I have a script that checks whether a user is logged in or not.
If the user are not logged in they are directed to the login page.
else the user is logged in.
If the user is logged in they can adda story,
I have a validation check on the title and main text fields, if the title is not set, then output an error message eg
Expand|Select|Wrap|Line Numbers
- if (isset($_POST['title'])) {
- // Do this
- $t = escape_data($_POST['title']);
- } else {
- // Output error message
- $t = FALSE;
- echo '<p>You forgot to enter a title</p>';
- }
Any help would be appreciated
Here is the full code:
Expand|Select|Wrap|Line Numbers
- <?php
- # Filename - add_story.php
- # Date - 9th August 2007
- # Author - Stephen Hoult
- # Author Email - stephen@hoult.org.uk
- // This file allows logged in users to add a story.
- // Include config file for error management and such
- include('./includes/config.inc.php');
- // Set page title and include HTML header
- $page_title = 'Add a Story';
- include('./includes/header.html');
- // If no first_name variable exists, redirect the user.
- if (!isset($_SESSION['first_name'])) {
- // Start defining the URL.
- $url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
- // Check for a trailing slash.
- if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) {
- $url = substr ($url, 0, -1); // Chop off the slash.
- }
- // Add the page.
- $url .= '/login.php';
- ob_end_clean(); // Delete the buffer.
- header("Location: $url");
- exit(); // Quit the script.
- } else { // First name variable exists - user is logged in
- //If the form has been submitted
- if (isset($_POST['submitted'])) {
- // Connect to the database
- require_once('../mysql_connect_ur.php');
- // Validate title
- if (isset($_POST['title'])) {
- $t = escape_data($_POST['title']);
- } else {
- $t = FALSE;
- echo '<p><font color="red" size="+1">Please enter a title.</font></p>';
- } // End of validate Title
- // Validate Main text
- if (isset($_POST['title'])) {
- $mt = escape_data($_POST['main_text']);
- } else {
- $mt = FALSE;
- echo '<p>You forgot to enter the main text.</p>';
- } // End of validate Main text
- if ($t && $mt) { // If validation checks pass
- // Add the story.
- $query = "INSERT INTO content (title, main_text, date_submitted)
- VALUES ('$t', '$mt', NOW())";
- $result = mysql_query($query);
- echo '<p>Your story has been added to the database</p>';
- mysql_close(); // Close database connection
- } else { // Validation check failed
- echo '<p>A system error has occurred. Your story has not been added.</p>';
- } // End of if all validation checks pass
- } // End of if Submitted
- } // End of is logged in
- ?>
- <fieldset><legend>Add a story</legend>
- <form action="add_story.php" method="post" >
- <p>Title: <input type="text" name="title" size="30" maxlength="50" value="<?php if (isset($_POST['title'])) echo $_POST['title']; ?>" /></p>
- <p>Main Text<textarea name="main_text" cols="40" rows="5"/><?php if (isset($_POST['main_text'])) echo $_POST['main_text']; ?></textarea></p>
- <p><input type="submit" name="submit" value="Submit" /></p>
- <input type="hidden" name="submitted" value="TRUE" />
- </form>
- </fieldset>
- <?php
- include('./includes/footer.html'); // Include HTML footer
- ?>