fife Posted March 19, 2012 Share Posted March 19, 2012 Ok I have this form with 6 fields that the user enters a geocaching code. In the database I have a table called cacheinfo. There are 6 enteries in the database in this table. Now Im trying to confirm that each field entered matches the right geo code. I have it working but I feel that its a very bad way of doing it my way. can someone please show me a better way as I have other situations I do something simliar and its just getting silly. Here is the code; if(isset($_POST['nextbtn'])){ $cache1 = trim($_POST['cache1']); $cache2 = trim($_POST['cache2']); $cache3 = trim($_POST['cache3']); $cache4 = trim($_POST['cache4']); $cache5 = trim($_POST['cache5']); $cache6 = trim($_POST['cache6']); $cache1 = mysql_real_escape_string($cache1); $cache2 = mysql_real_escape_string($cache2); $cache3 = mysql_real_escape_string($cache3); $cache4 = mysql_real_escape_string($cache4); $cache5 = mysql_real_escape_string($cache5); $cache6 = mysql_real_escape_string($cache6); $FetchCache = mysql_query("SELECT * FROM cacheInfo WHERE cacheInfoID='1'") or die('can not find cache information'); $cache1 = mysql_fetch_array($FetchCache); if($cache1 !==$cache1['cacheCode']){ $url = "/register-cache.php?error=true"; header("Location: $url"); } $FetchCache = mysql_query("SELECT * FROM cacheInfo WHERE cacheInfoID='2'") or die('can not find cache information'); $cache2 = mysql_fetch_array($FetchCache); if($cache2 !==$cache2['cacheCode']){ $url = "/register-cache.php?error=true"; header("Location: $url"); } $FetchCache = mysql_query("SELECT * FROM cacheInfo WHERE cacheInfoID='3'") or die('can not find cache information'); $cache3 = mysql_fetch_array($FetchCache); if($cache3 !==$cache3['cacheCode']){ $url = "/register-cache.php?error=true"; header("Location: $url"); } $FetchCache = mysql_query("SELECT * FROM cacheInfo WHERE cacheInfoID='4'") or die('can not find cache information'); $cache4 = mysql_fetch_array($FetchCache); if($cache4 !==$cache4['cacheCode']){ $url = "/register-cache.php?error=true"; header("Location: $url"); } $FetchCache = mysql_query("SELECT * FROM cacheInfo WHERE cacheInfoID='5'") or die('can not find cache information'); $cache5 = mysql_fetch_array($FetchCache); if($cache5 !==$cache5['cacheCode']){ $url = "/register-cache.php?error=true"; header("Location: $url"); } $FetchCache = mysql_query("SELECT * FROM cacheInfo WHERE cacheInfoID='6'") or die('can not find cache information'); $cache6 = mysql_fetch_array($FetchCache); if($cache6 !==$cache6['cacheCode']){ $url = "/register-cache.php?error=true"; header("Location: $url"); } // If all match now run the rest of my code...... } Quote Link to comment Share on other sites More sharing options...
Muddy_Funster Posted March 19, 2012 Share Posted March 19, 2012 arrays would be better. and you should see if you can think of a way to use only 1 query to check all values....i'm thinking a SELECT CASE would be the best way for that. Quote Link to comment Share on other sites More sharing options...
fife Posted March 19, 2012 Author Share Posted March 19, 2012 are we still talking php or we moving over to VB with that? All of the values entered need to match perfectly. I forgot to mention that. If thats not the case they ca not proceed. Quote Link to comment Share on other sites More sharing options...
Muddy_Funster Posted March 19, 2012 Share Posted March 19, 2012 VB?!? I hear you can get a cream for that...oh, wait......no, you can't no it's all still PHP and SQL I don't have time for a full CASE breakdown for the SQL, but here, see what you think of this: if(isset($_POST['nextbtn'])){ $cache[1] = trim($_POST['cache1']); $cache[2] = trim($_POST['cache2']); $cache[3] = trim($_POST['cache3']); $cache[4] = trim($_POST['cache4']); $cache[5] = trim($_POST['cache5']); $cache[6] = trim($_POST['cache6']); foreach($cache as $value){ $value = mysql_real_escape_string($value); } $qry = "SELECT cachInfoID, cacheCode FROM cachInfo WHERE cacheInfoID BETWEEN 1 and 6"; $result = mysql_query($qry) or die (mysql_error()); while($row = mysql_fetch_assoc['$result']){ $keyVal = $row['cachInfoID'] -1; $dataset[$keyVal] = $row['cacheCode']; } foreach($cache as $k => $v){ if ($v != $dataset[$k]){ $url = "/register-cache.php?error=true"; header("Location: $url"); exit; } //do whatever for all matching results Quote Link to comment Share on other sites More sharing options...
