PHP, mau funcionamento de validação do MySQL e pesquisa não funciona?

Question

Jul 02, 2012, 02:28 PM

PHP, mau funcionamento de validação do MySQL e pesquisa não funciona?

Eu criei um pequeno formulário de registro. Tudo está funcionando bem, mas se eu introduzir qualquer valor errado, como números em nome, letras em idade ou até mesmo formato de e-mail errado, ainda assim os dados são salvos no banco de dados, não consigo descobrir o problema de validação. E outro 1 é a opção de pesquisa. Sempre que eu insiro qualquer nome ou sobrenome na caixa de pesquisa, ele deve exibir o nome que está no banco de dados ou ele mostrará uma mensagem de erro. Qualquer 1 pode me sugerir o que devo fazer .. Por favor, veja meu código abaixo.

códigos sticky_form ...

<html>
<head>


<?php
global $fname,$lname,$gender,$age,$course,$email;

if(isset($_POST['register']))
{

    $fname=$_POST['fname'];
    $lname=$_POST['lname'];
    $gender=$_POST['gender'];
    $age=$_POST['age'];
    $course=$_POST['course'];
    $email=$_POST['email']; 

        if (preg_match("/[a-zA-Z ]+$/", $_POST['fname']))  {
            $fname = trim($_POST['fname']);
        }
         else 
        {
        echo '<p>The First name is empty or has illegal characters! To edit please go the link Display Data Information</p>';
        //$error = true;
        }


        if (preg_match("/[a-zA-Z ]+$/", $_POST['lname']))  {
            $lname = trim($_POST['lname']);
        }
         else 
        {
        echo '<p>The last name is empty or has illegal characters! To edit please go the link Display Data Information</p>';
        $error = true;
        }

        if(isset($_POST['gender']))
        {   
            $gender = $_POST['gender']; 
        }
        else
        {
            echo "<p>No gender found!</p>";
        }

        if (preg_match("/[a-zA-Z ]+$/", $_POST['age']))  {
            $age = trim($_POST['age']);
        }
         else 
        {
        echo '<p>Please enter age. Or your age contains illegal characters</p>';
        //$error = true;
        }

        if(isset($_POST['course']))
        {
             $course = $_POST['course'];
        }
        else
        {
            echo "<p>Please Select Course!</p>";

        }

        // Validate the email:
        if (preg_match("/^[\w.-]+@[\w.-]+\.[A-Za-z]{2,6}$/", $_POST['email'] )){
        $email = trim($_POST['email']);
        }
        else 
        {
        echo '<p>The email is empty or has illegal characters! To edit please go the link Display Data Information</p>';
        //$error = false;
        }
        echo "<br/>";
        echo "<br/>";
        echo "<br/>";



}

    if($fname&&$lname&&$gender&&$age&&$email&&$course)
    {
    require_once('connection.php');
    $query = mysql_query("INSERT INTO members SET FirstName='$fname', LastName='$lname', Gender='$gender', Age='$age',          Email='$email', Course='$course'") or die(mysql_error());

        if($query){
            echo"Your Data Successfully Saved"; 
        }
        else
        {
            echo "Please recheck your Data!";
        }


}


?>
</head>

<body id="body">
<h2><strong>Register Student Account</strong></h2>
<form action="student_form.php" method="post" >
<table border="1" id="container">


  <tr>
    <td>First Name</td>
    <td>:</td>
    <td><input type="text" name="fname"  size="30" maxlength="50"/></td>
  </tr>

 <tr>
    <td>Last Name</td>
    <td>:</td>
    <td><input type="text" name="lname" size="30" maxlength="50"/></td>
  </tr>

  <tr>
    <td>Age</td>
    <td>:</td>
    <td><input type="text" name="age"  size="3" /></td>
  </tr>

    <tr>
    <td >Gender </td>
    <td> : </td>
    <td> Male
    <input type="radio" name="gender" value="Male"/>

    Female
    <input type="radio" name="gender" value="Female"/></td>

  </tr>


  <tr>
    <td valign="top">Course</td>
    <td valign="top"> : </td>
    <td> <input type="radio" name="course" value="Bachelor Of Computing"/>Bachelor Of Computing<br/>
   <input type="radio" name="course" value="Bachelor Of Science"/>Bachelor Of Science<br/> 
   <input type="radio" name="course" value="Bachelor Of Software Engineering"/>Bachelor Of Software Engineering<br/>
    <input type="radio" name="course" value="Bachelor Of Networking"/>Bachelor Of Networking<br/>
    <input type="radio" name="course" value="Bacelor Of IT"/>Bacelor Of IT <br/>
    <input type="radio" name="course" value="Bachelor Of Computer Science"/>Bachelor Of Computer Science<br/></td>

  </tr>

 <tr>
    <td>Email Address</td>
    <td>:</td>
    <td><input type="text" name="email"  size="30" maxlength="50"/></td>
</tr>


</table>
    <input type="submit" name="register" value="REGISTER"/>

</form><br>
<p><a href="student_form.php" >Home</a></p>
<p><a href="display_data.php">Display Data Information</a>
<p><a href="search.php">To search for Members</a>
</body>
</html>

e este é o código da pesquisa ......

<html>
<head>
<?php
//require_once('student_form.php');
if(isset($_POST['s1'])){ 
$id=$_REQUEST['id']; 
$fname=$_POST['fname'];
    //connect  to the database 
include('connection.php');
//-query  the database table 
$sql=mysql_query("SELECT  * FROM members WHERE (FirstName LIKE '". $fname ."%' OR LastName LIKE '". $lname ."%'");
    //-run  the query against the mysql query function 
    $result=mysql_query($sql); 

    if($row=mysql_fetch_array($result)){ 
                $fname=$row['FirstName']; 
                $lname=$row['LastName']; 
                /*$email=$row['Email'];
                $age =$row['Age'];
                $gender=$row['Gender'];
                $course = $row['Course'];*/
    }
    //-display  the result of the array 
    else
    {
    <?php echo $rows['FirstName']; ?>
    <?php echo $rows['LastName']; ?>
    } 
} 
?>
</head>
<body>
<form action="search.php" method="post">
<table>
    <tr>
    <td><strong>search box</strong></td>
    <td><strong>:</strong></td>
    <td><input type="text" name="search" value=""size="30"/><input type="submit" name="s1" value="Search"/></td>

</table>
</form>
</body>
</html>