SQL Syntax issue - Page 3
Page 3 of 3 FirstFirst 123
Results 31 to 35 of 35

Thread: SQL Syntax issue

  1. #31
    Junior Member
    Join Date
    Jan 2013
    Posts
    26
    any suggestioins on validating phone numbers?

    I keep having issues my error message showing up on my page before it is submitted.


    PHP Code:
    <?php
    include_once('init.php');



    if (
    mysqli_connect_errno()) {
        
    printf("Connect failed: %s\n"mysqli_connect_error());
        exit();
    };
    if(isset(
    $_POST['submit'])) {
        
    if (!
    $_POST['fname'] ) {
    echo 
    nl2br ("Please enter your First Name");}


    if (!
    $_POST['lname'] ) {
    echo 
    nl2br ("Please enter your Last Name");}


    if (!
    $_POST['address'] ) {
    echo 
    nl2br ("Please enter a Home Address");}

    if (!
    $_POST['phone'] ) {
    echo 
    nl2br ("Please enter a Phone Number");}

    if (!
    $_POST['department'] ) {
    echo 
    nl2br ("Please enter a Department");}

    if (!
    $_POST['email'] ) {
    echo 
    nl2br ("Please enter an email address");}

    if (!
    $_POST['level']) {
    echo 
    nl2br ("Please select a Level of Training");}}


    if(isset(
    $_POST['submit'])) {
     
    // validate a phone number
    if(!preg_match("/^[0-9]{3}-[0-9]{3}-[0-9]{4}$/"$phone));
      
    // $phone is valid
      
    echo"invalid phone number";
      
    if (!
    filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
      
    // The email address is not valid
    echo "invalid email entered";}}







        
    if (isset(
    $_POST['fname'], $_POST['lname'], $_POST['phone'], $_POST['address'], $_POST['department'], $_POST['email'], $_POST['level'])) {
        
    $fname mysqli_real_escape_string ($conntrim($_POST['fname']));
        
    $lname mysqli_real_escape_string ($conntrim($_POST['lname']));
        
    $phone mysqli_real_escape_string ($conntrim($_POST['phone']));
        
    $address mysqli_real_escape_string ($conntrim($_POST['address']));
        
    $department mysqli_real_escape_string ($conntrim($_POST['department']));
        
    $email mysqli_real_escape_string ($conntrim($_POST['email']));
        
    $level mysqli_real_escape_string ($conntrim($_POST['level']));
        
        
        
        
        
    $query ="INSERT INTO Oktoberfest2013 SET
                            First_Name='
    {$fname}',
                            Last_Name='
    {$lname}',
                            Phone='
    {$phone}',
                            Address='
    {$address}',
                            Department='
    {$department}',
                            Email_Address='
    {$email}',
                            Level_of_Training='
    {$level}'";
                            
                
    mysqli_query($conn$query);

                
    //if (!mysqli_query($conn, "SET a=1")) {
                    //printf("Errormessage: %s\n", mysqli_error($conn));
                //};    
                
                
    }




    ?>



    <html>
        <head>

            <title>Registration form for Octoberfest With O-G EMS 2013</title>
        </head>
        <body bgcolor="#084B8A">    <center><br><div align="center"><img id="Oktoberfest Logo" src="/pics/oktoberfest.jpg" border="5" height="200" width="250"><table style="background-color: beige; border: 1px dashed #999"><tr><td>
            <form action="" method="post">
            <center><p>Registration Form <p/></center> 
            <p>First Name:<input type="text" name="fname" width="300px" > </p>
            <p>Last Name:<input type="text" name="lname" > </p>
            <p>Phone Number:<input type="text" name="phone" >(Please enter in xxx-xxx-xxxx format)</p>
            <p>Address:<input type="text" name="address" >(Please enter include city,state and zip code)</p>
            <p>Department:<input type="text" name="department" ></p>
            <p>Email Address:<input type="text" name="email" ></p>
            <p>Level of Training:</br>
            <input type="radio" name="level" value="EMR">EMR</br>
            <input type="radio" name="level" value="EMT-B">EMT-B</br>
            <input type="radio" name="level" value="EMT-I">EMT-I</br>
            <input type="radio" name="level" value="EMT-P">EMT-P</br>
            <input type="radio" name="level" value="Firefighter">Firefighter</br></p>
            
            
            
            <input type="submit" name="submit" value="Register">
            </form></td></tr></table></center>
        </body>
    </html>
    Thanks!

  2. #32
    Pna lbh ernq guvf¿
    Join Date
    Jul 2004
    Location
    Kansas City area
    Posts
    19,399
    Few issues with this:
    PHP Code:
    if(!preg_match("/^[0-9]{3}-[0-9]{3}-[0-9]{4}$/"$phone)); 
      
    // $phone is valid 
      
    echo"invalid phone number"
    1. $phone is undefined.
    2. The content of the if() block will always be executed because the semicolon after the if() clause terminates the conditional block. In other words, that echo statement isn't actually inside that if() block - it's outside of it.
    3. Your regexp would block phone numbers like "+44 20 7352 4441" despite that being a perfectly valid phone number.

  3. #33
    Junior Member
    Join Date
    Jan 2013
    Posts
    26
    Ok I have searched my code and I am not sure why my data will not populate in my database. Can anyone see why it would not populate?

    Thank you!

