<?php
if($_SERVER["REQUEST_METHOD"] == "POST"){
$Fname = $_POST["Fname"];
$Lname = $_POST["Lname"];
$email = $_POST["email"];
$address1 = $_POST["address1"];
$address2 = $_POST["address2"];
$city = $_POST["city"];
$state = $_POST["state"];
$zip_code = $_POST["zip"];
$phone = $_POST["phone"];
$distance = $_POST["distance"];
//form php validation error massage for blank fields
if($Fname == "" || $Lname == "" || $email == "" || $address1 == "" || $city == "" || $state == "" || $zip_code == "" || $phone == ""){
$msg = "<p class='error'>The required fields cannot be blank</p>"
;
}
if(!filter_var($email, FILTER_VALIDATE_EMAIL) && !isset($msg)){ //email validation
$msg = "<p class='error'>You must place a real email address</p>";
}else{
require_once("inc/admin_login.php"); //log in database file
$query = "INSERT INTO runner(fname,lname,email,address1,address2,city,state,postcode,phone,distance) VALUES('$Fname','$Lname','$email','$address1','$address2','$city','$state','$zip_code','$phone','$distance')";
$result=mysqli_query($con,$query);
if($result){ //if successfull logining in to database message
$msg = "<h2 class='notice'>Thank You For Signing Up</h2>";
}else{
$error_message = mysqli_error($con);
$result = "There was an error: $error_message";
exit($result);
}// end if
}//end else
header("Location:signup.php?status=thankyou"); //redicrects you when comments are entered in correctly
}// end of main 1st if
$pageTitle="Sign Up";
include("inc/header.php");
include("inc/navigation.php");
?>
<div class="signupWrapper">
<h1>Sign up to run</h1>
<?php if(isset($msg)){ //where blank error message will display
echo $msg;
}if(isset($_GET['status']) && $_GET['status'] == "thankyou"){ // msg that displays on the redirect page if comments are entered correctly
echo "<p class='notice'>Thank you for submitting your comment</p>";
}else{
?>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" id="signUpForm" name="signUpForm" title="Sign To Race Form">
<table class="signUp">
<tr>
<th>
<label for="Fname">First Name:</label>
</th>
<td>
<input type="text" id="Fname" name="Fname"></input>
</td>
</tr>
<tr>
<th>
<label for="Lname">Last Name:</label>
</th>
<td>
<input type="text" id="Lname" name="Lname"></input>
</td>
</tr>
<tr>
<th>
<label for="email">Email:</label>
</th>
<td>
<input type="email" id="email" name="email"></input>
</td>
</tr>
<tr>
<th>
<label for="address1">Address 1:</label>
</th>
<td>
<input type="text" id="address1" name="address1"></input>
</td>
</tr>
<tr>
<th>
<label for="address2">Address 2:</label>
</th>
<td>
<input type="text" id="address2" name="address2"></input>
</td>
</tr>
<tr>
<th>
<label for="city">City:</label>
</th>
<td>
<input type="text" id="city" name="city"></input>
</td>
</tr>
<tr>
<th>
<label for="state">State:</label>
</th>
<td>
<input type="text" id="state" name="state"></input>
</td>
</tr>
<tr>
<th>
<label for="zip">Zip Code:</label>
</th>
<td>
<input type="text" id="zip" name="zip"></input>
</td>
</tr>
<tr>
<th>
<label for="zip">Phone:</label>
</th>
<td>
<input type="text" id="phone" name="phone" title="enter phone number"></input>
</td>
</tr>
<tr>
<th>
<label for="">Distance:</label>
</th>
<td>
<fieldset>
<label for="distance1">1 Mile</label><input type="radio" id="distance1" name="distance" value="1mile" ></input>
<label for="distance2">5K</label><input type="radio" id="distance2" name="distance" value="5K" checked></input>
<label for="distance3">10K</label> <input type="radio" id="distance3" name="distance" value="10K" ></input>
</fieldset>
</td>
</tr>
<tr>
<th>
</th>
<td>
<label for=""></label><input type="submit" id="submitForm" name="submitForm" value="Submit" title="submit button"></input>
<label for=""></label><input type="reset" id="clear" name="clear" value="Clear" title="clear button" ></input>
</td>
</tr>
</table>
</form>
<?php }?> <!-- ends the else statement above in the start of the form, to only show the thank you message/ thank redirect page if
comments are entered in correctly -->
</div>
Asked
Active
Viewed 46 times
1
-
I didn't spot the error, but you should read https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php – Adder Mar 05 '18 at 08:00
-
1the submit button will do just that regardless of whether any fields have been left empty. You can use javascript to check the fields before submitting the form - `onsubmit` etc – Professor Abronsius Mar 05 '18 at 08:01
-
use `is_null` or `is_empty` and also `==""` to validate them it empty – Richard Mar 05 '18 at 08:02
-
What exactly is the problem? If you disable JS, the form is submitted when you click the submit button. There is no workaround for this, as nothing else blocks the submission. But you could have a look at the `required` attribute for form fields – Nico Haase Mar 05 '18 at 08:52
-
I was trying to validate the form on the server side with PHP, to prevent blank fields from being uploaded into the MySql database. So, when a field is blank on the form, I wanted the error message to display, so the form wouldn't be submitted with blank fields. – myko Mar 06 '18 at 05:58
1 Answers
0
just check it
if($_SERVER['REQUEST_METHOD']=='POST')
{
$Fname = $_POST['fnm'];
$Lname = $_POST['lnm'];
$email = $_POST['email'];
if($Fname == "" || $Lname == "" )
{
$msg = "<p class='error'>The required fields cannot be blank</p>" ;
}
else if(!filter_var($email, FILTER_VALIDATE_EMAIL))
{
$msg = "<p class='error'>You must place a real email address</p>";
}
else
{
$msg = "<p class='error'>Form submition gose here</p>";
}
echo $msg;
}
