I have got a form whereby a user enters data and then submits it. This will then create a entry in the database of table projects.
Everything runs fine if the user enters all the details and the idea is that if there are any errors then this is stored into an array and printed to the user.
The code is below:
<?php
// This script performs an INSERT query to add a record to the users table.
$page_title = 'Create Project';
include('includes/header.php');
//check if user is logged in:
require('includes/login_functions.inc.php');
$loggedIn = false;
if ((isset($_COOKIE['user_id'])) && (!empty($_COOKIE['user_id'])) ) {
$loggedIn=true;
} else {
//redirect user to login
redirect_user('login.php');
}
// Check for form submission:
if ($_SERVER['REQUEST_METHOD'] == 'POST' && $loggedIn) {
require('includes/mysqli_connect.php'); // Connect to the db.
//$errors = array(); // Initialize an error array.
// Check for a project title
if (empty($_POST['project_title'])) {
$errors[] = 'You forgot to enter the project title.';
} else {
$p_title = mysqli_real_escape_string($dbc, trim($_POST['project_title'])); //we use mysqli_real_escape_string to avoid bad or malicious input
}
// Check for a project_description
if (empty($_POST['project_description'])) {
$errors[] = 'You forgot to enter the project description.';
} else {
$p_desc = mysqli_real_escape_string($dbc, trim($_POST['project_description']));
}
// Check for project members:
if (empty($_POST['project_members'])) {
$errors[] = 'You forgot to enter project members.';
} else {
$p_members = mysqli_real_escape_string($dbc, trim($_POST['project_members']));
}
// Check for team name
if (empty($_POST['project_author'])) {
$errors[] = 'You forgot to enter the name of your team!';
} else {
$p_author = mysqli_real_escape_string($dbc, trim($_POST['project_author']));
}
// Check for a project picture:
// Check for an uploaded file:
//===========================================================
// Check for an uploaded file:
if (isset($_FILES['project_pic'])) {
/* TODO: CHECK FILE SIZE */
// Validate the type. Should be JPEG or PNG.
$allowed = array('image/pjpeg', 'image/jpeg', 'image/JPG', 'image/jpg', 'image/X-PNG', 'image/PNG', 'image/png', 'image/x-png');
if (in_array($_FILES['project_pic']['type'], $allowed)) {
// Move the file over.
if (move_uploaded_file($_FILES['project_pic']['tmp_name'], "uploads/{$_FILES['project_pic']['name']}")) {
echo '<p><em>The file has been uploaded!</em></p>';
$p_pic = ($_FILES['project_pic']['name']);
echo $pic;
} // End of move... IF.
} else { // Invalid type.
echo '<p class="error">Please upload a JPEG or PNG image.</p>';
}
} // End of isset($_FILES['upload']) IF.
// Check for an error:
if ($_FILES['project_pic']['error'] > 0) {
echo '<p class="error">The file could not be uploaded because: <strong>';
// Print a message based upon the error.
switch ($_FILES['project_pic']['error']) {
case 1:
print 'The file exceeds the upload_max_filesize setting in php.ini.';
break;
case 2:
print 'The file exceeds the MAX_FILE_SIZE setting in the HTML form.';
break;
case 3:
print 'The file was only partially uploaded.';
break;
case 4:
print 'No file was uploaded.';
break;
case 6:
print 'No temporary folder was available.';
break;
case 7:
print 'Unable to write to the disk.';
break;
case 8:
print 'File upload stopped.';
break;
default:
print 'A system error occurred.';
break;
} // End of switch.
print '</strong></p>';
} // End of error IF.
// End of error IF.
//========================================================
// Check for project goals:
if (empty($_POST['project_goals'])) {
$errors[] = 'You forgot to enter your project goals.';
} else {
$p_goals = mysqli_real_escape_string($dbc, trim($_POST['project_goals']));
}
// Check for team details:
if (empty($_POST['team_details'])) {
$errors[] = 'You forgot to enter the team details';
} else {
$p_teamdetails = mysqli_real_escape_string($dbc, trim($_POST['team_details']));
}
// Check for a project intro:
if (empty($_POST['project_intro'])) {
$errors[] = 'You forgot to enter the project introduction.';
} else {
$p_intro = mysqli_real_escape_string($dbc, trim($_POST['project_intro']));
}
// Check for a project_logo:
// Check for an uploaded file:
//=====================================================
if (isset($_FILES['project_logo'])) {
/* TODO: CHECK FILE SIZE */
// Validate the type. Should be JPEG or PNG.
$allowed = array('image/pjpeg', 'image/jpeg', 'image/JPG', 'image/jpg', 'image/X-PNG', 'image/PNG', 'image/png', 'image/x-png');
if (in_array($_FILES['project_logo']['type'], $allowed)) {
// Move the file over.
if (move_uploaded_file($_FILES['project_logo']['tmp_name'], "uploads/{$_FILES['project_logo']['name']}")) {
$p_logo = ($_FILES['project_logo']['name']);
} // End of move... IF.
} else { // Invalid type.
$errors[] = "Invalid Type";
}
} // End of isset($_FILES['upload']) IF.
// Check for an error:
if ($_FILES['project_logo']['error'] > 0) {
$errors[] = 'The file could not be uploaded!';
// Print a message based upon the error.
switch ($_FILES['project_logo']['error']) {
case 1:
$errors[] = 'The file exceeds the upload_max_filesize setting in php.ini.';
break;
case 2:
$errors[] = 'The file exceeds the MAX_FILE_SIZE setting in the HTML form.';
break;
case 3:
$errors[] = 'The file was only partially uploaded.';
break;
case 4:
$errors[] = 'No file was uploaded.';
break;
case 6:
$errors[] = 'No temporary folder was available.';
break;
case 7:
$errors[] = 'Unable to write to the disk.';
break;
case 8:
$errors[] = 'File upload stopped.';
break;
default:
$errors[] = 'A system error occurred.';
break;
} // End of switch.
