I need help please to add function for clean up any inputs form that we receive from the users for this code below : <...
I need help please to add function for clean up any inputs form that we receive from the users for this code below :
<?php
session_start();
// initializing variables
$fname = "";
$lname = "";
$address = "";
$city = "";
$state = "";
$zip = "";
$email = "";
$phone = "";
$errors = array();
// connect to the database
$db = mysqli_connect("localhost","root","password","db");
// REGISTER USER
if (isset($_POST['reg_user1'])) {
// receive all input values from the form
$fname = mysqli_real_escape_string($db, $_POST['fname']);
$lname = mysqli_real_escape_string($db, $_POST['lname']);
$address = mysqli_real_escape_string($db, $_POST['address']);
$city = mysqli_real_escape_string($db, $_POST['city']);
$state = mysqli_real_escape_string($db, $_POST['state']);
$zip = mysqli_real_escape_string($db, $_POST['zip']);
$email = mysqli_real_escape_string($db, $_POST['email']);
$phone = mysqli_real_escape_string($db, $_POST['phone']);
$password_1 = mysqli_real_escape_string($db,
$_POST['password_1']);
$password_2 = mysqli_real_escape_string($db,
$_POST['password_2']);
// form validation: ensure that the form is correctly filled
...
// by adding (array_push()) corresponding error unto $errors
array
if (empty($fname)) { array_push($errors, "First name is required");
}
if (empty($lname)) { array_push($errors, "Last name is required");
}
if (empty($address)) { array_push($errors, "Address is required");
}
if (empty($city)) { array_push($errors, "City is required");
}
if (empty($state)) { array_push($errors, "State is required");
}
if (empty($email)) { array_push($errors, "Email is required");
}
if (empty($phone)) { array_push($errors, "Phone number is
required"); }
if (empty($password_1)) { array_push($errors, "Password is
required"); }
if ($password_1 != $password_2) {
array_push($errors, "The two passwords do not
match");
}
// first check the database to make sure
// a user does not already exist with the same username and/or
email
$user_check_query = "SELECT * FROM member WHERE phone='$phone' OR
email='$email' LIMIT 1";
$result = mysqli_query($db, $user_check_query);
$user = mysqli_fetch_assoc($result);
if ($user) { // if user exists
if ($user['phone'] === $phone) {
array_push($errors, "Phone Number already exists");
}
if ($user['email'] === $email) {
array_push($errors, "email already exists");
}
}
// Finally, register user if there are no errors in the
form
if (count($errors) == 0) {
$query = "INSERT INTO member (fname, lname,
address, city, state, zip, email, phone, password)
VALUES('$fname',
'$lname', '$address', '$city', '$state', '$zip', '$email',
'$phone', '$password_1')";
mysqli_query($db, $query);
$_SESSION['fname'] = $fname;
$_SESSION['success'] = "You are now logged in";
header('location: indexMember.php');
}
}
// LOGIN USER
if (isset($_POST['login_member'])) {
$fname = mysqli_real_escape_string($db, $_POST['fname']);
$password = mysqli_real_escape_string($db, $_POST['password']);
if (empty($fname)) {
array_push($errors, "Username is required");
}
if (empty($password)) {
array_push($errors, "Password is required");
}
if (count($errors) == 0) {
$password_1 = md5($password);
$query = "SELECT * FROM member WHERE fname='$fname'
AND password='$password'";
$results = mysqli_query($db, $query);
if (mysqli_num_rows($results) == 1 ){
$_SESSION['fname'] = $fname;
$_SESSION['success'] = "You are now logged in";
header('location: indexMember.php');
}else {
array_push($errors, "Wrong
username/password combination");
}
}
}
?>
Homework Answers
Data validation is an integral part of working with forms.Not only can invalid submitted data lead to security problems,but i can also break the webpage.
"filter_var" function is used to remove illegal characters and validate data.
if (empty($fname)) { array_push($errors, "First name is required");
}
$new_string = filter_var($fname,FILTER_SANITIZE_STRING); //Remove all html tags from string.
if (empty($lname)) { array_push($errors, "Last name is required"); }
$new_stringa = filter_var($lname,FILTER_SANITIZE_STRING); //Remove all html tags from string.
if (empty($address)) { array_push($errors, "Address is required"); }
$new_stringb = filter_var($address,FILTER_SANITIZE_STRING); //Remove all html tags from string.
if (empty($city)) { array_push($errors, "City is required"); }
$new_stringc = filter_var($city,FILTER_SANITIZE_STRING); //Remove all html tags from string.
if (empty($state)) { array_push($errors, "State is required"); }
$new_stringd = filter_var($state,FILTER_SANITIZE_STRING); //Remove all html tags from string.
if (empty($email)) { array_push($errors, "Email is required"); }
echo filter_var($_POST['email'],FILTER_SANITIZE_EMAIL); //This function will remove any characters that should not occur in EMAIL type.
if (empty($phone)) { array_push($errors, "Phone number is required"); }
$new_var = filter_var($phone,FILTER_SANITIZE_INT;
if (empty($password_1)) { array_push($errors, "Password is required"); }
if ($password_1 != $password_2) {
array_push($errors, "The two passwords do not
match");
}
This part of your code only validates whether the input file contains any data. It doesn't check for invalid data.
filter_var function will sanitize and validate data.
