Jump to content

what's wrong with this input validation scripts?

gege

By gege
in PHP Coding Help

 Share

Recommended Posts

gege Newbie

gege

Posted
Posted

i'm really sorry, if there is a word that makes you confused.

 

:-[

 

<?php
$ip = $_SERVER['REMOTE_ADDR'];

if($_POST['hapus']=='Hapus')
{
$qDelDetail = mysql_query("DELETE FROM tbl_u_pekerjaan WHERE id_u_pekerjaan = '".$_POST['id_u_pekerjaan']."'");
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
<style>
.suggestion {
position:absolute;
background-color:#eee;
    border:1px solid #CCC;
    display: none;
    width:400px;
}

.suggestion ul{
    margin : 0 ;
    padding : 5px 5px ;
}

.suggestion ul li{
    padding-top : 2px ;
    cursor : pointer ;
    list-style : none ;
}

.suggestion ul li:hover{
    cursor : pointer ;
    list-style : none ;
    color : red ;
    /*font-weight : bold ;*/
}
#form1 #pagu1 {
border: 1px solid #999999;
height: 21px;
width: 355px;
}
</style>
</head>

<body>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
  <tr>
    <td class="border_all" height="34" bgcolor="#CCCCCC"><strong><img src="image/icon_1.png" align="absmiddle" width="22" height="22" /> Pemeliharaan Komputer </strong></td>
  </tr>
  <tr>
    <td><hr size="1" color="#999999" /></td>
  </tr>
  <tr>
    <td>
      <table width="100%" border="0" cellspacing="2" cellpadding="3">
	<form id="form1" name="form1" method="post" action="">
        <tr>
      <td width="30%">Tahun Anggaran</td>
      <td width="2%">:</td>
      <td width="68%"><select name="thn_anggaran" id="thn_anggaran">
            <?php
	  $thn_on = date("Y");
		?>
            <option value="<?=$thn_on;?>"><?=$thn_on;?></option>
		<?php
	  for($i = 2000; $i <= $thn_on; $i++)
	  {
	  ?>
            <option value="<?=$i;?>"><?=$i;?></option>
            <?php
	  }
	  ?>
          </select></td>
    </tr>   
        <tr>
      <td width="30%">Jenis Anggaran</td>
      <td width="2%">:</td>
      <td width="68%"><select name="id_jns_anggaran">
	  <?php
	  include "conn_ra.php";
	  ?>
              <?php
	  $qRea = mysql_query("SELECT * FROM tbl_jns_anggaran ORDER BY id_jns_anggaran ASC");
	  while($dtRea = mysql_fetch_array($qRea))
	  {
	  ?>
              <option value="<?=$dtRea['id_jns_anggaran'];?>"><?=$dtRea['nm_jns_anggaran'];?></option>
              <?php 
	  }
	  ?>
          </select></td>
    </tr>
        <tr>
          <td align="left" valign="top">Nama Program</td>
          <td align="left" valign="top">:</td>
          <td align="left" valign="top"><input type="text" id="kd_program" name="kd_program" size="8" onkeyup="javascript:suggestme('program');" autocomplete="off" />
              <input type="text" id="nm_program" name="nm_program" size="50" onkeyup="javascript:suggestme('program');" autocomplete="off" />
              <div id="suggestion_program" class="suggestion"></div></td>
        </tr>
        <tr>
          <td align="left" valign="top">Nama Kegiatan</td>
          <td align="left" valign="top">:</td>
          <td align="left" valign="top"><input type="text" id="kd_kegiatan" name="kd_kegiatan" size="8" onkeyup="javascript:suggestme('kegiatan');" autocomplete="off" />
              <input type="text" id="nm_kegiatan" name="nm_kegiatan" size="50" onkeyup="javascript:suggestme('kegiatan');" autocomplete="off" />
              <div id="suggestion_kegiatan" class="suggestion"></div></td>
        </tr>
        <tr>
          <td align="left" valign="top">Nama Sub Kegiatan</td>
          <td align="left" valign="top">:</td>
          <td align="left" valign="top"><input type="text" id="kd_sub_kegiatan" name="kd_sub_kegiatan" size="8" onkeyup="javascript:suggestme('sub_kegiatan');" autocomplete="off" />
              <input type="text" id="nm_sub_kegiatan" name="nm_sub_kegiatan" size="50" onkeyup="javascript:suggestme('sub_kegiatan');" autocomplete="off" />
              <div id="suggestion_sub_kegiatan" class="suggestion"></div></td>
        </tr>
        <tr>
          <td align="left" valign="top">MAK</td>
          <td align="left" valign="top">:</td>
          <td align="left" valign="top"><input type="text" id="kd_mak" name="kd_mak" size="8" onkeyup="javascript:suggestme('mak');" autocomplete="off" />
              <input type="text" id="nm_mak" name="nm_mak" size="50" onkeyup="javascript:suggestme('mak');" autocomplete="off" />
              <div id="suggestion_mak" class="suggestion"></div></td>
        </tr>
        <!--
	<tr>
          <td align="left" valign="top"><strong>Pagu</strong></td>
