Fixed field format

TheAvenger

I'm in the process of creating a form but I'm running into a problem. I'm not that experienced with php/sql so I'll define what i need here.

There is a field called "klantnummer" that needs to be in a fixed format. The format will be as followed "xxxx-yyy". Where xxxx will be the year (eg 2008, 2009, ....), - will be the mandatory divider, and yyy will be another number but not fixed in length. A valid number would be like 2008-001 or 2009-1 or 2009-03. The fixed part is "xxxx-", that will always stay like that.

To see if a "klantnummer" is valid, it needs to verify if the "klantnummer" exists in the database "klanten". I know there is a function or somethin called mysql_fetch_object but i don't really know how to use it or if there is a simpler way.

The page that has the form coded is separate.

eg page : index.php has the form created in HTML > form action = processing.php
what i have so far for processing.php is this.


<?php
session_start();
$naam=$_POST['naam'];
$voornaam=$_POST['voornaam'];
$email=$_POST['email'];
$klantnummer=$_POST['klantnummer'];
$afdeling=$_POST['afdeling'];
$onderwerp=$_POST['onderwerp'];
$bericht=$_POST['bericht'];

$secure = trim(strip_tags($_POST['secure']));// leave case as entered
$match = $_SESSION['captcha']; // the code on the image

if (($secure!=$match) && ($secure!=""))
 	{
		echo "<link rel='stylesheet' href='../../../../templates/techline_de_template-j15-001/style2.css' />Security code ongeldig.<br/>Ga <a href=\"javascript:history.go(-1)\">Terug</a> en probeer opnieuw. ";
	}

if ($secure=="") 
	{
		echo "<link rel='stylesheet' href='../../../../templates/techline_de_template-j15-001/style2.css' />Security code niet ingevuld.<br/> Ga <a href=\"javascript:history.go(-1)\">Terug</a> en probeer opnieuw.";
	}

elseif(($secure==$match) && ($secure!=""))
	{

	if (($naam=="") || ($voornaam=="") || ($email=="") || ($klantnummer=="") || ($afdeling=='kies') || ($onderwerp=="") || ($bericht==""))
		{
			echo "<link rel='stylesheet' href='../../../../templates/techline_de_template-j15-001/style2.css' />1 of meerdere velden niet ingevuld.<br/>Ga <a href=\"index.php\">Terug</a> en probeer opnieuw.";
		}

	elseif (!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email))
		{
			echo "<link rel='stylesheet' href='../../../../templates/techline_de_template-j15-001/style2.css' />Ongeldig e-mail adres ingevuld.<br/>Ga <a href=\"index.php\">Terug</a> en probeer opnieuw.";	
		}
	/* klantnummer field formatcheck goes here. Based on klantnummer, extra info will be retrieved from database */
	else 
		{
?>
<html>
<head>
<link rel="stylesheet" href="../../../../templates/techline_de_template-j15-001/style2.css" />
</head>
<body>
<form action="send.php" method="post">
<table>
	<tr>
		<th colspan="2">Gelieve onderstaande gegevens te controleren.</th>
	</tr>
    <tr>
	  	<td>Naam: <?php echo $naam ?><input type="hidden" name="naam" value="<?php echo $naam ?>" /></td>
        <td>Voornaam: <?php echo $voornaam ?><input type="hidden" name="voornaam" value="<?php echo $voornaam; ?>"/></td>
	</tr>
    <tr>
    	<td colspan="2">E-Mail: <?php echo $email ?><input type="hidden" name="email" value="<?php echo $email ?>"/></td>
	</tr>
	<tr>
	   	<td>Klantnummer: <?php echo $klantnummer ?><input type="hidden" name="klantnummer" value="<?php echo $klantnummer ?>"/></td>
	    <td>Bestemd voor: <?php echo $afdeling ?><input type="hidden" name="afdeling" value="<?php echo $afdeling ?>" /></td>
	</tr>
	<tr>
		<td align="center" colspan="2">Onderwerp: <?php echo $onderwerp ?><input type="hidden" name="onderwerp" value="<?php echo $onderwerp ?>"/></td>
	</tr>
	<tr>
	   	<td align="center" colspan="2">Uw bericht<br /><?php echo $bericht ?><br /><input type="hidden" name="bericht" value="<?php echo $bericht ?>" /></td>
	</tr>
	<tr>
      	<td colspan="2" align="center">Is dit correct ? Zoja druk op versturen. Indien niet druk op herbeginnen.</td>
    </tr>
    <tr>
       	<td colspan="2" align="center"><input type="submit" value="Versturen" /><input type="reset" value="Herbeginnen" onClick="window.location.href=index.php"></td>
    </tr>
</table>
</form>
</body>
</html>
<?php
			}
	}

?>

ps: is there a way to change my username :p i havent used "TheAvenger" in years :p

ixalmida

I may be wrong, but I don't think you're going to want to use mysql_fetch_object unless you have the OO code to deal with the returned object (which doesn't appear to be the case here).

