove the while loop. However it is possible to enter multiple entries in attendance.
<?php
$conn = mysqli_connect("localhost", "Vijay", "vijay123", "test");
if (mysqli_connect_errno())
{
echo "Unable to connect the Server" . mysqli_connect_error();
}
if ($_SERVER["REQUEST_METHOD"] == "POST")
{
// getting details from form
$EmployeeNoA = mysqli_real_escape_string($conn, $_POST['EmployeeNoA']);
$EmployeeNameA = mysqli_real_escape_string($conn, $_POST['EmployeeNameA']);
$Shift = mysqli_real_escape_string($conn, $_POST['Shift']);
$SignInDay = mysqli_real_escape_string($conn, $_POST['SignInDay']);
$SignInDate = mysqli_real_escape_string($conn, $_POST['SignInDate']);
$SignInTime = mysqli_real_escape_string($conn, $_POST['SignInTime']);
if ($Shift == "0")
{
echo "<script>alert('Please Select the Shift!');</script>";
}
else
{
// $rowcount = mysqli_query($conn, "SELECT * From attend");
// $rowCount = mysqli_num_rows($rowcount);
$ver = mysqli_query($conn, "SELECT * FROM attend WHERE EmployeeNoA='$EmployeeNoA' && SignInDate='$SignInDate'");
while ($view = mysqli_fetch_array($ver, MYSQL_ASSOC)) // **it is repeatedly running and store multiple data and error message.
{
if ($SignInDate != $view['SignInDate'])
{
$sql = "INSERT INTO attend (EmployeeNoA, EmployeeNameA, Shift, Day, SignInDate, SignInTime) VALUES ('$EmployeeNoA', '$EmployeeNameA', '$Shift', '$SignInDay', '$SignInDate', '$SignInTime')";
if (!mysqli_query($conn, $sql))
{
echo mysqli_error($conn);
}
else
{
echo "<script>alert ('You have Signed In!');</script>";
}
}
else
{
echo "<script>alert ('You have ALREADY Signed In!');</script>";
}
}
}
}
?>
Here Pls find my html
<h2 style="text-align:center;margin-bottom:1.5em;margin-top:1.5em;font-family:sans-serif">ATTENDANCE SIGN IN</h2>
<form action="<?php ($_SERVER['PHP_SELF']);?>" method="POST">
<div style="margin-top:20px;margin-left:20px;">
<table cellpadding="5">
<tr><td><label>Employee No:</label></td><td><input type="text" name="EmployeeNoA" value="<?php echo $EmployeeNo; ?>" readonly="readonly"></td></tr>
<tr><td><label>Employee Name:</label></td><td><input type="text" name="EmployeeNameA" value="<?php echo $EmployeeName; ?>" readonly="readonly"></td></tr>
<tr><td style="vertical-align:top;"><label>Shift:</label></td><td>
<select name="Shift" id="Shift">
<option value="0">-- Select --</option>
<option value="Shift1">I Shift</option>
<option value="Shift2">IA Shift</option>
<option value="Shift3">II Shift</option>
<option value="Shift4">General Shift</option>
<option value="Shift5">General A Shift</option>
</select>
<!--<tr><td style="vertical-align:top;"><label>Shift:</label></td><td style="line-height:1.6em; text-align:justify;font-weight:bold;"><input type="radio" name="shift" value="I"> I Shift <span style="font-weight:normal;font-size:small;color:grey;">6:00 - 3:00</span><br/><input type="radio" name="shift" value="IA"> IA Shift <span style="font-weight:normal;font-size:small;color:grey;">7:00 - 4:00</span><br/><input type="radio" name="shift" value="II"> II Shift<br/><input type="radio" name="shift" value="G"> Gen. Shift <span style="font-weight:normal;font-size:small;color:grey;">8:00 - 5:00</span><br/><input type="radio" name="shift" value="G1"> G I Shift <span style="font-weight:normal;font-size:small;color:grey;">10:00 - 7:00</span>--><td></tr>
<tr><td><label>Day:</label></td><td><input style="text-align:center;" type="text" name="SignInDay" value="<?php date_default_timezone_set('Asia/Kolkata'); echo date('l'); ?>" readonly="readonly"></td></tr>
<tr><td><label>SignIn Date:</label></td><td><input style="text-align:center;" type="text" name="SignInDate" value="<?php date_default_timezone_set('Asia/Kolkata'); echo date('Y-m-d'); ?>" readonly="readonly"></td></tr>