fife Posted March 19, 2012 Author Share Posted March 19, 2012 thankyou I need to go now but I will try this later on and post as solved. Quote Link to comment Share on other sites More sharing options...
fife Posted March 20, 2012 Author Share Posted March 20, 2012 ok I now have the following code on my page. 1st the form <form action="" method="post" id="allcachecodesfrm"> <?php for ($i = 1; $i <= $totalRows_rs_cacheNum; $i++) { echo "<label>Cache ".$i."</label> <input name='cache".$i."' type='text' /> <div class='clear'></div>"; } ?> <input name="nextbtn" type="submit" value="Next" /> </form> Once its posted I try to run the values through escape string and trim. Then check they are each the same as in the database. Then if all ok continue with code. but for some reason the page just refreshes. Here is the next part of the code. $qry = "SELECT cacheInfoID, cacheCode FROM cacheInfo WHERE cacheInfoID BETWEEN 1 and $totalRows_rs_cacheNum"; $result = mysql_query($qry) or die (mysql_error()); while($row = mysql_fetch_assoc($result)){ $keyVal = $row['cacheInfoID'] -1; $dataset[$keyVal] = $row['cacheCode']; } foreach($key as $k => $v){ if ($v != $dataset[$k]){ $url = "/register-cache.php?error=true"; header("Location: $url"); exit; } else { echo "success continue with working code here"; } } } Quote Link to comment Share on other sites More sharing options...
Muddy_Funster Posted March 20, 2012 Share Posted March 20, 2012 where did $key come from? Also, looking at the way this is running, there is no need to use the mysql_real_escape_string, as you arn't actualy touching the database with the data and it could end up adding escape characters which will in turn cause a missmatch. post up your full page to let me see how it's all flowing together. Quote Link to comment Share on other sites More sharing options...
fife Posted March 20, 2012 Author Share Posted March 20, 2012 ok here we go. Ill remove the real escape string. thanks. Yeah sorry Muddy_Funster I had to make a small change to the fields from yesterday. I didnt realise that the admin could add geo locations so I have to make the fields dynamic too. Just to confuse things more <?php include('db.php'); session_start(); mysql_select_db($database_db, $db); $query_rs_cacheNum = "SELECT * FROM cacheInfo"; $rs_cacheNum = mysql_query($query_rs_cacheNum, $db) or die(mysql_error()); $row_rs_cacheNum = mysql_fetch_assoc($rs_cacheNum); $totalRows_rs_cacheNum = mysql_num_rows($rs_cacheNum); if(isset($_POST['nextbtn'])){ foreach($_POST as $key => $value) { $$key = mysql_real_escape_string(trim($value)); } $qry = "SELECT cacheInfoID, cacheCode FROM cacheInfo WHERE cacheInfoID BETWEEN 1 and $totalRows_rs_cacheNum"; $result = mysql_query($qry) or die (mysql_error()); while($row = mysql_fetch_assoc($result)){ $keyVal = $row['cacheInfoID'] -1; $dataset[$keyVal] = $row['cacheCode']; } foreach($key as $k => $v){ if ($v != $dataset[$k]){ $url = "/register-cache.php?error=true"; header("Location: $url"); exit; } else { echo "success continue with working code now"; } } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Please enter all cache codes here</title> <link href="main.css" rel="stylesheet" type="text/css" /> </head> <body> <div id="cachewrap"> <div id="head"> <p> </p> <p><img src="/images/logo6.jpg" width="632" height="118" alt="" /></p> </div> <!--<div id="hnav"><?php include('/hnavmain.php'); ?></div>--> <div id="main"> <div id="cachecol"> <h3>Enter all your cache codes here</h3> <p> </p> <p> </p> <p>Please enter all of your codes here. Once complete and your answers have been verfied you can create your account and be entered into our monthly draw.</p> <p> </p> <form action="" method="post" id="allcachecodesfrm"> <?php for ($i = 1; $i <= $totalRows_rs_cacheNum; $i++) { echo "<label>Cache ".$i."</label> <input name='cache".$i."' type='text' /> <div class='clear'></div>"; } ?> <input name="nextbtn" type="submit" value="Next" /> </form> <p> </p> </div> </div> <div id="clear1"></div> <div id="foot">Copyright ©site</div> <div id="subfoot"> <p> </p> </div> Quote Link to comment Share on other sites More sharing options...
