Smart Froms

[lh3vs3]

Hi,
I am making a form that inserts people into a database and if values is not correct it returns erros.
But I am getting this error:

Parse error: syntax error, unexpected $end in /home/lh3vs3/public_html/insert.php on line 106

But there is no line 106...
here is the code:
form

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "[URL]http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd[/URL]">
<!--
Design by Free CSS Templates
[URL]http://www.freecsstemplates.org[/URL]
Released for free under a Creative Commons Attribution 2.5 License
Name       : Free Port
Description: A two-column, fixed-width design for 1024x768 screen resolutions.
Version    : 1.0
Released   : 20090122
-->
<html xmlns="[URL]http://www.w3.org/1999/xhtml[/URL]">
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>Inscription</title>
<meta name="keywords" content="" />
<meta name="description" content="" />
<link href="style.css" rel="stylesheet" type="text/css" media="screen" />
</head>
<body>
<?php
include("header.php");
?>
<div id="page">
 <div id="content">
  <div class="post">
   <h2 class="title">Joindre le Ligue</h2>
   <p class="date"><?php echo date("Y.m.d"); ?></p>
   <div class="entry">
<form name="submit_article" method="post" action="insert.php">
        <p>&nbsp;Nom de Famille:<br/>
          <input name="lname" type="text">
        </p>
        <p>&nbsp;Pr&eacute;nom:<br/>
     <input name="fname" type="text">
        </p>
         <p>&nbsp;E-Mail:<br/>
     <input name="email" type="text">
        </p>
        <p>&nbsp;&Acirc;ge:<br/>
              <select name="age">
          <option value="14">14</option>
          <option value="15">15</option>
          <option value="16">16</option>
          <option value="17">17</option>
          <option value="18">18</option>
          <option value="19">19</option>
    </select>
        </p>
         <p>&nbsp;Quartier:<br/>
              <select name="quartier">
          <option value="Chomedy">Chomedy</option>
          <option value="St-Doronthe">St-Doronthe</option>
          <option value="Laval-Nord">Laval-Nord6</option>
          <option value="Laval-Des-Rapides">Laval-Des-Rapides</option>
    </select>
        </p>
        <p>
          <input type="submit" name="Submit" value="Joindre">
        </p>
        <p class='links'>
        </p>
</form></div>
  </div>
 </div>
 <!-- end #content -->
<?php
include("sidebar.php");
?>
 <!-- end #sidebar -->
 <div style="clear: both;">&nbsp;</div>
</div>
<!-- end #page -->
<?php
include("copyright.php");
?>
<!-- end #footer -->
</div>
</body>
</html>