<tr><td><label>SignIn Time:</label></td><td><input style="text-align:center;color:blue;" type="text" name="SignInTime" value="<?php date_default_timezone_set('Asia/Kolkata'); echo date('H:i:s'); ?>" readonly="readonly"></td></tr>
<tr><td style="text-align:center;" colspan="2"><input style="margin-top:20px;" type="submit" name="signin" value="Sign In"> <button type="close" name="close" onclick="closeWin()">Exit</button></td></tr>
</table>
</div>
</form>
It looks like you just want to test whether the first query returns any rows. Use:
$ver = mysqli_query($conn, "SELECT COUNT(*) AS count FROM attend WHERE EmployeeNoA='$EmployeeNoA' && SignInDate='$SignInDate'");
$row = mysqli_fetch_assoc($ver);
if ($row['count'] == 0) {
sql = "INSERT INTO attend (EmployeeNoA, EmployeeNameA, Shift, Day, SignInDate, SignInTime) VALUES ('$EmployeeNoA', '$EmployeeNameA', '$Shift', '$SignInDay', '$SignInDate', '$SignInTime')";
if (!mysqli_query($conn, $sql)) {
echo mysqli_error($conn);
} else {
echo "<script>alert ('You have Signed In!');</script>";
}
} else {
echo "<script>alert ('You have ALREADY Signed In!');</script>";
}
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 8 years ago.
Improve this question
The code below should get the input by the user and insert it into the customer table. However, i get the error :Problem with queryIncorrect integer value: 'customerid' for column 'customerID' at row 1. Can anyone help with this? Thanks
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-
strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Prac 2 Task 12</title>
</head>
<body>
<?php
$conn = mysql_connect("localhost", "user", "password");
mysql_select_db("factory291", $conn)
or die ('Database not found ' . mysql_error() );
$sql = "SELECT * FROM customer";
$rs = mysql_query($sql, $conn)
or die ('Problem with query' . mysql_error());
$ename = $elname = $ecus = $epcode = "";
$fnamecus = $lnamecus = $idcus = $pcde = "";
$error_report = false;
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["customerid"])) {
$ecus = "Customer ID is required";
$error_report = true;
} else {
$idcus = input_t($_POST["customerid"]);
// check if numeric
if (preg_match("/[^0-9]/",$idcus)) {
$ecus = "Only numbers allowed";
$error_report = true;
}
if(strlen($idcus) != 6 && ($idcus) != null)
{
$ecus = "Customer ID must be 6 digits";
$error_report = true;
}
}
if (empty($_POST["customerfname"])) {
$ename = "First name is required";
$error_report = true;
} else {
$fnamecus= input_t($_POST["customerfname"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z-]*$/",$fnamecus)) {
$ename = "Only alphabetic letters and hyphen";
$error_report = true;
}
if(strlen($fnamecus) > 20 && ($fnamecus) != null)
{
$ename = "First name can't be more that 20 characters long";
$error_report = true;
}
}
if (empty($_POST["customerlname"])) {
$elname = "Last name is required";
$error_report = true;
} else {
$lnamecus = input_t($_POST["customerlname"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z-]*$/",$lnamecus)) {
$elname = "Only alphabetic letters and hyphen";
$error_report = true;
}
if(strlen($lnamecus) > 20 && ($lnamecus) != null)
{
$elname = "Last name can't be more that 20 characters long";
$error_report = true;
}
}
if (!is_null($_POST["postcode"])) {
$pcde = input_t($_POST["postcode"]);
// check if name only contains letters and whitespace
if (preg_match("/[^0-9]/",$pcde)) {
$epcode = "Only numbers allowed";
$error_report = true;
}
if(strlen($pcde) != 4 && ($pcde) != null)
{
$epcode = "Post code must be 4 digits";
$error_report = true;
}
}
}
if($error_report != true) {
$query="INSERT INTO customer (customerID, firstName, lastName, Address, suburb, state, postcode)
VALUES ('".$_POST['customerid']."', '".$_POST['customerfname']."', '".$_POST['customerlname']."',
'".$_POST['customeraddress']."', '".$_POST['suburb']."',