Based on the info you give, you just want to check to see if the value exists. In that case, you're going to want to use mysql_num_rows to see if there is any matching data.

Here's an example:

$query = "SELECT field1 FROM klanten WHERE klantnummer = $klantnummer";
$result = mysql_query($query, $connection);
if (mysql_num_rows($result) >= 1)
  [..]

TheAvenger

Well its a start, but the thing is that i want to see if the input given is in the only form i want it to be BEFORE i even let php perform the check if the number exists. This for possible future plans i have, that will have the need for a specific format with the domain control center i'm going to create

ixalmida

You're using ereg() to check email format, so why wouldn't you use it to check your number format?

BTW - don't ask me for the regex code because I suck at it. Someone else...?

TheAvenger

cause i dont know how too, thats why. That eregi email check is somethin i googled a long time ago for a different project. I just took it out of that older project sourcecode & inserted that function

ixalmida

Okay, I'll give you my GUESS...

Try out this code:

$ereg_result = ereg("^[12][0-9]{3}\-[0-9]+$", $klantnummer);
echo $ereg_result;

I didn't have time to test it, but from my understanding it should work. Of course, I'm not saying I understand regex...

I'll test and refine it tomorrow if I have time.

Salkcin

// Check if $klantnummer is valid before doing anything else!
if (!preg_match('/^\d{4}-\d{1,3}$/', $klantnummer))
{
	// not valid, ask the user to correct it

}

ixalmida

Yeah...what Salkcin said...

(I did say I suck at regex, right?)

TheAvenger

salkin, care to explain the code abit incase i need to modify it if lets say the length of $klantnummer would change ? Both of you thx already for tryin 🙂

Salkcin

sure,

^{\d{4}-\d{1,3}$}

Basically the pattern says: "Must start with 4 digits followed by a - and must end with 1-3 digits"

And to break it down into more detail:

[INDENT] = must start with the following expression which is...
\d{4} = any digit and it must be a quantity of 4, no more, no less
- = match a hyphen
\d{1,3} = any digit and with a minimum of 1 and maximum of 3 digits
$ = ... and it must end with the previous expression (1-3 digits)[/INDENT]

For more information about how regular expressions work, check the PHP documentation.

TheAvenger

so to verify it would be somethin like this

<?

// make connection to db
// retrieve valid klantnummers into $dbklantummer

// Check if $klantnummer is valid before doing anything else!
if (!preg_match('/^\d{4}-\d{1,3}$/', $klantnummer))
{
	echo "invalid klantnummer format, correct input";

}

elseif ((!preg_match('/^\d{4}-\d{1,3}$/', $klantnummer)) == $dbklantnummer)
{

// do stuff

}
?>

Salkcin

// Check if $klantnummer is valid before doing anything else!
if (!preg_match('/^\d{4}-\d{1,3}$/', $klantnummer))
{
    echo "invalid klantnummer format!";
}
else
{
    echo "Great, klantnummer is valid!";
}

TheAvenger

you're misinterpreting my last message. What i mean is after checking if the entered $klantnummer in the input box and it is checked if the format is correct, how do i go from there to compare it to klantnummers in the database called "klanten" where the database klantnummers get inserted into $dbklantnummer to verify against the inputbox $klantnummer.

Is my coding correct in that case ?

TheAvenger

been a while, but i'm back. I've integrated the format check. Now i have a new question. How do i go about checking if the entered "klantnummer" matches the name and surname in the database.

Database has 3 fields.
field 1: Klantnummers
field 2: Voornaam
field 3: Naam

below is what i have so far.

