Phil Jackson
04-27-2010, 06:22 PM
<?php
# Alias: Phil Jackson
# ACT Web Designs
# http://actwebdesigns.co.uk
# PHP Form Validation
# below is a simple form that I have added just incase ;-)
#<form method="post" action="./root-to-this-file.php">
# <p><label for="email">Email: </label><input name="email" type="text" /></p>
# <p><label for="email">Phone Number: </label><input name="phone_number" type="text" /></p>
# <p><label for="email">Post Code: </label><input name="post_code" type="text" /></p>
# <p><input type="submit" name="submit-form" value="send" />
#</form>
# alter the details below to suit.
# to add more data into the equasion simply add another form input;
# <p><label for="username">User Name: </label><input name="username" type="text" /></p>
# and then add the details in the master array. If you do not have nor need a regular
# expression, then just add '' which will then check to see if it both exists and that
# it is not empty. I have added the example commented out in the master array.
# all data passed is cleansed and should not cause any problems.
# inspired by the good folk of codingforums.com!
define( "SUBMIT_BUTTON_NAME", 'submit-form' );
define( "DB_SERVER", 'localhost' );
define( "DB_USERNAME", 'root' );
define( "DB_PASSWORD", '' );
define( "DB_NAME", 'test' );
define( "TABLE_NAME", 'test' );
define( "RETURN_ADDRESS", 'http://www.actwebdesigns.co.uk' );
define( "MSG", "Successfully inserted data into table" );
$master = array(
'input_name' => array(
'email',
'phone_number',
'post_code'
// 'username' ( but dont forget to add a comma after post code )
),
'regex' => array(
'^[_a-z0-9\-]+(\.[_a-z0-9\-]+)*@[a-z0-9\-]+(\.[a-z0-9\-]+)*(\.[a-z]{2,3})$',
'^\d{5}\s?\d{6}$',
'^[A-Z]{1,2}[0-9]{1,2} ?[0-9][A-Z]{2}$'
// '' ( leave empty if only want to check if input is set and not empty, dont forget to add the comma above )
),
'error' => array(
'Incorrect email format',
'Incorrect phone number format',
'Incorrect UK post code format'
// 'Please enter a username ( dont forget to add the comma above )
),
'db_col' => array(
'EMAIL',
'PHONE_NUMBER',
'POST_CODE'
// 'USERNAME' ( dont forget the comma!! )
)
);
############################################
############# NO NEED TO EDIT BELOW ########
############################################
if( isset( $_POST[SUBMIT_BUTTON_NAME] ) ) {
$CON = mysql_connect( DB_SERVER, DB_USERNAME, DB_PASSWORD ) or die( "Error: on line " . __LINE__ . " located at " . __FILE__ . " " . mysql_error() );
mysql_select_db( DB_NAME, $CON );
function filter( $data ) {
$data = trim( htmlentities( mb_convert_encoding( $data, 'HTML-ENTITIES', "UTF-8") ) );
if ( get_magic_quotes_gpc() ) {
$data = stripslashes( $data );
}
$data = mysql_real_escape_string( $data );
return $data;
}
foreach( $_POST as $key => $val ) {
$post[$key] = $val;
unset( $_POST[$key] );
}
foreach( $master['input_name'] as $key => $input_name ) {
if( ! isset( $post[$input_name] ) || empty( $post[$input_name] ) ) {
$msg = $master['error'][$key];
break;
}elseif( ! empty ( $master['regex'][$key] ) && ! preg_match( "#" . $master['regex'][$key] . "#is", $post[$input_name] ) ) {
$msg = $master['error'][$key];
break;
}
}
if( ! isset( $msg ) ) {
$col_str = '';
$val_str = '';
foreach( $master['db_col'] as $key => $col_name ) {
$col_str .= "`" . $col_name . "`, ";
$val_str .= "'" . $post[$master['input_name'][$key]] . "', ";
}
$insert_query = "INSERT INTO `" . TABLE_NAME . "` ( " . substr( $col_str, 0, -2 ) . " ) VALUES ( " . substr( $val_str, 0, -2 ) . " )";
mysql_query( $insert_query, $CON ) or die( "Error: on line " . __LINE__ . " located at " . __FILE__ . " " . mysql_error() );
$msg = MSG;
}
mysql_close( $CON );
header( "location: " . RETURN_ADDRESS . "?msg=" . urlencode( $msg ) );
exit;
}
?>
I must admit I havn't had time to test it, it's just I saw jet again another post about form validation and thought this might help folk.
Was also going to do the jquery function but wasn't sure administration would allow me to post with this code.
