ken
Reputation: 2662
Data directly store to mysql database without any validation already set using php
I am novice for the php and mysql. cuurrently I'm working on a registration system using php and mysql to storing the data. So I already connect the database, and I'm doing some validation for the form information the user fill in. I decided not to use html "required" function. But the validation is not working at all. Although the info fill in is empty, it doesn't display any error but it still can proceed to the next step and insert the info to the database. Any help would be appreciated,see whether where is going wrong...
here is my code.
<div id="content">
<form action="signup.php"method="POST">
<fieldset>
<legend>Sign up your Watevershit account to unlock more shit!</legend>
<p>
<label>
<span>Username :</span>
<input type="text"name="username">
</label>
</p>
<p><?php if(isset($errors['username1']) echo $errors['username1'])?></p>
<p>
<label>
<span>Password</span>
<input type="password"name="password">
</label>
</p>
<p><?php if(isset($errors['password1']) echo $errors['password1'])?></p>
<p>
<label>
<span>Confirm Password :</span><input type="password"name="password">
</label>
</p>
<p>
<label>
<span>Email:</span>
<input type="email"name="email">
</label>
</p>
<p><?php if(isset($errors['email1']) echo $errors['email1'])?></p>
<p>
<label>
<input type="submit"id="submit"value="Sign Up Now!">
</label>
</p>
<p>
<label>
<span><a href="login.html">Already member?Log in here</a></span>
</label>
</p>
</fieldset>
</form>
</div>
here is my php script which I do all the validation already,but it doesn't work and insert data to database although the form fill in nothing. So,what's wrong here ?
<?php
include ('config.php');
//declare variables
$username=$_POST['username'];
$password=$_POST['password'];
$email=$_POST['email'];
//define error variables
$usernameERR = $emailERR =$passwordERR="";
$username=$email=$password="";
//validation
if ($_SERVER["REQUEST_METHOD"] == "POST"){
//not empty
//at least 3 characters long
//start the validation
//check the username
if(empty($_POST['username'])){
$errors['username1'] = "Required fields"
}
if (strlen($username) <3 ) {
$errors['username2'] ="Username must at least 3 characrters long.";
}
//check the password
if (empty($_POST['password'])){
$errors['password1'] ="Required fields";
}
if (strlen($password) < 8) {
$errors['password2'] = "Password must be 8 characrters long";
}
//check the email
if (empty($_POST['email'])){
$errors['email1'] = "Required fields";
}
if (strlen($email) < 12){
$errors['email2'] ="Email must at least 12 characrters long";
}
//check the errors
if(count($errors) == 0){
//redirect to sucess page
header('Location:login.html');
}
}
// if all correct,insert data to the database
$query="INSERT INTO user(Username,Password,Email) VALUES ('".$_POST['username']."','".$_POST['password']."','".$_POST['email']."')";
mysqli_query($con,$query);
?>
Any idea?
Upvotes: 0
Views: 880
Answers (2)
Deenadhayalan Manoharan
Reputation: 5444
Try this..
<?php
$errors=array();
if ($_SERVER["REQUEST_METHOD"] == "POST"){
$username=$_POST['username'];
$password=$_POST['password'];
$email=$_POST['email'];
//not empty
//at least 3 characters long
//start the validation
//check the username
if(empty($_POST['username'])){
$errors['username1'] = "Required fields";
}
if (strlen($username) <3 ) {
$errors['username2'] ="Username must at least 3 characrters long.";
}
//check the password
if (empty($_POST['password'])){
$errors['password1'] ="Required fields";
}
if (strlen($password) < 8) {
$errors['password2'] = "Password must be 8 characrters long";
}
//check the email
if (empty($_POST['email'])){
$errors['email1'] = "Required fields";
}
if (strlen($email) < 12){
$errors['email2'] ="Email must at least 12 characrters long";
}
//check the errors
if(count($errors) == 0){
$query="INSERT INTO user(Username,Password,Email) VALUES ('".$_POST['username']."','".$_POST['password']."','".$_POST['email']."')";
mysqli_query($con,$query);
}
}
?>
<div id="content">
<form action="" method="POST">
<fieldset>
<legend>Sign up your Watevershit account to unlock more shit!</legend>
<p>
<label>
<span>Username :</span>
<input type="text"name="username">
</label>
</p>
<p><?php if(!empty($errors['username1'])) { echo $errors['username1']; } ?></p>
<p>
<label>
<span>Password</span>
<input type="password" name="password">
</label>
</p>
<p><?php if(!empty($errors['password1'])) { echo $errors['password1']; }?></p>
<p>
<label>
<span>Confirm Password :</span><input type="password"name="password">
</label>
</p>
<p>
<label>
<span>Email:</span>
<input type="email"name="email">
</label>
</p>
<p><?php if(!empty($errors['email1'])) { echo $errors['email1']; }?></p>
<p>
<label>
<input type="submit"id="submit"value="Sign Up Now!">
</label>
</p>
<p>
<label>
<span><a href="login.html">Already member?Log in here</a></span>
</label>
</p>
</fieldset>
</form>
</div>
Upvotes: 2
Mangesh Parte
Reputation: 2177
Replace this block:
//check the errors
if(count($errors) == 0){
//redirect to sucess page
header('Location:login.html');
}
With this:
//check the errors
if(count($errors) > 0){
//redirect to sucess page
header('Location:login.html');
}
And also replace following line:
if ($_SERVER["REQUEST_METHOD"] == "POST"){
With:
if ($_POST){
Upvotes: 0
Related Questions
- PHP-Form validation and insertion using MySql
- php mysql forms validation
- PHP/MYSQL validate
- How do i save PHP form input in MySQL database using same script as form input and validation
- how can I use database data in form validation?
- How to insert my validated info? (SQL, PHP)
- Text validation before storing into MySQL database
- Insert data to database after validation
- Validating data before inserting into database
- validation in php