help on validation before accepting user input

R

rongame

Member
hi guys

i hope you can help me,on how to perform validation before data being written into the database.

similar to username ajax validation during registration. this will involve (2) two forms or lists from fabrik. before being saved on the table it has to be present on the other table

tried the code below but still nothing

table 1 = empenc_warranty //db table that will be used by the end user
table 2 = seak_keycode //db table that will have the keycodesboth list and forms are generated via fabrik
warranty_code = element of table 1 (user will encode) that will validate data from table 2
encrypted_keycodes = element of table 2 tha holds the keycodes.

Code: 
$value =  '{empenc_warranty___warranty_code}';
$option = array();
$option['driver'] = 'mysql';
$option['host'] = 'localhost';
$option['user'] = 'userco_game';
$option['password'] = '123456';
$option['database'] = 'neco_game';
$option['prefix'] = 'zyz1_';
$db =  JDatabase::getInstance( $option );
 
 
// Best to use Joomla's query builder:
$query = $db->getQuery(true);
 
// Use COUNT(*) to count the # of records matched
$query->select("COUNT(*)")->from('seak_keycode');
 
// ALWAYS use $db->quote() for user inputted values - otherwise is a major security risk
$query->where('encrypted_keycodes  = ' . $db->quote($value));
 
// Set the query to the db
$db->setQuery($query);
 
// Run the query and return a single value (the # of records matched)
$matched = $db->loadResult();
 
if ($matched > 0) {
  // We found some records so return true
  return true;
} else {
  // No records found - return false.
  return false;
}


thanks so much
 
hi :)
The PHP looks good to me.
Could you point me at the form, perhaps that might make me see what the issue is.
Also have you tried adding in

PHP: 
echo $db->getQuery();exit;

after the $db->setQuery();
to see if it looks right, and then run that query in phpmyadmin?

-Rob
 
hi rob

i tried the echo and this came up

SELECT COUNT(*) FROM seak_keycode WHERE encrypted_keycodes = '{empenc_warranty___warranty_code}'

the echo is to print the query on $db if i am correct. the result says to count everything from table seak_keycode element encrypted_keycodes which is equal to empenc_warranty___warranty_code. after this the php code will count how many is similar or equal. if atleast 1 is equal we send a true so the form can be saved and trigger a false if none. for doesnt send. the logic is perfect
i guess the query is correct but should it reflect == instead of = ?

i guess its correct...


Clarification, where should the code be posted? php code? or condition? i used the code on php field the result is its not working...i tried it on condition field and its working. hmmm

next is i need another code that will get information from empenc_warranty table(my first table where data is encoded) its date and time maybe the complete element name could be {empenc_warranty___date_time} that the encoder has submitted the data and write it on the other table say {seak_keycode___date_time} remember that seak_keycode is where the keycodes are stored...so basically storing data will be done on both tables. thanks so much rob
 
The '{empenc_warranty___warranty_code}' should have been replaced with the supplied form data. I see you filled in your site details but which form is this validation on?

i guess its correct...
Click to expand...
yes thats correct

Clarification, where should the code be posted? php code?
Click to expand...
Yes in the PHP code textarea.
 
The '{empenc_warranty___warranty_code}' should have been replaced with the supplied form data. I see you filled in your site details but which form is this validation on?
Click to expand...

it is validated on the list or form named warranty keycodes dbtable seak_keycode

Clarification, where should the code be posted? php code?​
Yes in the PHP code textarea.
Click to expand...

this is a big problem. validation is working perfectly. but i pasted the code in the condition area. is this a bug?

i need suggestions in the second part.
once everything is validated the form is now submitted and off course recorded to the first table {empenc_warranty}list name Sales Warranty Data Center. additionally i want the recorded form also be recorded on the second form {seak_keycode} list name warranty keycodes.

anu suggestions? can i use clone form here? or an inser php?
 
hi again, not really a coder but really need solutions on my requirements. i tried using a form plugin php to insert code to my other table.

source table: empenc_warranty
source full element name: empenc_warranty___buyers_name

insert to table: seak_keycode___buyers_name
insert full element name: empenc_warranty___buyers_name

both includes date and time

settings:

Process script: End of form submission (onAfterProcess)

PHP File: None Selected
Require Once: no

Code: 
$option = array();
$option['driver'] = 'mysql';
$option['host'] = 'localhost';
$option['user'] = 'userco_game';
$option['password'] = '123456';
$option['database'] = 'neco_game';
$option['prefix'] = 'zyz1_';
$db =  JDatabase::getInstance( $option );
$query = $db->getQuery(true);
$columns = array('seak_keycode___buyers_name', 'seak_keycode___closingdate_time');
$values = array('empenc_warranty___buyers_name', 'empenc_warranty___date_time');
$query
    ->insert($db->quoteName('seak_keycode'))
    ->columns($db->quoteName($columns))
    ->values(implode(',', $values));
 
 
$db->setQuery($query);
$result = $db->execute();

unfortunately after clicking save i get this.

