I’ve put together the following:
[code]if(isset($_GET[‘addadmin’])){
echo "Employee Information
if(isset($_POST[‘submit2’])){
if(preg_match("/[A-Z | a-z]+/", $_POST[‘lastname2’])){
if(preg_match("/[A-Z | a-z]+/", $_POST[‘firstname2’])){
$firstname2=$_POST[‘firstname2’];
$lastname2=$_POST[‘lastname2’];
$db=mysql_connect (“localhost”, “test”, “pass”) or die (‘I cannot connect to the database because: ’ . mysql_error());
$mydb=mysql_select_db(“Training”);
$sql=“INSERT INTO staff (Last_Name, First_Name) VALUES ( '” . $lastname2 . "’, ‘" . $firstname2 . "’ )";
$result=mysql_query($sql);
echo "
Entry created for " . $lastname2 . ", " . $firstname2 . “
”;}
}
else{
echo “
Please enter a valid name.
”;}
}
}[/code]
Where I would like the form to require all information entered for variables ‘firstname2’ and ‘lastname2’ to conform to A-Z or a-z. It works, and even returns the else statement if one of the variables is incorrect.
However, if the user inputs a valid ‘lastname2’ value, but an invalid ‘firstname2’ value, the else statement does not run. I’m sure this is an oversight on my part, but I cannot figure out why it does not return “Please enter a valid name.” in this scenario. It at least prevents the submission from being INSERTed to the database.
Question:
Could someone tell me why it doesn’t return the else statement when ‘lastname2’ is valid and ‘firstname2’ isn’t according to the preg_match?
[size=10pt]On a tangent[/size] size=8pt[/size]
This is my first project with PHP. How does one go about passing the MySQL database login to the server without the client having the opportunity to “View Source” it?