          <td align="left" valign="top"><strong>:</strong></td>
          <td align="left" valign="top"><div id="pagu1"></div>
              <input name="pagu" type="text" id="pagu" size="60"  maxlength="250" /></td>
        </tr>
	-->
        <tr>
          <td width="30%"> Komputer </td>
          <td width="2%">:</td>
          <td width="68%"><select name="id_inventaris" id="id_inventaris">
          <?php
	  include "conn.php";
	  if(isset($_POST['id_inventaris']))
	  {
	  $qKomputer = mysql_query("SELECT a.id_inventaris, a.nmr_inventaris, a.merk, a.type, a.processor_type FROM v_inventaris a WHERE id_inventaris = '".$_POST['id_inventaris']."'");
	  $dtKomputer = mysql_fetch_array($qKomputer);
	  ?>
          <option value="<?=$dtKomputer['id_inventaris']?>"><?=$dtKomputer['nmr_inventaris'];?> | <?=$dtKomputer['merk'];?> <?=$dtKomputer['type'];?> <?=$dtKomputer['processor_type'];?></option>
           <?php
	   }else
	   {
	   ?>
		<option>-Pilih Komputer-</option>
		<?php
		}
		?>
          <?php
	  $qKomputer = mysql_query("SELECT a.id_inventaris, a.nmr_inventaris, a.merk, a.type, a.processor_type FROM v_inventaris a WHERE EXISTS ( SELECT b.id_inventaris FROM tbl_memiliki b WHERE a.id_inventaris = b.id_inventaris ) ORDER BY id_inventaris ASC");
	  while($dtKomputer = mysql_fetch_array($qKomputer))
	  {
	  ?>
          <option value="<?=$dtKomputer['id_inventaris']?>"><?=$dtKomputer['nmr_inventaris'];?> | <?=$dtKomputer['merk'];?> <?=$dtKomputer['type'];?> <?=$dtKomputer['processor_type'];?></option>
          <?
	  }
	  ?>
          </select>          </td>
        </tr>
        <tr>
          <td>Jenis Pemeliharaan </td>
          <td>:</td>
          <td><select name="id_jenis" id="id_jenis">
          <?php
	  include "conn.php";
	  if(isset($_POST['id_jenis']))
	  {
	  $qJenis = mysql_query("SELECT * FROM tbl_jenis WHERE id_jenis = '".$_POST['id_jenis']."'");
	  $dtJenis = mysql_fetch_array($qJenis);
	  ?>
	    <option value="<?=$dtJenis['id_jenis'];?>"><?=$dtJenis['nm_jenis'];?></option>
          <?php
	  }else
	  {
	  ?>
	    <option>-Pilih Jenis Pemeliharaan-</option>
          <?php
	  }
	  ?>
	  <?php
	  $qJenis = mysql_query("SELECT * FROM tbl_jenis ORDER BY id_jenis ASC");
	  while($dtJenis = mysql_fetch_array($qJenis))
	  {
	  ?>
	    <option value="<?=$dtJenis['id_jenis'];?>"><?=$dtJenis['nm_jenis'];?></option>
	  <?
	  }
	  ?>
          </select>          </td>
        </tr>
        <tr>
          <td>No. Surat/Memo</td>
          <td>:</td>
          <td><input name="no_surat" type="text" id="no_surat" size="50" /></td>
        </tr>
        <tr>
          <td>Tanggal Surat/Memo </td>
          <td>:</td>
          <td><input name="tgl_surat" type="text" id="tgl_surat" size="10" value="<?=$_POST['tgl_surat'];?>" />
            <script language="JavaScript" type="text/javascript">
		new tcal ({
			// form name
			'formname': 'form1',
			// input name
			'controlname': 'tgl_surat'
		});	
		</script></td>
        </tr>
        <tr>
          <td>Asal Surat </td>
          <td>:</td>
          <td><input name="asal_surat" type="text" id="asal_surat" size="50" /></td>
        </tr>
        <tr>
          <td>Penanggung Jawab Pemeliharaan </td>
          <td>:</td>
          <td><select name="nip" id="nip">
          <?php
	  if(isset($_POST['nip']))
	  {
	  $qNip = mysql_query("SELECT * FROM tbl_pegawai WHERE nip = '".$_POST['nip']."'");
	  $dtNip = mysql_fetch_array($qNip);
	  ?>
	    <option value="<?=$dtNip['nip'];?>"><?=$dtNip['nama'];?></option>
          <?php
	  }else
	  {
	  ?>
	    <option>-Pilih Penanggung Jawab Pemeliharaan-</option>
          <?php
	  }
	  ?>
	  <?php
	  $qNip = mysql_query("SELECT * FROM tbl_pegawai ORDER BY nama ASC");
	  while($dtNip = mysql_fetch_array($qNip))
	  {
	  ?>
	    <option value="<?=$dtNip['nip'];?>"><?=$dtNip['nama'];?></option>
	  <?
	  }
	  ?>
          </select>          </td>
        </tr>
        <tr>
          <td>No. SPK/Kuitansi </td>
          <td>:</td>
          <td><input name="no_spk" type="text" id="no_spk" size="50" /></td>
        </tr>
        <tr>
          <td>Tanggal SPK/Kuitansi </td>
          <td>:</td>
          <td><input name="tgl_pemeliharaan" type="text" id="tgl_pemeliharaan" size="10" value="<?=$_POST['tgl_pemeliharaan'];?>" />
          <script language="JavaScript" type="text/javascript">
		new tcal ({
			// form name
			'formname': 'form1',
			// input name
			'controlname': 'tgl_pemeliharaan'
		});	
		</script></td>
        </tr>
        