'".$_POST['state']."', '".$_POST['postcode']."')";
echo "correct";
}
function input_t($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<h1>Customer Information Collection <br /></h1>
<p><span class="error">* required field.</span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" id="custinfo" >
<table>
<tr>
<td><label for="customerid">Customer ID (integer value): </label></td>
<td><input type="text" id="customerid" name="customerid" size=11 value="<?php
echo $idcus;?>"/><span class="error">* <?php echo $ecus;?></span></td>
</tr>
<tr>
<td><label for="customerfname">Customer Frist Name: </label></td>
<td><input type="text" id="customerfname" name="customerfname" size=50 value="<?php
echo $fnamecus;?>"/><span class="error">* <?php echo $ename;?></span></td>
</tr>
<tr>
<td><label for="customerlname">Customer Last Name: </label></td>
<td><input type="text" id="customerlname" name="customerlname" size=50 value="<?php
echo $lnamecus;?>"/><span class="error">* <?php echo $elname;?></span></td>
</tr>
<tr>
<td><label for="customeraddress">Customer Address: </label></td>
<td><input type="text" id="customeraddress" name="customeraddress" size=65/></td>
<td><label for="suburb"> Suburb: </label></td>
<td><input type="text" id="suburb" name="suburb"/></td>
</tr>
<tr>
<td>
State:<select name="state" id="state">
<option value="select">--</option>
<option value="ACT">ACT</option>
<option value="NSW">NSW</option>
<option value="NT">NT</option>
<option value="QLD">QLD</option>
<option value="SA">SA</option>
<option value="TAS">TAS</option>
<option value="VIC">VIC</option>
<option value="WA">WA</option>
</select>
</td>
<td><label for="postcode"> Post Code: </label><input type="text" id="postcode"
name="postcode" size=4 value="<?php
echo $pcde;?>"/><span class="error"><?php echo $epcode;?></span></td>
</tr>
</table>
<p><input type="submit" value="Save Data"/> <input type="reset" value="Clear Form" />
</tr>
</form>
</body>
</html>
Your problem is incorrect use of quotes:
$query="INSERT INTO customer (customerID, firstName, lastName, Address, suburb, state, postcode)
VALUES ('customerid', 'customerfname', ‘customerlname', 'customeraddress', 'suburb',
'state', 'postcode')";
You are submitting the literal string values, 'customerid', etc.
From your code, it looks like you want to use the $_POST values, like this:
$query="INSERT INTO customer (customerID, firstName, lastName, Address, suburb, state, postcode)
VALUES ('".$_POST['customerid']."', '".$_POST['customerfname']."', '".$_POST['customerlname']."', '".$_POST['customeraddress']."', '".$_POST['suburb']."',
'".$_POST['state']."', '".$_POST['postcode']."')";
Also:
Please do not use the mysql_* functions. They are deprecated. Use MySQLi or PDO.
You are wide open to SQL injection. You need to escape your data or, even better, use prepared statements.
bellow you see my form validation script that I have been working on for a while. The script is suppose to check if the "Name:" is first not empty and then if it only contains letters and then insert the data. Likewise for the "Price:" it is suppose to check if it is not empty and then it's only digits. So far I have failed to make all the functions working and here are the problems as it sits right now:
in general it does not insert data to the table
regardless says price is required (even if the price is given)
when there is given numbers in the name field, there is no error
and here is the script:
<!DOCTYPE HTML>
<html>
<head>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<?php
$con=mysqli_connect("localhost","xxxxx","xxxxx","my_project");
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
// define variables and set to empty values
$nameErr = $priceErr = $catErr = $condErr = $regionErr = "";
$product_name = $product_price = $product_cat = $product_cond = $product_region = "";
