PHP Form Validation

programming
1

<?php if(isset($_POST[‘submitted’])){ require_once(’./database_connect.php’); if (eregi (’^[[:alpha:].’ -] {2,60}$’, stripslashes(trim($_POST[‘name’])))){ $n = escape_data($POST[‘name’]); } else { $n = FALSE; echo’<p><font color=“red” size="+1">Please enter your first name!</font></p>’; } if(eregi (’^[[:alnum:]][a-z0-9.-]*@[a-z0-9.-]+.[a-z]{2,30}$’, stripslashes(trim($_POST[‘email’])))){ $e = escape_data($_POST[‘email’]); } else { $e = FALSE; echo’<p><font color=“red” size="+1">Please enter your email!</font></p>’; } if (eregi(’^[[:alnum:]]{6,10}$’, stripslashes(trim($_POST[‘password1’])))){ if ($_POST[‘password1’] == $_POST[‘password2’]){ $p = escape_data($_POST[‘password1’]); } else { $p = FALSE; echo ‘<p><font color=“red” size="+1">Your password did not match the confirmed password!</font></p>’; } } else { $p = FALSE; echo ‘<p><font color=“red” size="+1">Please enter a valid password!</font></p>’; } if($n && $e && $p) { $query =“SELECT user_id FROM users WHERE email=’$e’”; $result = mysql_query ($query) or trigger_error("Query: $query
<br />MySQL Error: " . mysql_error()); if(mysql_num_rows($result) == 0){ $a = md5(uniqid(rand(), true)); $query = “INSERT INTO users (email, pass, name, active, registration_date) VALUES (’$e’, SHA(’$p’), ‘$n’, ‘$a’, NOW())”; //IF PROBLEM WITH PASSWORD COME BACK HERE!! $result = mysql_query ($query) or trigger_error("Query: $query
<br />MySQL Error: " . mysql_error()); if (mysql_affected_rows() == 1) { $body = "Thank you for signing up. In order to login into the admin panel, you must activate it by clicking on the following link:

“; $body .=“http://admin.ksuwesely.org/activate.php?x=” . mysql_insert_id() . “&y=$a”; mail($_POST[‘email’], ‘Registration Confirmation’, $body); echo ‘<h3>Thank you for registering! A confirmation email has been sent to your address. Please click on the link in that email in order to activate your account.</h3>’; include (’./includes/footer.html’); // Include the HTML footer. exit(); } else { // If it did not run OK. echo '<p><font color=“red” size=”+1">You could not be registered due to a system error. We apologize for any inconvenience.</font></p>’; } } else { // The email address is not available. echo ‘<p><font color=“red” size="+1">That email address has already been registered. If you have forgotten your password, use the link to have your password sent to you.</font></p>’; } } else { // If one of the data tests failed. echo ‘<p><font color=“red” size="+1">Please try again.</font></p>’; } mysql_close(); // Close the database connection. } // End of the main Submit conditional. ?> My question is with form validation…It’s acting very weird.

http://admin.ksuwesley.org/register.php

everything validates except for the name. in other words even when i enter everything field the validation barks that I need to supply my name. What is going on??

2

sorry about the mess somehow it’s not letting me add the

brackets so the code would be organized

3

put your code in the [noparse]

[/noparse] tags

4 
<?php             

if(isset($_POST['submitted']))
{  require_once('./database_connect.php');  

if (eregi ('^[[:alpha:]\.\' \-] {2,60}$', stripslashes(trim($_POST['name'])))){ $n = escape_data($_POST['name']); 

} else {

 $n = FALSE; echo'<p><font color="red" size="+1">Please enter your first name!</font></p>';  }  

if(eregi ('^[[:alnum:]][a-z0-9_\.\-]*@[a-z0-9\.\-]+\.[a-z]{2,30}$', stripslashes(trim($_POST['email'])))){ 

$e = escape_data($_POST['email']); 

} else { 

$e = FALSE; echo'<p><font color="red" size="+1">Please enter your email!</font></p>';  }  

if (eregi('^[[:alnum:]]{6,10}$', stripslashes(trim($_POST['password1'])))){ if ($_POST['password1'] == $_POST['password2']){ $p = escape_data($_POST['password1']); 

} else {  

$p = FALSE;  echo '<p><font color="red" size="+1">Your password did not match the confirmed password!</font></p>'; }  

} else {  

$p = FALSE; echo '<p><font color="red" size="+1">Please enter a valid password!</font></p>';  }  

if($n && $e && $p) {  

$query ="SELECT user_id FROM users WHERE email='$e'";
 $result = mysql_query ($query) or trigger_error("Query: $query
<br />MySQL Error: " . mysql_error()); 

 if(mysql_num_rows($result) == 0){ 
 $a = md5(uniqid(rand(), true));

  $query = "INSERT INTO users (email, pass, name, active, registration_date) VALUES ('$e', SHA('$p'), '$n', '$a', NOW())"; //IF PROBLEM WITH PASSWORD COME BACK HERE!! 

$result = mysql_query ($query) or trigger_error("Query: $query
<br />MySQL Error: " . mysql_error());  

if (mysql_affected_rows() == 1) {  

$body = "Thank you for signing up. In order to login into the admin panel, you must activate it by clicking on the following link:

"; 
$body .="http://admin.ksuwesely.org/activate.php?x=" . mysql_insert_id() . "&y=$a"; mail($_POST['email'], 'Registration Confirmation', $body);   

echo '<h3>Thank you for registering! A confirmation email has been sent to your address. Please click on the link in that email in order to activate your account.</h3>';                

 include ('./includes/footer.html'); // Include the HTML footer.                
 exit();                                         
     } else { 
// If it did not run OK.                 

echo '<p><font color="red" size="+1">You could not be registered due to a system error. We apologize for any inconvenience.</font></p>';              }                              } else { // The email address is not available.           
  echo '<p><font color="red" size="+1">That email address has already been registered. If you have forgotten your password, use the link to have your password sent to you.</font></p>';          }             
 } else { // If one of the data tests failed.
         
echo '<p><font color="red" size="+1">Please try again.</font></p>'; }      mysql_close(); // Close the database connection. 
 }   ?>
5

anyone?

6

try this


<?php
	$name = 'John J. Doe';
	echo preg_match("|^([\w\s\.?]+){1,5}$|Ui" , $name);
?>

It’s not fully tested so … use with caution. It’s just for example.
Use preg_match instead of ereg, it’s faster.