[SOLVED] dealing with forms

[irkevin]

Hi, sorry for bugging you again..

 

I have a form.. the php code to insert to data in the database works well..

 

but now, i'm trying to prevent people from being childish with the form.. sorry for the expression..

 

If i do

 

<?php
if(!$_POST['name']){
echo "You did not enter your name";
}
?>

 

basically, it will tell the user that he didn't enter his name.. But i noticed on the net, some form, when you just hit spacebar once and then click submit, it submits the data and obviously, you'll get only a space in the database.. Why is it so? Is there a way to prevent this?

 

If someone know how to prevent this, plz tell me. will be very grateful..

[darkfreaks]

<?php
if(!$_POST['name']||empty($POST['name'])){ echo "error: message";}?>

[irkevin]

the empty code might do the trick, but wont it take the space as something to put in the database?

 

I heard about striplashes and addslashes etc etc.. what does it do really?

 

P.S: Sorry for my bad english

[darkfreaks]

addslashes adds a slash after something strip slashes removes slashes from something.

 

 

if you want to remove whitespace you need to use  the trim function

 

also empty function if nothing is input into that field it wont allow you to post it errors

[irkevin]

can you give me a brief example of how to use the trim function? Never worked with this before  :'(

[darkfreaks]

<?php

$name= trim($_POST['name']); /// will remove all whitespace from the name field ?>

[irkevin]

Ohh that would do the trick i presume.. thanks for the tips.. i'll try it.. i'll click to TOPIC SOLVED if it works.

 

thanks darkfreaks

[darkfreaks]

welcome bud

[irkevin]

it still enter a space.. here's the code

 

<?php
session_start();

require('config.php');
require('../functions.php');

$id = "0";
$shout = trim($_POST['shout_msg']);
$shouter = $_SESSION['user_name'];
$timeposted = date("F j, Y, g:i a");



if(!$shouter){
//do nothing
}else{

$conn = mysql_connect("localhost","****","****");
$db = mysql_select_db("kevin",$conn);
$sql = "INSERT INTO myshoutpro_shoutbox VALUES ('$id', '$shouter', '$shout','$timeposted')";
$result = mysql_query($sql);
}
?>
<html>
<meta http-equiv="refresh" content="0;url=http://www.mu-anime.com/shoutbox/index.php" />
</html>

 

whats wrong in this.. im going to smash my forehead on the keyboard

[darkfreaks]

 

<?php
$shout= str_replace(' ', '', $shout);?>

[irkevin]

it still enters a space.. thats odd..

[darkfreaks]

is it entering into the database?

[irkevin]

yes it is entering in the database.. and it's showing a space on the shoutbox too..

 

basically it shows the space when i hit spacebar and press enter.. but i don't want that to happen even if i hit spacebar and press enter.. Im lost :S

[darkfreaks]

thats weird it should remove the whitespace.

 

 

can i see the full code?

[irkevin]

<?php
session_start();

require('config.php');
require('../functions.php');

$id = "0";
$shout = $_POST['shout_msg'];
$shoutt= str_replace(' ', '', $shout);
$shouter = $_SESSION['user_name'];
$timeposted = date("F j, Y, g:i a");



if(!$shouter){
//do nothing
}else{

$conn = mysql_connect("localhost","username","password");
$db = mysql_select_db("$db_name",$conn);
$sql = "INSERT INTO myshoutpro_shoutbox VALUES ('$id', '$shouter', '$shoutt','$timeposted')";
$result = mysql_query($sql);
}
?>
<html>
<meta http-equiv="refresh" content="0;url=http://www.mu-anime.com/shoutbox/index.php" />
</html>

 

here it is

[darkfreaks]

there is only one t in the shout variable try again

[darkfreaks]

<?php
session_start();

require('config.php');
require('../functions.php');

$id = "0";
$shoutt = trim($_POST['shout_msg']);
$shoutt= str_replace(' ', '', $shoutt);
$shouter = $_SESSION['user_name'];
$timeposted = date("F j, Y, g:i a");



if(!$shouter){
//do nothing
}else{

$conn = mysql_connect("localhost","username","password");
$db = mysql_select_db("$db_name",$conn);
$sql = "INSERT INTO myshoutpro_shoutbox VALUES ('$id', '$shouter', '$shoutt','$timeposted')";
$result = mysql_query($sql);
}
?>
<html>
<meta http-equiv="refresh" content="0;url=http://www.mu-anime.com/shoutbox/index.php" />
</html>

[irkevin]

[code]my server is a bit slow.. i should wait a few mins.. 

btw, dont you think i should add this afterwards

if(!$shouter || !$shout){

//do nothing

}[/code]

 

??

 

What you think??

[darkfreaks]

no try the code now i modified it because you had the variables switched

[irkevin]

Ok i'll try it once my !@#$%^ server is ok ..lol

 

 

[darkfreaks]

lol okay

[irkevin]

I tried the code you gave me but it didn't work.. then i tried added this part

 

if(!$shouter || !$shout){

//do nothing

}

 

I added !$shout, and it works perfectly.. so normally, you're replacing a space with this '', which means nothing.. it's same as leaving a field blank, right??

 

so it's the same as !$shout i presume..

 

Am i right? huh.. 0_o.. lol

 

but now when i type a normal text, it goes like this

 

thsiisjustatest

[darkfreaks]

no its not it trims all whitespace from the beggining and end of a string!

[irkevin]

i tried it with the code you gave me,, but the text goes like this

 

thisisjustatest.. instead of

 

this is just a test ! see what i mean?

[darkfreaks]

remove the string replace code. and keep the trim code