Forbidden

You don't have permission to access /administrator/index.php on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocumen

hoping for a solution.

thanks
 
Hey, we're in the middle of a Zopim chat, but for some reason the connection dropped, and I can't get back in to the chat with you.
 
hi cheese

i saw the code for the php form plug in. the file update_code.php was added. unfortunately its not working. whenever i submit i get this error

array(53) { ["option"]=> string(10) "com_fabrik" ["task"]=> string(7) "process" ["formid"]=> string(1) "1" ["rowid"]=> int(24) ["listid"]=> string(1) "1" ["listref"]=> string(1) "1" ["Itemid"]=> string(0) "" ["isMambot"]=> string(0) "" ["returntoform"]=> string(1) "0" ["fabrik_referrer"]=> string(91) "http://game.netpod.com.ph/administrator/index.php?option=com_fabrik&task=list.view&listid=1" ["fabrik_ajax"]=> string(1) "0" ["package"]=> string(6) "fabrik" ["packageId"]=> string(1) "0" ["34f5cae16c289489546a279a3e19b78b"]=> string(1) "1" ["format"]=> string(4) "html" ["fabrik_repeat_group"]=> array(4) { [1]=> string(1) "1" [20]=> string(1) "1" [21]=> string(1) "1" [22]=> string(1) "1" } ["submit"]=> string(0) "" ["755:1:4"]=> string(14) "53 2 759 2 F55" ["755:1:5"]=> string(14) "53 2 759 2 F54" ["6a3c8e462ece6ab2e5dace487cb099af"]=> string(32) "eb613f532e640d3ce6b62fb8ea21b687" ["9633d9b6b432f3433299c456f42c8405"]=> string(32) "d87b47edc1668c56f93c641cbcbb0ada" ["id"]=> int(24) ["date_time"]=> string(19) "2013-07-06 08:04:15" ["encoder"]=> array(1) { [0]=> string(3) "755" } ["buyers_name"]=> string(14) "horice sluhorn" ["address"]=> string(0) "" ["location"]=> string(19) "(53.2224,-4.2007):4" ["tags"]=> string(0) "" ["warranty_code"]=> string(6) "123456" ["commission_status"]=> string(1) "2" ["purchased_amount"]=> string(3) "123" ["product_clas"]=> array(1) { [0]=> string(1) "3" } ["serial_no"]=> string(0) "" ["part_no"]=> string(0) "" ["id_raw"]=> int(24) ["date_time_raw"]=> string(19) "2013-07-06 08:03:00" ["encoder_raw"]=> array(1) { [0]=> string(3) "755" } ["buyers_name_raw"]=> string(14) "horice sluhorn" ["address_raw"]=> string(0) "" ["location_raw"]=> string(19) "(53.2224,-4.2007):4" ["tags_raw"]=> string(0) "" ["warranty_code_raw"]=> string(6) "123456" ["commission_status_raw"]=> array(1) { [0]=> string(1) "2" } ["purchased_amount_raw"]=> string(3) "123" ["comm_perc_raw"]=> float(24.6) ["product_clas_raw"]=> array(1) { [0]=> string(1) "3" } ["serial_no_raw"]=> string(0) "" ["part_no_raw"]=> string(0) "" ["sum_raw"]=> string(12) "130505484.79" ["comm_perc"]=> float(24.6) ["sum"]=> string(12) "130505484.79" ["empenc_warranty___id"]=> int(24) ["empenc_warranty___id_raw"]=> int(24) } array(2) { [0]=> string(47) "`seak_keycode___buyers_name` = 'horice sluhorn'" [1]=> string(57) "`seak_keycode___closingdate_time` = '2013-07-06 08:03:00'" } object(JDatabaseQueryMysqli)#646 (24) { ["offset":protected]=> NULL ["limit":protected]=> NULL ["db":protected]=> object(JDatabaseDriverMysqli)#19 (17) { ["name"]=> string(6) "mysqli" ["nameQuote":protected]=> string(1) "`" ["nullDate":protected]=> string(19) "0000-00-00 00:00:00" ["_database":"JDatabaseDriver":private]=> string(13) "netpodco_game" ["connection":protected]=> object(mysqli)#23 (18) { ["affected_rows"]=> int(1) ["client_info"]=> string(6) "5.1.69" ["client_version"]=> int(50169) ["connect_errno"]=> int(0) ["connect_error"]=> NULL ["errno"]=> int(0) ["error"]=> string(0) "" ["field_count"]=> int(1) ["host_info"]=> string(25) "Localhost via UNIX socket" ["info"]=> NULL ["insert_id"]=> int(0) ["server_info"]=> string(10) "5.1.70-cll" ["server_version"]=> int(50170) ["stat"]=> string(152) "Uptime: 385963 Threads: 4 Questions: 192638199 Slow queries: 299 Opens: 6909631 Flush tables: 1 Open tables: 1024 Queries per second avg: 499.110" ["sqlstate"]=> string(5) "00000" ["protocol_version"]=> int(10) ["thread_id"]=> int(4494091) ["warning_count"]=> int(0) } ["count":protected]=> int(14) ["cursor":protected]=> object(mysqli_result)#348 (5) { ["current_field"]=> NULL ["field_count"]=> NULL ["lengths"]=> NULL ["num_rows"]=> NULL ["type"]=> NULL } ["debug":protected]=> bool(false) ["limit":protected]=> int(0) ["log":protected]=> array(0) { } ["offset":protected]=> int(0) ["options":protected]=> array(9) { ["driver"]=> string(6) "mysqli" ["host"]=> string(9) "localhost" ["user"]=> string(16) "netpodco_rrmgame" ["password"]=> string(8) "rm123456" ["database"]=> string(13) "netpodco_game" ["prefix"]=> string(6) "hjvnr_" ["select"]=> bool(true) ["port"]=> NULL ["socket"]=> NULL } ["sql":protected]=> string(53) "SELECT SUM(`purchased_amount`) FROM `empenc_warranty`" ["tablePrefix":protected]=> string(6) "hjvnr_" ["utf":protected]=> bool(true) ["errorNum":protected]=> int(0) ["errorMsg":protected]=> string(0) "" } ["sql":protected]=> NULL ["type":protected]=> string(6) "update" ["element":protected]=> NULL ["select":protected]=> NULL ["delete":protected]=> NULL ["update":protected]=> object(JDatabaseQueryElement)#648 (3) { ["name":protected]=> string(6) "UPDATE" ["elements":protected]=> array(1) { [0]=> string(14) "`seak_keycode`" } ["glue":protected]=> string(1) "," } ["insert":protected]=> NULL ["from":protected]=> NULL ["join":protected]=> NULL ["set":protected]=> object(JDatabaseQueryElement)#662 (3) { ["name":protected]=> string(3) "SET" ["elements":protected]=> array(1) { [0]=> string(105) "`seak_keycode___buyers_name` = 'horice sluhorn',`seak_keycode___closingdate_time` = '2013-07-06 08:03:00'" } ["glue":protected]=> string(4) " , " } ["where":protected]=> object(JDatabaseQueryElement)#659 (3) { ["name":protected]=> string(5) "WHERE" ["elements":protected]=> array(1) { [0]=> string(29) "encrypted_keycodes = '123456'" } ["glue":protected]=> string(5) " AND " } ["group":protected]=> NULL ["having":protected]=> NULL ["columns":protected]=> NULL ["values":protected]=> NULL ["order":protected]=> NULL ["autoIncrementField":protected]=> NULL ["call":protected]=> NULL ["exec":protected]=> NULL ["union":protected]=> NULL ["unionAll":protected]=> NULL }
 