} // End of error IF.
print_r($errors);
//==========================================================
// Check for project email
if (empty($_POST['project_email'])) {
$errors[] = 'You forgot to enter a contact email.';
} else {
$p_email = mysqli_real_escape_string($dbc, trim($_POST['project_email']));
}
if (empty($errors)) { // If everything's OK.
echo 'test';
// Register the project in the database...
$user_id = $_COOKIE['user_id'];
echo 'TEST!';
// Make the query:
$q = "INSERT INTO projects (project_title, project_description, project_members,
project_pic,project_goals,project_intro,project_logo,project_email, user_id,
created_at, updated_at, team_details, project_author) VALUES ('$p_title', '$p_desc', '$p_members', '$p_pic', '$p_goals',
'$p_intro', '$p_logo', '$p_email','$user_id', NOW(), NOW(), '$p_teamdetails', '$p_author')";
$r = @mysqli_query($dbc, $q); // Run the query.
if ($r) { // If it ran OK.
// Print a message:
echo '<h1>Thank you!</h1>
<p>You are now registered. In Chapter 12 you will actually be able to log in!</p><p><br /></p>';
} else { // If it did not run OK.
// Public message:
echo '<h1>System Error</h1>
<p class="error">You could not be registered due to a system error. We apologize for any inconvenience.</p>';
// Debugging message:
echo '<p>' . mysqli_error($dbc) . '<br /><br />Query: ' . $q . '</p>';
} // End of if ($r) IF.
// Include the footer and quit the script:
} else { // Report the errors.
echo 'test';
}
// End of if (empty($errors)) IF.
} // End of the main Submit conditional.
?>
<section class="container">
<div class="row" id="forms">
<div class="col-lg-12"><h2 class="cs-heading">Create Project</h2></div>
</div>
<div class="row">
<div class="col-lg-8 col-md-8">
<h3 class="cs-heading">Enter your details below:</h3>
<form role="form" enctype="multipart/form-data" action="createproject.php" method="post">
<!-- Hidden field to represent MAX FILE SIZE -->
<input type="hidden" name="MAX_FILE_SIZE" value="524288" />
<div class="form-group">
<label for="project_title">Title</label>
<input type="text" class="form-control" name="project_title" size="20" maxlength="60" placeholder="Enter Project Title">
</div>
<div class="form-group">
<label for="project_intro" class="col-sm-2 control-label">Project Introduction</label>
<div class="col-sm-10">
<textarea class="form-control extra-space" name="project_intro" rows="3" placeholder="Enter Project Intro... Hook your audience!"></textarea>
</div>
</div>
<!--
<div class="form-group text-align-center">
<label for="FileUpload">Upload Profile Image</label> <br/>
<div class="fileUpload">
<span>Upload</span>
<input type="file" name="project_pic" id="FileUpload" class="upload" />
</div>
-->
<div class="form-group">
<label for="project_pic" class="col-sm-2 control-label">Project Picture</label>
<div class="col-sm-10">
<p><b>File:</b> <input type="file" name="project_pic" /></p>
</div>
</div>
<div class="form-group">
<label for="project_goals" class="col-sm-2 control-label">Project Goals</label>
<div class="col-sm-10">
<textarea class="form-control extra-space" name="project_goals" rows="3" placeholder="Enter Project Goals"></textarea>
</div>
</div>
<div class="form-group">
<label for="project_description" class="col-sm-2 control-label">Project Description</label>
<div class="col-sm-10">
<textarea class="form-control extra-space" name="project_description" rows="3" placeholder="Describe Your Project!"></textarea>
</div>
</div>
<div class="form-group">
<label for="project_author">Team Name</label>
<input type="text" class="form-control" name="project_author" size="20" maxlength="120" placeholder="What is your team called?">
</div>
<div class="form-group">
<label for="team_details" class="col-sm-2 control-label">Team Details</label>
<div class="col-sm-10">
<textarea class="form-control extra-space" name="team_details" rows="3" placeholder="Describe your team!"></textarea>
</div>
</div>
<div class="form-group">
<label for="project_members">Team Members</label>
<input type="text" class="form-control" name="project_members" size="20" maxlength="100" placeholder="Enter Relevant Team Members">
</div>
<!-- <div class="form-group text-align-center">
<label for="FileUpload">Upload Team Logo</label> <br/>
<div class="fileUpload">
<span>Upload</span>
<input type="file" name="project_logo" id="FileUpload" class="upload" />
</div>
</div> -->
<div class="form-group">
<label for="project_logo" class="col-sm-2 control-label">Team Logo</label>
<div class="col-sm-10">
<p><b>File:</b> <input type="file" name="project_logo" /></p>
</div>
</div>
<div class="form-group">
<label for="project_members">Contact Email</label>
<input type="text" class="form-control" name="project_email" size="40" maxlength="80" placeholder="Enter Contact Email">
</div>
<div>
<input type="submit" name="submit" class="btn btn-primary" value="Create">
</div>
</div>
</div>
</section>
<?php include ('includes/footer.html'); ?>
However the issue is that this is not displaying any errors even when I submit the form with no entries. No row is being created in the database however I just end up with a blank page and am still on the createproject.php URL like intended.