insert.php

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "[URL]http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd[/URL]">
<!--
Design by Free CSS Templates
[URL]http://www.freecsstemplates.org[/URL]
Released for free under a Creative Commons Attribution 2.5 License
Name       : Free Port
Description: A two-column, fixed-width design for 1024x768 screen resolutions.
Version    : 1.0
Released   : 20090122
-->
<html xmlns="[URL]http://www.w3.org/1999/xhtml[/URL]">
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>Votre Inscription</title>
<meta name="keywords" content="" />
<meta name="description" content="" />
<link href="style.css" rel="stylesheet" type="text/css" media="screen" />
</head>
<body>
<?php
include("header.php");
?>
<div id="page">
 <div id="content">
  <div class="post">
   <h2 class="title">Votre Inscription</h2>
   <p class="date"><?php echo date("Y.m.d"); ?></p>
   <div class="entry">
<?php
// first, connect to database and select table
$link = mysql_connect ("localhost", "lh3vs3_ara", "1992arayugi")
or die("mysql_error()");
mysql_select_db ("lh3vs3_league", $link);
$lname = $_POST['lname'];
$fname = $_POST['fname'];
$email = $_POST['email'];
$age = $_POST['age'];
$quartier = $_POST['quartier'];
$error = '0';
$result = mysql_query("SELECT * FROM `players` WHERE lname = '$lname'",$link);
$retreive = mysql_fetch_array($result);
$name = "" .$retreive['fname']. "";
/* check if lname is entered */
  if(!$lname || strlen($lname = trim($lname)) == 0){
  echo "Veuillez entrez votre nom de famille";
  $error = '$error +1';
 }
/*check if fname is entered */
  if(!$fname || strlen($fname = trim($fname)) == 0){
  echo "Veuillez entrez votre pr&eacute;nom";
  $error = '$error +1';
 }
/* check if player already entered */
elseif('$fname' == '$name'){
echo "Vous &ecirc;tes d&eacute;j&agrave; enregistr&eacute;.";
$error = '$error +1';
}
/*check if email is entered */
  if(!$email|| strlen($email = trim($email)) == 0){
  echo "Veuillez entrez votre email";
  $error = '$error +1';
  }
else{
/* check if email is valid */
$regex = "^[_+a-z0-9-]+(\.[_+a-z0-9-]+)*"
."@[a-z0-9-]+(\.[a-z0-9-]{1,})*"
."\.([a-z]{2,}){1}$";
if(!eregi($regex,$subemail)){
echo "Votre email n'est pas vailde.";
$error = '$error +1';
 }
if($error>0){
echo "Veuillez retourner a la page d'inscription et r&eacute;essaye";
}
else{
$player = "INSERT INTO `players` (`lname`, `fname`, `email`, `age`, `quartier`, `register_time`) VALUES ('$lname', '$fname','$email','$age','$quartier', NOW())";
mysql_query($player) or die(mysql_error());
$player_stats = "INSERT INTO `player_stats` (`lname`, `fname`, `goals`, `assists`, `points`, `plus/minus`, `pim`, `ppg`, `shg`, `evg`, `shots`, `shotsp`) VALUES ('$lname', '$fname', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0')";
mysql_query($player_stats) or die(mysql_error());
echo "<br/>Votre Inscription a &eacute;t&eacute; enregistr&eacute;<br/>";
}
?>
   </div>
  </div>
 </div>
 <!-- end #content -->
<?php
include("sidebar.php");
?>
 <!-- end #sidebar -->
 <div style="clear: both;">&nbsp;</div>
</div>
<!-- end #page -->
<?php
include("copyright.php");
?>
<!-- end #footer -->
</div>
</body>
</html>

thanks for your help,
Ara

 

[Livewire]

Unexpected $end means you're missing a closing bracket somewhere.

My guess is it's right around here:

else{
/* check if email is valid */
$regex = "^[_+a-z0-9-]+(\.[_+a-z0-9-]+)*"
."@[a-z0-9-]+(\.[a-z0-9-]{1,})*"
."\.([a-z]{2,}){1}$";
if(!eregi($regex,$subemail)){
echo "Votre email n'est pas vailde.";
$error = '$error +1';
 }
if($error>0){
echo "Veuillez retourner a la page d'inscription et réessaye";
}
else{
$player = "INSERT INTO `players` (`lname`, `fname`, `email`, `age`, `quartier`, `register_time`) VALUES ('$lname', '$fname','$email','$age','$quartier', NOW())";
mysql_query($player) or die(mysql_error());
$player_stats = "INSERT INTO `player_stats` (`lname`, `fname`, `goals`, `assists`, `points`, `plus/minus`, `pim`, `ppg`, `shg`, `evg`, `shots`, `shotsp`) VALUES ('$lname', '$fname', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0')";
mysql_query($player_stats) or die(mysql_error());
echo "<br/>Votre Inscription a &eacute;t&eacute; enregistr&eacute;<br/>";
}

If you count, there's 4 {'s but only 3 }'s - there's a } bracket missing, in particular the one that's closing the very first Else statement.

Course I'm not sure what the code does, so I'm not entirely sure where that missing } is supposed to go, but that sure looks like whats causing the problem.

