CODEWITHSUNDEEP
phpmysqlvalidation
peer
peer

Reputation: 1019

How to insert my validated info? (SQL, PHP)

I've got a little question, so I've wrote a piece of HTML and PHP which would register an account. Now I've done the validation, but how do I insert my data into my database, when all the validation is good: so there are no errors.

I know the SQL syntax, don't worry about that. I just only want to insert when all the validation was good and there were no validation errors.

CODE:

<?php
        $usernameErr = $emailErr = $passwordErr = $password_valErr = "";
        $username = $email = $password = $password_val = "";

        if($_SERVER['REQUEST_METHOD'] == 'POST') {
            if(empty($_POST['username'])) {
                $usernameErr = "Name is required";
            } else {
                $username = validate_input($_POST['username']);
                if($username <= 6) {
                    $usernameErr = "Username must be longer as 6 characters.";
                }
                if(!preg_match("/^[a-zA-Z ]*$/", $username)) {
                    $usernameErr = "Only letters and white space allowed.";
                }       
            }

            if(empty($_POST['email'])) {
                $emailErr = "Email is required";
            } else {
                $email = validate_input($_POST['email']);
                if(!filter_var($email, FILTER_VALIDATE_EMAIL)) {
                    $emailErr = "Invalid email format.";
                }           
            }

            if(empty($_POST['password'])) {
                $passwordErr = "Password is required";
            } else {
                $password = validate_input($_POST['password']);
                if($password <= 8)  {
                    $passwordErr = "Password must be longer as 8 characters.";
                }
                if(!preg_match("#[0-9]+#", $password)) {
                    $passwordErr = "Password must contain atleast 1 number.";
                }
            }

            if(empty($_POST['password_val'])) {
                $password_valErr = "Password_val is required";
            } else {
                $password_val = validate_input($_POST['password_val']);
                if($password_val != $password) {
                    $password_valErr = "Password_val must be equal to password.";
                }       
            }
        }
        ?>

        <table border="1">
            <tr>
                <td><label>Username</label><?=' <b>' . $usernameErr . '</b>';?></td>
                <td><input type="text" name="username" value="<?=$username;?>" placeholder="Enter your desired username..." /></td>
            </tr>
            <tr>
                <td><label>E-mail</label><?=' <b>' . $emailErr . '</b>';?></td>
                <td><input type="text" name="email" value="<?=$email;?>" placeholder="Enter your email address..." /></td>
            </tr>
            <tr>
                <td><label>Password<?=' <b>' . $passwordErr . '</b>';?></label></td>
                <td><input type="password" name="password" placeholder="Enter your desired password..." /></td>
            </tr>
            <tr>
                <td><label>Repeat Password<?=' <b>' . $password_valErr . '</b>';?></label></td>
                <td><input type="password" name="password_val" placeholder="Repeat your chosen password.." /></td>
            </tr>
            <tr>
                <td><input type="submit" name="register" value="Register" /></td>
            </tr>
        </table>
    </form>

Upvotes: 1

Views: 75

Answers (1)

ops
ops

Reputation: 2049

Try this:

if(empty($_POST['username'])) {
    $usernameErr="Name is required";
} else {
    $username=validate_input($_POST['username']);
    if($username<=6) {
        $usernameErr="Username must be longer as 6 characters.";
    }
    if(!preg_match("/^[a-zA-Z ]*$/",$username)) {
        $usernameErr="Only letters and white space allowed.";
    }
}
if(empty($_POST['email'])) {
    $emailErr="Email is required";
} else {
    $email=validate_input($_POST['email']);
    if(!filter_var($email,FILTER_VALIDATE_EMAIL)) {
        $emailErr="Invalid email format.";
    }
}
if(empty($_POST['password'])) {
    $passwordErr="Password is required";
} else {
    $password=validate_input($_POST['password']);
    if($password<=8) {
        $passwordErr="Password must be longer as 8 characters.";
    }
    if(!preg_match("#[0-9]+#",$password)) {
        $passwordErr="Password must contain atleast 1 number.";
    }
}
if(empty($_POST['password_val'])) {
    $password_valErr="Password_val is required";
} else {
    $password_val=validate_input($_POST['password_val']);
    if($password_val!=$password) {
        $password_valErr="Password_val must be equal to password.";
    }
}
if(!isset($usernameErr,$usernameErr,$emailErr,$passwordErr,$password_valErr)) {
    //Insert QUERY
}

Upvotes: 4

Related Questions