Reputation: 51
Adding Validation in a Form linked with a Database
Its been hours, I am trying to add validations like Email, area must not be blank but none have worked for me. Here's the files I am working on
This is Register.php file
<form action="finish.php" method="post"/>
<p>First & Last Name: <input type="text" name="Name"/></p>
<p>Country: <input type="text" name="Country"/></p>
<p>Email Adress <div class="comment">a confirmation email will be sent<br> to you at this address</div><input type="text" name="Email"/></p>
<p>How You Hear About us? <select name="How" id="how" class="how">
<option value="From a Friend">From a Friend</option>
<option value="From Google">From Google</option>
<option value="Advertisements">Advertisments</option>
<option value="Other">Other</option>
</select>
</p>
<input id="submit" type="submit" value="Mail It!" />
</form>
Finish.php File
<?php
define('DB_NAME', 'temp');
define('DB_USER', 'root');
define('DB_PASSWORD', '');
define ('DB_HOST', 'localhost');
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if (!$link) {
die('Could not Connect: ' . mysql_error());
}
$db_selected = mysql_select_db(DB_NAME, $link);
if (!$db_selected) {
die('Can\'t use ' .DB_NAME . '; ' .mysql_error());
}
$value = $_POST['Name'];
$value2 = $_POST['Country'];
$value3 = $_POST['Email'];
$value4 = $_POST['How'];
$sql ="INSERT INTO tempr (Name, Country, Email, How) VALUES ('$value', '$value2', '$value3', '$value4')";
if (!mysql_query($sql)) {
die('Error: ' .mysql_error());
}
mysql_close();
?>
The form is connected to the Database, so if I add validation it makes it harder to get the data in the database? can anyone please provide me a solution to add validation?
Thanks
Upvotes: 0
Views: 1211
Answers (2)
Reputation: 6896
You actually face many challenges, which include:
Is the email form element filled in at all?
Does the email in the form element match the pattern of an email?
How do you protect your db from SQL injection attacks?
escaping for mysql (read the big warning and follow the links)
You'd better get yourself geared up to protect your server and your clients from all kinds of attacks, so google the term FIEO to better understand when to Filter Input and Escape Output.
Upvotes: 1
Reputation: 40068
I realize that you have asked for a PHP solution, but honestly you should validate the data on teh client side (javascript/jQuery) so that you can return control to the user if necessary without refreshing the page and forcing them to re-enter data.
Are you familiar with this jQuery plugin:
http://jqueryvalidation.org/documentation/
To use it, you will need to load both the jQuery library and the jQueryValidation plugin in the head tags of your document:
<head>
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js"></script>
<script src="//ajax.aspnetcdn.com/ajax/jquery.validate/1.11.1/jquery.validate.min.js"></script>
</head>
Upvotes: 0
Related Questions
- PHP - Validation form
- validation for form php mysql
- Form -> Database with jQuery Validation
- how can I use database data in form validation?
- PHP & form validation
- How to add validation to my form?
- Validating my PHP form and submitting to database
- validation in php
- validate form with database before moving on to the next page
- Database "validation" PHP