Yup - as I said in chat, that's some debug code. I didn't get time to finish off the coding last night, as it was Friday night, and I had some social commitments (i.e. trying to have a life). I'm working on your site again now.

-- hugh
 
OK, I got logged in on ftp, and the form plugin now works. I need to fix one thing, which is that for some reason it isn't picking up the date_time from the warranty form to put in the keycode row.

Also, I've modified the validation on the warranty_code element on the warranty form, so it checks to see if the keycode row has already been used, i.e. has a 'buyers_name' already filled in, and if so, checks that the names are the same (so the buyers name on the warranty form matches the name on the keycode table). If they don't match, validation fails.

I *think* this is how you need it to work, from our brief discussions about your work flow, in that you said each code can only be used by one person.

I suspect we may need to build a slightly more robust way of handling codes, but I'll need to understand your workflow / process better. For instance, as it stands, the same person could use the same code for any warranty submission. So I need to know if you only ever want a code to be used once, for one warranty submission, or if the same person can re-use it for different claims, etc.

-- hugh
 
hi hugh

thanks so much for your help. i have been testing on my other thread which is the sql views.

anyway, you are right it can only be used once. just once. it can no longer be used ever again, so validation should check for the following
1. if the code exists - then continue
2. if the code exists and the other fields are still empty meaning not yet in use - then continue
and one more thing
3. if the code exist, {username}{date} is empty and it should be uploaded by a specific user group say "adminloader"

how can we do this?

again hugh thank so much...
your support has been invaluable. upgrading to pro was a good move.
 
You must log in or register to reply here.

Useful links

  • Create a Fabrik Account (Downloads)
  • Create a Forum Account
  • Fabrik Wiki
  • Fabrik 4 Changelog /Install /Upgrade
    • We are in need of some funding.
    More details.

    Thank you.

    Members online

    Total: 85 (members: 1, guests: 84)
    Back
    Top