        <tr>
          <td align="left" valign="top">Nama Rekanan </td>
          <td align="left" valign="top">:</td>
          <td align="left" valign="top"><input name="nm_rekanan" value="<?=$_POST['nm_rekanan'];?>" type="text" id="nm_rekanan" size="35" /></td>
        </tr>
	<tr>
          <td> </td>
          <td> </td>
          <td><input type="submit" name="Submit" value="Simpan" /></td>
        </tr>
  <?php
  if($_POST['Submit']=='Simpan')
  {
  
 	// data sudah ada atau belum
	$qCr = mysql_query("SELECT id_pemeliharaan FROM tbl_pemeliharaan WHERE tgl_pemeliharaan = STR_TO_DATE('".$_POST['tgl_pemeliharaan']."','%m/%d/%Y') AND id_jenis = '".$_POST['id_jenis']."' AND nm_rekanan = '".$_POST['nm_rekanan']."' AND id_pemeliharaan = '".$_POST['id_pemeliharaan']."'");
	$dtCr = mysql_num_rows($qCr);

	if($dtCr <= 0)
	{
	/*
	$qId = mysql_query("SELECT id_pemeliharaan FROM tbl_pemeliharaan ORDER BY id_pemeliharaan DESC");
	$dtId = mysql_fetch_array($qId);

	$id_pemeliharaan = $dtId[0] + 1;
	$id_realisasi_anggaran = $dtId[0] + 1;		

  	$qInsertData = mysql_query("INSERT INTO tbl_pemeliharaan(id_pemeliharaan, id_inventaris, id_jenis, nip, tgl_input, tgl_pemeliharaan, nm_rekanan, no_surat, tgl_surat, asal_surat, no_spk) VALUES('".$id_pemeliharaan."', '".$_POST['id_inventaris']."', '".$_POST['id_jenis']."', '".$_POST['nip']."', CURRENT_DATE(), STR_TO_DATE('".$_POST['tgl_pemeliharaan']."','%m/%d/%Y'), '".$_POST['nm_rekanan']."', '".$_POST['no_surat']."', STR_TO_DATE('".$_POST['tgl_surat']."','%m/%d/%Y'), '".$_POST['asal_surat']."', '".$_POST['no_spk']."')")or die(mysql_error());