if ($_SERVER["REQUEST_METHOD"] == "POST")
{
if (empty($_POST["product_name"]))
{
$nameErr = "Name is required";
}
else if (!preg_match("/^[a-zA-Z ]*$/",$product_name))
{
$nameErr = "Only letters and white space allowed";
}
if (empty ($_POST ["product_price"]))
{
$priceErr = "Price is required";
}
else if(!ctype_digit($product_price))
{
$priceErr = "Price is required";
}
else
{
$product_name = test_input($_POST["product_name"]);
$product_price = test_input($_POST["product_price"]);
$sql= "INSERT INTO Product (product_name, product_cond, product_price, product_cat, product_region, email, phone_num)
VALUES
('$_POST[product_name]','$_POST[product_cond]','$_POST[product_price]','$_POST[product_cat]','$_POST[product_region]','$_POST[Email]','$_POST[PhoneNumber]')";
if (!mysqli_query($con,$sql))
{
echo 'Error: ' . mysqli_error($con);
}
else
{
echo "1 record added";
}
mysqli_close($con);
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<h2>PHP Form Validation Example</h2>
<p><span class="error">* required field.</span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
Name: <input type="text" name="product_name" value="<?php echo $product_name;?>">
<span class="error">* <?php echo $nameErr;?></span>
<br><br>
price: <input type="text" name="product_price" value="<?php echo $product_price;?>">
<span class="error">* <?php echo $priceErr;?></span>
<br><br>
Condition:
<select name="product_cond" required >
<option value="" >SELECT</option>
<option value="Used" >Used </option>
<option value="new" >New</option>
</select>
Category:
<select name="product_cat" required >
<option value="" >SELECT</option>
<option value="books" >books</option>
<option value="Computers" >Computers</option>
<option value="Hardware/Tools" >Hardware/Tools </option>
<option value="Cars" >Cars</option>
<option value="home Appliances" >home Appliances</option>
</select>
Region:
<select name="product_region" required >
<option value="" >SELECT</option>
<option value="Oulu" >Oulu</option>
<option value="Turku" >Turku</option>
<option value="Helsinki" >Helsinki </option>
<option value="Tornio" >Vaasa</option>
<option value="Tampere" >Tampere</option>
<option value="Kemi" >Kemi</option>
<input type="submit">
</form>
</body>
and here is the example that I have used and modified:
http://www.w3schools.com/php/showphp.asp?filename=demo_form_validation_special
I'd suggest to use an array of errors instead of variables.
Then you should access the variables you send by the form like $_POST['variable']
Try this code:
$errors = array();
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["product_name"])) {
$errors['name'] = "Name is required";
} else if (!preg_match("/^[a-zA-Z ]*$/", $_POST['product_name'])) {
$errors['name'] = "Only letters and white space allowed";
}
if (empty($_POST ["product_price"])) {
$errors['price'] = "Price is required";
} else if (!ctype_digit($_POST['product_price'])) {
$errors['price'] = "Price is required";
}
if(count($errors) == 0){
$product_name = test_input($_POST["product_name"]);
$product_price = test_input($_POST["product_price"]);
$sql = "INSERT INTO Product (product_name, product_cond, product_price, product_cat, product_region, email, phone_num)
VALUES
('$_POST[product_name]','$_POST[product_cond]','$_POST[product_price]','$_POST[product_cat]','$_POST[product_region]','$_POST[Email]','$_POST[PhoneNumber]')";
if (!mysqli_query($con, $sql)) {
echo 'Error: ' . mysqli_error($con);
} else {
echo "1 record added";
}
}
}
Well, I just bought a sms api which is created by php. They provide me this 2 lines:
http://fahimit.com/smsapi.php?
user=username&pass=pass&phone=mobile_numer&senderid=sender_name&message=my_message
\well now i'm using a html form to send sms. But after message send it's not showing full sender name and message.
