I have a basic Form that submits data into a database and I want it to require certain fields to be submitted, so far it recongizes that the fields are empty, but it still submits regardless. I can't seem to find a solution..
Code
<?
// define variables and set to empty values
$asinErr = $qtyErr = $floorErr = $locErr;
$asin = $quantity = $floor = $location;
# this is processed when the form is submitted
# back on to this page (POST METHOD)
if ($_SERVER['REQUEST_METHOD'] == "POST")
{
if (empty($_POST["asin"]))
{$asinErr = "ASIN is required";}
else
{$asin = addslashes($_POST["asin"]);}
if (empty($_POST["quantity"]))
{$qtyErr = "Quantity is required";}
else
{$quantity = addslashes($_POST["quantity"]);}
if (empty($_POST["floor"]))
{$floorErr = "Floor is required";}
else
{$floor = addslashes($_POST["floor"]);}
if (empty($_POST["location"]))
{$locErr = "Location is required";}
else
{$location = addslashes($_POST["location"]);}
# setup SQL statement
$sql = " INSERT INTO kiva_amnesty_log ";
$sql .= " (asin, quantity, floor, location, date) VALUES ";
$sql .= " ('$asin','$quantity','$floor','$location', now()) ";
#execute SQL statement
$result = mysql_query($sql, $cid);
# check for error
if (mysql_error()) { print "Database ERROR: " . mysql_error(); }
print "<h3><font color=red>New Amnesty Added - View it <a href=amnesty_log_summary.php>HERE</a></font></h3>";
}
?>
<form name="fa" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" method="POST">
<table>
<tr><td>ASIN:</td><td><input type="text" name="asin" id="asin"><span class="error">* <?php echo $asinErr;?></span></td></tr>
<tr><td>Quantity:</td><td><input type="text" name="quantity" id="quantity"><span class="error">* <?php echo $qtyErr;?></span></td></tr>
<tr><td>Floor:</td><td><select name="floor"><option value="1">Floor 1</option><option value="2">Floor 2</option></select><span class="error">* <?php echo $floorErr;?></span></td></tr>
<tr><td>KIVA Floor:</td><td><input type="radio" value="Yes" name="location">Yes<input type="radio" value="No" name="location">No</select><span class="error">* <?php echo $locErr;?></span></td></tr>
<tr><td><input type="submit" name="submit" id="submit" value="Submit Amnesty!"></td></tr>
</table>
</form>
Updated:
<?
// define variables and set to empty values
$asinErr = $qtyErr = $floorErr = $locErr = "";
$asin = $quantity = $floor = $location = "";
$lb_error = 0;
if ($_SERVER['REQUEST_METHOD'] == "POST")
{
if (empty($_POST["asin"])) {
$asinErr = "ASIN is required";
$lb_error = 1;
} else {
$asin = addslashes($_POST["asin"]);
}
if (empty($_POST["quantity"])) {
$qtyErr = "Quantity is required";
$lb_error = 1;
} else {
$quantity = addslashes($_POST["quantity"]);
}
if (empty($_POST["floor"])) {
$floorErr = "Floor is required";
$lb_error = 1;
} else {
$floor = addslashes($_POST["floor"]);
}
if (empty($_POST["location"])) {
$locErr = "Location is required";
$lb_error = 1;
} else {
$location = addslashes($_POST["location"]);
}
if($lb_error) {
continue;
}
# setup SQL statement
$sql = " INSERT INTO kiva_amnesty_log ";
$sql .= " (asin, quantity, floor, location, date) VALUES ";
$sql .= " ('$asin','$quantity','$floor','$location', curdate()) ";
#execute SQL statement
$result = mysql_query($sql, $cid);
# check for error
if (mysql_error()) { print "Database ERROR: " . mysql_error(); }
You want to check if you error variables are empty. If they are not, then break the script
ie
if(!empty($asinErr) || !empty($qtyErr) || !empty($floorErr) || !empty($locErr) ) {
break;
}
Something along these lines.
