Avatar of ackrts
ackrtsFlag for United States of America asked on

how do I compare (validate) a form field text in php to a data type varchar filed in a mysql database?

I have a simple form that users must "digitally sign" before continuing.  In my mysql database, they have a first name (fname) and a last name (lname) field.  

The form collects their ip address and the current time stamp.  It then asks them to "sign" by entering their first and last name.  Upon submit, I want the form to validate what the user entered for first and last name against their account in the database.  It must match exactly with fname and lname.  If it does not, the form should error.

Thanks in advance for any help!
PHPMySQL Server

Avatar of undefined
Last Comment
ackrts

8/22/2022 - Mon
funtaff

Let's see the PHP code you already have for the form page, so it can be put in terms of the way you are doing things already.
Michael701

well varchr is kinda a generic data type. so I can't think of a comparison where the variable type would matter, but here's some info

you can use Type Casting to force the post variable into a string
then use (triple) === in the if statement

if ( (string) $_POST['fname'] === $member['fname'] ))

or

if ( (string) $_POST['fname'] !== $member['fname'] ))

see:
http://us2.php.net/manual/en/language.types.type-juggling.php
ASKER
ackrts

Here is the basic code.  The only validation I am currently using is javascript to ensure the fields are not NULL before continuing.  
<?PHP
$table=$_GET['table'];
$ip = $_SERVER['REMOTE_ADDR'];
$today = date('F j, Y, g:i a, T'); 
$id=$_GET['id'];
// variables above are carried over from another php webpage
 
// store the document signature information
 if (isset($_POST['lease_signed_fname'])):
  $signed_fname = $_POST['signed_fname'];
  $signed_lname = $_POST['signed_lname'];
  $lease_ip = $_POST['l_ip'];
  $lease_date = $_POST['l_date'];
  $sql = "UPDATE $table SET
	  signed_fname='$signed_fname',
	  signed_lname='$signed_lname',
	  l_ip='$l_ip',
	  l_date='$l_date'
	  WHERE id='$id'";
  if (@mysql_query($sql)) {
    echo '<p>Document Signed Successfully</p>';
  } else {
    echo '<p>ERROR Signing Document: ' .
        mysql_error() . '</p>';
  }
 
// gather existing information from the database  
$f=@mysql_query("SELECT * FROM `table1` , table2 WHERE `email` = '$email' AND `guest` = `field`");
 
	if (!$f) {
		exit('<p> Error fetching details: ' .
			mysql_error() . '</p>');
}
$f=mysql_fetch_array($f);
// guest's name already stored in the database
$fname=$f['fname']; // First name stored in table1
$lname=$f['lname']; // Last name stored in table1
//Other necessary fields listed below
?>
 
 
 
<head>
<script type="text/javascript"> 
function validate(form) { 
// checking to make sure the document has been signed and that they have agreed to the terms
 
// See if the first name was entered
if (form1.lease_signed_fname.value ==""){ 
alert("You have not signed the document."); 
return false;}
 
// See if the last name was entered
if (form1.lease_signedlfname.value ==""){ 
alert("You have not signed the document."); 
return false;}
 
// See if they have agreed to the terms and conditions
if(!document.form1.agree.checked){alert("Please Check I Agree to the terms and conditions."); 
return false; } 
 
 
return true;
}
</script>
</head>
 
<!-- page text goes here -->
 
<!-- user must accept the page text below -->
 
<table align="center"><form action="<?php echo $_SERVER['PHP_SELF']; ?>?id=<?php echo $id; ?>" method="post" name="form1" onsubmit='return validate(this)'>
				<tr>
					<td>
					Current Date & Time:
					</td>
					<td>
					 <input type="text" name="l_date" value="<?php echo $today; ?>" size="30" readonly="true" />
					 <!-- Dynamically created -->
					</td>
				</tr>
				<tr>
					<td>
					Your IP Address:
					</td>
					<td>
					<input name="l_ip" type="text" value="<?php echo $ip; ?>" size="30" readonly="true" />
					<!-- Dynamically created -->
					</td>
				</tr>
				<tr>
					<td colspan="2" align="center">
					<input type=checkbox name=agree value='yes'> I agree to the terms and conditions.
					</td>
				</tr>
				<tr>
					<td>
					Your Signiture (First Name, Last Name):
					</td>
					<td>
					<input type="text" name="signed_fname" value="<?php echo $signed_fname; ?>" size="30" /> <input type="text" name="signed_lname" value="<?php echo $signed_lname; ?>" size="30" /> 
					</td>
				</tr>
				<tr>
					<td colspan="2" align="center">
					<input type="hidden" name="id" value="<?php echo $id; ?>" />
					<input name="sign-document" type="submit" value="Sign Document" />
					<!-- Now compare $signed_fname that the user entered to $fname stored in the database -->
					<!-- Now compare $signed_lname that the user entered to $lname stored in the database -->
					</form>
					</td>
				</tr>
			</table>		

Open in new window

Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
motley74

You could put both values into variables and use the following
strcmp($string1, string2)
This will return a 0 if an only if the strings are exactly equal
ASKER CERTIFIED SOLUTION
Roger Baklund

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
Roger Baklund

... and make sure you put a <title> element in <head>.
ASKER
ackrts

Thank you cxr!
I will give this a try.  $email comes from the main login page and is passed through a session.php file to the user control panel page (my account) and onto this document signing page (include session.php).
Initial code on the control panel page...
...
$email=mysql_real_escape_string($email);
$password=mysql_real_escape_string($password);
...

Once the user arrives to their control panel (my account), it checks to see if they have signed their document.  If they have not signed their document (if.. then..), there is an alert message prompting them to do so.  If they click on that link, it brings them to the page we are currently working on (signdocument.php).

The code I included above didn't include the entire php document, just the parts I thought were necessary for getting help.  The page is actually quite large, but I can include it if necessary.

I'll start working on this.  let me know if you need anything else.  Thanks!
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
ASKER
ackrts

Thank you for your help!!