I have two forms. The first form has two inputs: date and id. The id should be in the database otherwise, it will not save. What the $_SESSION does is that it passes the value from ID when I submit the form to the second form which is in the same page too. How can I prevent this from passing the value if the user has put a value that is not in the database? My php code issues a modal which says that the ID the the user has put is invalid however, it still passes to the other form...
Here is my php code:
<?php
include 'config.php';
if (isset($_POST['documentRequest1']))
{
$chkbox = $_POST['docs'];
$id = $_POST['a'];
$totalPrice = 0;
$total_cedula = 0;
$isPartOfTotal = 0;
foreach($chkbox as $chk1)
{
if($chk1=='Certificate of Residency')
{
$chek_val=$_POST['d1'];
$result = mysqli_query($conn, "SELECT price FROM document WHERE typeOfDoc = '$chk1';");
$row = mysqli_fetch_assoc($result);
$isPartOfTotal = $chek_val * $row["price"];
$sql = mysqli_query($conn, "INSERT into requestitem (DocumentRequest_idDocumentRequest, Document_idDocument, quantity, isPartOfTotal, price, paymentStatus) VALUES ((SELECT idDocumentRequest FROM documentrequest WHERE Person_idPerson = '$id'), (SELECT idDocument FROM document WHERE typeOfDoc = '$chk1'), '$chek_val', '$isPartOfTotal',' $total_cedula', 'Unpaid');");
}
else if($chk1=='Barangay Clearance')
{
$chek_val=$_POST['d2'];
$result = mysqli_query($conn, "SELECT price FROM document WHERE typeOfDoc = '$chk1';");
$row = mysqli_fetch_assoc($result);
$isPartOfTotal = $chek_val * $row["price"];
$sql = mysqli_query($conn, "INSERT into requestitem (DocumentRequest_idDocumentRequest, Document_idDocument, quantity, isPartOfTotal, price, paymentStatus) VALUES ((SELECT idDocumentRequest FROM documentrequest WHERE Person_idPerson = '$id'), (SELECT idDocument FROM document WHERE typeOfDoc = '$chk1'), '$chek_val', '$isPartOfTotal',' $total_cedula', 'Unpaid');");
}
else if ($chk1=='Cedula')
{
$chek_val=$_POST['d3'];
//$income=$_POST['income'];
$result = mysqli_query($conn, "SELECT income FROM person WHERE idPerson = '$id';");
$row = mysqli_fetch_assoc($result);
$income = $row['income'];
$total_cedula = ($income * 12 * .001) + 5;
$isPartOfTotal = $chek_val * $total_cedula;
$sql = mysqli_query($conn, "INSERT into requestitem (DocumentRequest_idDocumentRequest, Document_idDocument, quantity, isPartOfTotal, price, paymentStatus) VALUES ((SELECT idDocumentRequest FROM documentrequest WHERE Person_idPerson = '$id'), (SELECT idDocument FROM document WHERE typeOfDoc = '$chk1'), '$chek_val', '$isPartOfTotal',' $total_cedula', 'Unpaid');");
}
// partial total
$result = mysqli_query($conn, "SELECT price FROM document WHERE typeOfDoc = '$chk1';");
$row = mysqli_fetch_assoc($result);
$isPartOfTotal = $chek_val * $row["price"];
}
?>
<!-- Modal -->
<div class="modal fade" id="step2" tabindex="-1" role="dialog" aria-labelledby="memberModalLabel" aria-hidden="true">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header" style = "background-color: #5bc0de; color: white;">
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">×</span>
</button>
<h4 class="modal-title" id="memberModalLabel">Request added.</h4>
</div>
<div class="modal-body">
<h5>You have successfully added a new request. However, it is still tagged as unpaid.<br> This will redirect you to the invoice page.</h5>
</div>
<div class="modal-footer">
<button type="button" class="btn btn-primary" data-dismiss="modal">Close</button>
</div>
</div>
</div>
</div>
<?php
//header("Refresh: 5;url=all_docRequest.php");
mysqli_close($conn);
}
?>
First form html code:
<form class="form-horizontal form-label-left" name = "documentRequest" enctype="multipart/form-data" role="form" method="post" novalidate>
<div class = "first">
<div class="item form-group">
<label class="control-label col-md-3 col-sm-3 col-xs-12">Date of Request <span class="required">*</span></label>
<div class="col-md-6 col-sm-6 col-xs-12">
<input id="reqDate" class="form-control col-md-7 col-xs-12" name="reqDate" required="required" type="date" >
</div>
</div>
<div class="item form-group">
<label class="control-label col-md-3 col-sm-3 col-xs-12">Resident's Name <span class="required">*</span></label>
<div class="col-md-6 col-sm-6 col-xs-12">
<input name="person_id" id="search-box" class="form-control col-md-7 col-xs-12" placeholder ="Type in ID number..." required="required" type="text">
</div>
</div>
</div>
<div class="ln_solid"></div>
<div class="form-group">
<div class="col-md-6 col-md-offset-3">
<button id="requestDiv" type="submit" class="btn btn-success" name="documentRequest" >Proceed</button>
<button type="submit" class="btn btn-primary">Cancel</button>
</div>
</div>
</form>
Second form:
<form class="form-horizontal form-label-left" name = "documentRequest1" enctype="multipart/form-data" role="form" method="post" novalidate>
<div class = "second">
<div class="item form-group">
<label class="control-label col-md-3 col-sm-3 col-xs-12">ID <span class="required">*</span></label>
<div class="col-md-6 col-sm-6 col-xs-12">
<input name="a" id="search" class="form-control col-md-7 col-xs-12" value = "<?php echo $_SESSION['person_id']; ?>" required="required" type="text" readonly="readonly">
</div>
</div>
<div class="item form-group">
<label class="control-label col-md-3 col-sm-3 col-xs-12"> Document Request(s) <span class="required">*</span></label>
<div class="col-md-6 col-sm-6 col-xs-12">
<input type="checkbox" name="docs[]" id="doc1" value="Certificate of Residency"/> Certificate of Residency
<div class = "clearfix"></div>
<div class = "col-xs-3">
<input name="d1" class="form-control col-md-7 col-xs-12" required="required" type="number">
</div>
<div class = "clearfix"></div>
<input type="checkbox" name="docs[]" id="doc2" value="Barangay Clearance"/> Barangay Clearance
<div class = "clearfix"></div>
<div class = "col-xs-3">
<input name="d2" class="form-control col-md-7 col-xs-12" required="required" type="number"/>
</div>
<div class = "clearfix"></div>
<input type="checkbox" name="docs[]" id="doc3" value="Cedula"/> Cedula
<div class = "clearfix"></div>
<div class = "col-xs-3">
<input name="d3" class="form-control col-md-7 col-xs-12" required="required" value = "1" type="number" readonly = "readonly"/>
</div>
</div>
</div>
</div>
<div class="ln_solid"></div>
<div class="form-group">
<div class="col-md-6 col-md-offset-3">
<button id="requestDiv1" type="submit" class="btn btn-success" name="documentRequest1" >Proceed</button>
<button type="submit" class="btn btn-primary">Cancel</button>
</div>
</div>
</form>
This is the $_SESSION code:
<?php
session_start();
$_SESSION['person_id']=isset($_POST['person_id']) ? $_POST['person_id'] :'';
?>
I really need your help on this one... Your help will be much appreciated. Thank you.