Check for the errors before you get to the point where you are writing to the database
Define at the top
$lb_error = 0;
Throughout your if/else checks for errors, if there is an error, assign the variable a 1
if (empty($_POST["asin"])) {
$asinErr = "ASIN is required";
$lb_error = 1;
} else {
$asin = addslashes($_POST["asin"]);
}
Then after you have completed all of these, do a check for errors and break if there are any
if($lb_error) {
break;
}
Related
I am working on a project where I need to read in users (am using MySQL) and be able to sort 1. Men/Women 2. Salary (eg. 30k+, 50k+, 100k+...)
I've tried setting up a select dropdown but for some reason it's showing only the men, even if I select women.
<form action="#" method="post">
<select name="Gender">
<option value=''>Select Gender</option>
<option value="Men">Men</option>
<option value="Women">Women</option>
</select>
<input type="submit" name="submit" value="Get Selected Values" />
</form>
if(isset($_POST['submit']) && $_POST['submit'] = "Men"){
$selected_val = $_POST['Gender'];
echo "You have selected :" .$selected_val;
$conn = create_Conn();
$sql = "SELECT * FROM users WHERE kon='Man'";
$result = $conn->query($sql);
if (isset($_SESSION['anvnamn'])) {
while($row = $result->fetch_assoc()) {
//Prints user data
}
}
else {
while($row = $result->fetch_assoc()) {
//Prints user data but emails
}
}
}
elseif (isset($_POST['submit']) && $_POST['submit'] = "Women"){
$selected_val = $_POST['Gender'];
echo "You have selected :" .$selected_val;
$conn = create_Conn();
$sql = "SELECT * FROM users WHERE kon='Woman'";
$result = $conn->query($sql);
if (isset($_SESSION['anvnamn'])) {
while($row = $result->fetch_assoc()) {
//Prints user data
}
}
else {
while($row = $result->fetch_assoc()) {
//Prints user data but emails
}
}
}
else {
print("-");
}
You've assigned the values in the ifs instead of comparing against them. Also, you've used the wrong input to compare against. $_POST['submit'] will always contain the value Get Selected Values.
if (isset($_POST['submit']) && $_POST['Gender'] === "Men") {
$selected_val = $_POST['Gender'];
echo "You have selected :" . $selected_val;
$conn = create_Conn();
$sql = "SELECT * FROM users WHERE kon='Man'";
$result = $conn->query($sql);
if (isset($_SESSION['anvnamn'])) {
while ($row = $result->fetch_assoc()) {
//Prints user data
}
} else {
while ($row = $result->fetch_assoc()) {
//Prints user data but emails
}
}
} elseif (isset($_POST['submit']) && $_POST['Gender'] === "Women") {
$selected_val = $_POST['Gender'];
echo "You have selected :" . $selected_val;
$conn = create_Conn();
$sql = "SELECT * FROM users WHERE kon='Woman'";
$result = $conn->query($sql);
if (isset($_SESSION['anvnamn'])) {
while ($row = $result->fetch_assoc()) {
//Prints user data
}
} else {
while ($row = $result->fetch_assoc()) {
//Prints user data but emails
}
}
} else {
print("-");
}
Here's the code a little more simplified and less redundant. And under the assumption that you're using PHPs PDO.
if (strtolower($_SERVER['REQUEST_METHOD']) === 'post') {
$gender = $_POST['Gender'] ?? null; // your old $selected_val variable
if (!$gender) {
// do something to abort the execution and display an error message.
// for now, we're killing it.
print '-';
exit;
}
/** #var PDO $dbConnection */
$dbConnection = create_Conn();
$sql = 'SELECT * FROM users WHERE kon = :gender';
$stmt = $dbConnection->prepare($sql);
$stmt->bindParam('gender', $gender);
$stmt->execute();
foreach ($stmt->fetchAll() as $user) {
if (isset($_SESSION['anvnamn'])) {
// Prints user data
} else {
// Prints user data but emails
}
}
}
As Dan has provided a grand answer prior to mine, this is now just a tack on for something to review.
If you look at your form you have two elements.
On Submission, your script will see..
Gender - $_POST['Gender'] will either be '', 'Men', or 'Women'
Submit - $_POST['submit'] will either be null or the value "Get Selected Values".
It can only be null if the php file is called by something else.
You can see this by using the command print_r($_POST) in your code just before your first if(). This allows you to test and check what is actually being posted during debugging.
So to see if the form is posted you could blanket your code with an outer check for the submit and then check the state of Gender.