For example if i use "Test Sender" as sender_name and "Test message test message" as my_message then it's only showing First word like: Test as sender_name and Test as my_message. I don't understand why it's not showing full message and sender name
PHP code:
<?php
if(isset($_POST['Submit']) && $_POST['Submit'] == "Send SMS")
{
$write_numer = $_POST['write_number'];
$sender = inputvalid($_POST['sender']);
$type = inputvalid($_POST['type']);
$select_msg = inputvalid($_POST['select_msg']);
$msg = $_POST['txt'];
$length = strlen($msg);
$err = array();
$ip = $_SERVER['REMOTE_ADDR'];
if(isset($write_numer) && isset($sender) && isset($type) && isset($select_msg) && isset($msg))
{
if(empty($write_numer) && empty($sender) && empty($type) && empty($select_msg) && empty($msg))
$err[] = "All field require";
else
{
if(empty($write_numer))
$err[] = "Write your mobile number";
elseif(strlen($write_numer) > 13 || strlen($write_numer) < 13)
$err[] = "Your mobile number format is not correct";
elseif(!is_numeric($write_numer))
$err[] = "Your mobile number format is not correct";
elseif (!preg_match("/^8801(6|5|7|8|9|1)\d{8}/", $write_numer))
$err[] = "Invalid mobile number";
if(empty($sender))
$err[] = "Select sender name";
if(empty($type))
$err[] = "Select your message type";
if(empty($select_msg) && empty($msg))
$err[] = "Select your message";
}
}
//error count
if(!empty($err))
{
echo "<div class='error'>";
foreach($err as $er)
{
echo "<font color=red>$er.</font><br/>";
}
echo "</div>";
echo "<br/>";
}
else
{
$sms = "http://fahimit.com/smsapi.php?user=MYUSERNAME&pass=MYPASS&phone=".$write_numer."&senderid=".$sender."&message=".$msg."";
$sms = file_get_contents($sms);
if($sms)
{
echo "<div class='success'>Successfully sent your message to $write_numer. Thank You.</div>";
$sql = mysql_query("INSERT INTO e_sent_sms VALUES('', '', '', '$write_numer', '$msg', '', '', '$length', '$type', '$sender', '$current_date', '$ip' )");
}
else
{
mysql_error();
}
}
}
?>
HTML CODE:
<form name="frm" method="post" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']) ?>">
<table width="800" border="0" cellspacing="10" cellpadding="0" style="float:left; position:relative;">
<tr>
<td>Write Number</td>
<td><input type="text" name="write_number" placeholder="Write your mobile number" class="td3" value="<?php if(isset($_POST['write_number'])) echo $_POST['write_number']; ?>" /><span style="color:#033;">* Mobile number must start with 8801XXXXXXXXX</span></td>
</tr>
<tr>
<td>Sender</td>
<td><input type="text" name="sender" placeholder="Sender name" class="td3" value="<?php if(isset($_POST['sender'])) echo $_POST['sender']; ?>" /></td>
</tr>
<tr>
<td>Message type</td>
<td>
<select name="type" class="select">
<option value="">--Select--</option>
<option value="5" <?php if(isset($_POST['type']) && $_POST['type'] == "5") echo 'selected = "selected"'; ?>>Text</option>
<option value="1" <?php if(isset($_POST['type']) && $_POST['type'] == "1") echo 'selected = "selected"'; ?>>Flash</option>
<option value="3" <?php if(isset($_POST['type']) && $_POST['type'] == "3") echo 'selected = "selected"'; ?>>Arabic</option>
<option value="2" <?php if(isset($_POST['type']) && $_POST['type'] == "2") echo 'selected = "selected"'; ?>>Unicode</option>
<option value="6" <?php if(isset($_POST['type']) && $_POST['type'] == "6") echo 'selected = "selected"'; ?>>Unicode Flash</option>
<option value="4" <?php if(isset($_POST['type']) && $_POST['type'] == "4") echo 'selected = "selected"'; ?>>Wap Push</option>
</select>
</td>
</tr>
<tr>
<td>Select message</td>
<td>
<select name="select_msg" class="select" id="carDealer">
<option value="">--Select Message--</option>
<?php
$sql = mysql_query("SELECT DISTINCT msg FROM e_sms_draft");
while($res = mysql_fetch_array($sql))
{
$draft = inputvalid($res['msg']);
$draft = stripslashes($draft);
if(isset($_POST['select_msg']) && $_POST['select_msg'] == "$draft")
$sel = 'selected = "selecteds"';
else
$sel = "";
echo "<option value='$draft' $sel>$draft</option>";
}
?>
</select>
</td>
</tr>
<td valign="top">Message</td>
<td><textarea class="textarea2" id="carPark" placeholder="Your message" name="txt" onkeyup="counter(this);"><?php if(isset($_POST['txt'])) echo $_POST['txt']; ?></textarea>
<script src="http://code.jquery.com/jquery-1.9.1.js"></script>
<script>
function putIt(e) {
$("#carPark").val(e.target.value);
}
$("#carDealer").on("change", putIt);
</script>
<br/><input type="" name="lbl" style="border:none;"><br/></td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="Submit" value="Save SMS" class="view"/>
<input type="submit" name="Submit" value="Send SMS" class="submit"/></td>
</tr>
</table>
</form>
Can you tell me what's wrong in my code ?
