aleister1987 Posted October 13, 2010 Share Posted October 13, 2010 Hi People, I have this problem, i have created an upload form which includes some text fields and also an image upload which then gets sent to a server. I haven't yet got any validation or sanitisation on there at the moment. Im abit new to PHP and can code beginners stuff really, could someone give us some help with this please! addproduct.php - This is my form <table width="300" border="0" align="center" cellpadding="0" cellspacing="1"> <tr> <td><form enctype="multipart/form-data" name="form1" method="post" action="insert_add.php"> <table width="100%" border="0" cellspacing="1" cellpadding="3"> <tr> <td width="200"><b>Model</b></td> <td width="10">:</td> <td width="400"><input name="model" type="text" id="model" size="28"></td> </tr> <tr> <td><b>Product</b></td> <td>:</td> <td><input name="product" type="text" id="product" size="28"></td> </tr> <tr> <td><b>Description</b></td> <td>:</td> <td><textarea rows="5" cols="21" type="text" name="description" id="description"></textarea></td> </tr> <tr> <td><b>Price</b></td> <td>:</td> <td><input name="price" type="text" id="price" size="28"></td> </tr> <tr> <td><b>Image:</b></td> <td>:</td> <td><input type="file" name="photo"></td> </tr> <tr> <tr> <td colspan="3" align="center"><input type="submit" name="Submit" value="Submit"></td> </tr> </table> </form> </td> </tr> </table> insert_add.php - This is a page which uploads contents to server <?php $host=""; // Host name $username=""; // Mysql username $password=""; // Mysql password $db_name=""; // Database name $tbl_name=""; // Table name // Connect to server and select database. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); //This is the directory where images will be saved $target = "images/"; $target = $target . basename( $_FILES['photo']['name']); // Get values from form $model=$_POST['model']; $product=$_POST['product']; $description=$_POST['description']; $price=$_POST['price']; $pic=($_FILES['photo']['name']); // Insert data into mysql $sql="INSERT INTO $tbl_name(model, product, description, price, photo)VALUES('$model', '$product', '$description', '$price', '$pic')"; $result=mysql_query($sql); if(move_uploaded_file($_FILES['photo']['tmp_name'], $target)) { //Tells you if its all ok echo "<center>The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded, and your information has been added to the directory</center>"; } else { //Gives and error if its not echo "Sorry, there was a problem uploading your file."; } // close connection mysql_close(); ?> Any help with coding would be greatfully appreciated. Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted October 13, 2010 Share Posted October 13, 2010 So just what is it you want to validate? What are the valid parameters for the fields? Quote Link to comment Share on other sites More sharing options...
aleister1987 Posted October 13, 2010 Author Share Posted October 13, 2010 I would like to validate the text fields in the HTML section to make sure data has been filled out, which would be: Model, product, description, price and image. Model: checks to see if data is added. product: checks to see if data is added. description: checks to see if data is added. price: checks to see if integers are added. image: checks to see if an image has been added. Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted October 14, 2010 Share Posted October 14, 2010 What data type is expected, or allowed for each field? Model, product and description are strings, price is decimal, while image obviously is a file? Are they all required, or are any optional? Quote Link to comment Share on other sites More sharing options...
aleister1987 Posted October 14, 2010 Author Share Posted October 14, 2010 All the data types are required and need data. thanks Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.