The following has the corrections to your IF()s and some suggestions to also tidy up the code a little bit.
<?php
// Process the form data using Ternary operators
// Test ? True Condition : False Condition
$form_submitted = isset($_POST['submit'])? $_POST['submit']:FALSE;
$gender = isset($_POST['Gender'])? $_POST['Gender']:FALSE;
if($form_submitted){
if($gender == 'Men') {
// Stuff here
}
else if($gender == 'Women') {
// Stuff here
}
else {
print("-");
}
} else {
// Optional: Case where the form wasn't submitted if other code is present.
}
You could also consider using the switch / case structure. I'll leave that to you to look up.
I am working on a project where each item could have multiple images, I created a form that would accept the images and store them into an array. The problem is whenever I try inserting the images into a table row in the database it displays an error:
"Array to string conversion"
How can I fix this? And also how do I fetch each images on another page from the same database table. Below is my code.
-Form code
<form method="post" enctype="multipart/form-data" >
<input required type="text" name="name">
<input required type="text" name="location">
<input required type="text" name="status">
<select required name="category">
<option>Category</option>
<option value="construct">Construction</option>
<option value="promgt">Project Development</option>
<option value="archdesign">Architectural Designs</option>
</select>
<textarea required class="form-control" name="descrip" rows="5"></textarea>
<input style="text-align:left" type="file" name="imgs[]" multiple>
<button type="submit" name="submit" formaction="addaction.php">Add Project</button>
</form>
-Addaction.php code
<?php
$db=mysqli_connect("localhost","root","dbpassword","dbname");
if(!empty($_FILES['imgs']['name'][0])){
$imgs = $_FILES['imgs'];
$uploaded = array();
$failed = array();
$allowed = array('jpg', 'png');
foreach($imgs['name'] as $position => $img_name){
$img_tmp = $imgs['tmp_name'][$position];
$img_size = $imgs['size'][$position];
$img_error = $imgs['error'][$position];
$img_ext = explode('.',$img_name);
$img_ext = strtolower(end($img_ext));
if(in_array($img_ext, $allowed)) {
if($img_error === 0){
if($img_size <= 500000) {
$img_name_new = uniqid('', true) . '.' . $img_ext;
$img_destination = 'img/'.$img_name_new;
if(move_uploaded_file($img_tmp, $img_destination)){
$uploaded[$position] = $img_destination;
}else{
$failed[$position] = "[{$img_name}] failed to upload";
}
}else{
$failed[$position] = "[{$img_name}] is too large";
}
}else{
$failed[$position] = "[{$img_name}] error";
}
}else{
$failed[$position] = "[{$img_name}] file extension";
}
}
if(!empty($uploaded)){
print_r($uploaded);
}
if(!empty($failed)){
print_r($failed);
}
}
if(isset($_POST['submit'])){
$name = $_POST['name'];
$location = $_POST['location'];
$status = $_POST['status'];
$descrip = $_POST['descrip'];
$category = $_POST['category'];
$img_name_new = $_FILES['imgs']['name'];
if ($db->connect_error){
die ("Connection Failed: " . $db->connect_error);
}
$sql_u = "SELECT * FROM projects WHERE name='$name'";
$sql_e = "SELECT * FROM projects WHERE category='$category'";
$res_u = mysqli_query($db, $sql_u);
$res_e = mysqli_query($db, $sql_e);
if (mysqli_num_rows($res_u) && mysqli_num_rows($res_e) > 0) {
echo "<div style='margin: 0 80px' class='alert alert-danger' role='alert'> Error. Item Already exists </div>";
header("refresh:3 url=add.php");
}else{
$sql_i = "INSERT INTO items (name, location, status, descrip, imgs, category) VALUES ('$name','$location','$status,'$descrip','$img_name_new','$category')";
}
if (mysqli_query($db, $sql_i)){
echo "Project Added Successfully";
}else{
echo mysqli_error($db);
}
$db->close();
}
?>
$img_name_new = $_FILES['imgs']['name'] is an array of one or more image names.
You will need to decide how you wish to store the array data as a string in your database.
