I have the following code to add a comment to a news article on my site. What I am trying to do is setup code to check to make sure that all the fields are entered, and that the email field is formatted correctly (xxx@xxx.com).
<div id="post_form">
<form action="post.php" method="post" name="postform" id="postform">
<label for="author"><strong>Name</strong></label><input type="text" name="author" id="author" value="" size="22" class="styled" />
<label for="email"><strong>Email</strong></label><input type="text" name="email" id="email" value="" size="22" class="styled" />
<label for="cat"><strong>Category</strong></label>
<select name='cat' id='cat' class='styled'>
<option value='-1'>Choose a category</option>
<option value="1">Cat 1</option>
<option value="2">Cat 2</option>
</select>
<label for="title"><strong>Headline</strong</label><input type="text" name="title" id="title" value="" size="22" class="styled" maxlength="50" />
<label for="comment"><strong>Your Comment</strong></label>
<textarea name="comment" id="comment" cols="90%" rows="10" class="styled" maxlength="350"></textarea>
<label for="submit"><input type="image" class="mainoption" name="submit" id="submit" value="Log in" src="i/submit.png" width="95px" height="45px" /></label>
</form>
</div>
And here is the post.php page:
<?
require ( "xxx.php" );
if ( $_POST['submit'] ) {
$sql = "INSERT INTO story(author, email, cat, title, comment, date) VALUES('" . $_POST['author'] . "','" . $_POST['email'] . "','" . $_POST['cat'] . "','" . $_POST['title'] . "', '" . $_POST['comment'] . "', NOW())";
$add_comment_rs = $conn->Execute($sql) or die ( $conn->ErrorMsg() );
header ( "Location: index.php" );
exit;
}
?>
