Re: [PHP] Temporary MySQL Tables
Perhaps you can check the data of the fields before it goes to the next
form. For example,
if (ereg("^.*[^a-zA-Z0-9\-].*$", $Username)) {
die("Your username contains invalid characters. Only alphanumeric characters
and dashes are allowed.");
}
Hope that helps.
- Original Message -
From: "Georgie Casey" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Thursday, March 21, 2002 3:09 PM
Subject: [PHP] Temporary MySQL Tables
> Hi,
>
> On my site now, there's a lengthy register process where the user has to
> fill in 5 forms, one after the another. I get the PHP script to echo the
> values from the previous into the next form by using
> ";
> ?>
> for example. Then I keep carrying the information over to each extra form
> until the user reaches the last page and I insert all the info into a
table
> called "tempmembers" with an extra timestamp field which I use to verify
> email addresses. The user gets an email saying click here to verify your
> membership with the username and timestamp in the URL. The users clicks
it,
> and I run a SQL command that copies the row from "tempmembers" into the
> "members" table.
>
> This process worked well for a while until I discovered if users enter a
> single or double quote into any of the fields, it fecks everything up. So
I
> added an addslashes command but it's all getting a bit hairy so I was
> looking for some advice on MySQL temporary tables for either using after
> every form or at the end of all the forms.
>
> Or does anyone have any other method I could use??? Thanks for any help
> you might have.
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Temporary MySQL Tables
Couldn't you just use substr_replace and the html endcoding for a double
quote (") ?
"; ?>
- Original Message -
From: "Georgie Casey" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Thursday, March 21, 2002 2:09 PM
Subject: [PHP] Temporary MySQL Tables
> Hi,
>
> On my site now, there's a lengthy register process where the user has to
> fill in 5 forms, one after the another. I get the PHP script to echo the
> values from the previous into the next form by using
> ";
> ?>
> for example. Then I keep carrying the information over to each extra form
> until the user reaches the last page and I insert all the info into a
table
> called "tempmembers" with an extra timestamp field which I use to verify
> email addresses. The user gets an email saying click here to verify your
> membership with the username and timestamp in the URL. The users clicks
it,
> and I run a SQL command that copies the row from "tempmembers" into the
> "members" table.
>
> This process worked well for a while until I discovered if users enter a
> single or double quote into any of the fields, it fecks everything up. So
I
> added an addslashes command but it's all getting a bit hairy so I was
> looking for some advice on MySQL temporary tables for either using after
> every form or at the end of all the forms.
>
> Or does anyone have any other method I could use??? Thanks for any help
> you might have.
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Temporary MySQL Tables
On Thu, 21 Mar 2002, Georgie Casey wrote: >-Hi, >- >-membership with the username and timestamp in the URL. The users clicks it, >-and I run a SQL command that copies the row from "tempmembers" into the >-"members" table. I assume you are building up all your fields as you move through the site. I would just perform an INSERT into your tempmebers table right away setting whatever fields you have at this point. Then as I pass through each data entry page, I would do UPDATES to that record updating only those new fields, leaving the old ones alone and thus preserved. This way you only have to pass a record ID and the new parameters on each page thus eliminating moving data through the URL. Yuk. Anyway, that's what I would do. >- >-This process worked well for a while until I discovered if users enter a >-single or double quote into any of the fields, it fecks everything up. So I >-added an addslashes command but it's all getting a bit hairy so I was >-looking for some advice on MySQL temporary tables for either using after >-every form or at the end of all the forms. >- >-Or does anyone have any other method I could use??? Thanks for any help >-you might have. >- >- >- >--- >-PHP General Mailing List (http://www.php.net/) >-To unsubscribe, visit: http://www.php.net/unsub.php >- ** John Huggins VANet [EMAIL PROTECTED] http://www.va.net/ ** -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