You need to urlencode your text before passing it to the URL. Do like this
$sender = urlencode($sender);
$msg = urlencode($msg);
$sms = "http://fahimit.com/smsapi.php?user=MYUSERNAME&pass=MYPASS&phone=".$write_numer."&senderid=".$sender."&message=".$msg."";
Do this for all the variables that you are going to send it to the URL.
I have this whole code. Jumbled but what I'm trying to do is to have a drop down menu with selections from 1 -10. Then after selecting one, would spit out another form so that if there 3 were selected, would show three rows of fields (name, email). Validation included. What I was first "hard coded" on how many rows of fields to spit out but now what I wanted to do is to have a "selection" in dropdown menu so that the user has the ability to select.... Seem to work but doesn't process. Any PHP expert help? No db, no client-base, no smart alec. If you have time to help please do.
<!DOCTYPE html>
<html>
<head>
<title>PHP FORM </title>
<link rel="stylesheet" href="style.css" />
</head>
<body>
<div id="container">
<?php
// Print some introductory text:
echo '<h2>Party Invitation Form</h2>
<p>Please enter list of people with first name, last name and email address to get an invitation by email.</p>';
if (isset($_POST['submit-invite'])) { //DROPDOWN MENU
$row = $_POST['invitee'];
// Check if the form has been submitted:
if (isset($_POST['submit'])) {
$problem = FALSE; // No problems so far.
// Check for each value...
for ($i = 1; $i < count($_POST['email']); $i++) {
if (empty($_POST['firstname'][$i])) {
$problem = TRUE;
echo '<input type="text" name="firstname[]" size="20" />';
}
if (empty($_POST['lastname'][$i])) {
$problem = TRUE;
}
if (empty($_POST['email'][$i]) || (substr_count($_POST['email'][$i], '#') != 1) ) {
$problem = TRUE;
}
}
if (!$problem) { // If there weren't any problems...
// Print a message:
echo '<p><b>Thank you for registering! We will send each one an invitation: <b> </b></p>';
for ($i = 0; $i < count($_POST['email']); $i++) {
$row = $i+1;
echo $row.": ".$_POST['firstname'][$i]." ".$_POST['lastname'][$i].", ".$_POST['email'][$i]." <br/>";
// Send the email:
$body = file_get_contents("Lab12_Obj1_email_template.txt");
$body = str_replace("#firstname#",$_POST['firstname'][$i],$body);
$body = str_replace("#lastname#",$_POST['lastname'][$i],$body);
$body = str_replace("#email#",$_POST['email'][$i],$body);
mail($_POST['email'][$i], 'Party Invitation', $body, 'From: jvicencio#johnvicencio.com');
}
// Clear the posted values:
$_POST = array();
} else { // Forgot a field.
echo '<p id="error">* Required field! Please try again. Thank you.</p>';
}
} // End of handle form IF.
//show form
?>
<form action="" method="post">
<table>
<tr style="font-weight:bold">
<td>First name:</td>
<td>Last name:</td>
<td>Email:</td>
</tr>
<?php for ($i = 1; $i <= $row; $i++) { ?>
<tr>
<td><?php if ($problem == TRUE) { echo '<p id="error">*'; } ?>
<? echo $i.': '; ?><input type="text" name="firstname[]" size="20" value="<?php if (isset($_POST['firstname'][$i])) { print htmlspecialchars($_POST['firstname'][$i]); } ?>" />
</td>
<td><?php if ($problem == TRUE) { echo '<p id="error">*'; } ?>
<input type="text" name="lastname[]" size="20" value="<?php if (isset($_POST['lastname'] [$i])) { print htmlspecialchars($_POST['lastname'][$i]); } ?>" />
</td>
<td><?php if ($problem == TRUE) { echo '<p id="error">*'; } ?><input type="text" name="email[]" size="20" value="<?php if (isset($_POST['email'][$i])) { print htmlspecialchars($_POST['email'][$i]); } ?>" />
</td>
</tr>
<?php } ?>
<tr><td><p><input type="submit" class="button" name="submit" value="Register!" /></td>
</tr>
</table>
</form>
<?php
}
else {
echo '
<form action="" method="post">
<select name="invitee">
<option value="">Select</option>
<option value="1">One</option>
<option value="2">Two</option>
<option value="3">Three</option>
<option value="4">Four</option>
<option value="5">Five</option>
<option value="6">Six</option>
<option value="7">Seven</option>
<option value="8">Eight</option>
<option value="9">Nine</option>
<option value="10">Ten</option>
</select>
<input type="submit" class="button" name="submit-invite" value="Invite">
</form>
';
}
?>
</div>
</body>
</html>
You have to move the second form submit code outside of first form submit. Try this
<!DOCTYPE html>
<html>
<head>
<title>PHP FORM </title>
<link rel="stylesheet" href="style.css"/>
</head>
<body>
<div id="container">
<?php
// Print some introductory text:
echo '<h2>Party Invitation Form</h2>
<p>Please enter list of people with first name, last name and email address to get an invitation by email.</p>';
if (isset($_POST['submit-invite'])) { //DROPDOWN MENU
$row = $_POST['invitee'];
$problem = false; //always try to initialize variables, you may not run into unexpected warnings and problems.
//show form
?>
<form action="" method="post">
<table>
<tr style="font-weight:bold">
<td>First name:</td>
<td>Last name:</td>
<td>Email:</td>
</tr>
<?php for ($i = 1; $i <= $row; $i++) { ?>
<tr>
<td><?php if ($problem == TRUE) {
echo '<p id="error">*';
} ?>
<? echo $i . ': '; ?><input type="text" name="firstname[]" size="20"
value="<?php if (isset($_POST['firstname'][$i])) {
print htmlspecialchars($_POST['firstname'][$i]);
} ?>"/>
</td>
<td><?php if ($problem == TRUE) {
echo '<p id="error">*';
} ?>
<input type="text" name="lastname[]" size="20"
value="<?php if (isset($_POST['lastname'] [$i])) {
print htmlspecialchars($_POST['lastname'][$i]);
} ?>"/>
</td>
<td><?php if ($problem == TRUE) {
echo '<p id="error">*';
} ?><input type="text" name="email[]" size="20"
value="<?php if (isset($_POST['email'][$i])) {
print htmlspecialchars($_POST['email'][$i]);
} ?>"/>
</td>
</tr>
<?php } ?>
<tr>
<td><p><input type="submit" class="button" name="submit" value="Register!"/></td>
</tr>
</table>
</form>
<?php
} // moved second for submit to here
elseif (isset($_POST['submit'])) { // Check if the form has been submitted:
$problem = FALSE; // No problems so far.
// Check for each value...
for ($i = 1; $i < count($_POST['email']); $i++) {
if (empty($_POST['firstname'][$i])) {
$problem = TRUE;
echo '<input type="text" name="firstname[]" size="20" />';
}
if (empty($_POST['lastname'][$i])) {
$problem = TRUE;
}
if (empty($_POST['email'][$i]) || (substr_count($_POST['email'][$i], '#') != 1)) {
$problem = TRUE;
}
}
if (!$problem) { // If there weren't any problems...
// Print a message:
echo '<p><b>Thank you for registering! We will send each one an invitation: <b> </b></p>';
for ($i = 0; $i < count($_POST['email']); $i++) {
$row = $i + 1;
echo $row . ": " . $_POST['firstname'][$i] . " " . $_POST['lastname'][$i] . ", " . $_POST['email'][$i] . " <br/>";
// Send the email:
$body = file_get_contents("Lab12_Obj1_email_template.txt");
$body = str_replace("#firstname#", $_POST['firstname'][$i], $body);
$body = str_replace("#lastname#", $_POST['lastname'][$i], $body);
$body = str_replace("#email#", $_POST['email'][$i], $body);
mail($_POST['email'][$i], 'Party Invitation', $body, 'From: jvicencio#johnvicencio.com');
}
// Clear the posted values:
$_POST = array();
} else { // Forgot a field.
echo '<p id="error">* Required field! Please try again. Thank you.</p>';
}
} // End of handle form IF.
else {
echo '
<form action="" method="post">
<select name="invitee">
<option value="">Select</option>
<option value="1">One</option>
<option value="2">Two</option>
<option value="3">Three</option>
<option value="4">Four</option>
<option value="5">Five</option>
<option value="6">Six</option>
<option value="7">Seven</option>
<option value="8">Eight</option>
<option value="9">Nine</option>
<option value="10">Ten</option>
</select>
<input type="submit" class="button" name="submit-invite" value="Invite">
</form>
';
}
?>
</div>
</body>
</html>