    PHP Code:
    <?php
    include_once('init.php');



    if (
    mysqli_connect_errno()) { 
        
    printf("Connect failed: %s\n"mysqli_connect_error()); 
        exit(); 
    }; 

    if(isset(
    $_POST['submit'])) {
        
    if (!
    $_POST['fname'] ) {
    echo 
    nl2br ("Please enter your First Name");}


    if (!
    $_POST['lname'] ) {
    echo 
    nl2br ("Please enter your Last Name");}


    if (!
    $_POST['address'] ) {
    echo 
    nl2br ("Please enter your Street Address");}

    if (!
    $_POST['city'] ) {
    echo 
    nl2br ("Please enter your City");}

    if (!
    $_POST['state'] ) {
    echo 
    nl2br ("Please enter your State");}

    if (!
    $_POST['zipcode'] ) {
    echo 
    nl2br ("Please enter your Zip Code");}

    if (!
    $_POST['phone'] ) {
    echo 
    nl2br ("Please enter a Phone Number");}

    if (!
    $_POST['department'] ) {
    echo 
    nl2br ("Please enter a Department");}

    if (!
    $_POST['email'] ) {
    echo 
    nl2br ("Please enter an email address");}

    if (!
    $_POST['level']) {
    echo 
    nl2br ("Please select a Level of Training");}}


    if(isset(
    $_POST['submit'])) {
     
    // validate a phone number
    if(preg_match("/^[0-9]{3}-[0-9]{3}-[0-9]{4}$/"$_POST['phone']));
      
    // $phone is valid
       
    else echo"invalid phone number";
      
    if (!
    filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
      
    // The email address is not valid
    echo "invalid email entered";}}







        
    if (isset(
    $_POST['fname'], $_POST['lname'], $_POST['phone'], $_POST['address'], $_POST['city'], $_POST['state'], $_POST['zipcode'], $_POST['department'], $_POST['email'], $_POST['level'])) {
        
    $fname mysqli_real_escape_string ($conntrim($_POST['fname']));
        
    $lname mysqli_real_escape_string ($conntrim($_POST['lname']));
        
    $phone mysqli_real_escape_string ($conntrim($_POST['phone']));
        
    $address mysqli_real_escape_string ($conntrim($_POST['address']));
        
    $city mysqli_real_escape_string ($conntrim($_POST['city']));
        
    $state mysqli_real_escape_string ($conntrim($_POST['state']));
        
    $zipcode mysqli_real_escape_string ($conntrim($_POST['zipcode']));
        
    $department mysqli_real_escape_string ($conntrim($_POST['department']));
        
    $email mysqli_real_escape_string ($conntrim($_POST['email']));
        
    $level mysqli_real_escape_string ($conntrim($_POST['level']));
        
        
        
        
        
    $query "INSERT INTO Oktoberfest102013 SET
                            First_Name='
    {$fname}',
                            Last_Name='
    {$lname}',
                            Phone='
    {$phone}',
                            Address='
    {$address}',
                            City='
    {$city}',
                            State='
    {$state}',
                            Zip_Code='
    {$zipcode}',
                            Department='
    {$department}',
                            Email_Address='
    {$email}',
                            Level_of_Training='
    {$level}'";
                            
                
    mysqli_query($conn$query);

                
    //if (!mysqli_query($conn, "SET a=1")) {
                    //printf("Errormessage: %s\n", mysqli_error($conn));
                //};    
                
                
    }




    ?>



    <html>
        <head>

            <title>Registration form for Octoberfest With O-G EMS 2013</title>
        </head>
        <body bgcolor="#084B8A">    <center><br><div align="center"><img id="Oktoberfest Logo" src="/pics/oktoberfest.jpg" border="5" height="200" width="250"><table style="background-color: beige; border: 1px dashed #999"><tr><td>
            <form action="" method="post">
            <center><p>Registration Form <p/></center> 
            <p>First Name:<input type="text" name="fname" size="25" > </p>
            <p>Last Name:<input type="text" name="lname" size="25" > </p>
            <p>Phone Number:<input type="text" name="phone" >(Please enter in xxx-xxx-xxxx format)</p>
            <p>Address:<input type="text" name="street address" size="20" ><input type="text" name="city" size="10"><input type="text" name="state" size="5"><input type"text" name="zipcode" size="10">(Please enter include Street Address(P.O.BOX)/City/State/Zip Code)</p>
            <p>Department:<input type="text" name="department"size="25" ></p>
            <p>Email Address:<input type="text" name="email" size="40"</p>
            <p>Level of Training:</br>
            <input type="radio" name="level" value="EMR">EMR</br>
            <input type="radio" name="level" value="EMT-B">EMT-B</br>
            <input type="radio" name="level" value="EMT-I">EMT-I</br>
            <input type="radio" name="level" value="EMT-P">EMT-P</br>
            <input type="radio" name="level" value="Firefighter">Firefighter</br></p>
            
            
            
            <input type="submit" name="submit" value="Register">
        </body>
    </html>

  4. #34
    Pna lbh ernq guvf¿
    Join Date
    Jul 2004
    Location
    Kansas City area
    Posts
    19,399
    Your if() statement surrounding the MySQL query is requiring $_POST['address'] to exist, however you have no entity with that name in the HTML form.

  5. #35
    Junior Member
    Join Date
    Jan 2013
    Posts
    26
    Thank you very much!

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •