> -----Original Message----- > From: vivek [mailto:er.jadiyavivek@xxxxxxxxx] > Sent: Thursday, October 14, 2010 2:26 AM > To: php-general@xxxxxxxxxxxxx > Subject: Stuck in implementing PHP with HTML > > Hi All, > > Hi i am a newbie in PHP environment. > > First of all my sincere regards to all behind developing this fabulous > language & of-course to every one who are sharing their knowledge & views > making others comfortable with the same. > Coming to the point i am trying to create a contact form applying server side > validation for my site using PHP. Here the problem had arises. > I have designed a from & applied validation referring the tutorials available > on web but unfortunately it is not working. > I am applying the validation & trying to show the error in the same field if > there Here i am sending you the code snippet what i am trying to do. Your > help is highly appreciable. kindly help me out. > > *form.php:-* > <body> > <?php > $required = > array("name"=>"Name","number"=>"Number","email"=>"Email","detail"=> > "Comment"); > foreach($required as $field => $label){ > if(!$_POST[$field]){ > $warnings[$field] = "Required"; > } > if($_POST["email"] && !eregi > ("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a- > z]{2,3})$",$_POST["email"])) > $warnings["email"] = "Invalid Email Format"; > > if($_POST["number"] && !eregi ("^[0-9]{10}$",$_POST["number"])) > $warnings["number"] = "Invalid number Format"; > > if(count($warnings)>0){ > ?> > <!-- start form--> > <div class="post"> > <h2 class="title-credit">Contact Form:-</h2> > <div class="entry" style="padding-left:30px;"> > <form name="feedback" method="post" action="submit.php"> Here is your problem... The form is submitting to submit.php while your validation is done in form.php. What you should do is have the form submit TO form.php. If validation passes, redirect via header() [1]. You might have to use session [2] to have the value accessible in submit.php for security reasons. > <p><div style="padding:3px;">Name <span style="margin- > left:20px"><input name="name" type="text" id="name" size="40" > <?php if($$warnings["name"]) echo 'style=\"shaded\"';?> value="<?php > echo $_POST["name"];?>"><?php echo > $warnings["name"];?>></span></div> > <div style="padding:3px;">Number <span style="margin- > left:10px"><input name="number" type="text" id="number" > size="40" <?php if($$warnings["number"]) echo 'style=\"shaded\"';?> > value="<?php echo $_POST["number"];?>"><?php echo > $warnings["number"];?></span></div> > <div style="padding:3px;">Email <span style="margin- > left:22px"><input name="email" type="text" id="email" > size="40" <?php if($$warnings["email"]) echo 'style=\"shaded\"';?> > value="<?php echo $_POST["email"];?>"><?php echo > $warnings["email"];?></span></div> > <div style="padding:3px;">Comment <span style="margin- > left:0px"><textarea name="detail" cols="50" rows="4" > id="detail" <?php if($$warnings["detail"]) echo 'style=\"shaded\"';?> > value="<?php echo $_POST["detail"];?>"></textarea><?php echo > $warnings["detail"];?></span></div> > <div style="padding:3px; padding-left:150px;"><input > type="submit" name="Submit" value="Submit"> > <input type="reset" name="Reset" > value="Reset"></div></p> > </form> > <?php > } > else{ > echo "Thanks for valuable comments"; > } > ?> > </body> > > *submit.php* > <? > $con=mysql_connect("localhost","test","test1234") or die > (mysql_errno().":<b> ".mysql_error()."</b>"); > mysql_select_db("dbname",$con) or die (mysql_errno().":<b> > ".mysql_error()."</b>"); > > $insert_query = 'insert into GUESTBOOK (NAME,NUMBER,EMAIL,DETAIL) > values( > "' . $_POST['name'] . '", > "' . $_POST['number'] . '", > "' . $_POST['email'] . '", > "' . $_POST['detail'] . '" > )'; In submit.php, the values should be retrieved from $_SESSION. Also, this is very bad to SQL injection. Look into escaping the input [3]. I suggest you to use mysqli extension, if you can, over mysql extension. There many benefits to it. > mysql_query($insert_query) or die ('Error updating database'); > mysql_close($con); ?> > header('Location: http://www.sweetsamaira.com/guest.php'); > > Kindly help me out. Thanks in advance. > > > -- > Kind Regards, > Vivek Jadiya Regards, Tommy [1] http://php.net/manual/en/function.header.php [2] http://www.php.net/manual/en/book.session.php [3] http://us2.php.net/manual/en/function.mysql-real-escape-string.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