Here are a couple of sensible options, but choosing the best one will be determined by how you are going to using this data once it is in the database.
implode() it -- $img_name_new = implode(',', $_FILES['imgs']['name']);
json_encode() it -- $img_name_new = json_encode($_FILES['imgs']['name']);
And here is my good deed for the year...
Form Script:
<?php
if (!$db = new mysqli("localhost", "root", "", "db")) { // declare and check for a falsey value
echo "Connection Failure"; // $db->connect_error <-- never show actual error details to public
} else {
if ($result = $db->query("SELECT name FROM items")) {
for ($rows = []; $row = $result->fetch_row(); $rows[] = $row);
$result->free();
?>
<script>
function checkName() {
var names = '<?php echo json_encode($rows); ?>';
var value = document.forms['project']['name'].value;
if (names.indexOf(value) !== -1) { // might not work on some old browsers
alert(value + ' is not a unique name. Please choose another.');
return false;
}
}
</script>
<?php
}
?>
<form name="project" method="post" enctype="multipart/form-data" onsubmit="return checkName()">
Name: <input required type="text" name="name"><br>
Location: <input required type="text" name="location"><br>
Status: <input required type="text" name="status"><br>
Category: <select required name="category">
<?php
if ($result = $db->query("SELECT category, category_alias FROM categories")) {
while ($row = $result->fetch_assoc()) {
echo "<option value=\"{$row['category']}\">{$row['category_alias']}</option>";
}
}
?>
</select><br>
<textarea required class="form-control" name="descrip" rows="5"></textarea><br>
<input style="text-align:left" type="file" name="imgs[]" multiple><br>
<button type="submit" name="submit" formaction="addaction.php">Add Project</button>
</form>
<?php
}
*notice that I have made a separate category table for validation.
Submission Handling Script: (addaction.php)
<?php
if (isset($_POST['submit'], $_POST['name'], $_POST['location'], $_POST['status'], $_POST['descrip'], $_POST['category'], $_FILES['imgs']['name'][0])) {
$paths = [];
if (!empty($_FILES['imgs']['name'][0])) {
$imgs = $_FILES['imgs'];
$allowed = array('jpg', 'png');
foreach($imgs['name'] as $position => $img_name){
$img_tmp = $imgs['tmp_name'][$position];
$img_size = $imgs['size'][$position];
$img_error = $imgs['error'][$position];
$img_ext = strtolower(pathinfo($img_name)['extension']);
if (!in_array($img_ext, $allowed)) {
$errors[] = "File extension is not in whitelist for $img_name ($position)";
} elseif ($img_error) {
$errors[] = "Image error for $img_name ($position): $image_error";
} elseif ($img_size > 500000) {
$errors[] = "Image $image_name ($position) is too large";
} else {
$img_destination = 'img/' . uniqid('', true) . ".$img_ext";
if (!move_uploaded_file($img_tmp, $img_destination)) {
$errors[] = "Failed to move $img_name ($position) to new directory";
} else {
$paths[] = $img_destination;
}
}
}
}
if (!empty($errors)) {
echo '<ul><li>' , implode('</li><li>', $errors) , '</li></ul>';
} elseif (!$db = new mysqli("localhost", "root", "", "db")) { // declare and check for a falsey value
echo "Connection Failure"; // $db->connect_error <-- never show actual error details to public
} elseif (!$stmt = $db->prepare("SELECT COUNT(*) FROM categories WHERE category = ?")) {
echo "Prepare Syntax Error"; // $db->error; <-- never show actual error details to public
} elseif (!$stmt->bind_param("s", $_POST['category']) || !$stmt->execute() || !$stmt->bind_result($found) || !$stmt->fetch()) {
echo "Category Statement Error"; // $stmt->error; <-- never show actual error details to public
} elseif (!$found) {
echo "Category Not Found - Project Not Saved";
} else {
$stmt->close();
$cs_paths = (string)implode(',', $paths);
// Set the `name` column in `items` to UNIQUE so that you cannot receive duplicate names in database table
if (!$stmt = $db->prepare("INSERT INTO items (name, location, status, category, descrip, imgs) VALUES (?,?,?,?,?,?)")) {
echo "Error # prepare"; // $db->error; // don't show to public
} elseif (!$stmt->bind_param("ssssss", $_POST['name'], $_POST['location'], $_POST['status'], $_POST['category'], $_POST['descrip'], $cs_paths)) {
echo "Error # bind"; // $stmt->error; // don't show to public
} elseif (!$stmt->execute()) {
if ($stmt->errno == 1062) {
echo "Duplicate name submitted, please go back to the form and change the project name to be unique";
} else {
echo "Error # execute" , $stmt->error; // $stmt->error; // don't show to public
}
} else {
echo "Project Added Successfully";
}
}
}
I would like to write a logic for data validation before insert into database. If the data not valid, then it will prompt user errors, but then I facing problem which not the logic that I wish:
(1) Message "Data successfully inserted!" shown even the error checking message was prompt.
