I have tried using is_numeric to validate some form data to make sure it is only numbers that are entered into the form. I couldnt get it to work so I decided to try and put a-z\A-Z in preg_match.
I cannot get either of them to work although there are no code errors. The both go to my ow created error message even when I enter a number in the form. Incase that number was a string I tried casting it to an int to be double sure that it was a number. So I am at a loss as to why is_numeric and the preg_match with the a-z\A-Z in it go to my error. Any ideas would be helpful.
This is my code
<?php
include ("conn.php");
$uniqueT=TRIM($_POST['uniqueidT']);
$fnameT=TRIM($_POST['fnameT']);
$snameT=TRIM($_POST['snameT']);
$tottreat=TRIM($_POST['tottreatT']);
$treatcom=TRIM($_POST['trtcomT']);
$ampay=TRIM($_POST['ampayT']);
$filelink=TRIM($_POST['filelink']);
$uniqueT= mysql_real_escape_string($uniqueT);
$fnameT= mysql_real_escape_string($fnameT);
$snameT= mysql_real_escape_string($snameT);
$tottreat= mysql_real_escape_string($tottreat);
$treatcom= mysql_real_escape_string($treatcom);
$ampayT= mysql_real_escape_string($ampayT);
$filelinkT= mysql_real_escape_string($filelinkT);
$sqlmm= "INSERT into person_info(unique_number, first_name,surname,treatments_completed,total_treatments,amount_paid,file_link) values ('$uniqueT' , '$fnameT' , '$snameT' , '$treatcom', '$tottreat' , '$ampay' , '$filelink' )";
$treatint = (int)$treatcom;
if (strlen($uniqueT) == 0 or preg_match("/[&<>%\*\,\.^#\'\"]/$£", $uniqueT))
{
echo "error you have not entered data for unique ID or you have entered a special character <br/>";
echo "<a href='laserclearentry.html'>click here to go back</a> ";
}
else if(strlen($treatcom) == 0 or preg_match("/[&<>%\*\,\.^#\'\"\A-Z\a-z]/$£", $treatint))
{
echo "error you have not entered data for treatments completed or you didnt enter numbers or you have entered a special character<br/>";
echo "<a href='laserclearentry.html'>click here to go back</a> ";
echo "here".$treatcom;
}
else
{
mysql_query($sqlmm) or die(mysql_error());
echo "data successfully entered into the database <br/>";
echo "<a href='laserclearentry.html'> click here to go back to entry page</a>";
}
mysql_close($conn);
?>