# Alias: Phil Jackson
# ACT Web Designs
# http://actwebdesigns.co.uk
# PHP Form Validation
# below is a simple form that I have added just incase ;-)
#<form method="post" action="./root-to-this-file.php">
# <p><label for="email">Email: </label><input name="email" type="text" /></p>
# <p><label for="email">Phone Number: </label><input name="phone_number" type="text" /></p>
# <p><label for="email">Post Code: </label><input name="post_code" type="text" /></p>
# <p><input type="submit" name="submit-form" value="send" />
#</form>
# alter the details below to suit.
# to add more data into the equasion simply add another form input;
# <p><label for="username">User Name: </label><input name="username" type="text" /></p>
# and then add the details in the master array. If you do not have nor need a regular
# expression, then just add '' which will then check to see if it both exists and that
# it is not empty. I have added the example commented out in the master array.
# all data passed is cleansed and should not cause any problems.
# inspired by the good folk of codingforums.com!
define( "SUBMIT_BUTTON_NAME", 'submit-form' );
define( "DB_SERVER", 'localhost' );
define( "DB_USERNAME", 'root' );
define( "DB_PASSWORD", '' );
define( "DB_NAME", 'test' );
define( "TABLE_NAME", 'test' );
define( "RETURN_ADDRESS", 'http://www.actwebdesigns.co.uk' );
define( "MSG", "Successfully inserted data into table" );
$master = array(
'input_name' => array(
'email',
'phone_number',
'post_code'
// 'username' ( but dont forget to add a comma after post code )
),
'regex' => array(
'^[_a-z0-9\-]+(\.[_a-z0-9\-]+)*@[a-z0-9\-]+(\.[a-z0-9\-]+)*(\.[a-z]{2,3})$',
'^\d{5}\s?\d{6}$',
'^[A-Z]{1,2}[0-9]{1,2} ?[0-9][A-Z]{2}$'
// '' ( leave empty if only want to check if input is set and not empty, dont forget to add the comma above )
),
'error' => array(
'Incorrect email format',
'Incorrect phone number format',
'Incorrect UK post code format'
// 'Please enter a username ( dont forget to add the comma above )
),
'db_col' => array(
'EMAIL',
'PHONE_NUMBER',
'POST_CODE'
// 'USERNAME' ( dont forget the comma!! )
)
);
############################################
############# NO NEED TO EDIT BELOW ########
############################################
if( isset( $_POST[SUBMIT_BUTTON_NAME] ) ) {
$CON = mysql_connect( DB_SERVER, DB_USERNAME, DB_PASSWORD ) or die( "Error: on line " . __LINE__ . " located at " . __FILE__ . " " . mysql_error() );
mysql_select_db( DB_NAME, $CON );
function filter( $data ) {
$data = trim( htmlentities( mb_convert_encoding( $data, 'HTML-ENTITIES', "UTF-8") ) );
if ( get_magic_quotes_gpc() ) {
$data = stripslashes( $data );
}
$data = mysql_real_escape_string( $data );
return $data;
}
foreach( $_POST as $key => $val ) {
$post[$key] = $val;
unset( $_POST[$key] );
}
foreach( $master['input_name'] as $key => $input_name ) {
if( ! isset( $post[$input_name] ) || empty( $post[$input_name] ) ) {
$msg = $master['error'][$key];
break;
}elseif( ! empty ( $master['regex'][$key] ) && ! preg_match( "#" . $master['regex'][$key] . "#is", $post[$input_name] ) ) {
$msg = $master['error'][$key];
break;
}
}
if( ! isset( $msg ) ) {
$col_str = '';
$val_str = '';
foreach( $master['db_col'] as $key => $col_name ) {
$col_str .= "`" . $col_name . "`, ";
$val_str .= "'" . $post[$master['input_name'][$key]] . "', ";
}
$insert_query = "INSERT INTO `" . TABLE_NAME . "` ( " . substr( $col_str, 0, -2 ) . " ) VALUES ( " . substr( $val_str, 0, -2 ) . " )";
mysql_query( $insert_query, $CON ) or die( "Error: on line " . __LINE__ . " located at " . __FILE__ . " " . mysql_error() );
$msg = MSG;
}
mysql_close( $CON );
header( "location: " . RETURN_ADDRESS . "?msg=" . urlencode( $msg ) );
exit;
}
?>
I must admit I havn't had time to test it, it's just I saw jet again another post about form validation and thought this might help folk.
Was also going to do the jquery function but wasn't sure administration would allow me to post with this code.