(2) Message "Data successfully inserted!" shown even no data was entered in the form then click submit.
How should I change the logic to the one that I wish to have?
<?php
// Initialize variables to null.
$comp_nameError ="";
$compLicenseeNameError ="";
if(isset($_POST['comp_name'])) {$comp_name= $_POST['comp_name'];}
if(isset($_POST['comp_licensee_name'])) {$comp_licensee_name= $_POST['comp_licensee_name'];}
//On submitting form below function will execute
if (isset($_POST['submit'])) {
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
//-------------------------Form Validation Start---------------------//
if (empty($_POST["comp_name"])) {
$comp_nameError = "Name is required";
} else {
$comp_name = test_input($_POST["comp_name"]);
// check name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$comp_name)) {
$comp_nameError = "Only letters and white space allowed";
}
}
if (empty($_POST["comp_licensee_name"])) {
$compLicenseeNameError = "Company Licensee Name is required";
} else {
$comp_licensee_name = test_input($_POST["comp_licensee_name"]);
}
//-------------------------Form Validation End---------------------//
// attempt a connection
$host="host=xx.xx.xx.xx";
$port="port=xxxx";
$dbname="dbname=xxxx";
$credentials="user=xxxxxx password=xxxxxxx";
$dbh = pg_connect("$host $port $dbname $credentials");
if (!$dbh) {
die("Error in connection: " . pg_last_error());
}
// execute query
$sql = "INSERT INTO t_comp(comp_name, comp_licensee_name)VALUES('$comp_name', '$comp_licensee_name')";
$result = pg_query($dbh, $sql);
if (!$result) {
die("Error in SQL query: " . pg_last_error());
}
echo "Data successfully inserted!";
// free memory
pg_free_result($result);
// close connection
pg_close($dbh);
}
//php code ends here
?>
<html>
<head>
<link rel="stylesheet" href="style/style.css" />
</head>
<body>
<div class="maindiv">
<div class="form_div">
<form method="post" action="compReg.php">
<span class="error">* required field.</span>
<br>
<hr/>
<br>
Company Name:<br><input class="input" type="text" name="comp_name" value="">
<span class="error">* <?php echo $comp_nameError;?></span>
<br>
Company Licensee:<br><input class="input" type="text" name="comp_licensee_name" value="">
<span class="error">* <?php echo $compLicenseeNameError;?></span>
<br>
<input class="submit" type="submit" name="submit" value="Submit">
</form>
</div>
</div>
</body>
</html>
I'd accumulate the errors into an array, and proceed to the insert part only if it's empty:
$errors = array();
if (empty($_POST["comp_name"])) {
$errors[] = "Name is required";
} else {
$comp_name = test_input($_POST["comp_name"]);
// check name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$comp_name)) {
$errors[] = "Only letters and white space allowed in the computer name";
}
}
if (empty($_POST["comp_licensee_name"])) {
$errors[] = "Company Licensee Name is required";
} else {
$comp_licensee_name = test_input($_POST["comp_licensee_name"]);
}
if (!empty($errors)) {
echo "The following errors occurred:<br/>" . implode('<br/>', $errors);
exit();
}
// If we didn't exit, continue to the insertion code
<?php
// Initialize variables to null.