<?php
session_start();
$naam=$_POST['naam'];
$voornaam=$_POST['voornaam'];
$email=$_POST['email'];
$klantnummer=$_POST['klantnummer'];
$afdeling=$_POST['afdeling'];
$onderwerp=$_POST['onderwerp'];
$bericht=$_POST['bericht'];

$secure = trim(strip_tags($_POST['secure']));// leave case as entered
$match = $_SESSION['captcha']; // the code on the image

if (($secure!=$match) && ($secure!=""))
 	{
		echo "<link rel='stylesheet' href='../../../../templates/techline_de_template-j15-001/style2.css' />Security code ongeldig.<br/>Ga <a href=\"javascript:history.go(-1)\">Terug</a> en probeer opnieuw. ";
	}

if ($secure=="") 
	{
		echo "<link rel='stylesheet' href='../../../../templates/techline_de_template-j15-001/style2.css' />Security code niet ingevuld.<br/> Ga <a href=\"javascript:history.go(-1)\">Terug</a> en probeer opnieuw.";
	}

elseif(($secure==$match) && ($secure!=""))
	{

	if (($naam=="") || ($voornaam=="") || ($email=="") || ($klantnummer=="") || ($afdeling=='kies') || ($onderwerp=="") || ($bericht==""))
		{
			echo "<link rel='stylesheet' href='../../../../templates/techline_de_template-j15-001/style2.css' />1 of meerdere velden niet ingevuld.<br/>Ga <a href=\"index.php\">Terug</a> en probeer opnieuw.";
		}

	elseif (!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email))
		{
			echo "<link rel='stylesheet' href='../../../../templates/techline_de_template-j15-001/style2.css' />Ongeldig e-mail adres ingevuld.<br/>Ga <a href=\"index.php\">Terug</a> en probeer opnieuw.";	
		}

	// make connection to db
	mysql_connect("localhost","soliweb_klanten","LnbfBKZ2");
	mysql_select_db("soliweb_klanten");

	// retrieve valid klantnummers into $dbklantummer
	$query="select Klantnummer from klantgegevens";
	$sql=mysql_query($query) or die (mysql_error());
	while ($obj=mysql_fetch_object($sql)) {
	$dbklantnummer=$obj->Klantnummer;
	$voornaam=$obj->Voornaam;
	$naam=$obj->Naam;
	}

	// Check if $klantnummer is valid before doing anything else!
	if (!preg_match('/^\d{4}-\d{1,3}$/', $klantnummer))
		{
		    echo "<link rel='stylesheet' href='../../../../templates/techline_de_template-j15-001/style2.css' />Ongeldig klantummer<br/>Ga <a href=\"index.php\">Terug</a> en probeer opnieuw.";
		}

	elseif ((!preg_match('/^\d{4}-\d{1,3}$/', $klantnummer)) == $dbklantnummer)
		{

?>
<html>
<head>
<link rel="stylesheet" href="../../../../templates/techline_de_template-j15-001/style2.css" />
</head>
<body>
<form action="send.php" method="post">
<table>
	<tr>
		<th colspan="2">Gelieve onderstaande gegevens te controleren.</th>
	</tr>
    <tr>
	  	<td>Naam: <?php echo $naam ?><input type="hidden" name="naam" value="<?php echo $naam ?>" /></td>
        <td>Voornaam: <?php echo $voornaam ?><input type="hidden" name="voornaam" value="<?php echo $voornaam; ?>"/></td>
	</tr>
    <tr>
    	<td colspan="2">E-Mail: <?php echo $email ?><input type="hidden" name="email" value="<?php echo $email ?>"/></td>
	</tr>
	<tr>
	   	<td>Klantnummer: <?php echo $klantnummer ?><input type="hidden" name="klantnummer" value="<?php echo $klantnummer ?>"/></td>
	    <td>Bestemd voor: <?php echo $afdeling ?><input type="hidden" name="afdeling" value="<?php echo $afdeling ?>" /></td>
	</tr>
	<tr>
		<td align="center" colspan="2">Onderwerp: <?php echo $onderwerp ?><input type="hidden" name="onderwerp" value="<?php echo $onderwerp ?>"/></td>
	</tr>
	<tr>
	   	<td align="center" colspan="2">Uw bericht<br /><?php echo $bericht ?><br /><input type="hidden" name="bericht" value="<?php echo $bericht ?>" /></td>
	</tr>
	<tr>
      	<td colspan="2" align="center">Is dit correct ? Zoja druk op versturen. Indien niet druk op herbeginnen.</td>
    </tr>
    <tr>
       	<td colspan="2" align="center"><input type="submit" value="Versturen" /><input type="reset" value="Herbeginnen" onClick="window.location.href=index.php"></td>
    </tr>
</table>
</form>
</body>
</html>
<?php
			}
	}

?>