Ok, im trying to make form to input data into my database driven application. In order to access the form u need session based authentication as u can see below. If u look at the header() in the validate user bit, u can see that if the session variable valid is not equal to yes, the user will be diercted back to the main menu. Now. What keeps on happening is that when i access the form, i enetr the data and submit it, when i do this i am directed back to the main menu (contact_menu.php). However when i remove the session validation script, on the original form, everthing works fine. What the The code 4 the action script is below this one for the form.
I have been trying 2 figure it out all day and i am....agggrivated
<?
//start a session
session_start();
//validate user to see if they are allowed
if ($_SESSION[valid] != "yes") {
header("Location: http://localhost/contact_menu.php");
exit;
}
?>
<html>
<head>
<title>My Contact Management System: Add a Contact</title>
</head>
<body>
<h1>My Contact Management System</h1>
<h2><em>Add a Contact</em></h2>
<form method="post" action="do_addcontact.php">
<table cellspacing=3 cellpadding=5>
<tr>
<th>name & address information</th>
<th>other information</th>
</tr>
<tr>
<td valign=top>
<p><strong>First name:</strong><br>
<input type="text" name="f_name" size=35 maxlength=75></p>
<p><strong>Last name:</strong><br>
<input type="text" name="address1" size=35 maxlength=75></p>
<p><strong>Address Line 1:</strong><br>
<input type="text" name="address1" size=35 maxlength=100></p>
<p><strong>Address Line 2:</strong><br>
<input type="text" name="address2" size=35 maxlength=100></p>
<p><strong>Address Line 3</strong><br>
<input type="text" name="address3" size=35 maxlength=100></p>
<p><strong>Zip/Postal Code:</strong><br>
<input type="text" name="postcode" size=35 maxlength=25></p>
<P><strong>Country:</strong><br>
<input type="text" name="country" size=35 maxlength=100></<p>
</td>
<td valign=top>
<p><strong>Primary Telephone Number:</strong><br>
<input type="text" name="prim_tel" size=35 maxlength=35></p>
<p><strong>Secondary Telephone number:</strong><br>
<input type="text" name="sec_tel" size=35 maxlength=35></p>
<p><strong>E-mail Address:</strong><br>
<input type="text" name="email" size=35 maxlength=100></p>
<p><strong>Birthday (YYYY-MM-DD):</strong><br>
<input type="text" name="birthday" size=35 maxlength=10></p>
</td>
</tr>
<tr>
<td align=center colspan=2><br>
<p><input type="submit" name="submit" value="Add Contact to System"></p>
<p><a href="contact_menu.php">Return to Main Menu</a></p>
</td>
</tr>
</table>
</form>
</body>
</html>
This is the code for the action script for the form do_addcontact.php. basically it takes the data from the form, in the frorm of $POST[] variables, uses them to make a database query and inserts them into the table. Again, this uses session based authentication. If the insertion is success ful the values are printed out in the subsequent HTML
<?
//check that values were entered
if ((!$POST[f_name]) || (!$POST[l_name])) {
header( "Location: http://127.0.0.1/show_addcontact.php");
exit;
} else {
session_start();
}
//validate user
if ($SESSION[valid] != "yes") {
header("Location: http://127.0.0.1/contact_menu.php");
exit;
}
$db_name = "test";
$table_name = "my_contacts";
$connection = @mysql_connect("localhost", "name", "password") or die(mysql_error());
//connect 2 database
$db = @mysql_select_db($db_name, $connection) or die(mysql_error());
//assemble query
$sql = "INSERT INTO $table_name (id, f_name, l_name, address1, address2, address3, postcode, country, prim_tel, sec_tel, email, birthday) VALUES ('', '$POST[f_name]', '$POST[l_name]', '$POST[address1]', '$POST[address2]', '$POST[address3]', '$POST[postcode]', '$POST[country]', '$POST[prim_tel]', '$POST[sec_tel]', '$POST[email]', '$_POST[birthday]')";
$result = @($sql,$connection) or die(mysql_error());
?>
<html>
<head>
<title>My Contact Management System: Contact Added</title>
</head>
<body>
<h1>My Contact management System</h1>
<h2><em>Add a Contact - Contact Added</em></h2>
<p>The following information was successfully added to
<? echo "$table_name"; ?></p>
<table cellspacing=3 cellpadding=5>
<tr>
<th>Name & Address information</th>
</tr>
<tr>
<td valign=top>
<p><strong>First Name:</strong><br>
<? echo "$POST[f_name]"; ?></p>
<p><strong>Last Name:</strong><br>
<? echo "$POST[l_name]"; ?></p>
<p><strong>Address Line 1</strong><br>
<? echo "$POST[address1]"; ?></p>
<p><strong>Address Line 2</strong><br>
<? echo "$POST[address2]"; ?></p>
<p><strong>Address Line 3</strong><br>
<? echo "$POST[address3]"; ?></p>
<p><strong>Zip/Postal Code:</strong><br>
<? echo "$POST[postcode]"; ?></p>
<p><strong>Country:</strong><br>
<? echo "$_POST[country]"; ?></p>
</td>
<td valign=top>
<p><strong>Primary Telephone Number</strong><br>
<? echo "$POST[prim_tel]"; ?></p>
<p><strong>Secondary telephone Number:</strong><br>
<? echo "$POST[sec_tel]"; ?></p>
<p><strong>E-mail Address:</strong><br>
<? echo "$POST[email]"; ?></p>
<p><strong>Birthday (YYYY-MM-DD):</strong><br>
<? echo "$POST[birthday]"; ?></p>
</td>
</tr>
<tr>
<td align=center colspan=2><br>
<p><a href="contact_menu.php">Return to Main Menu</a></p>
</td>
</tr>
</table>
</body>
</html>
Thanks