$comp_nameError ="";
$compLicenseeNameError ="";
if(isset($_POST['comp_name'])) {$comp_name= $_POST['comp_name'];}
if(isset($_POST['comp_licensee_name'])) {
$comp_licensee_name= $_POST['comp_licensee_name'];}
//On submitting form below function will execute
if (isset($_POST['submit'])) {
// check boolean variable value
$is_valid = 1;
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
//-------------------------Form Validation Start---------------------//
if (empty($_POST["comp_name"])) {
$comp_nameError = "Name is required";
} else {
$comp_name = test_input($_POST["comp_name"]);
// check name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$comp_name)) {
$validation_error = "Only letters and white space allowed";
$is_valid = 0;
}
}
if (empty($_POST["comp_licensee_name"])) {
$validation_error = "Company Licensee Name is required";
$is_valid =0;
} else {
$comp_licensee_name = test_input($_POST["comp_licensee_name"]);
}
//-------------------------Form Validation End---------------------//
// attempt a connection
if($is_valid == 1 ){
$host="host=xx.xx.xx.xx";
$port="port=xxxx";
$dbname="dbname=xxxx";
$credentials="user=xxxxxx password=xxxxxxx";
$dbh = pg_connect("$host $port $dbname $credentials");
if (!$dbh) {
die("Error in connection: " . pg_last_error());
}
// execute query
$sql = "INSERT INTO t_comp(comp_name, comp_licensee_name)VALUES('$comp_name', '$comp_licensee_name')";
$result = pg_query($dbh, $sql);
if (!$result) {
die("Error in SQL query: " . pg_last_error());
}
echo "Data successfully inserted!";
// free memory
pg_free_result($result);
// close connection
pg_close($dbh);
} else {
echo $validation_error;
die;
}
}
//php code ends here
?>
I am trying to display an error message if a user has not entered a email and not add a column to the table.
The php code sends the email & randomly generated Code to the database and then displays a message, but if their has been not been a email entered I am trying to get a message to ask for an email and not create a column until done so.
I have achieved this before with other data inputing but I am still new to PHP, I have checked for answers but cannot just find the simple fix which I know it is.
Any help or comments would be greatly appreciated, thanks (Y)
PHP:
<?php
if(!empty($_POST['email'])) {
?>
<p>Enter an email</p>
<?php
}
if(isset($_POST['send'])){
$email = mysqli_real_escape_string($conn,$_POST['email']);
$length = 10;
$inviteCode = "";
$characters = "0123456789abcdefghijklmnopqrstuvwxyz";
for ($p = 0; $p < $length; $p++) {
$inviteCode .= $characters[mt_rand(10, strlen($characters))];
}
$query = mysqli_query($conn, "INSERT INTO `referrals` (`email`, `inviteCode`)
VALUES ('$email', '$inviteCode') ");
if($query){
?>
<p> "Thank you"</p>
<?php
}
else{
?>
<p>Sorry there must have been a problem</p>
<?php
die('Error querying database. ' . mysqli_error($conn));
}
} // end brace for if(isset($_POST['Login']))
// end brace for if(isset($_POST['Login']))
?>
I have achieved this before by putting the following at the top;
if (empty($_POST) === false) {
$required_fields = array('email');
foreach($_POST as $key=>$value) {
if (empty($value) && in_array($key, $required_fields) === true) {
$errors[] = 'Please Enter All Information';
break 1;
}
}
}
The html code for the submit and email input tags are below:
<input type="text" placeholder="Email" name="email" />
<input type="submit" value="send" name="send" />
Add if(!empty($_POST['email'])) to the top of your logic, instead of isset($_POST['send']) unless you are doing something else with the post send value later in your logic. isset will be true if there is an empty string.
