...

View Full Version : Few Questions



Edd1e316
02-25-2010, 03:27 PM
Hi there everyone, I'm a bit unsure if this is going to be the right forum you post these questions in, if it turns out to be incorrect I apologise.

Basically I have a few tasks that I need to complete, I need to create a website(this isn't the problem) that contains a form for users to input their details. Once submitted the user details should then go to a database and an email of confirmation.

I have some experience of coding having used, Pascal, C++, Python, Java but all too a very basic level.

I was just wondering what I should use to complete these tasks and if someone could point me into the direction of some tutorials that may be of assistance.

Cheers Ed

JAY6390
02-25-2010, 04:37 PM
Basically you need to use $_POST or $_GET depending on the form submission type (more than likely $_POST will be better suited) to get the data passed from the form to your script

For mysql, you will need mysql_connect, mysql_select_db, mysql_query and mysql_real_escape_string (go to php.net/function_name_here for more info on them all)

Finally to send the email you will need to use the mail() function.

I would suggest you look at examples at http://www.w3schools.com/ for more information

Edd1e316
02-25-2010, 06:02 PM
Ok is PHP definitely the way for me to approach this task then ?

I've downloaded Visual Web Developer 2008 Express edition, to see if that is any use.

My plan is too make the website in Photoshop CS4 and then use splicing tutorials.

The form in PHP and MySQL ?? for the database side.

Does that seem the best approach ?

JAY6390
02-25-2010, 06:27 PM
PHP is for processing. For the form generation you will need to create a form using HTML. I would definitely recommend using PHP for this. It's fairly simple to create a "contact form" or whatever kind of form you are generating. If you google php contact form tutorial I'm sure you will find a suitable tutorial that will show you how to do this, and from there modify it to a form more suitable to yours. After that its just a case of creating a simple database table to insert the data into before emailing

Edd1e316
02-25-2010, 10:07 PM
Ok excellent thank you, I'll post back my progress in a couple of days.

Edd1e316
03-07-2010, 10:44 PM
I've just got round to fully installing Apache, PHP, MySQL and PHPmyadmin, proved to be alot more complex than any standard installation without alot of code editting.

Anyways the real work will start now and I'll keep you updated with any queries that will no doubt arise.

Edd1e316
03-31-2010, 12:10 AM
;
$companyname = $_POST['companyname'];
$telephonenumber = $_POST['telephonenumber'];
$email = $_POST['email'];
$jobdescription = $_POST['jobdescription'];
$joblocation = $_POST['joblocation'];
$hearabout = $_POST['hear'];

//inserting data order
$order = "INSERT INTO data_employees
(fullname, companyname, telephonenumber)
VALUES
('$fullname',
'$companyname',
'$telephonenumber')";

//declare in the order variable
$result = mysql_query($order); //order executes
if($result){
echo("<br>Input data is succeed");
} else{
echo("<br>Input data is fail");
}
?>

Thats my coding, I want the data entered in a form to go into a mysql database any way you could help me out guys and girls ?

MattF
03-31-2010, 12:53 AM
What's the problem with the code you've posted? Also, check the docs for mysql_real_escape_string, intval etc on the PHP site. You really need to sanitise and validate your input.

Edd1e316
03-31-2010, 01:58 AM
It won't add the data to the database no matter what solutions I've tried proper annoying.

MattF
03-31-2010, 02:03 AM
It prints the message to say that data entry failed?

Edd1e316
03-31-2010, 02:26 AM
<?php
$con = mysql_connect("localhost","root","root");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}

mysql_select_db("customerquotation", $con);

$sql="INSERT INTO customers (fullname, companyname, telephone, email, jobdescription, joblocation, hear)
VALUES
('$_POST[fullname]','$_POST[companyname]','$_POST[telephone]','$_POST[email]','$_POST[jobdescription]','$_POST[joblocation]','$_POST[hear]')";

if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
echo "1 record added";

mysql_close($con)
?>

It's finally adding data to the database in all the fields except the first three were I get the following error messages...

