Error Checking on Fields...

lukatchikm

In this .PHP document, I am error checking data that was sent from a previous form.

The very first thing I am doing in this .PHP file is error checking.

In the main body, if all the error tests pass, information will be submitted to the database.

It seems, however, that when I purposely pass invalid data to this .PHP file, it doesn't error check on any of my fields...

Basically, data is getting inserted into my database, no matter what form it is in...I know my logic is correct, but my syntax is not...Does anyone have any suggestions?

----------------------ERROR CHECKING IS THE FIRST THING I DO IN THIS DOCUMENT---------------------------------------

<?php

#EXECUTE THIS CODE IF THE FORM HAS BEEN SUBMITTED ONCE
if ($submit)
{ $valid=true; #SET VARIABLE DEFAULT VALUE

#CHECK THAT FIRST NAME FIELD IS NOT BLANK
if (!$firstname)
  { $errmsg .="Enter your first name...<br>"; $valid=false; }

#CHECK THAT LAST NAME FIELD IS NOT BLANK
if (!$lastname)
{ $errmsg .="Enter your last name...<br>"; $valid=false; }

#CHECK THAT DEPARTMENT FIELD IS NOT BLANK
if (!$department)
{ $errmsg .="Choose a department...<br>"; $valid=false; }

#CHECK THAT THE TITLE FIELD IS NOT BLANK
if (!$title)
{ $errmsg .="Enter your title...<br>"; $valid=false; }

#CHECK THAT THE PHONE FILED IS NOT BLANK
if (!$phone)
{ $errmsg .="Enter your phone number...<br>"; $valid=false; }

#CHECK THAT THE EMAIL IS FORMATTED CORRECTLY
if ($email)
{ $email = trim($email);
  #PATTERNS FOR NAME, DOMAIN, AND TOP-LEVEL DOMAINS
  $_name = "/^[-!#$%&\'*+\\.\/0-9=?A-Z^_`{|}~]+";
  $_host = "([-0-9A-Z]+\,)+";
  $_tlds = "([0-9A-Z]){2,4}$/i";
  #CHECK THE VALIDITY OF THE EMAIL FORMAT
  if( !preg_match($_name."@".$_host .$_tlds,$email) )
  {$errmsg .="E-Mail address has an incorrect format!<br>"; $valid=false; }
}

#IF THE FORM IS INVALIDLY SUBMITTED, WRITE THE ERROR MESSAGE AND THE FORM
if ($valid=false)
{ echo($errmsg.$form); }

?>
--------------------AFTER <HEAD>, IN THE MAIN BODY----------------------------------

<?php

#IF THE FORM IS VALID, SUBMIT THE INFORMATION TO THE DATABASE

#CONNECT TO SQL
$conn = @mysql_connect("localhost","michael","password")
or die("Could not connect to MySQL Report this error to your <a href='mailto:me@luzernecounty.org'>system administratior</a> now!" .mysql_error());

#CONNECT TO THE DATABASE
$bd = @mysql_select_db("COUNTY_DIRECTORY",$conn)
or die("Could not select database. Report this error to your <a href='me@luzernecounty.org'>system administratior</a> now!" .mysql_error());

#ENTER THE FORM INFORMATION
$sql = "insert into EMPLOYEE_INFO
(f_name,l_name,dept,title,phone,ext,fax,email) values
(\"$firstname\",\"$lastname\",\"$department\",\"$title\",\"$phone\",\"$extention\",\"$fax\",\"$email\" )";

#GIVE A RESULT
$result = @($sql,$conn)
or die("Could not enter information! Report this error to your <a href='mailto:me@luzernecounty.org'>system administratior</a> now!" .mysql_error());

#IF RESULT, DISPLAY THE FOLLOWING MESSAGE
if ($result) { echo (" <h2>New profile for $firstname $lastname added!</h2> 
Click <a href='default.htm'>HERE</a> to log-out. Click <a href='admin_add.php'>HERE</a> to add another employee! Click <a href='admin_edit_home.htm'>HERE</a> to return to administration home."); }
}

AndrewWest

I doubt this will help you much, but I'm kindof confused at something when I look at your coding.

Where is the } closing bracket to the 1st and 7th if statements?

lukatchikm

!!!!!!! (kicks myself)!!!!!!

I will check this out, and will post again if needed.

Thanks!!!