Hi
I have a script that checks whether a user is logged in or not.
If the user are not logged in they are directed to the login page.
else the user is logged in.
If the user is logged in they can adda story,
I have a validation check on the title and main text fields, if the title is not set, then output an error message eg
however this message is not being ouput and I can't figure out why.
Any help would be appreciated
Here is the full code:
I have a script that checks whether a user is logged in or not.
If the user are not logged in they are directed to the login page.
else the user is logged in.
If the user is logged in they can adda story,
I have a validation check on the title and main text fields, if the title is not set, then output an error message eg
Code:
if (isset($_POST['title'])) {
// Do this
$t = escape_data($_POST['title']);
} else {
// Output error message
$t = FALSE;
echo '<p>You forgot to enter a title</p>';
}
Any help would be appreciated
Here is the full code:
Code:
<?php
# Filename - add_story.php
# Date - 9th August 2007
# Author - Stephen Hoult
# Author Email - stephen@hoult.org.uk
// This file allows logged in users to add a story.
// Include config file for error management and such
include('./includes/config.inc.php');
// Set page title and include HTML header
$page_title = 'Add a Story';
include('./includes/header.html');
// If no first_name variable exists, redirect the user.
if (!isset($_SESSION['first_name'])) {
// Start defining the URL.
$url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
// Check for a trailing slash.
if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) {
$url = substr ($url, 0, -1); // Chop off the slash.
}
// Add the page.
$url .= '/login.php';
ob_end_clean(); // Delete the buffer.
header("Location: $url");
exit(); // Quit the script.
} else { // First name variable exists - user is logged in
//If the form has been submitted
if (isset($_POST['submitted'])) {
// Connect to the database
require_once('../mysql_connect_ur.php');
// Validate title
if (isset($_POST['title'])) {
$t = escape_data($_POST['title']);
} else {
$t = FALSE;
echo '<p><font color="red" size="+1">Please enter a title.</font></p>';
} // End of validate Title
// Validate Main text
if (isset($_POST['title'])) {
$mt = escape_data($_POST['main_text']);
} else {
$mt = FALSE;
echo '<p>You forgot to enter the main text.</p>';
} // End of validate Main text
if ($t && $mt) { // If validation checks pass
// Add the story.
$query = "INSERT INTO content (title, main_text, date_submitted)
VALUES ('$t', '$mt', NOW())";
$result = mysql_query($query);
echo '<p>Your story has been added to the database</p>';
mysql_close(); // Close database connection
} else { // Validation check failed
echo '<p>A system error has occurred. Your story has not been added.</p>';
} // End of if all validation checks pass
} // End of if Submitted
} // End of is logged in
?>
<fieldset><legend>Add a story</legend>
<form action="add_story.php" method="post" >
<p>Title: <input type="text" name="title" size="30" maxlength="50" value="<?php if (isset($_POST['title'])) echo $_POST['title']; ?>" /></p>
<p>Main Text<textarea name="main_text" cols="40" rows="5"/><?php if (isset($_POST['main_text'])) echo $_POST['main_text']; ?></textarea></p>
<p><input type="submit" name="submit" value="Submit" /></p>
<input type="hidden" name="submitted" value="TRUE" />
</form>
</fieldset>
<?php
include('./includes/footer.html'); // Include HTML footer
?>
Comment