css???;

Add an Employee

require_once(???mysql.inc.php??™);
mysql_close($dbc);
?>


adding records 49
validate the form data
The form data must be validated prior to using it in a query. Add this code to
the PHP page:
1 The $errors array will store any errors encountered while
validating the form.
2 Text inputs will be validated by confi rming that they aren??™t empty.
(See extra bits on page 57.)
??¦
require_once(???mysql.inc.php??™);
$errors = array();
if (!empty($_POST[???first_name??™])) {
$fn = mysql_real_escape_string($_POST[???first_name??™],
$dbc);
} else {
$errors[] = ???first name??™;
}
if (!empty($_POST[???last_name??™])) {
$ln = mysql_real_escape_string($_POST[???last_name??™],
$dbc);
} else {
$errors[] = ???last name??™;
}
50 adding records
3 To make sure the data is safe to use in
a query, text inputs are run through the
mysql_real_escape_string() function.
if (!empty($_POST[???email??™])) {
$e = mysql_real_escape_string($_POST[???email??™],
$dbc);
} else {
$errors[] = ???email address??™;
}
adding records 51
if (isset($_POST[???phone_ext??™]) && is_numeric($_
POST[???phone_ext??™]) && ($_POST[???phone_ext??™] > 0)) {
$ext = (int) $_POST[???phone_ext??™];
} else {
$errors[] = ???phone extension??™;
}
mysql_close($dbc);
??¦
4 Numeric values, like the department ID and the phone
extension, must be positive numbers.


Pages:
40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64