 

[lh3vs3]

OK thanks,
it works now but I have another problem.
My code is used to check errors from the form. And if it finds error it adds 1 to $error.
And at the end it supposed to show the errors and tell the user to correct it.
But now it shows the error, it says email is not valid, but it still gets inserted....

 

[garrettroyce]

$error = '$error +1';

$error will always equal the string "$error + 1'. You can use ++$error to increase $error by one.

 

[lh3vs3]

Oh thanks alot.
Ok I have another question with another form...
this is the error I get:
Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/lh3vs3/public_html/request_confirm.php on line 53

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/lh3vs3/public_html/request_confirm.php on line 54

this is the code:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!--
Design by Free CSS Templates
http://www.freecsstemplates.org
Released for free under a Creative Commons Attribution 2.5 License

Name       : Free Port
Description: A two-column, fixed-width design for 1024x768 screen resolutions.
Version    : 1.0
Released   : 20090122

-->
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>League de Hockey 3vs3</title>
<meta name="keywords" content="" />
<meta name="description" content="" />
<link href="style.css" rel="stylesheet" type="text/css" media="screen" />
</head>
<body>
<?php
include("header.php");
?>
<div id="page">
	<div id="content">
		<div class="post">

			<h2 class='title'>Cr&eacute;er une &eacute;quipe</h2>
			<p class='date'><?php echo date("Y.m.d"); ?></p>
			<p class='meta'><em>Posted by Aravinthan </p>
			<div class='entry'>
<?php
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$teamname = $_POST['teamname'];
$receiver = $_POST['receiver'];
$link = mysql_connect ("localhost", "lh3vs3_ara", "1992arayugi")
or die("mysql_error()");
mysql_select_db ("lh3vs3_league", $link);
/*check if fname is entered */
  if(!$fname|| strlen($fname = trim($fname)) == 0){
  echo "Veuillez entrez votre pr&eacute;nom";
   ++$error ;
 }
 /*check if lname is entered */
   if(!$lname|| strlen($lname = trim($lname)) == 0){
   echo "Veuillez entrez votre nom de famille";
    ++$error ;
 }
/* check if player in a team*/
$checkteam = "SELECT teamname FROM players WHERE fname= '$fname' AND lname = '$lname'";
$retreive_team = mysql_fetch_array($checkteam);
if(mysql_num_rows($checkteam)) {
  echo "Vous avez d&eacute;ja choisi votre nom d'&eacute;quipe:" .$retreive_team['teamname']. "";
}
else {
$avai_team = mysql_query("SELECT * FROM `available_teams` ORDER BY teamname DESC",$link);
while($teams = mysql_fetch_array($avai_team))
{
echo "<form method='post'>
<select name='teamname'>";
echo "<option value='" .$team['teamname']. "'>" .$team['teamname']. "</option>";
echo "</select>";
echo " <input type='submit' value='Confirmer'/>";
}
}
if($error>0){
echo "Veuillez retourner &agrave; la page de demande et r&eacute;essaye";
}
else{
/* enter values into team_maker table */
$result = mysql_query("SELECT * FROM `players` WHERE fname='$fname' AND  lname='$lname'",$link);
$retreive = mysql_fetch_array($result);
$asker = "" .$retreive['playerid']. "";
mysql_query("INSERT INTO team_maker (asker, receiver, teamname, date)
VALUES ('$asker', '$receiver','$teamname', NOW())");
/* delete teamname from availabe_teams table */
mysql_query("DELETE FROM `available_teams` WHERE teamname='$teamname'")
or die(mysql_error());
/* get email adress */
$result1 = mysql_query("SELECT * FROM `players` WHERE playerid='$receiver'",$link);
$retreive1 = mysql_fetch_array($result1);
$email = "" .$retreive1['email']. "";
/* send email */
$to = "$email";
$subject = "Demande de joindre une &eacute;quipe";
$body = "$fname,$lname veut que vous jouez ensemble pour l'&eacute;quipe $teamname. Veuillez utiliser ce lien pour donner votre r&eacute;ponse: <a href='http://lh3vs3.x10hosting.com/view_request.php?asker=$asker&receiver=$receiver'>http://lh3vs3.x10hosting.com/team_maker.php?asker=$asker&receiver=$receiver</a>";
if (mail($to, $subject, $body)) {
  echo("<p>Votre demande a &eacute;t&eacute; confirmer, vous receverez un courriel d&egrave;s que le joueur a r&eacute;pondu.</p>");
 } else {
  echo("<p>Il y a une probl&egrave;me pr&eacute;sentement. Veuillez re-&eacute;ssayer plus tard.</p>");
 }
 }
?>
<p class='links'></p></div>


