Perhaps you can check the data of the fields before it goes to the next
form. For example,
if (ereg("^.*[^a-zA-Z0-9\-].*$", $Username)) {
die("Your username contains invalid characters. Only alphanumeric characters
and dashes are allowed.");
}
Hope that helps.
----- Original Message -----
From: "Georgie Casey" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Thursday, March 21, 2002 3:09 PM
Subject: [PHP] Temporary MySQL Tables
> Hi,
>
> On my site now, there's a lengthy register process where the user has to
> fill in 5 forms, one after the another. I get the PHP script to echo the
> values from the previous into the next form by using
> <?php echo "<input type=\"hidden\" name=\"name\" value=\"" . $name .
"\">";
> ?>
> for example. Then I keep carrying the information over to each extra form
> until the user reaches the last page and I insert all the info into a
table
> called "tempmembers" with an extra timestamp field which I use to verify
> email addresses. The user gets an email saying click here to verify your
> membership with the username and timestamp in the URL. The users clicks
it,
> and I run a SQL command that copies the row from "tempmembers" into the
> "members" table.
>
> This process worked well for a while until I discovered if users enter a
> single or double quote into any of the fields, it fecks everything up. So
I
> added an addslashes command but it's all getting a bit hairy so I was
> looking for some advice on MySQL temporary tables for either using after
> every form or at the end of all the forms.
>
> Or does anyone have any other method I could use??? Thanks for any help
> you might have.
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
