I am trying to build a user registration form using PHP and MYSQL but encountring a problem.
When I click on submit with empty fields it adds records to database also it doesn't matter what information I put it always add records to database when I click on submit. What can I do to make sure user will not be able to add records to database until he enters the right information?
I am posting my code for you guys to have a look and help me with the problem. Any help will be really appreciated.
connect.php
Expand|Select|Wrap|Line Numbers
- <?php
- $con = mysql_connect("localhost","username","password");
- if (!$con)
- {
- die('Could not connect: ' . mysql_error());
- }
- mysql_query("CREATE DATABASE tbl_login", $con);
- mysql_select_db("tbl_login", $con);
- $sql = "CREATE TABLE login_tbl
- (
- loginID int NOT NULL AUTO_INCREMENT,
- PRIMARY KEY(loginID),
- Username varchar(35),
- Password varchar(35),
- Email varchar(35)
- )";
- mysql_query($sql,$con);
- ?>
Expand|Select|Wrap|Line Numbers
- <?php
- $form_validation_alerts = Array(
- '>' => "%%Name%% should be more than %%num%%!",
- '<' => "%%Name%% should be less than %%num%%!",
- '>=' => "%%Name%% should be more or equal to %%num%%!",
- '<=' => "%%Name%% should be less or equal to %%num%%!",
- 'ch' => "%%Name%% contains invalid characters!",
- 'chnum_' => "%%Name%% contains invalid characters!",
- 'date' => "Please, enter a valid %%name%%!",
- 'email' => "Please, enter a valid e-mail address!",
- 'empty' => "Please, enter %%name%%!",
- 'len >' => "%%Name%% should contain more than %%num%% characters!",
- 'len <' => "%%Name%% should contain less than %%num%% characters!",
- 'len >=' => "%%Name%% should contain at least %%num%% characters!",
- 'len <=' => "%%Name%% should contain at most %%num%% characters!",
- 'len ==' => "%%Name%% should contain %%num%% characters!",
- 'num' => "%%Name%% is not a valid number!");
- function form_validation_alert($type, $name, $num)
- {
- $name = preg_replace('/^\W*(\w*)\W*$/', "$1", $name);
- $msg = $GLOBALS['form_validation_alerts'][$type];
- $msg = str_replace('%%Name%%', strtoupper(substr($name, 0, 1)) . strtolower(substr($name, 1, strlen($name)-1)), $msg);
- $msg = str_replace('%%name%%', strtolower($name), $msg);
- $msg = str_replace('%%num%%', $num, $msg);
- return $msg;
- }
- // ***** isNaN *****************************************************************
- function form_validation_isNaN($value)
- {
- return (string)(integer)$value !== (string)$value;
- }
- // ***** Validate **************************************************************
- function form_validation_validate($data, $rules)
- {
- $rules = preg_replace('/^(\s*)(\S.*)/', "$2", $rules);
- $rules = preg_split('/\s*;\s*/', $rules);
- foreach ($rules as $i => $rule)
- {
- $rule = preg_split('/\s*:\s*/', $rule);
- if (count($rule) < 2) continue;
- $rule[0] = preg_split('/\s+/', $rule[0]);
- $rule[1] = preg_split('/\s+/', $rule[1]);
- foreach ($rule[0] as $j => $name)
- {
- $name = str_replace("[]", "", $name);
- if (!in_array($rule[1][0], Array('cnt', 'radio', 'terms')))
- if (!isset($data[$name])) return 'Invalid form!';
- if (!in_array($rule[1][0], Array('cnt')))
- if ( isset($data[$name]) && is_array($data[$name])) return 'Invalid form!';
- switch ($rule[1][0])
- {
- // ***** Comparison *****
- case '>':
- if (form_validation_isNaN($data[$name]))
- return form_validation_alert('num', $name, 0);
- if ($data[$name] <= $rule[1][1])
- return form_validation_alert('>', $name, $rule[1][1]);
- break;
- case '<':
- if (form_validation_isNaN($data[$name]))
- return form_validation_alert('num', $name, 0);
- if ($data[$name] >= $rule[1][1])
- return form_validation_alert('<', $name, $rule[1][1]);
- break;
- case '>=':
- if (form_validation_isNaN($data[$name]))
- return form_validation_alert('num', $name, 0);
- if ($data[$name] < $rule[1][1])
- return form_validation_alert('>=', $name, $rule[1][1]);
- break;
- case '<=':
- if (form_validation_isNaN($data[$name]))
- return form_validation_alert('num', $name, 0);