		</div>
	</div>
	<!-- end #content -->
<?php include("sidebar.php"); ?>
	<!-- end #sidebar -->
	<div style="clear: both;">&nbsp;</div>
</div>
<!-- end #page -->
<?php
include("copyright.php");
?>

<!-- end #footer -->
</div>
</body>
</html>

Thanks for your help,
Ara

 

[garrettroyce]

You have to submit the query before you can view the query results.

$checkteam = ....
$result = mysql_query($checkteam);
$retreive_team = mysql_fetch_assoc($result);

I changed _array to _assoc on purpose. It is a much better practice to use an associative array rather than a numeric. If you add one more field to a table, _array will be messed up but _assoc will be fine.

Also, I like to put linebreaks in my queries to make them easier to read:

mysql_query("
SELECT * 
FROM `available_teams` 
ORDER BY teamname DESC");

Not a big deal now, but if you make any more complicated queries, you may not be able to make sense of them later.

 

[Livewire]

Quick note, difference between assoc and array is this:

Assoc uses the column name, such as $row['username'].

Array uses a number, such as $row[0].


Hence why it gets a bit messy if you add a field to the table; it's fine if it's added at the end, but if you add it somewhere in the middle, the numbers go wonky

 

[misson]

Note also that by default, the result of mysql_fetch_array has both associative and numbered indices. The OP already used associative indices along with mysql_fetch_array.

 

[lh3vs3]

THanks again guys,
but there is another porblem.
This is one if for a bad coding.
So what I want the code to do is to make a request for another player.

The visitor sees players who dont have team, and the choose which one they want in their team.

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "[URL]http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd[/URL]">
<!--
Design by Free CSS Templates
[URL]http://www.freecsstemplates.org[/URL]
Released for free under a Creative Commons Attribution 2.5 License
Name       : Free Port
Description: A two-column, fixed-width design for 1024x768 screen resolutions.
Version    : 1.0
Released   : 20090122
-->
<html xmlns="[URL]http://www.w3.org/1999/xhtml[/URL]">
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>League de Hockey 3vs3</title>
<meta name="keywords" content="" />
<meta name="description" content="" />
<link href="style.css" rel="stylesheet" type="text/css" media="screen" />
</head>
<body>
<?php
include("header.php");
?>
<div id="page">
 <div id="content">
  <div class="post">
<?php
$link = mysql_connect ("localhost", "lh3vs3_ara", "1992arayugi")
or die("mysql_error()");
mysql_select_db ("lh3vs3_league", $link);
$result = mysql_query("SELECT * FROM `players` WHERE teamname = 'Not In one'  ORDER BY playerid",$link);
   echo "<h2 class='title'>Les Membres</h2>";
    echo "<p class='date'>"; echo date("Y.m.d");
    echo "</p>";
   echo "<p class='meta'><em>Posted by Aravinthan </p>";
      echo "<div class='entry'>";
 echo "<table border='0'>
   <tr>
    <th align='center'> Pr&eacute;nom </th>
    <th align='center'> Nom de Famille </th>
    <th align='center'> &Acirc;ge </th>
    <th align='center'> Quartier </th>
    <th align='center'> Date d'inscription </th>
    <th align='center'></th>
   </tr>";
while($row = mysql_fetch_array($result))
{
 echo "<tr>";
 echo "<td align='center'><a href='players.php?player=" .$row['playerid']. "'>" .$row['fname']. "</a></td>";
 echo "<td align='center'><a href='players.php?player=" .$row['playerid']. "'>" .$row['lname']. "</a></td>";
 echo "<td align='center'>" .$row['age']. "</td>";
 echo "<td align='center'>" .$row['quartier']. "</td>";
 echo "<td align='center'>" .$row['register_time']. "</td>";
 echo "<td align='center'><a href='request.php?playerid=".$row['playerid']. "'>Demander &agrave; ce joueur de se joindre &agrave; votre &eacute;quipe</td></tr>";
}
echo " <p class='links'></p></table></div>";
     ?>
  </div>
 </div>
 <!-- end #content -->
<?php include("sidebar.php"); ?>
 <!-- end #sidebar -->
 <div style="clear: both;">&nbsp;</div>
</div>
<!-- end #page -->
<?php
include("copyright.php");
?>
<!-- end #footer -->
</div>
</body>
</html>