Muddy_Funster Posted March 20, 2012 Share Posted March 20, 2012 right, this is a problem: if(isset($_POST['nextbtn'])){ foreach($_POST as $key => $value) { $$key = mysql_real_escape_string(trim($value)); } Unless you really know what you are doing, don't use $$ variables, your just going to end up in knots of confusion. let's go for this: if(isset($_POST['nextbtn'])){ foreach($_POST as $key => $value) { $fieldlist[$key] = (trim($value)); } unset($fieldlist['nextbtn']); //... //also, take the -1 off of this line: $keyVal = $row['cacheInfoID'] -1; // so it reads $keyVal = $row['cacheInfoID']; //... //then the check becomes: foreach($fieldlist as $k => $v){ if ($v != $dataset[$k]){ $url = "/register-cache.php?error=true"; header("Location: $url"); exit; } see how that goes Quote Link to comment Share on other sites More sharing options...
fife Posted March 20, 2012 Author Share Posted March 20, 2012 ok that seems to be getting closer. Now I recieve the error "/register-cache.php?error=true" even if I enter the correct values into the fields. Also now Im totally lost with the code. I understand most of it. Just when we move to the dataset bit I get confused. if(isset($_POST['nextbtn'])){ foreach($_POST as $key => $value) { $fieldlist[$key] = (trim($value)); } unset($fieldlist['nextbtn']); $qry = "SELECT cacheInfoID, cacheCode FROM cacheInfo WHERE cacheInfoID BETWEEN 1 and $totalRows_rs_cacheNum"; $result = mysql_query($qry) or die (mysql_error()); while($row = mysql_fetch_assoc($result)){ $keyVal = $row['cacheInfoID']; $dataset[$keyVal] = $row['cacheCode']; } foreach($fieldlist as $k => $v){ if ($v != $dataset[$k]){ $url = "/register-cache.php?error=true"; header("Location: $url"); exit; } else { echo "success continue with working code here"; } } } Quote Link to comment Share on other sites More sharing options...
Muddy_Funster Posted March 20, 2012 Share Posted March 20, 2012 ok, for debugging, lats do this: if ($v != $dataset[$k]){ //$url = "/register-cache.php?error=true"; //header("Location: $url"); //exit; echo "$v does not match {$dataset[$k]}"; } let's get eyes on what the comparison looks like. Quote Link to comment Share on other sites More sharing options...
fife Posted March 21, 2012 Author Share Posted March 21, 2012 ok so the output of the comparison is below. Just so you know so far i have 6 geocaches so 6 fields needed codes entering in you can see the 6 codes I entered below. a7tn39Aj does not match JNr03N6d does not match uQ60M52N does not match qbZpd26M does not match Xq03iNRq does not match y510BArqg does not match it would seem there is nothing in the {$dataset[$k]} Quote Link to comment Share on other sites More sharing options...
Muddy_Funster Posted March 21, 2012 Share Posted March 21, 2012 fling a var_dump($dataset); at the end of that bit of code, let's see if it is indeed empty. Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted March 21, 2012 Share Posted March 21, 2012 If you are just trying to test if all the entries match the data from the database, you would fetch all the rows from the database into an array and get all the form data into an array (you can do that directly by using an array name for the form field.) Then you can simply use array_diff to find if there are any differences in the two arrays. Edit: must each numbered entry (1,2,3,...) match the corresponding cacheInfoID (1,2,3...)? If so, you would probably need to loop and set a flag indicating a non-match and break out of the loop at the first non-match. Edit2: array_diff_assoc will check if the values at each corresponding index are the same. Quote Link to comment Share on other sites More sharing options...