include "include/conn_ra.php";
  	$qInsertData = mysql_query("INSERT INTO tbl_realisasi_anggaran(thn_anggaran, id_jns_anggaran, kd_program, kd_kegiatan, kd_sub_kegiatan, kd_bas, tgl_realisasi) VALUES('".$_POST['thn_anggaran']."', '".$_POST['id_jns_anggaran']."', '".$_POST['kd_program']."', '".$_POST['kd_kegiatan']."', '".$_POST['kd_sub_kegiatan']."', '".$_POST['kd_bas']."', STR_TO_DATE('".$_POST['tgl_pemeliharaan']."','%m/%d/%Y'))")or die(mysql_error());
	*/

	$qId = mysql_query("SELECT id_pemeliharaan FROM tbl_pemeliharaan ORDER BY id_pemeliharaan DESC");
	$dtId = mysql_fetch_array($qId);
	$id_pemeliharaan = $dtId[0] + 1;

	include("conn_ra.php");
	$kd_sub_sistem = "PMKOM-".$id_pemeliharaan; //kd sub sistem di sistem anggaran

	$queryAlokasi = "SELECT alokasi_anggaran FROM tbl_alokasi_anggaran
				WHERE thn_anggaran = '".$_POST['thn_anggaran']."' AND id_jns_anggaran = '".$_POST['id_jns_anggaran']."' AND kd_program = '".$_POST['kd_program']."' 
				AND kd_kegiatan = '".$_POST['kd_kegiatan']."' AND kd_sub_kegiatan = '".$_POST['kd_sub_kegiatan']."' AND kd_bas = '".$_POST['kd_mak']."' 
				AND pj_anggaran = 'Bagian Sistem Informasi'";

	$qAlokasi = mysql_query($queryAlokasi);
	$dtAlokasi = mysql_fetch_array($qAlokasi);

	$queryRealisasi = "SELECT realisasi_anggaran FROM tbl_realisasi_anggaran
				WHERE thn_anggaran = '".$_POST['thn_anggaran']."' AND id_jns_anggaran = '".$_POST['id_jns_anggaran']."' AND kd_program = '".$_POST['kd_program']."' 
				AND kd_kegiatan = '".$_POST['kd_kegiatan']."' AND kd_sub_kegiatan = '".$_POST['kd_sub_kegiatan']."' AND kd_bas = '".$_POST['kd_mak']."' 
				AND pj_anggaran = 'Bagian Sistem Informasi'";

	$qRealisasi = mysql_query($queryRealisasi);
	$dtRealisasi = mysql_fetch_array($qRealisasi);
	$sisaAnggaran = $dtAlokasi['alokasi_anggaran'] - $dtRealisasi['realisasi_anggaran'];

	$qInsertAnggaran = mysql_query("INSERT INTO tbl_realisasi_anggaran(thn_anggaran, id_jns_anggaran, kd_program, kd_kegiatan, kd_sub_kegiatan, kd_bas, kd_sub_sistem, 
	pj_anggaran, tgl_realisasi) VALUES('".$_POST['thn_anggaran']."', '".$_POST['id_jns_anggaran']."', '".$_POST['kd_program']."', '".$_POST['kd_kegiatan']."', 
	'".$_POST['kd_sub_kegiatan']."', '".$_POST['kd_mak']."', '".$kd_sub_sistem."', 'Bagian Sistem Informasi', STR_TO_DATE('".$_POST['tgl_pemeliharaan']."','%m/%d/%Y'))") or die(mysql_error());

	mysql_close($link1);