Then they come to a form, where it asks their family and first name:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "[URL]http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd[/URL]">
<!--
Design by Free CSS Templates
[URL]http://www.freecsstemplates.org[/URL]
Released for free under a Creative Commons Attribution 2.5 License
Name       : Free Port
Description: A two-column, fixed-width design for 1024x768 screen resolutions.
Version    : 1.0
Released   : 20090122
-->
<html xmlns="[URL]http://www.w3.org/1999/xhtml[/URL]">
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>League de Hockey 3vs3</title>
<meta name="keywords" content="" />
<meta name="description" content="" />
<link href="style.css" rel="stylesheet" type="text/css" media="screen" />
</head>
<body>
<?php
include("header.php");
?>
<div id="page">
 <div id="content">
  <div class="post">
<?php $playerid = $GET_['playerid']; ?>
   <h2 class='title'>Cr&eacute;er une &eacute;quipe</h2>
   <p class='date'><?php echo date("Y.m.d"); ?></p>
   <p class='meta'><em>Posted by Aravinthan </p>
   <div class='entry'>
   <form action="request_confirm.php" name="request_teammate" method="post">
    Votre Pr&eacute;nom:
    <br />
    <input name="fname" type="text" size="30"  />
    Votre Nom de Famille:
    <br />
    <input name="lname" type="text" size="30"  />
  <?php echo"<input type='hidden' name='receiver' value='$playerid' />"; ?>
       <input type="submit" value="Confirmer"/>
   </form>
<p class='links'></p></div>

  </div>
 </div>
 <!-- end #content -->
<?php include("sidebar.php"); ?>
 <!-- end #sidebar -->
 <div style="clear: both;">&nbsp;</div>
</div>
<!-- end #page -->
<?php
include("copyright.php");
?>
<!-- end #footer -->
</div>
</body>
</html>

THen it comes to the page show in earlier posts.
There it checks if the user has inputted their names. Then it checks to see if they have a team, if they do, they keep the team name and sends request,
if they dont it asks them to choose a teamname then it sends request.


The problem is that, I get to the part where it asks to choose a teamnmae, but when I choose it, it says:
pleaser enter lname,fname....

Why is that?

 

[garrettroyce]

I don't see where your problem is happening. Can you narrow it down a little? It's also hard because it's not all in english I looks like the problem may be in request_confirm.php, which I don't think you posted.

