divinedesigns1 Posted May 20, 2012 Author Share Posted May 20, 2012 ok i did that and it just said connect error: didnt state what the error is or if its an error Link to comment Share on other sites More sharing options...
birbal Posted May 20, 2012 Share Posted May 20, 2012 can we see the updated code? Link to comment Share on other sites More sharing options...
divinedesigns1 Posted May 21, 2012 Author Share Posted May 21, 2012 <?php// php script for the form start here$errorMessage = "";$firstname = "";$lastname = "";$company = "";$email = "";$mobile = "";if($_POST['firstname']){// Grab variables$firstname = $_POST['firstname'];$lastname = $_POST['lastname'];$company = $_POST['company'];$email = $_POST['email'];$mobile = $_POST['phone'];// Making sure variables are present else stop processif(!$firstname || !$lastname || !$company || !$email || !$mobile){ $errorMessage = 'The Form is incomplete, or you forgot a Field(s). Please Fill all Fields';}else{ // Run any filtering here $firstname = ereg_replace("[^A-Za-z0-9]", "", $_POST['firstname']); $firstname = strip_tags($firstname); $firstname = stripslashes($firstname); $lastname = ereg_replace("[^A-Za-z0-9]", "", $_POST['lastname']); $lastname = strip_tags($lastname); $lastname = stripslashes($lastname); $company = ereg_replace("[^A-Za-z0-9]", "", $_POST['company']); $company = strip_tags($company); $company = stripslashes($company); $email = strip_tags($email); $email = stripslashes($email); $mobile = strip_tags($mobile); $mobile = stripslashes($mobile); $mobile = ereg_replace("[^0-9]", "", $_POST['phone']); $firstname = mysqli_real_escape_string($con, $firstname); $lastname = mysqli_real_escape_string($con, $lastname); $company = mysqli_real_escape_string($con, $company); $email = mysqli_real_escape_string($con, $email); $mobile = mysqli_real_escape_string($con, $mobile); $to = 'smith@smithy.net'; $from = '$firstname ' . ' $lastname'; $subject = 'Fill2Win Promo'; // Email Message Bot $message = " $firstname $lastname $company $email $mobile "; // Configure some headers $header = 'MIME-Version:1.0' . "rn"; $header .= 'Content-type:textrn'; $header .= 'From: $from' . "/r" . "/n"; // mail form include_once "MiConnect.php"; $query = mysqli_query($con, "INSERT INTO form (firstname, lastname, company, email, phone) VALUE('$firstname', '$lastname', '$company', '$email', '$mobile')") or die(mysqli_error($con)); $errorMessage = 'Thank You for your message'; $firstname = ""; $lastname = ""; $company = ""; $email = ""; $mobile = ""; $result = mysqli_query($con, $query);} // lock this condition} // lock if POST a condition?> Link to comment Share on other sites More sharing options...
Guest So Called Posted May 21, 2012 Share Posted May 21, 2012 Just to start out, all that setting things like $errorMessage = ""; is a waste of time. All variables are empty at start of execution (except things like $_POST etc.) Start out like this: if (isset($_POST['submit'])) { and follow that with your variable settings and error checking. You keep setting intermediate values and then going back to original values. You're making your code needlessly over-complicated $firstname = ""; if($_POST['firstname']){// Grab variables$firstname = $_POST['firstname']; if(!$firstname || !$lastname || !$company || !$email || !$mobile){ $firstname = ereg_replace("[^A-Za-z0-9]", "", $_POST['firstname']); $firstname = strip_tags($firs... If you wish, just start out with $firstname = $_POST['firstname']; and then use $firstname after that. For example: $firstname = ereg_replace("[^A-Za-z0-9]", "", $firstname); Link to comment Share on other sites More sharing options...
divinedesigns1 Posted May 21, 2012 Author Share Posted May 21, 2012 (edited) Just to start out, all that setting things like $errorMessage = ""; is a waste of time. why is it a waste of time? its there for a reason Edited May 21, 2012 by DDs1 Link to comment Share on other sites More sharing options...
Err Posted May 21, 2012 Share Posted May 21, 2012 (edited) I see the $con variable but I don't see from where you are getting it from, it just suddenly appears. $firstname = mysqli_real_escape_string($con, $firstname); I think you meant to make a connection first, then do the above code. Edited May 21, 2012 by Err Link to comment Share on other sites More sharing options...
divinedesigns1 Posted May 21, 2012 Author Share Posted May 21, 2012 (edited) I see the $con variable but I don't see from where you are getting it from, it just suddenly appears.$firstname = mysqli_real_escape_string($con, $firstname); I think you meant to make a connection first, then do the above code. the $con comes from this include_once function i think imma place that inside the script itself and see if that work instead, because this is the second time im having this exact errorinclude_once "MiConnect.php"; $query = mysqli_query($con, "INSERT INTO form (firstname, lastname, company, email, phone)VALUE('$firstname', '$lastname', '$company', '$email', '$mobile')") or die(mysqli_error($con)); Edited May 21, 2012 by DDs1 Link to comment Share on other sites More sharing options...
divinedesigns1 Posted May 21, 2012 Author Share Posted May 21, 2012 shake my booty shake my booty shake my booty i got it working oooo yeaa shake shake what i did was take out the connection information from MyConnect.php or MiConnect.php and place it into the script itself and bammmmmmm no error,for some reason it wasnt reading the include_once file and realizing that the variable con was coming from there and not in the script itself, so by placing the variable and function into the script itself, it worked no error from the mysqli_real_escape_string() and the script works Thank you everyone Link to comment Share on other sites More sharing options...