Notice: Undefined index: fullname in C:\server\www\myserver.dev\public_html\quotationform.php on line 12

Notice: Undefined index: companyname in C:\server\www\myserver.dev\public_html\quotationform.php on line 12

Notice: Undefined index: telephone in C:\server\www\myserver.dev\public_html\quotationform.php on line 12

masterofollies
03-31-2010, 02:44 AM
Are you using an isset form POST method? Try this


<?php

mysql_connect("localhost","root","root") or die(mysql_error());
mysql_select_db("customerquotation") or die(mysql_error());

if (isset($_POST['submit']))

{

$fullname = $_POST['fullname'];
$companyname = $_POST['companyname'];
$telephonenumber = $_POST['telephonenumber'];
$email = $_POST['email'];
$jobdescription = $_POST['jobdescription'];
$joblocation = $_POST['joblocation'];
$hearabout = $_POST['hear'];

//inserting data order
$order = "INSERT INTO data_employees
(fullname, companyname, telephonenumber)
VALUES
('$fullname',
'$companyname',
'$telephonenumber')";

//declare in the order variable
$result = mysql_query($order); //order executes
if($result){
echo("<br>Input data is succeed");
} else{
echo("<br>Input data is fail");
}

}

else {
//Form goes here
}
?>

Place your form into the else statement. If your form is in a different file, than remove the else and keep the IF ISSET

Edd1e316
03-31-2010, 03:08 AM
I've tried your coding and with no success.

The coding I posted in my previous post is what I'm having the most success with except it won't enter the data of the first three fields for some unknown reason, once I've cracked that I'll be on my way to validating it all and I'll be done.

MattF
03-31-2010, 04:39 AM
As I mentioned earlier, sanitise and validate. If you were validating, there would be no possibility of it attempting to insert nonexistent fields. You should be doing something along the lines of the following, (same for each POST var):



if (isset($_POST['companyname']) && !empty($_POST['companyname']))
{
[sanitise and assign the var here as you've checked it's set]
}
else
{
[do your error processing here, as companyname isn't set]
}



Plus, I'll mention again, sanitise and validate. Read up on the use of mysql_real_escape_string.

Edd1e316
03-31-2010, 06:48 PM
<?php

$con = mysql_connect("localhost","root","root");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}

$fullname = check_input($_POST['fullname']);
$companyname = check_input($_POST['companyname']);
$telephone = check_input($_POST['telephone']);
$email = check_input($_POST['email']);
$jobdescription = check_input($_POST['jobdescription']);
$joblocation = check_input($_POST['joblocation']);
$hear = check_input($_POST['hear']);

mysql_select_db("customerquotation", $con);

$sql="INSERT INTO customers (fullname, companyname, telephone, email, jobdescription, joblocation, hear)
VALUES
('$_POST[fullname]','$_POST[companyname]','$_POST[telephone]','$_POST[email]','$_POST[jobdescription]','$_POST[joblocation]','$_POST[hear]')";

if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
echo "1 record added";

mysql_close($con)
?>

<?php
function check_input($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>

Thats what I went for in the end and seems to work fine :) can anyone foresee any problems with that coding ?

I've got the validation in the html of the website and that is using JavaScript

MattF
03-31-2010, 08:37 PM
Thats what I went for in the end and seems to work fine :) can anyone foresee any problems with that coding ?

Third time lucky:



Read up on the use of mysql_real_escape_string.





I've got the validation in the html of the website and that is using JavaScript

Remind your users to disable javascript to bypass your validation then.

Seriously, still about as much use as a chocolate fireguard, security wise.

cfructose
04-01-2010, 01:07 AM
Just a comment regarding you last sentence...

You might want to think twice about relying on javascript for the validation.

I use js to validate, sure, but that's only so that the user can get immediate feedback without having to wait for a page refresh. I repeat (and extend) the validation server-side with php as well - and you need to do this too - otherwise anyone with js disabled is gonna be able to post data that doesn't get validated.

Having to code all that stuff twice, and in two different languages, is a female dog ;) but it's folly not to.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum