Member Avatar for SheSliq

i am trying to validate a form so that all required fields are filled before submission. If they are not filled then an error message should appear..

But I keep getting this error:
"Parse error: parse error, unexpected '{' in C:\Program Files\wamp\www\template1\updateReceipt.php on line 31
"

Here is the code

<?php

include("connect.php");

if (!isset($_POST['Submit']))
{

$GpoNumber =$_POST['GpoNumber'];
$invoice=$_POST['invoice'];
$amount=$_POST['amount'];
$receiver=$_POST['receiver'];
$dateIn=$_POST['dateIn'];
$submitter=$_POST['submitter'];

// create empty error variable
$error = "";

// check for data in required fields
if (($GpoNumber == "") || ($invoice == "") || ($amount == "") || ($receiver == "") || ($dateIn == "") || ($submitter == "")) {
    $error = "Please fill in all the required fields!";
}

// validate GpoNumber
[COLOR="Red"]if ((ctype_alpha($GpoNumber) == FALSE {[/COLOR]
    $error = "Please enter a valid GpoNumber <br/>";
}

// validate invoice
if ((ctype_alpha($invoice) == FALSE {
     $error = "Please enter a valid invoice <br/>";
}

// validate amount
if ((is_numeric($amount) == FALSE {
    $error = "Please enter a valid amount <br/>";
}

// validate receiver
if ((ctype_alpha($receiver) == FALSE {
    $error = "Please enter a valid receiver <br/>";
}


// validate date
if ((is_numeric($dateIn) == FALSE {
    $error = "Please enter a valid date <br/>";
}

// validate submitter
if ((ctype_alpha($submitter) == FALSE {
    $error = "Please enter a valid submitter <br/>";
}


?>
<body>
<div id="container">
  <div id="intro">
    <div id="pageHeader">
      <h1><span>Department of Water Affairs<h3><font color='black'>Payment Process Tracking System</font></h3></span></h1>

    </div>
<div id="linkList">
      <div id="linkList2">
        <div id="lmenu">
          <ul>
            <li><a href="index.html">Main Menu</a>&nbsp; </li>
            <li><a href="receipt.php">Receipt Division</a>&nbsp; </li>
            <li><a href="viewReceipt.php">View Details</a>&nbsp; </li>
            <li><a href="deleteReceipt.php">Delete Details</a>&nbsp; </li>
          </ul>
        </div>
      </div>
    </div>

    <div id="about">
      <h3><span>Update Receipt Division Details</span></h3>
<form  action="<?php echo($PHP_SELF) ?>" method="post">
      <table width="400" border="0" cellpadding="0">


<tr><td>Company Name:</td>
    <td><input type="text" NAME="CompanyName" size="30"></td></tr>


<tr><td><label>GPO Number</label></td>
<td>
<?php
$result=mysql_query("SELECT GpoNumber FROM receipt WHERE GpoNumber='$GpoNumber'")
?>
<select name ="GpoNumber">
<?php
    while($receipt=mysql_fetch_array($result))
    {
    ?>
    <option value="<?php echo $receipt['GpoNumber'];?>"><?php echo $receipt['line[0]'];?></option>
    <?php
    }
    ?>

</select></td></tr>


<tr><td>Invoice Number:</td>
    <td><input type="text" NAME="invoice" size="30"></td></tr>

<tr><td>Amount:</td>
    <td><input type="text" NAME="amount" size="30"></td></tr>

<tr><td>Received By:</td>
    <td><input type="text" NAME="receiver" size="30"></td></tr>

<tr><td>Date In:</td>
    <td><input type="text" NAME="dateIn" size="30"></td></tr>

<tr><td>Submitted By:</td>
    <td><input type="text" NAME="submitter" size="30"></td></tr>

<td colspan="2">&nbsp;</td></tr>
<tr><td colspan="2" align="center"><input type="submit" name="Submit" value="UPDATE "/>
                   <input type="reset" name="ubmit" value="CLEAR"/></td></tr>

</table>
</form>
    </div>
  </div>
</div>
</body>
<?php

else
{
updateReceiptDetails($CompanyName,$GpoNumber,$invoice,$amount,$receiver,$dateIn,$submitter);
}

}
    ?>
Edited by pritaeas because: Fixed formatting
  • 5 Contributors
  • 6 Replies
  • 132 Views
  • 11 Hours Discussion Span
  • Latest Post Latest Post by nav33n

Recommended Answers

All 6 Replies

Member Avatar for nav33n

Well, read the line in red very carefully. Don't you see a missing ) after false ? Don't forget to change it everywhere.


Edit:
1. Don't create duplicate threads as it will not help you in any way.
2. Please use [code=php] [/code] tags to wrap your code. It really helps.

Member Avatar for BzzBee

nav33n is right

Member Avatar for cwarn23

I agree with nav33n but I suppose newbies to daniweb aren't familiar to the code tag concept. Also in addition, I would secure that mysql query of yours. The corrected and easier to read code is as follows:

<?php

include("connect.php");

if (!isset($_POST['Submit']))
{

$GpoNumber =$_POST['GpoNumber'];
$invoice=$_POST['invoice'];
$amount=$_POST['amount'];
$receiver=$_POST['receiver'];
$dateIn=$_POST['dateIn'];
$submitter=$_POST['submitter'];

// create empty error variable
$error = "";

// check for data in required fields
if (($GpoNumber == "") || ($invoice == "") || ($amount == "") || ($receiver == "") || ($dateIn == "") || ($submitter == "")) {
$error = "Please fill in all the required fields!";
}

// validate GpoNumber
if ((ctype_alpha($GpoNumber) == false) {
$error = "Please enter a valid GpoNumber <br/>";
}

// validate invoice
if ((ctype_alpha($invoice) == false) {
$error = "Please enter a valid invoice <br/>";
}

// validate amount
if ((is_numeric($amount) == false) {
$error = "Please enter a valid amount <br/>";
}

// validate receiver
if ((ctype_alpha($receiver) == false) {
$error = "Please enter a valid receiver <br/>";
}


// validate date
if ((is_numeric($dateIn) == false) {
$error = "Please enter a valid date <br/>";
}

// validate submitter
if ((ctype_alpha($submitter) == false) {
$error = "Please enter a valid submitter <br/>";
}


?>
<body>
<div id="container">
<div id="intro">
<div id="pageHeader">
<h1><span>Department of Water Affairs<h3><font color='black'>Payment Process Tracking System</font></h3></span></h1>

</div>
<div id="linkList">
<div id="linkList2">
<div id="lmenu">
<ul>
<li><a href="index.html">Main Menu</a>&nbsp; </li>
<li><a href="receipt.php">Receipt Division</a>&nbsp; </li>
<li><a href="viewReceipt.php">View Details</a>&nbsp; </li>
<li><a href="deleteReceipt.php">Delete Details</a>&nbsp; </li>
</ul>
</div>
</div>
</div>

<div id="about">
<h3><span>Update Receipt Division Details</span></h3>
<form action="<?php echo($PHP_SELF) ?>" method="post">
<table width="400" border="0" cellpadding="0">


<tr><td>Company Name:</td>
<td><input type="text" NAME="CompanyName" size="30"></td></tr>


<tr><td><label>GPO Number</label></td>
<td>
<?php
$result=mysql_query("SELECT GpoNumber FROM receipt WHERE GpoNumber='".mysql_real_escape_string($GpoNumber)."'")
?>
<select name ="GpoNumber">
<?php
while($receipt=mysql_fetch_array($result))
{
?>
<option value="<?php echo $receipt['GpoNumber'];?>"><?php echo $receipt['line[0]'];?></option>
<?php
}
?>

</select></td></tr>


<tr><td>Invoice Number:</td>
<td><input type="text" NAME="invoice" size="30"></td></tr>

<tr><td>Amount:</td>
<td><input type="text" NAME="amount" size="30"></td></tr>

<tr><td>Received By:</td>
<td><input type="text" NAME="receiver" size="30"></td></tr>

<tr><td>Date In:</td>
<td><input type="text" NAME="dateIn" size="30"></td></tr>

<tr><td>Submitted By:</td>
<td><input type="text" NAME="submitter" size="30"></td></tr>

<td colspan="2">&nbsp;</td></tr>
<tr><td colspan="2" align="center"><input type="submit" name="Submit" value="UPDATE "/>
<input type="reset" name="ubmit" value="CLEAR"/></td></tr>

</table>
</form>
</div>
</div>
</div>
</body>
<?php

else
{
updateReceiptDetails($CompanyName,$GpoNumber,$invoice,$amount,$receiver,$dateIn,$submitter);
}

}
?>
Member Avatar for mishra.ajitesh

thanx dude for giving percisious time

Member Avatar for SheSliq

maybe i forgot to mention that I am not very good at PHP i have just started working with it.

so cwarn 23 i dont really understand when you say "I would secure that mysql query of yours".

And nav33n when I place the ) after false I still get the same error .

Member Avatar for nav33n

@SheSliq,

if ((ctype_alpha($GpoNumber) == FALSE

This needs 2 ) to close the opening braces.

if((ctype_alpha($GpoNumber) == FALSE))

Or simply,

if(ctype_alpha($GpoNumber) == FALSE)

And cwarn23 is talking about possible sql injection to your code. A bad user can inject your query with all sorts of unwanted value and take over your database! (drop,truncate, insert, whatever).
Use, mysql_real_escape_string for the user's input to avoid such thing to happen. Also, have a look at cwarn23's code. He has used all kinda prevention techniques to save you from a sql injection! :)

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.