PDA

View Full Version : INSERT adding extra blank row


bee80
02-07-2009, 12:47 PM
ok peeps, im writing a reg form, finally got everything working, exept when it inserts to the database its adding a blank row before the users details!

heres my code (ps i know i need to encrypt passwords)


<?php
//connection to database

require_once('Connections/lblconnect.php');

//set variables
$firstName = $_POST['firstName'];
$lastName = $_POST['lastName'];
$country = $_POST['country'];
$email = $_POST['email'];
$dob = $_POST['year'] . "-" . $_POST['month'] . "-" . $_POST['day'];
$userName = $_POST['userName'];
$pwd = $_POST['pwd'];
$joinDate = date("Y-m-d");
$submitted = $_POST['checkSubmit'];

// nested if statement
if ($submitted){

// set an error array
$error = array();

// check name

if (empty($_POST['firstName']) || empty ($_POST['lastName'])) {

$error['name'] = 'Please enter both First name and Last name';

}

//set a flag that assumes the password is ok

$pwdOK = true;

// trim leading and trailing white space

$_POST['pwd'] = trim($_POST['pwd']);

// if less than 6 characters, create alert and set flag to false

if (strlen($_POST['pwd']) < 6) {

$error['pwd_length'] = 'Your password must be at least 6 characters long';

$pwdOK = false;

}
// if no match, create alert and set flag to false

if ($_POST['pwd'] !=trim($_POST['conf_pwd'])) {

$error['pwd'] = 'Your passwords don\'t match';

$pwdOK = false;

}

// if password ok, encrypt it

/* if ($pwdOK) {
$_POST['pwd'] = sha1($_POST['pwd']);
}*/

// check for valid email address

$pattern = '/^[^@]+@[^\s\r\n\'";,@%]+$/';

if (!preg_match($pattern, trim($_POST['email']))) {

$error['email'] = 'Please enter a valid email address';

}

//check username

$_POST['userName'] = trim($_POST['userName']);

$loginUsername = $_POST['userName'];

if (strlen($loginUsername) < 5) {

$error['length'] = 'Please choose a username that has at least 5 characters';

}

// query database for username existence

$loginQuery = "SELECT userName FROM `users` WHERE userName = '" . $loginUsername . "'";

// select database and connection

mysql_select_db($database, $lblconnect);

$login =mysql_query($loginQuery, $lblconnect) or die(mysql_error());

$loginFoundUser = mysql_num_rows($login);

//if there is a row in the database, the username was found - can not add the requested username

if($loginFoundUser){

$error['userName'] = "$loginUsername is already in use. Please choose a different username.";

}

}
// if no errors insert data
if (!$error) {

mysql_query("INSERT INTO `users` (firstName, lastName, country, email, dob, userName, pwd, joinDate)
VALUES ('$firstName','$lastName','$country','$email','$do b','$userName','$pwd','$joinDate')");

}

?>

bee80
02-07-2009, 12:53 PM
i will add that : in the blank database row,field for joinDate has the correct date the form was submitted, also in database field for DoB the date is 0000-00-00 and then all other fields are blank, whereas the row below has all the correct details??

davidj
02-07-2009, 02:56 PM
check your condition where !$errors is being tested

when you first run the page this condition will be true and will run the INSERT

You need to stop that happening

bee80
02-07-2009, 03:09 PM
i have a hidden field "checksubmit" assigned to $submitted and normally i have all the error checking in an include file inside the if statement.Does this not do the job?


if($submitted) {
include ('includes/validateReg.php');
}

if(!$error){
mysql_query("INSERT INTO etc......................
}

bee80
02-07-2009, 03:13 PM
ah sorry yes i understand i need someway of running it only when submitted? So i should put it in the if($submitted) statement?

bee80
02-07-2009, 03:19 PM
Excellent it works, thanks again david ps donated today.

Heres the code as it should have been........


<?php
//connection to database

require_once('Connections/lblconnect.php');

//set variables
$firstName = $_POST['firstName'];
$lastName = $_POST['lastName'];
$country = $_POST['country'];
$email = $_POST['email'];
$dob = $_POST['year'] . "-" . $_POST['month'] . "-" . $_POST['day'];
$userName = $_POST['userName'];
$pwd = $_POST['pwd'];
$joinDate = date("Y-m-d");
$submitted = $_POST['checkSubmit'];

// nested if statement
if ($submitted){

// includes validate form script

include ('includes/validateReg.php');

// if no errors insert data
if (!$error) {

mysql_query("INSERT INTO `users` (firstName, lastName, country, email, dob, userName, pwd, joinDate)
VALUES ('$firstName','$lastName','$country','$email','$do b','$userName','$pwd','$joinDate')");

}



}

?>



Next encryption ;)

davidj
02-07-2009, 04:22 PM
excellent

top class student

you will be wanting to cover some of the OOP methods soon

bee80
02-07-2009, 04:40 PM
Had a browse through my book about objects and classes. Quite confusing.
Have also been playing with the file commands fopen fread etc.
Dont think im ready for OOP yet but would like a lesson or two on cookies, uploading files(saving paths in DB) and security if you have some spare time soon?

davidj
02-07-2009, 04:46 PM
no probs

give me a shout tomorrow

OOP is not hard

just need to explain it in a certain way

davidj
02-07-2009, 04:50 PM
additional...

you just gave me some more lesson subject ideas

this course is growing