 

[lh3vs3]

here is request_confirm.php

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!--
Design by Free CSS Templates
http://www.freecsstemplates.org
Released for free under a Creative Commons Attribution 2.5 License

Name       : Free Port
Description: A two-column, fixed-width design for 1024x768 screen resolutions.
Version    : 1.0
Released   : 20090122

-->
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>League de Hockey 3vs3</title>
<meta name="keywords" content="" />
<meta name="description" content="" />
<link href="style.css" rel="stylesheet" type="text/css" media="screen" />
</head>
<body>
<?php
include("header.php");
?>
<div id="page">
	<div id="content">
		<div class="post">

			<h2 class='title'>Cr&eacute;er une &eacute;quipe</h2>
			<p class='date'><?php echo date("Y.m.d"); ?></p>
			<p class='meta'><em>Posted by Aravinthan </p>
			<div class='entry'>
<?php
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$teamname = $_POST['teamname'];
$receiver = $_POST['receiver'];
$link = mysql_connect ("localhost", "lh3vs3_ara", "1992arayugi")
or die("mysql_error()");
mysql_select_db ("lh3vs3_league", $link);
/*check if fname is entered */
  if(!$fname|| strlen($fname = trim($fname)) == 0){
  echo "Veuillez entrez votre pr&eacute;nom";
   ++$error ;
 }
 /*check if lname is entered */
   if(!$lname|| strlen($lname = trim($lname)) == 0){
   echo "Veuillez entrez votre nom de famille";
    ++$error ;
 }
/* check if player in a team*/
$checkteam = "SELECT teamname FROM players WHERE fname= '$fname' AND lname = '$lname'";
$retreive_team = mysql_fetch_array($checkteam);
if(mysql_num_rows($checkteam)) {
  echo "Vous avez d&eacute;ja choisi votre nom d'&eacute;quipe:" .$retreive_team['teamname']. "";
}
else {
$avai_team = mysql_query("SELECT * FROM `available_teams` ORDER BY teamname DESC",$link);
while($teams = mysql_fetch_array($avai_team))
{
echo "<form method='post'>
<select name='teamname'>";
echo "<option value='" .$team['teamname']. "'>" .$team['teamname']. "</option>";
echo "</select>";
echo " <input type='submit' value='Confirmer'/>";
}
}
if($error>0){
echo "Veuillez retourner &agrave; la page de demande et r&eacute;essaye";
}
else{
/* enter values into team_maker table */
$result = mysql_query("SELECT * FROM `players` WHERE fname='$fname' AND  lname='$lname'",$link);
$retreive = mysql_fetch_array($result);
$asker = "" .$retreive['playerid']. "";
mysql_query("INSERT INTO team_maker (asker, receiver, teamname, date)
VALUES ('$asker', '$receiver','$teamname', NOW())");
/* delete teamname from availabe_teams table */
mysql_query("DELETE FROM `available_teams` WHERE teamname='$teamname'")
or die(mysql_error());
/* get email adress */
$result1 = mysql_query("SELECT * FROM `players` WHERE playerid='$receiver'",$link);
$retreive1 = mysql_fetch_array($result1);
$email = "" .$retreive1['email']. "";
/* send email */
$to = "$email";
$subject = "Demande de joindre une &eacute;quipe";
$body = "$fname,$lname veut que vous jouez ensemble pour l'&eacute;quipe $teamname. Veuillez utiliser ce lien pour donner votre r&eacute;ponse: <a href='http://lh3vs3.x10hosting.com/view_request.php?asker=$asker&receiver=$receiver'>http://lh3vs3.x10hosting.com/team_maker.php?asker=$asker&receiver=$receiver</a>";
if (mail($to, $subject, $body)) {
  echo("<p>Votre demande a &eacute;t&eacute; confirmer, vous receverez un courriel d&egrave;s que le joueur a r&eacute;pondu.</p>");
 } else {
  echo("<p>Il y a une probl&egrave;me pr&eacute;sentement. Veuillez re-&eacute;ssayer plus tard.</p>");
 }
 }
?>
<p class='links'></p></div>


		</div>
	</div>
	<!-- end #content -->
<?php include("sidebar.php"); ?>
	<!-- end #sidebar -->
	<div style="clear: both;">&nbsp;</div>
</div>
<!-- end #page -->
<?php
include("copyright.php");
?>

<!-- end #footer -->
</div>
</body>
</html>

I think its here:

echo "<form method='post'>
<select name='teamname'>";
echo "<option value='" .$team['teamname']. "'>" .$team['teamname']. "</option>";
echo "</select>";
echo " <input type='submit' value='Confirmer'/>";
}
}

As I am resending hte Post, the older Post values gets erased,
could that be the problem?