To understand why please see:
isset() and empty() - what to use
Edit:
<?php
if(!empty($_POST)){
if(!empty($_POST['email'])){
$email = mysqli_real_escape_string($conn,$_POST['email']);
$length = 10;
$inviteCode = "";
$characters = "0123456789abcdefghijklmnopqrstuvwxyz";
for ($p = 0; $p < $length; $p++) {
$inviteCode .= $characters[mt_rand(10, strlen($characters))];
}
$query = mysqli_query($conn, "INSERT INTO `referrals` (`email`, `inviteCode`) VALUES ('$email', '$inviteCode') ");
//you might want to consider checking more here such as $query == true as it can return other statuses that you may not want
if($query){
?>
<p> "Thank you"</p>
<?php
}
else{
?>
<p>Sorry there must have been a problem</p>
<?php
die('Error querying database. ' . mysqli_error($conn));
}
}
else {
?>
<p>Enter an email</p>
<?php
}
}
?>
Try this:
<?php
// check if email is empty, if it is display this message
if(empty($_POST['email'])) {
?>
<p>Enter an email</p>
<?php
}
// else: the user entered something
else {
$email = mysqli_real_escape_string($conn,$_POST['email']);
$length = 10;
$inviteCode = "";
$characters = "0123456789abcdefghijklmnopqrstuvwxyz";
for ($p = 0; $p < $length; $p++) {
$inviteCode .= $characters[mt_rand(10, strlen($characters))];
}
$query = mysqli_query($conn, "INSERT INTO `referrals` (`email`, `inviteCode`)
VALUES ('$email', '$inviteCode') ");
if($query){
?>
<p> "Thank you"</p>
<?php
}
else {
?>
<p>Sorry there must have been a problem</p>
<?php
die('Error querying database. ' . mysqli_error($conn));
} // end else
} // end else
?>
I'm developing a simple PHP website. I have a form for updating values. When that form is accessed via PHP(website) , It should have previous values, But it hasn't. How to do that ?
Because, Otherwise, It shows all fields empty and when one or two are updated, Other gets updated as empty. Please help !
<?php
require_once('../includes/config.php');
require_once('../includes/functions.php');
require_once('../includes/session.php');
require_once('../includes/database.php');
require_once('../includes/user.php');
require_once('../includes/photograph.php');
if (!$session->is_logged_in()) { redirect_to("login.php"); }
?>
<?php
// START FORM PROCESSING
if (isset($_POST['submit'])) { // Form has been submitted.
$errors = array();
// perform validations on the form data
$required_fields = array('lives_in', 'belongs_to', 'college', 'works_at', 'grade', 'grade2', 'hobbies', 'zodiac', 'phone_no', 'facebook', 'company', 'bio');
$errors = array_merge($errors, check_required_fields($required_fields, $_POST));
$lives_in = trim($database->escape_value($_POST['lives_in']));
$belongs_to = trim($database->escape_value($_POST['belongs_to']));
$college = trim($database->escape_value($_POST['college']));
$works_at = trim($database->escape_value($_POST['works_at']));
$grade = trim($database->escape_value($_POST['grade']));
$grade2 = trim($database->escape_value($_POST['grade2']));
$hobbies = trim($database->escape_value($_POST['hobbies']));
$zodiac = trim($database->escape_value($_POST['zodiac']));
$phone_no = trim($database->escape_value($_POST['phone_no']));
$facebook = trim($database->escape_value($_POST['facebook']));
$company = trim($database->escape_value($_POST['company']));
$bio = trim($database->escape_value($_POST['bio']));
if (empty($errors) ) {
$query = "UPDATE users
SET lives_in = '{$lives_in}',
belongs_to = '{$belongs_to}',
college = '{$college}' ,
works_at = '{$works_at}',
grade = '{$grade}',
grade2 = '{$grade2}',
hobbies = '{$hobbies}',
zodiac = '{$zodiac}',
phone_no = '{$phone_no}',
facebook = '{$facebook}',
company = '{$company}',
bio = '{$bio}'
WHERE id = 23
LIMIT 1";
$result = mysql_query($query, $database->connection);
if ($result) {
$message = "Account Updated";
} else {
$message = mysql_error();
}
} else {
if (count($errors) == 1) {
$message = mysql_error();;
} else {
$message = "There were " . count($errors) . " errors in the form.";
}
}
} else { // Form has not been submitted.
$lives_in = "";
$belongs_to = "";
$college = "";
$works_at = "";
$grade = "";
$grade2 = "";
$hobbies = "";
$zodiac = "";
$phone_no = "";
$facebook = "";
$company = "";
$bio = "";
}
?>
It's very easy, just print out the previous values in the form when you create it with php.
For example:
<input type="text" name="field_name" value="<?php echo $previous_value;?>" />
Or, if it's a select, let's say:
<select name="field_name">
<?php foreach($posible_values as $value){ ?>
<option value="<?php echo $value;?>"
<?php echo ($value==$previous_value)?'selected="selected"':'';?> >
<?echo $value?>
</option>
<?php } ?>
</select>