Err Posted May 21, 2012 Share Posted May 21, 2012 That's great. Can I offer some suggestions?I know you got your coding working like you like but there is a better way you can write your variables. Instead of doing this: $firstname = "";[...]$firstname = $_POST['firstname'];[...]$firstname = ereg_replace("[^A-Za-z0-9]", "", $_POST['firstname']);$firstname = strip_tags($firstname);$firstname = stripslashes($firstname); You can do this: $firstname = (isset($_POST['firstname'])) ? preg_replace("/[^A-Za-z0-9]/","",$_POST['firstname']) : ""; You can put that at the very beginning. Basically, it checks if there a POST variable named firstname, if there is only allow A-Z a-z 0-9 and apply it to $_POST['firstname'], else just make it an empty variable. You should be using the preg* function since the ereg* function are outdated, even more so than mysql*. Since you are using the replace function to remove any characters you don't want, using strip_tags() and stripslashes() won't do anything more. You can do the above code with all your POST variables. Link to comment Share on other sites More sharing options...
divinedesigns1 Posted May 21, 2012 Author Share Posted May 21, 2012 That's great. Can I offer some suggestions? I know you got your coding working like you like but there is a better way you can write your variables. Instead of doing this:$firstname = "";[...]$firstname = $_POST['firstname'];[...]$firstname = ereg_replace("[^A-Za-z0-9]", "", $_POST['firstname']);$firstname = strip_tags($firstname);$firstname = stripslashes($firstname); You can do this: $firstname = (isset($_POST['firstname'])) ? preg_replace("/[^A-Za-z0-9]/","",$_POST['firstname']) : ""; You can put that at the very beginning. Basically, it checks if there a POST variable named firstname, if there is only allow A-Z a-z 0-9 and apply it to $_POST['firstname'], else just make it an empty variable. You should be using the preg* function since the ereg* function are outdated, even more so than mysql*. Since you are using the replace function to remove any characters you don't want, using strip_tags() and stripslashes() won't do anything more. You can do the above code with all your POST variables. ok ill switch it around, in the morning, time to go play a little game, upgrade this site template then fight with the Z's. thanks again Link to comment Share on other sites More sharing options...
divinedesigns1 Posted May 22, 2012 Author Share Posted May 22, 2012 That's great. Can I offer some suggestions? I know you got your coding working like you like but there is a better way you can write your variables. Instead of doing this:$firstname = "";[...]$firstname = $_POST['firstname'];[...]$firstname = ereg_replace("[^A-Za-z0-9]", "", $_POST['firstname']);$firstname = strip_tags($firstname);$firstname = stripslashes($firstname); You can do this: $firstname = (isset($_POST['firstname'])) ? preg_replace("/[^A-Za-z0-9]/","",$_POST['firstname']) : ""; You can put that at the very beginning. Basically, it checks if there a POST variable named firstname, if there is only allow A-Z a-z 0-9 and apply it to $_POST['firstname'], else just make it an empty variable. You should be using the preg* function since the ereg* function are outdated, even more so than mysql*. Since you are using the replace function to remove any characters you don't want, using strip_tags() and stripslashes() won't do anything more. You can do the above code with all your POST variables. question, wouldnt i have to place the $firstname = $_POST['firstname'];[...] for each? or do i just have to place $firstname = (isset($_POST['firstname'])) ? preg_replace("/[^A-Za-z0-9]/","",$_POST['firstname']) : "";$lastname = (isset($_POST['firstname'])) ? preg_replace("/[^A-Za-z0-9]/","",$_POST['firstname']) : "";$company = (isset($_POST['firstname'])) ? preg_replace("/[^A-Za-z0-9]/","",$_POST['firstname']) : "";etc Link to comment Share on other sites More sharing options...
Err Posted May 22, 2012 Share Posted May 22, 2012 $_POST['firstname'] gets assigned to $firstname in that line but it does more than that, so you should do the same for all variables. So something like this: $firstname = (isset($_POST['firstname'])) ? preg_replace("/[^A-Za-z0-9]/","",$_POST['firstname']) : "";$lastname = (isset($_POST['lastname'])) ? preg_replace("/[^A-Za-z0-9]/","",$_POST['lastname']) : "";$company = (isset($_POST['company'])) ? preg_replace("/[^A-Za-z0-9]/","",$_POST['company']) : "";$phone = (isset($_POST['phone'])) ? preg_replace("/[^0-9]/","",$_POST['phone']) : ""; Link to comment Share on other sites More sharing options...
Guest So Called Posted May 22, 2012 Share Posted May 22, 2012 Do them all. Link to comment Share on other sites More sharing options...
divinedesigns1 Posted May 23, 2012 Author Share Posted May 23, 2012 $_POST['firstname'] gets assigned to $firstname in that line but it does more than that, so you should do the same for all variables. So something like this:$firstname = (isset($_POST['firstname'])) ? preg_replace("/[^A-Za-z0-9]/","",$_POST['firstname']) : "";$lastname = (isset($_POST['lastname'])) ? preg_replace("/[^A-Za-z0-9]/","",$_POST['lastname']) : "";$company = (isset($_POST['company'])) ? preg_replace("/[^A-Za-z0-9]/","",$_POST['company']) : "";$phone = (isset($_POST['phone'])) ? preg_replace("/[^0-9]/","",$_POST['phone']) : ""; ok got it now, thanks Err, and why you named yourself Err?Do them all.ok kool thanks so called sorry for the late reply guys, was sleeping Link to comment Share on other sites More sharing options...
Err Posted May 23, 2012 Share Posted May 23, 2012 Named after a television character I like. Link to comment Share on other sites More sharing options...
divinedesigns1 Posted May 23, 2012 Author Share Posted May 23, 2012 Named after a television character I like.oh ok Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now