Jump to content

Recommended Posts

ok i did that and it just said connect error: didnt state what the error is or if its an error

Link to post
Share on other sites

can we see the updated code?

Link to post
Share on other sites
<?php// php script for the form start here$errorMessage = "";$firstname = "";$lastname = "";$company = "";$email = "";$mobile = "";if($_POST['firstname']){// Grab variables$firstname = $_POST['firstname'];$lastname = $_POST['lastname'];$company = $_POST['company'];$email = $_POST['email'];$mobile = $_POST['phone'];// Making sure variables are present else stop processif(!$firstname || !$lastname || !$company || !$email || !$mobile){  $errorMessage = 'The Form is incomplete, or you forgot a Field(s). Please Fill all Fields';}else{  // Run any filtering here  $firstname = ereg_replace("[^A-Za-z0-9]", "", $_POST['firstname']);  $firstname = strip_tags($firstname);  $firstname = stripslashes($firstname);  $lastname = ereg_replace("[^A-Za-z0-9]", "", $_POST['lastname']);  $lastname = strip_tags($lastname);  $lastname = stripslashes($lastname);  $company = ereg_replace("[^A-Za-z0-9]", "", $_POST['company']);  $company = strip_tags($company);  $company = stripslashes($company);  $email = strip_tags($email);  $email = stripslashes($email);  $mobile = strip_tags($mobile);  $mobile = stripslashes($mobile);  $mobile = ereg_replace("[^0-9]", "", $_POST['phone']);   $firstname = mysqli_real_escape_string($con, $firstname);  $lastname = mysqli_real_escape_string($con, $lastname);  $company = mysqli_real_escape_string($con, $company);  $email = mysqli_real_escape_string($con, $email);  $mobile = mysqli_real_escape_string($con, $mobile);   $to = 'smith@smithy.net';  $from = '$firstname ' . ' $lastname';  $subject = 'Fill2Win Promo';   // Email Message Bot  $message = "  $firstname  $lastname  $company  $email  $mobile  ";   // Configure some headers  $header = 'MIME-Version:1.0' . "rn";  $header .= 'Content-type:textrn';  $header .= 'From: $from' . "/r" . "/n";   // mail form  include_once "MiConnect.php";  $query = mysqli_query($con, "INSERT INTO form (firstname, lastname, company, email, phone) VALUE('$firstname', '$lastname', '$company', '$email', '$mobile')") or die(mysqli_error($con));   $errorMessage = 'Thank You for your message';  $firstname = "";  $lastname = "";  $company = "";  $email = "";  $mobile = "";   $result = mysqli_query($con, $query);} // lock this condition} // lock if POST a condition?>

Link to post
Share on other sites
Guest So Called

Just to start out, all that setting things like $errorMessage = ""; is a waste of time. All variables are empty at start of execution (except things like $_POST etc.) Start out like this:

if (isset($_POST['submit'])) {

and follow that with your variable settings and error checking. You keep setting intermediate values and then going back to original values. You're making your code needlessly over-complicated

$firstname = ""; if($_POST['firstname']){// Grab variables$firstname = $_POST['firstname']; if(!$firstname || !$lastname || !$company || !$email || !$mobile){    $firstname = ereg_replace("[^A-Za-z0-9]", "", $_POST['firstname']);  $firstname = strip_tags($firs...

If you wish, just start out with $firstname = $_POST['firstname']; and then use $firstname after that. For example:

$firstname = ereg_replace("[^A-Za-z0-9]", "", $firstname);

Link to post
Share on other sites
Just to start out, all that setting things like $errorMessage = ""; is a waste of time.
why is it a waste of time? its there for a reason Edited by DDs1
Link to post
Share on other sites

I see the $con variable but I don't see from where you are getting it from, it just suddenly appears.

$firstname = mysqli_real_escape_string($con, $firstname);

I think you meant to make a connection first, then do the above code.

Edited by Err
Link to post
Share on other sites
I see the $con variable but I don't see from where you are getting it from, it just suddenly appears.
$firstname = mysqli_real_escape_string($con, $firstname);

I think you meant to make a connection first, then do the above code.

the $con comes from this include_once function i think imma place that inside the script itself and see if that work instead, because this is the second time im having this exact errorinclude_once "MiConnect.php";
$query = mysqli_query($con, "INSERT INTO form (firstname, lastname, company, email, phone)VALUE('$firstname', '$lastname', '$company', '$email', '$mobile')") or die(mysqli_error($con));

Edited by DDs1
Link to post
Share on other sites
:good: shake my booty shake my booty shake my booty i got it working oooo yeaa shake shake :rofl: what i did was take out the connection information from MyConnect.php or MiConnect.php and place it into the script itself and bammmmmmm no error,for some reason it wasnt reading the include_once file and realizing that the variable con was coming from there and not in the script itself, so by placing the variable and function into the script itself, it worked no error from the mysqli_real_escape_string() and the script works Thank you everyone :rofl:
Link to post
Share on other sites

