Reputation: 87
PHP Regular Expressions and CSV Validation
I am trying to create a CSV Checker which inserts the checked data into a Database and any unsuccessful data added to a .txt file. I am trying to used regular expressions to validate the data I am inserting, the while loop without any validation works and inserts fine but as soon as regular expressions are used it does not work.
<?php
include_once('connection.php');
error_reporting(E_ALL);
date_default_timezone_set('Europe/London');
$date = date('d/m/y h:i:s a', time());
$filetxt = "./errors.txt";
$errors = array();
$var1 = 5;
$var2 = 1000;
$var3 = 10;
$sql = '';
if(isset($_POST["Import"]))
{
echo $filename=$_FILES["file"]["tmp_name"];
if($_FILES["file"]["size"] > 0)
{
$file = fopen($filename, "r");
while(($emapData = fgetcsv($file, 10000, ",")) !==FALSE)
{
if(isset($_GET['strProductCode']))
{
$emapData[0] = $conn->real_escape_string(trim($_POST['strProductCode']));
if (!preg_match("^[a-zA-Z0-9]+$^", $_POST['strProductCode']))
{
$errors['strProductCode'];
}
}
if(isset($_GET['strProductName']))
{
$emapData[1] = $conn->real_escape_string(trim($_GET['strProductName']));
if (!preg_match("^[a-zA-Z0-9]+$^", $_POST['strProductName']))
{
$errors['strProductName'];
}
}
if(isset($_GET['strProductDesc']))
{
$emapData[2] = $conn->real_escape_string(trim($_GET['strProductDesc']));
if (!preg_match("^[a-zA-Z0-9]+$^", $_POST['strProductDesc']))
{
$errors['strProductDesc'];
}
}
if(isset($_GET['intStock']))
{
if (!preg_match("^[0-9]", $_POST['intStock']))
{
$errors['intStock'];
}
}
if(isset($_GET['intPrice']))
{
if (!preg_match("[0-9]", $_POST['intPrice']))
{
$errors['intPrice'];
}
}
if(isset($_GET['dtmDiscontinued'])){
if($emapData[6] == preg_match("[a-zA-Z]", $_POST['dtmDiscontinued']))
{
$emapData[6] = $date;
echo $date;
}else{
$emapData[6] = Null;
}
}
if(count($errors > 0))
{
// errors
$write = "$emapData[0], $emapData[1], $emapData[2], $emapData[3], $emapData[4], $emapData[5], $emapData[6]\r\n";
file_put_contents($filetxt , $write , FILE_APPEND);
}else{
// insert into Database
$sql = "INSERT INTO tblproductdata(strProductCode, strProductName, strProductDesc, intStock, intPrice, dtmAdded, dtmDiscontinued) VALUES('$emapData[0]','$emapData[1]','$emapData[2]','$emapData[3]','$emapData[4]','$date','$emapData[6]')";
$res=$conn->query($sql);
}
}
fclose($file);
echo "CSV File has successfully been Imported";
echo "<br>";
echo "Any errors within the CVS Database are reported here.";
echo "<br>";
$fh = fopen($filetxt, 'r');
$theData = fread($fh, filesize($filetxt));
fclose($fh);
echo $theData;
}else{
echo "Invalid File: Please Upload a Valid CSV File";
}
header("Location: index.php");
}
?>
My knowledge of PHP is not great but this is my best attempt. Any help would be greatly appreciated.
Upvotes: 0
Views: 144
Answers (1)
Reputation: 37944
There are several issues in your code. Let's start with the regular expressions and your error checking:
Some of your expressions are invalid. Note that each expression needs a delimiting character at the beginng and ending of the expression. In some of your expressions (like
^[0-9]) these delimiters are missing. Please also note that using^as a delimiter for a regular expression is not a good choice, because the^character also has a special meaning in regular expressions.This should actually cause PHP Warnings. I see that you have
error_reportingenabled; you should also have a look at yourdisplay_errorssetting.As mentioned in my comment, you do not assign any values to the
$errorsarray. The statement$errors['strProductName']in itself does not change the array; this means that$errorswill always be empty. You probably mean to do something like:$errors['strProductName'] = TRUE;You're actually checking
count($errors > 0)where you should be checkingcount($errors > 0).count($errors > 0)translates to eithercount(TRUE)orcount(FALSE)which both equal 1.
Some other notes:
- Some times, you check for
$_GET['strProductCode'], but then use$_POST['strProductCode']. - You do not reset the
$errorsarray for each iteration. That means that for each line that you read, the$errorsvariable will still contain the errors from the previous iteration. As a result, the first invalid line will cause all following lines to be recognized as invalid, too. You register an error when one of the parameters is of an invalid format, but not when one of them is not set at all (i.e. when
isset($_POST[...])isFALSE). Each of them should probably be sth. like this:if (isset($_POST['strProductCode'])) { $emapData[0] = $conn->real_escape_string(trim($_POST['strProductCode'])); if (!preg_match("^[a-zA-Z0-9]+$^", $_POST['strProductCode'])) { $errors['strProductCode'] = TRUE; } } else { $errors['strProductCode'] = TRUE; }
Upvotes: 1
Related Questions
- How To Validate CSV column in PHP?
- MySQL Regular Expression to match multiple CSV rows containing certain fields in order
- PHP CSV regex in string
- Getting CSV values in mySQL
- How to Practically Split Values from CSV File into MySQL Database
- Validating items in CSV with regex
- PHP Regular Expression validation
- MySQL Regular Expressions fail in php script
- Regular expression for parsing CSV in PHP
- CSV to MYSQL parse issue