Home/ Questions/Q 6637505
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-25T23:19:24+00:00

This is my first PHP project so please guide how to debug effectively :

  • 0

This is my first PHP project so please guide how to debug effectively :

I created this form:

<form action="<?php $self ?>" method="post">
<div class="fname">
  <label for="name"><span> Name: </span>
  <input name="name" value= "<?php 
  if($error_count != 0) {
  echo $name;
  }// To avoid filling name again in case of error?>"
  type="text" cols="20" />
  </label>
</div>
<div class="femail">
  <label for="email"><span> Email: </span>
  <input name="email" value= "<?php 
  if($error_count != 0) {
  echo $email;
  }// To avoid filling email again in case of error?>" 
  type="text" cols="20" />
  </label>
</div>
<br/>
<textarea name="post" rows="5" cols="40"><?php 
  if($error_count != 0) {
  echo $post;
  }// To avoid filling textarea again in case of error?>
  </textarea>
<input name="send" type="hidden" />
<p>
  <input type="submit" value="shout" />
</p>

and following function to validate form (in a seperate file form_validation.php):

    <?php
function validate_shout($vmail,$vname,$vpost)
{

$error_count = 0; 

// To check email.
if(!preg_match('/^[.\w-]+@([\w-]+\.)+[a-zA-Z]{2,6}$/',$vmail)) {
echo "<p class =\"error\"> Please enter valid email address </p><br/>";
$error_count++;
}

// To check required fields
if($vname == NULL) {
echo "<p class =\"error\"> Oops!! You forgot to enter your name </p><br/>";
$error_count++;
}

if($vpost == NULL) {
echo "<p class =\"error\"> I guess your shout was blank </p><br/>";
$error_count++;
}

return $error_count;
}

?>

And used it in this way

if(isset($_POST['send'])) {

if(!isset($_POST['name']) || !isset($_POST['email']) || !isset($_POST['post'])) {
echo "<p class=\"error\">Unable to connect to the database server at this time.</p>";
}
else {
 $name = htmlspecialchars(mysql_real_escape_string($_POST['name'])); 
 $email = htmlspecialchars(mysql_real_escape_string($_POST['email'])); 
 $post = htmlspecialchars(mysql_real_escape_string($_POST['post']));


$error_count = validate_shout($email,$name,$post);
//PHP code to add shout to database
if ($error_count == 0) 
{
$query = "INSERT INTO shouts SET name='$name', email='$email', post='$post';";
  • Now the problem is that it is not validating the textarea. other
    two are working fine. Code was working fine few days ago. but today
    when i opened it i found this problem.

One more thing i noticed was in phpMyadmin, as listed below

The additional features for working with linked tables have been deactivated. To find out why click here.

on click it displayed this:

$cfg['Servers'][$i]['pmadb'] ...    not OK [ Documentation ]
$cfg['Servers'][$i]['relation'] ...     not OK [ Documentation ]
General relation features: Disabled

$cfg['Servers'][$i]['table_info'] ...   not OK [ Documentation ]
Display Features: Disabled

$cfg['Servers'][$i]['table_coords'] ...     not OK [ Documentation ]
$cfg['Servers'][$i]['pdf_pages'] ...    not OK [ Documentation ]
Creation of PDFs: Disabled

$cfg['Servers'][$i]['column_info'] ...  not OK [ Documentation ]
Displaying Column Comments: Disabled
Browser transformation: Disabled

$cfg['Servers'][$i]['bookmarktable'] ...    not OK [ Documentation ]
Bookmarked SQL query: Disabled

$cfg['Servers'][$i]['history'] ...  not OK [ Documentation ]
SQL history: Disabled

$cfg['Servers'][$i]['designer_coords'] ...  not OK [ Documentation ]
Designer: Disabled

$cfg['Servers'][$i]['tracking'] ...     not OK [ Documentation ]
Tracking: Disabled

I guess both the problems appeared together without any change in any settings or code by me. Although they look separate from each other.

Please help..

Main problem is why $post is not getting validated and why phpMyadmin is suddenly showing the above mentioned message

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    The == NULL comparison will fail. Normally an empty string can also "equal" NULL. (You should preferrably write == "" anyway). But your textarea is unlikely to contain an really empty string. Just from your template I would assume it contains at least an newline, or a few more spaces even.

    In that case you don’t want to campare it against the empty string, but probe that it contains anything but spaces. To do so:

    if (strlen(trim($vpost))) {

    Anyway, to probe if a string contains anything, prefer strlen(). The trim() here is for filtering out whitespace prior to checking that.

    Some other notes about your code:

    • htmlspecialchars(mysql_real_escape_string( is the wrong order. The escape function is for the database. It must be applied immediately before concating it into SQL. Applying another encoding (html) afterwards might undo the SQL escaping.
    • <form action="<?php $self ?>" won’t work without some echo
    • And the email regex is just braindamaged. Use filter_var and the builtin FILTER_VALIDATE_EMAIL regex
    • 0