	include("conn.php");
	/*
	$qInsertData = mysql_query("INSERT INTO tbl_pemeliharaan(thn_anggaran, id_jns_anggaran, kd_program, kd_kegiatan, kd_sub_kegiatan, kd_bas, id_pemeliharaan, 
	id_kendaraan, id_jenis, nip, tgl_input, tgl_pemeliharaan, nm_bengkel, no_surat, tgl_surat, asl_surat, no_spk, pagu) 
	VALUES('".$_POST['thn_anggaran']."', '".$_POST['id_jns_anggaran']."', '".$_POST['kd_program']."', '".$_POST['kd_kegiatan']."', 
	'".$_POST['kd_sub_kegiatan']."', '".$_POST['kd_mak']."','".$id_pemeliharaan."', '".$_POST['id_kendaraan']."', '".$_POST['id_jenis']."', '".$_POST['nip']."', 
	CURRENT_DATE(), STR_TO_DATE('".$_POST['tgl_pemeliharaan']."','%m/%d/%Y'), '".$_POST['nm_bengkel']."', '".$_POST['no_surat']."', 
	STR_TO_DATE('".$_POST['tgl_surat']."','%m/%d/%Y'), '".$_POST['asl_surat']."', '".$_POST['no_spk']."', '".$sisaAnggaran."')") or die(mysql_error());
	*/

	 if(empty($_POST['thn_anggaran']) OR empty($_POST['id_jns_anggaran']) OR empty($_POST['kd_program']) OR empty($_POST['kd_kegiatan']) OR empty($_POST['kd_sub_kegiatan'])OR empty($_POST['kd_mak'])OR empty($_POST['id_inventaris'])OR empty($_POST['id_jenis'])OR empty($_POST['no_surat'])OR empty($_POST['tgl_surat'])OR empty($_POST['asal_surat'])OR empty($_POST['nip'])OR empty($_POST['no_spk'])OR empty($_POST['tgl_pemeliharaan'])OR empty($_POST['nm_rekanan']))
        {
        echo '<script>alert("Data masih ada yang kosong!");</script>';
        echo '<html><head>
            <meta http-equiv="refresh" content="0;url=index.php?p=tambah_pemeliharaan">
            </head></html>';
        }
        elseif($qInsertData = mysql_query("INSERT INTO tbl_pemeliharaan(thn_anggaran, id_jns_anggaran, kd_program, kd_kegiatan, kd_sub_kegiatan, kd_bas, id_pemeliharaan, id_inventaris, id_jenis, nip, tgl_input, tgl_pemeliharaan, nm_rekanan, no_surat, tgl_surat, asal_surat, no_spk) VALUES('".$_POST['thn_anggaran']."', '".$_POST['id_jns_anggaran']."', '".$_POST['kd_program']."', '".$_POST['kd_kegiatan']."', '".$_POST['kd_sub_kegiatan']."', '".$_POST['kd_mak']."','".$id_pemeliharaan."', '".$_POST['id_inventaris']."', '".$_POST['id_jenis']."', '".$_POST['nip']."', CURRENT_DATE(), STR_TO_DATE('".$_POST['tgl_pemeliharaan']."','%m/%d/%Y'), '".$_POST['nm_rekanan']."', '".$_POST['no_surat']."', STR_TO_DATE('".$_POST['tgl_surat']."','%m/%d/%Y'), '".$_POST['asal_surat']."', '".$_POST['no_spk']."')") or die(mysql_error()))

	/*if($qInsertData)
	{*/
	 ?>{
		 <script type="text/javascript">
		 var answer = confirm("Input data berhasil, Lanjutkan ke uraian pekerjaan ?")
		 if (answer)
		 {
			window.location = "index.php?p=u_pekerjaan&id_pemeliharaan=<?=$id_pemeliharaan;?>";
		 }
		 else{
			window.location = "index.php?p=pemeliharaan";
		 }

		</script> }
	 <?
	/*}else
	{
		echo ("<script> alert (\"Input data gagal dilakukan !!\");</script><br>");
		echo "<html><head>
			<meta http-equiv='refresh' content='0;url=index.php?p=tambah_pemeliharaan'>
			</head></html>";
	}*/
	}
	else
	{
		echo ("<script> alert (\"Data yang dimasukkan sudah ada\");</script><br>");
		echo "<html><head>
			<meta http-equiv='refresh' content='0;url=index.php?p=pemeliharaan'>
			</head></html>";
	}

  }
  ?>
      
	</form>
      </table>
    </td>
  </tr>
  <tr>
    <td><hr size="1" color="#999999" /></td>
  </tr>
</table>
</body>
</html>

Link to comment
Share on other sites
gege Newbie

gege

Posted
  • Author
Posted

yeah, My problem is when the input fail and appear 'javascript fail', after it appear also 'javascript successful'.

how to make 'javascript successful' doesn't appear when we know that the input has failed?

 

sorry, I can not speak english well.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.