I have been working on a form to add data to the database. I have validation which let's the user know if a field is empty or is invalid. Once all is validated I want to submit it to the database. My current code validates data but submits regardless. This is probably a flaw in my logic and if else statements but I can't seem to get it to work.
Here is part of the code including some validation and the INSERT statement.
// Quantity
if (empty($_POST["qtyAdd"]))
{
$qtyErr = "Please enter a product quantity";
}
else
if (!is_numeric($year))
{
$qtyErr = "Data entered was not numeric";
}
else
if (strlen($number) != 3)
{
$qtyErr = "The number entered was not 3 digits long";
}
else
{
$qty = test_input($_POST["yearAdd"]);
}
// Featured
if (empty($_POST["featuredAdd"]))
{
$featuredErr = "Feature Item?";
}
else
{
$featured = test_input($_POST["featuredAdd"]);
}
//Add to database
{
$sql = "INSERT INTO tbl_products (product_name, product_description, product_price, product_year, product_show, product_type, product_signed, product_quantity, product_featured, product_img) VALUES ('$name', '$desc', '$price', '$year', '$show', '$cat', '$signed', '$qty', '$featured', $img)";
mysql_query($sql);
}
}
You're not bothering to check if there is an error. That's why your query is always executed:
if (!isset($qtyErr) && !isset($featuredErr)) {
$sql = "INSERT INTO tbl_products (product_name, product_description, product_price, product_year, product_show, product_type, product_signed, product_quantity, product_featured, product_img) VALUES ('$name', '$desc', '$price', '$year', '$show', '$cat', '$signed', '$qty', '$featured', $img)";
mysql_query($sql);
}