Jesper Heikkilä Jesper Heikkilä - 5 months ago 28
PHP Question

Include of validation.php file does not execute

I have a form (add_company_form.php) in my submit_form_company.php that takes the values from POST and sends them to mysql trough a pdo connection. But I cant get my validation.php to validate the input. I want the user to stay on the same page which is why I dont have a action in the form. The code itself is not complete and there is alot of improvements that can be done, but Im stuck on the validation for now.. Am I on the right track by adding the validation.php before like my db.php?

Submit_form_company.php

<?php
if ($_SERVER['REQUEST_METHOD'] == "POST") {
try {
include('db.php');
include('validation.php');

if(empty($_SESSION["error_message"]) && $_POST['submit_company']) {

$STH = $conn->prepare("
INSERT INTO companies (Name,Notes,OrganizationNumber)
VALUES (:Name,:Notes,:OrganizationNumber)");
$STH->bindParam(':Name', $_POST['Name'], PDO::PARAM_STR);
$STH->bindParam(':Notes', $_POST['Notes'], PDO::PARAM_STR);
$STH->bindParam(':OrganizationNumber', $_POST['OrganizationNumber'], PDO::PARAM_INT);
$STH->execute();
} elseif ($_SESSION["error_message"] && $_POST['submit_edit']) {
foreach ($_POST['company'] as $i => $value) {
$STH = $conn->prepare("
UPDATE companies
SET Name = :Name,Notes = :Notes,OrganizationNumber = :OrganizationNumber
WHERE Id = :Id");
$STH->bindParam(':Id', $value['Id'], PDO::PARAM_INT);
$STH->bindParam(':Name', $value['Name'], PDO::PARAM_STR);
$STH->bindParam(':Notes', $value['Notes'], PDO::PARAM_STR);
$STH->bindParam(':OrganizationNumber', $value['OrganizationNumber'], PDO::PARAM_INT);
$STH->execute();
}

}
if(empty($_SESSION["error_message"])){
echo "<meta http-equiv='refresh' content='0'>";
}


}

catch (PDOException $e) {
echo $e->getMessage();
}

}

require("add_company_form.php");
$DBH = null;
?>


add_company_form.php

<div class="row">
<form class="col-md-4 navbar-form" method="POST" action="" enctype="multipart/form-data">
<div class="form-group">
<label class="sr-only" for="Name">Name:</label> <input type="text" class="form-control" name="Name" placeholder="Name"><br />
<label class="sr-only" for="Notes">Notes:</label> <input type="text" class="form-control" name="Notes" placeholder="Notes"><br />
<label class="sr-only" for="OrganizationNumber">OrganizationNumber:</label> <input type="text" class="form-control" name="OrganizationNumber" placeholder="OrganizationNumber"><br />
<input type="submit" name="submit_company" class="btn btn-default" value="Submit">
</div>
</form>
<?php
if(!empty($_SESSION["error_message"])){
echo'<div id="error_message" class="col-md-8">';
print_alert_error($_SESSION["error_message"]);
$_SESSION["error_message"] = "";
echo'</div>';
} ?>-




Validation.php

<?
$error = "";

if(isset($_POST['submit_company'])) {
$name = $_POST['Name'];
$notes = $_POST['Notes'];
$organization_number = $_POST['OrganizationNumber'];

if (!ctype_alpha(str_replace(array("'", "-"), "",$name))) {
$error .= '<p class="error">Name should be alpha characters only.</p>';
}

}

//Add error message to session
if (!empty($error)){
$_SESSION["error_message"] = $error;
}
?>


DB.php

<?php
$servername = "127.0.0.1";
$username = "root";
$password = "";
$dbname = "test";
$conn = new PDO("mysql:host=$servername;dbname=$dbname;charset=utf8", $username, $password,array(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES 'utf8'"));
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$conn->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);


?>

Answer

A silly suggestion but try using the full <?php opening tag in your validation.php file.

Comments