 

[misson]

The problem is that, I get to the part where it asks to choose a teamnmae, but when I choose it, it says:
pleaser enter lname,fname....

As I am resending hte Post, the older Post values gets erased,
could that be the problem?

Yes, that's it exactly. Adding hidden inputs to the form that picks the team name will fix this bug. Note also that if you use GET rather than POST as the form submission method for request.php (and use $_REQUEST rather than $_POST), the old values carry over because the URL will be preserved.

There are other things that need attention:

• On line 26 of request.php:
  

  <?php $playerid = $GET_['playerid']; ?>

  That should be $_GET, not $GET_. Better still, use $_REQUEST.
  
• Generating a form for each team name in request_confirm.php just produces clutter:
  

  while($teams = mysql_fetch_array($avai_team))
  {
  echo "<form method='post'>
  <select name='teamname'>";
  echo "<option value='" .$team['teamname']. "'>" .$team['teamname']. "</option>";
  echo "</select>";
  echo " <input type='submit' value='Confirmer'/>";
  }
  }

  You probably want something like:

  <form method='post'>
  <?php
    foreach ($_REQUEST as $key => $val) {
      if ($key != 'teamname')
        echo '  <input type="hidden" name="',$key,'" value="',$val,'" />';
    }
  ?>
    <select name='teamname'>
  <?php  while($teams = mysql_fetch_array($avai_team)) {
    echo "    <option value='" .$team['teamname']. "'>" .$team['teamname']. "</option>";
  } ?>
    </select>
    <input type='submit' value='Confirmer'/>
  </form>

• The code to access the DB is scattered across many pages. Much better to design a data access layer (DAL) API so that the other pages can be database agnostic, then collect all that DB access code in a single file. If you're not certain what that means, I'm basically saying write functions/objects to interface w/ the database (the data access layer) so the rest of the scripts don't even have to know a database is involved (database agnostic), they just call functions. If x10hosting supported PDO, you wouldn't have to design your own DB access layer. You might also be able to install PDO for PHP4.
  
• THIS IS A BIG ONE: you need to validate and filter user input (the form variables) to prevent SQL injection. Using POST rather than GET is not secure; it's still trivial to submit arbitrary values. The two natural places to perform validation/filtering are when you first get the user input (i.e. whenever you reference $_REQUEST, $_GET and $_POST) and in the DAL. The latter is safer because you won't forget to validate; the only trick is the DAL can't know what types the form variables are and so needs to be told. You could also validate/filter at both levels, validating at the script level and perform basic filtering in the DAL. Wherever you validate/filter, you can use the filter functions.
  
• In request_confirm.php, you never test whether $teamname is set, so the page always calls team_maker and sends an e-mail. You could fix this by adding a test on $teamname, but I recommend separating the form that picks the team from the script that does the final processing; it'll be much cleaner.
  
• If you separate the team selection from the final form processing, look for a way to move the code that selects the team to the 1st form. Entering both person name & team name seems redundant. What's the asker's relationship to the teams? You should design web forms so that users have to take as few steps as possible.

 

[lh3vs3]

OK thanks alot mission.
There is some things that I dont, well one basically, its the DAL.
I know that I have the give connection using one file, thats waht I started doing, but for some reason x10 bugged at the beginning.
And I will think of redisigning the form. I think you are right, I will come back to you with it.