Sanitizing will remove any illegal character from the data.
Validating will determine the data is in proper form.
I have added the functions for sanitizing data in the above code.
Hope this helps.!
Add Answer to:
I need help please to add function for clean up any inputs form that we receive from the users for this code below : <...
For this code below, I need to add the form information to mysql when I click...
For this code below, I need to add the form information to mysql when I click on submit, at the same time when I click on submit I need to move to another page like Welcome.php WITH NOTE THAT THE ENTERED INFORMATION NOW ALREADY IN DATABASE how can I male that with my code below? THANKS ................................................................................................................................................ <form method="POST"> <div class="container"> <label for="fname"><b>First Name</b></label> <input type="text" placeholder="Enter First Name" name="fname" required> <label for="lname"><b>Last Name</b></label> <input type="text" placeholder="Enter Last Name"...
How can I print the Database table in PHP please ? here I have form for name and email, also I have php code that allow...
How can I print the Database table in PHP please ? here I have form for name and email, also I have php code that allow user to add his name and email to my database, all I need to print my final database when the user click on submit. <form action="" method="post"> <label>Name :</label> <input type="text" name="name" required="required" placeholder="Please Enter Name"/><br /><br /> <label>Email :</label> <input type="email" name="email" required="required" /><br/><br /> <input type="submit" value=" Submit " name="submit"/><br /> </form>...
I need help showing the first column of the table to show up exactly with the...
I need help showing the first column of the table to show up exactly with the mysql table into the php page. Is there a way to fix it ? So I created a php form where the user enters the information. sand.truman.edu/~jyl6557/assignment5/hw5-dataentry.php . it asks for name, hometown, gender(only male and female) and status (freshman, sophmore, junior, senior). once it checks and passes through those tests, it would say added successfully and then show the links to add another...
NEED HELP with HTML with Javascript embedding for form validation project below. I have my code...
NEED HELP with HTML with Javascript embedding
for form validation project below. I have my code
below but I'm stuck with validation. If anyone can fix it, I'd
really appreciate.
******************************************************************************
CODE:
<!DOCTYPE html>
<!--
To change this license header, choose License Headers in Project
Properties.
To change this template file, choose Tools | Templates
and open the template in the editor.
-->
<html>
<head>
<title>Nice</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width,
initial-scale=1.0">
<script>
var textFromTextArea;
function getWords(){
var text =...
Form Processing HTML One of the most ubiquitous uses of JavaScript is validating form data on...
Form Processing HTML
One of the most ubiquitous uses of JavaScript is validating form
data on the client side before it is submitted to the server. It is
done everywhere because it is fast and it gives you a great deal of
flexibility in how you handle errors insofar as the GUI is
concerned.
Attached is an image of some code I wrote (so Blackboard can't
mess it up). Some things to notice that will help you with the
lab....
I need help with the following SQL query for a company database (script given below). The...
I need help with the following SQL query for a company database (script given below). The name of the Department. The number of employees working in that department. The number of different projects controlled by this department. The name of the project controlled by this department that has the maximum number of employees of the company working on it. The number of the above project. The cumulative sum of the number of employees of the company working on the projects...
NEED HELP with HTML with Javascript embedding
for form validation project below. I have my code
below but I'm stuck with validation. If anyone can fix it, I'd
really appreciate.
******************************************************************************
CODE:
<!DOCTYPE html>
<!--
To change this license header, choose License Headers in Project
Properties.
To change this template file, choose Tools | Templates
and open the template in the editor.
-->
<html>
<head>
<title>Nice</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width,
initial-scale=1.0">
<script>
var textFromTextArea;
function getWords(){
var text =...
Form Processing HTML
One of the most ubiquitous uses of JavaScript is validating form
data on the client side before it is submitted to the server. It is
done everywhere because it is fast and it gives you a great deal of
flexibility in how you handle errors insofar as the GUI is
concerned.
Attached is an image of some code I wrote (so Blackboard can't
mess it up). Some things to notice that will help you with the
lab....
Most questions answered within 3 hours.
-
A rock band plays at a 67 dB sound level. How many times greater
is the...
asked 3 minutes ago -
What is the acceleration due to gravity when measured in
furlongs per fortnight-squared ? (1furlong is...
asked 10 minutes ago -
Read the t statistic from the t distribution
table and choose the correct answer. For a...
asked 29 minutes ago -
A copper wire of cross-sectional area of 8.2x10^-7 m^2 has a
resistance of 1.11 Ω.
a)....
asked 34 minutes ago -
Here is a sample data set (n=48) that is nearly normal (as can
be seen in...
asked 35 minutes ago -
Consider a binomial experiment with n = 9 trials where the
probability of success on a...
asked 53 minutes ago -
Find the percentage of the total work lost to friction if 20.8 J
of work is...
asked 57 minutes ago -
1.why should every employee should know his rights in the
workplace?
2.why the industrial officer union...
asked 53 minutes ago -
6. Given the following equations:
(i) 3 A2+ + 2 D → 3 A + 2...
asked 57 minutes ago -
Consider the oscillator position x=2 cos(2π t), where time t is
measured in seconds. What is...
asked 57 minutes ago -
A firm has beginning inventory of 340 units at a cost of $9
each. Production during...
asked 1 hour ago -
Find the standard deviation of the following 6 price values of
the S & P 500...
asked 1 hour ago