That's great. Can I offer some suggestions?I know you got your coding working like you like but there is a better way you can write your variables. Instead of doing this:

$firstname = "";[...]$firstname = $_POST['firstname'];[...]$firstname = ereg_replace("[^A-Za-z0-9]", "", $_POST['firstname']);$firstname = strip_tags($firstname);$firstname = stripslashes($firstname);

You can do this:

$firstname = (isset($_POST['firstname'])) ? preg_replace("/[^A-Za-z0-9]/","",$_POST['firstname']) : "";

You can put that at the very beginning. Basically, it checks if there a POST variable named firstname, if there is only allow A-Z a-z 0-9 and apply it to $_POST['firstname'], else just make it an empty variable. You should be using the preg* function since the ereg* function are outdated, even more so than mysql*. Since you are using the replace function to remove any characters you don't want, using strip_tags() and stripslashes() won't do anything more. You can do the above code with all your POST variables.

Link to post
Share on other sites
That's great. Can I offer some suggestions? I know you got your coding working like you like but there is a better way you can write your variables. Instead of doing this:
$firstname = "";[...]$firstname = $_POST['firstname'];[...]$firstname = ereg_replace("[^A-Za-z0-9]", "", $_POST['firstname']);$firstname = strip_tags($firstname);$firstname = stripslashes($firstname);

You can do this:

$firstname = (isset($_POST['firstname'])) ? preg_replace("/[^A-Za-z0-9]/","",$_POST['firstname']) : "";

You can put that at the very beginning. Basically, it checks if there a POST variable named firstname, if there is only allow A-Z a-z 0-9 and apply it to $_POST['firstname'], else just make it an empty variable. You should be using the preg* function since the ereg* function are outdated, even more so than mysql*. Since you are using the replace function to remove any characters you don't want, using strip_tags() and stripslashes() won't do anything more. You can do the above code with all your POST variables.

ok ill switch it around, in the morning, time to go play a little game, upgrade this site template then fight with the Z's. thanks again
Link to post
Share on other sites
That's great. Can I offer some suggestions? I know you got your coding working like you like but there is a better way you can write your variables. Instead of doing this:
$firstname = "";[...]$firstname = $_POST['firstname'];[...]$firstname = ereg_replace("[^A-Za-z0-9]", "", $_POST['firstname']);$firstname = strip_tags($firstname);$firstname = stripslashes($firstname);

You can do this:

$firstname = (isset($_POST['firstname'])) ? preg_replace("/[^A-Za-z0-9]/","",$_POST['firstname']) : "";

You can put that at the very beginning. Basically, it checks if there a POST variable named firstname, if there is only allow A-Z a-z 0-9 and apply it to $_POST['firstname'], else just make it an empty variable. You should be using the preg* function since the ereg* function are outdated, even more so than mysql*. Since you are using the replace function to remove any characters you don't want, using strip_tags() and stripslashes() won't do anything more. You can do the above code with all your POST variables.

question, wouldnt i have to place the
$firstname = $_POST['firstname'];[...]

for each? or do i just have to place

$firstname = (isset($_POST['firstname'])) ? preg_replace("/[^A-Za-z0-9]/","",$_POST['firstname']) : "";$lastname = (isset($_POST['firstname'])) ? preg_replace("/[^A-Za-z0-9]/","",$_POST['firstname']) : "";$company = (isset($_POST['firstname'])) ? preg_replace("/[^A-Za-z0-9]/","",$_POST['firstname']) : "";etc

Link to post
Share on other sites

$_POST['firstname'] gets assigned to $firstname in that line but it does more than that, so you should do the same for all variables. So something like this:

$firstname = (isset($_POST['firstname'])) ? preg_replace("/[^A-Za-z0-9]/","",$_POST['firstname']) : "";$lastname = (isset($_POST['lastname'])) ? preg_replace("/[^A-Za-z0-9]/","",$_POST['lastname']) : "";$company = (isset($_POST['company'])) ? preg_replace("/[^A-Za-z0-9]/","",$_POST['company']) : "";$phone = (isset($_POST['phone'])) ? preg_replace("/[^0-9]/","",$_POST['phone']) : "";

Link to post
Share on other sites
$_POST['firstname'] gets assigned to $firstname in that line but it does more than that, so you should do the same for all variables. So something like this:
$firstname = (isset($_POST['firstname'])) ? preg_replace("/[^A-Za-z0-9]/","",$_POST['firstname']) : "";$lastname = (isset($_POST['lastname'])) ? preg_replace("/[^A-Za-z0-9]/","",$_POST['lastname']) : "";$company = (isset($_POST['company'])) ? preg_replace("/[^A-Za-z0-9]/","",$_POST['company']) : "";$phone = (isset($_POST['phone'])) ? preg_replace("/[^0-9]/","",$_POST['phone']) : "";

ok got it now, thanks Err, and why you named yourself Err?
Do them all.
ok kool thanks so called sorry for the late reply guys, was sleeping
Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...