- if ($data[$name] > $rule[1][1])
- return form_validation_alert('<=', $name, $rule[1][1]);
- break;
- // ***** Ch *****
- case 'ch':
- if (!preg_match('/^([A-Za-z]+)$/', $data[$name]))
- return form_validation_alert('ch', $name, 0);
- break;
- // ***** Chnum_ *****
- case 'chnum_':
- if (!preg_match('/^(\w+)$/', $data[$name]))
- return form_validation_alert('chnum_', $name, 0);
- break;
- // ***** Cnt *****
- case 'cnt':
- $cnt = isset($data[$name]) ? (is_array($data[$name]) ? count($data[$name]) : 1) : 0;
- if ($rule[1][1] == '>' && $cnt <= $rule[1][2])
- return form_validation_alert('cnt >', $name, $rule[1][2]);
- if ($rule[1][1] == '<' && $cnt >= $rule[1][2])
- return form_validation_alert('cnt <', $name, $rule[1][2]);
- if ($rule[1][1] == '>=' && $cnt < $rule[1][2])
- return form_validation_alert('cnt >=', $name, $rule[1][2]);
- if ($rule[1][1] == '<=' && $cnt > $rule[1][2])
- return form_validation_alert('cnt <=', $name, $rule[1][2]);
- break;
- // ***** Email *****
- case 'email':
- if (!preg_match('/^(\w+\.)*(\w+)@(\w+\.)+(\w+)$/', $data[$name]))
- return form_validation_alert('email', $name, 0);
- break;
- // ***** Empty *****
- case 'empty':
- if ($data[$name] == '')
- return form_validation_alert('empty', $name, 0);
- break;
- // ***** Len *****
- case 'len':
- if ($rule[1][1] == '>' && strlen($data[$name]) <= $rule[1][2])
- return form_validation_alert('len >', $name, $rule[1][2]);
- if ($rule[1][1] == '<' && strlen($data[$name]) >= $rule[1][2])
- return form_validation_alert('len <', $name, $rule[1][2]);
- if ($rule[1][1] == '>=' && strlen($data[$name]) < $rule[1][2])
- return form_validation_alert('len >=', $name, $rule[1][2]);
- if ($rule[1][1] == '<=' && strlen($data[$name]) > $rule[1][2])
- return form_validation_alert('len <=', $name, $rule[1][2]);
- break;
- // ***** Num *****
- case 'num':
- if (form_validation_isNaN($data[$name]))
- return form_validation_alert('num', $name, 0);
- break;
- }
- }
- }
- return true;
- }
- ?>
Expand|Select|Wrap|Line Numbers
- <html>
- <head>
- <title>Register</title>
- <link rel="stylesheet" href="../css/content.css" type="text/css"/>
- <style>
- td
- {
- padding: 2px 5px;
- text-align: left;
- }
- h4 { margin: 0px; }
- input.editfield, select.editfield, textarea.editfield { width: 18em; }
- </style>
- </head>
- <body>
- <center>
- <form method="post" action="register.php">
- <input type="hidden" name="form_validation_rules" value="" />
- <table class="tableborder" bgcolor="#f0f0f2">
- <p> </p>
- <?php
- if (isset($_POST['submit']))
- {
- include 'form-validation.php';
- include 'connect.php';
- $Username=$_POST['Username'];
- $Password=$_POST['Password'];
- $Email=$_POST['Email'];
- $sql="INSERT INTO login_tbl (Username, Password, Email)VALUES('$Username','$Password','$Email')";
- mysql_query($sql);
- $result = form_validation_validate($_POST, "
- Username Password : empty;
- Username Password : len >= 3;
- Username Password : chnum_;
- Email: email;
- ");
- ?>
- <tr>
- <td colspan="2">
- <?php
- if ($result === true)
- {
- echo '<span style="color: green;">The form is successfully submitted!</span>';
- $_POST = Array();
- }
- else echo '<span style="color: #A71930">' . $result . '</span>';
- ?>
- </td>
- </tr>
- <?php
- }
- function __post($name, $val = '')
- {
- return isset($_POST[$name]) ? $_POST[$name] : $val;
- }
- ?>
- <tr>
- <td style="padding-bottom: 10px;" colspan="2" class="heading1"><b>User Registration</b></td>
- </tr>
- <tr>
- <td>Username:</td>
- <td><input class="editfield" type="text" name="Username" value="<?php echo $_POST['Username']; ?>" /></td>
- </tr>
- <tr>
- <td>Password:</td>
- <td><input class="editfield" type="password" name="Password" value="<?php echo $_POST['Password']; ?>" /></td>
- </tr>
- <tr>
- <td>E-mail:</td>
- <td><input class="editfield" type="text" name="Email" value="<?php echo $_POST['Email']; ?>" /></td>
- </tr>
- <tr>
- <td></td>
- <td><input type="submit" name="submit" value="Submit" class="submit" /></td>
- </tr>
- </table>
- </form>
- </center>
- </body>
- </html>