Hi all in daniweb,
I attempted some form validation but I seem to have made a complete mess of it. Before I introduced the validation and regular expressions it was working fine but because I'm not really sure of this topic I made some syntax errors. I would really appreciate any help with this as I really need this form to validate properly and I'd like to know where I went wrong. I left out some of the form fields for brevity.
The Form Action
case 'Create Account':
$error=array();
$name = (isset($_POST['name'])) trim(? $_POST['name']) : '';
if(empty($name)){
$error[]=urlencode('Please enter your fullname.');
}
$email = (isset($_POST['email'])) trim(? $_POST['email']) : '';
if(empty($email)){
$error[]=urlencode('Please enter your email.');
if (strpos($email, ".") > 0) &&
(strpos($email, "@") > 0)) ||
preg_match("/[^a-zA-Z0-9.@_-]/", $email))
$error[] = urlencode('The Email address is invalid.');
}
$username = (isset($_POST['username'])) trim(? $_POST['username']) : '';
if(empty($username)){
$error[]=urlencode('Please enter a username.');
if (strlen($username)) < 5){
$error[] = urlencode('Usernames must be at least 5 characters long.');
}
// check if username already is registered
$sql = 'SELECT username FROM site_users WHERE username = "' .
$username . '"';
$result = mysql_query($sql, $db) or die(mysql_error());
if (mysql_num_rows($result) > 0) {
$errors[] = 'Username ' . $username . ' is already registered.';
$username = '';
}
$age = (isset($_POST['age'])) trim(? $_POST['age']) : '';
if(empty($age)){
$error[]=urlencode('Please enter your age.');
if (!is_numeric($age)) {
$error[] = urlencode('Please enter a numeric value for age.');
} else if ($age < 18 || $age > 110) {
$error[] = urlencode('Please enter age between 18 and 110.');
}
$phone = (isset($_POST['phone'])) trim(? $_POST['phone']) : '';
if(empty($phone)){
$error[]=urlencode('Please enter your phone number.');
if (!is_numeric($phone)) {
$error[] = urlencode('Please enter a numeric value for phone number.');
}
$password_1 = (isset($_POST['password_1'])) trim(? $_POST['password_1']) : '';
if(empty($password_1)){
$error[]=urlencode('Please enter password 1.');
if (strlen($password_1)) < 6){
$error[] = urlencode('Passwords must be at least 6 characters long.');
}
$password_2 = (isset($_POST['password_2'])) trim(? $_POST['password_2']) : '';
if(empty($password_2)){
$error[]=urlencode('Please enter password 2.');
if (strlen($password_2)) < 6){
$error[] = urlencode('Passwords must be at least 6 characters long.');
}
$password = ($password_1 == $password_2) ? $password_1 : '';
if (empty($error)) {
$sql = 'INSERT INTO site_users
(email, password, name, username, age, phone, address, county)
VALUES
("' . mysql_real_escape_string($email, $db) . '",
PASSWORD("' . mysql_real_escape_string($password, $db) . '"),
"' . mysql_real_escape_string($name, $db) . '",
"' . mysql_real_escape_string($username, $db) . '",
"' . mysql_real_escape_string($age, $db) . '",
"' . mysql_real_escape_string($phone, $db) . '"
mysql_query($sql, $db) or die(mysql_error($db));
session_start();
$_SESSION['user_id'] = mysql_insert_id($db);
$_SESSION['access_level'] = 1;
$_SESSION['name'] = $name;
$_SESSION['username'] = $username;
}else{
header('Location:register.php?action=create account' .
'&error=' . join($error, urlencode('<br/>')));
}
redirect('cms_index.php');
break;
The checkuser availability might be in the wrong place and also I think
the last bit after the else statement isn't right. I'm not sure what I need to do at that point in the function.
The Form
<form method="post" action="cms_transact_user.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong><br/>Sign Up</strong></td>
</tr>
<tr>
<td> </td>
</tr>
<tr>
<td><label for="name">Full Name: </label></td>
<td><input type="text" id="name" name="name" maxlength="100" style="width: 200px;"
value="<?php echo htmlspecialchars($name); ?>"/></td>
</tr>
ETC....
<tr>
<td>
<input type="submit" name="action" value="Create Account"/>
</td> </tr>
</table>
</form>
I would be extremely grateful if someone can help me to get this form to work properly as if I could get the syntax right for one form I can work away with the rest. I've tried tutorials online but they all use different methods to validate and as my forms are already built I need to keep the form structure I have. I'm really stuck on this and
I have to have this working by tomorrow so if anyone can help, you would definately be doing your good deed for the day.