hi
i am trying to insert values from emailphp.php page into customers table attached as customers.sql file and i am checking in that page email address validation check_email function so what is it doing is the values are getting inserted even it checks the valid email or not ? and database should not take the values if the erronius email is entered i am attaching the properties page where i am calling the database and functions.php where i am defining the checkeamil function.
thanks in advance
# MySQL-Front 3.1 (Build 11.12)
# Host: medianetversion Database: medianetversion
# ------------------------------------------------------
# Server version 4.1.7-nt
#
# Table structure for table customer
#
CREATE TABLE `customer` (
`customerid` int(11) NOT NULL default '0',
`customername` varchar(200) default ''' ''',
`address` varchar(250) default ''' ''',
`street` varchar(250) default ''' ''',
`city` varchar(250) default ''' ''',
`country` varchar(250) default ''' ''',
`phone` varchar(50) default ''' ''',
`fax` varchar(50) default ''' ''',
`mobile` varchar(50) default ''' ''',
`email` varchar(250) default ''' ''',
`username` varchar(50) default ''' ''',
`password` varchar(50) default ''' ''',
`usertype` varchar(100) default ''' ''',
PRIMARY KEY (`customerid`),
KEY `cutomerid` (`customerid`),
KEY `mailid` (`email`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
#
# Dumping data for table customer
#
INSERT INTO `customer` VALUES (37,'\' \'','\' \'','\' \'','\' \'','Zimbabwe','\' \'','\' \'','\' \'','saigopal@yahoo.com','\' \'','\' \'','\' \'');
//above one is sql
<html>
<head>
<title>email checking</title>
</head>
<body>
<?php
$email=$_POST['email'];
$country=$_POST['countries'];
require("../include/functions/functions.php");
if($email==''){
echo "enter valid email address";
}
else if(!check_email_address($email))
{ echo $email.' is not a valid email address.';}
//print $email;
require("../library/properties.php");
$properties=new Properties();
$properties->connDB();
$properties->selDB();
$qry=sprintf("select * from countries");
$res=mysql_query($qry);
?>
<form name=frm action="emailphp.php" method="POST">
Enter Email Address: <input type=text name=email value="<?php $_POST['email'];?>"><br>
country name <select name=countries>
<option "selected">selected</option>
<?php
while($row=mysql_fetch_array($res,MYSQL_BOTH)) {
$ID=$row[0];
$sname=$row[1];
?>
<option value="<?=$ID?>" "selected"><?php echo $sname; ?></option>
<?php
} ?>
</select>
<?php
$id=35;
$id=$id+1;
print $sname."saigopal<br>";
echo $qry1="INSERT into customer(customerid,country,email) VALUES($id,$sname,$email)";
$res=mysql_query($qry1);
?>
<input type="submit" value="checkemailinsert">
<?php
$properties->closeDB();
?>
</form>
</body>
</html>
//emailphp.php
<?php
function check_email_address($email)
{
//First, we check that there's one @ symbol, and that the lengths are right
if(!ereg("^[^@]{1,64}@[^@]{1,255}$",$email)){
//Email invalid because wrong number of characters in one section, or wrong number of @ symbols.
return false;
}
//Split it into sections to make life easier
$email_array=explode("@",$email);
$local_array=explode(".",$email_array[0]);
for($i=0;$i<sizeof($local_array);$i++)
{
if(!ereg("^(([A-Za-z0-9!#$%&'*+/=?^_`{|}~-][A-Za-z0-9!#$%&'*+/=?^_`{|}~\.-]{0,63})|(\"[^(\\|\")]{0,62}\"))$",$local_array[$i])){
return false;
}
}
if(!ereg("^\[?[0-9\.]+\]?$",$email_array[1])) {// Check if domain is IP.If not, it should be valid domain name
$domain_array=explode(".",$email_array[1]);
if(sizeof($domain_array)<2){
return false; //Not enough parts to domain
}
for($i=0;$i<sizeof($domain_array);$i++){
if(!ereg("^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9]+))$",$domain_array[$i])){
return false;
}
}
}
return true;
}
?>
//functions.php
<?php
class Properties
{
function connDB()
{
mysql_connect("localhost","root","");
}
function selDB($dbname="medianetversion")
{
mysql_select_db($dbname);
}
function closeDB()
{
mysql_close();
}
}
?>
//properties.php