fife Posted March 21, 2012 Author Share Posted March 21, 2012 PFMaBiSmAd Im now way in over my head. I can read the code and I do understand whats going on but loops are not my strong point. You'd have to explain more clearly with dummy data but thanks. When I do a var_dump($dataset) I get this array(6) { [1]=> string( "a7tn39Aj" [2]=> string( "JNr03N6d" [3]=> string( "uQ60M52N" [4]=> string( "qbZpd26M" [5]=> string( "Xq03iNRq" [6]=> string(9) "y510BArqg" } array(6) { [1]=> string( "a7tn39Aj" [2]=> string( "JNr03N6d" [3]=> string( "uQ60M52N" [4]=> string( "qbZpd26M" [5]=> string( "Xq03iNRq" [6]=> string(9) "y510BArqg" } array(6) { [1]=> string( "a7tn39Aj" [2]=> string( "JNr03N6d" [3]=> string( "uQ60M52N" [4]=> string( "qbZpd26M" [5]=> string( "Xq03iNRq" [6]=> string(9) "y510BArqg" } array(6) { [1]=> string( "a7tn39Aj" [2]=> string( "JNr03N6d" [3]=> string( "uQ60M52N" [4]=> string( "qbZpd26M" [5]=> string( "Xq03iNRq" [6]=> string(9) "y510BArqg" } array(6) { [1]=> string( "a7tn39Aj" [2]=> string( "JNr03N6d" [3]=> string( "uQ60M52N" [4]=> string( "qbZpd26M" [5]=> string( "Xq03iNRq" [6]=> string(9) "y510BArqg" } array(6) { [1]=> string( "a7tn39Aj" [2]=> string( "JNr03N6d" [3]=> string( "uQ60M52N" [4]=> string( "qbZpd26M" [5]=> string( "Xq03iNRq" [6]=> string(9) "y510BArqg" } Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted March 21, 2012 Share Posted March 21, 2012 Here is greatly simplified php code (one query, arrays) that does what you are trying to do - <?php include('db.php'); session_start(); mysql_select_db($database_db, $db); // query for all the data and get a count of the data $query = "SELECT * FROM cacheInfo"; $result = mysql_query($query, $db) or die(mysql_error()); $totalRows_rs_cacheNum = mysql_num_rows($result); // used to generate form fields // form processing if(isset($_POST['nextbtn'])){ $cache = array_map('trim',$_POST['cache']); // trim the 'cache' data // get array with cacheCodes $dataset = array(); while($row = mysql_fetch_assoc($result)){ $dataset[$row['cacheInfoID']] = $row['cacheCode']; } $diff = array_diff_assoc($cache,$dataset); // compare arrays, entry by entry if(empty($diff)){ // all entries matched echo "Result:pass"; // do whatever you want here when all entries matched... } else { // at least one entry did not match echo "Result:fail"; // do whatever you want here when all entries did not match ... } } ?> The form field change to use an array name - <input name='cache[$i]' type='text' /> Quote Link to comment Share on other sites More sharing options...
fife Posted March 21, 2012 Author Share Posted March 21, 2012 ok I have tried to learn what PFMaBiSmAd has suggested I try a couple of hours ago. Here is the new code I have written. if(isset($_POST['nextbtn'])){ foreach($_POST as $key => $value) { $fieldlist[$key] = (trim($value)); unset($fieldlist['nextbtn']); } $qry = "SELECT cacheInfoID, cacheCode FROM cacheInfo WHERE cacheInfoID BETWEEN 1 and $totalRows_rs_cacheNum"; $result = mysql_query($qry) or die (mysql_error()); while($array=mysql_fetch_assoc($result)) { $caches[] = $array['cacheCode']; } $diff = array_diff($fieldlist[], $caches[]); if(!empty($diff)) { $errormessage = "One or all of your entries does not match. Please check your codes and try again"; } else { $url = "success.php"; header("Location: $url"); } } I now recieve this error on the server Cannot use [] for reading on line 59 Which is reffering to; $diff = array_diff($fieldlist[], $caches[]); how can I write this differently? Thanks Quote Link to comment Share on other sites More sharing options...
fife Posted March 21, 2012 Author Share Posted March 21, 2012 ops PFMaBiSmAd I did not see your reply. Let me try thanks Quote Link to comment Share on other sites More sharing options...
fife Posted March 21, 2012 Author Share Posted March 21, 2012 PFMaBiSmAd thank you and thank you to Muddy_Funster you guys rock!! Its sorted and after reading all afternoon I think I could replicate this from now on. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.