"> Server side validation - Forums

Forums

Server side validation

Larion476 12 Jul, 2011
I have a form where I want to validate a field against 2 pieces of information:
a. User Name in Joomla Users
b. Type of Registration in CB.

I wrote the SQL Query and checked that it works. Here is the code I have, I put it in a server side navigation action, but I am not sure it is in the right place, The validation does not take place the form is accepted even if the field is wrong.

Would appreciate some help (I am using CF 4.0.RC 1.9 on Joomla 1.5.23). Here is the code:
<?php
		$uname = JRequest::getString('username', '', 'post');
		$db		=& JFactory::getDBO();				
		$query	= 	'SELECT u.username, cb.cb_typeofregistration
					FROM #_jos_users AS u
					LEFT JOIN #_jos_comprofiler AS cb ON u.id = cb.user_id
					WHERE cb.cb_typeofregistration = 'chefs' AND `username` = '$uname'';
 		$db->setQuery( $query );
		if (!$db->loadResult())	{
				$form->validation_errors['username'] = "Wrong User Name"];				 								 
						 }
?>
Larion476 12 Jul, 2011
Modified the code like this

<?php
		$uname = JRequest::getString('username', '', 'post');
		
		$db		=& JFactory::getDBO();				
		$query	= 	'SELECT u.username, cb.cb_typeofregistration
					FROM #_jos_users AS u
					LEFT JOIN #_jos_comprofiler AS cb ON u.id = cb.user_id
					WHERE cb.cb_typeofregistration = 'chefs' AND `username` = '$uname'';
					
 		$db->setQuery( $query );
		$db->query();
		if ($db->getNumRows() == 0)	{
				$form->validation_errors['username'] = "Wrong User Name";				 								 
						 }
?>


Added a loop onSubmit>On Server Side Validation>On fail

And get this Message:
Fatal error: Allowed memory size of 33554432 bytes exhausted (tried to allocate 40961 bytes) in /home/hilair/public_html/chef/components/com_chronoforms/libraries/chronoform.php on line 159
Larion476 13 Jul, 2011
Modified yet again This time using $Form->data['....'], same result
<?php
		$uname = $form->data['username'];
		
		$db		=& JFactory::getDBO();				
		$query	= 	'SELECT u.username, cb.cb_typeofregistration
					FROM #_jos_users AS u
					LEFT JOIN #_jos_comprofiler AS cb ON u.id = cb.user_id
					WHERE cb.cb_typeofregistration = 'chefs' AND `username` = '$uname'';
					
 		$db->setQuery( $query );
		$db->query();
		if ($db->getNumRows() == 0)	{
				$form->validation_errors['username'] = "Wrong User Name";				 								 
						 }


Still getting:

Fatal error: Allowed memory size of 33554432 bytes exhausted (tried to allocate 40961 bytes) in /home/hilair/public_html/chef/components/com_chronoforms/libraries/chronoform.php on line 159
GreyHead 13 Jul, 2011
Hi Larion476 ,

The default setting for the Event Loop is OnLoad. My guess is that you've changed it to On Submit and now the code is going round in circles until it runs out of memory :-(

Bob
Larion476 13 Jul, 2011
Just to Clarify:

The Server side event is on Submit
In the On success I put the my php code
In the On fail I put an Event Loop (Like the CAPTCHA) with Target event On Load

Now I get this message:
Parse error: syntax error, unexpected T_STRING in /home/hilair/public_html/chef/administrator/components/com_chronoforms/form_actions/custom_serverside_validation/custom_serverside_validation.php(16) : eval()'d code on line 8
Larion476 13 Jul, 2011
If I put the Server Side Validation in the onLoad events with the same event Loop as before, the form does not load, I immediately get:


Fatal error: Allowed memory size of 33554432 bytes exhausted (tried to allocate 100747 bytes) in /home/hilair/public_html/chef/components/com_chronoforms/libraries/chronoform.php on line 161
GreyHead 13 Jul, 2011
Hi Larion476,

If you make random changes and they break your form then just undo them. The Serverside validation belongs in the OnSubmit event so please put it back there.

This message

Parse error: syntax error, unexpected T_STRING in /home/hilair/public_html/chef/administrator/components/com_chronoforms/form_actions/custom_serverside_validation/custom_serverside_validation.php(16) : eval()'d code on line 8

tells you that you have a bug in the code on Line 8 (or earlier) of the code in the ServerSide validation box.

Bob
Larion476 13 Jul, 2011
This is extremely frustrating!!😢

I went back to basic to see if I could get a value from a table, so I created a new field I called email and I entered the following as default value:
<?php
$db =& JFactory::getDBO();				
$query	= "SELECT email
FROM #_jos_users
WHERE username = 'aa123' ";					
$db->setQuery( $query );
$result= $db->loadObject();
echo= $result['email'];
?>


I get the following message:

Parse error: syntax error, unexpected T_STRING in /home/hilair/public_html/chef/administrator/components/com_chronoforms/form_actions/show_html/cfaction_show_html.php(108) : eval()'d code on line 4

Apparently there is something in the WHERE clause it does not like, but I don't know what I tried changing ' with " or ` without success.


I also tried something else: I created a custom code action in on Load where I put the following:😢
<?php
$db =& JFactory::getDBO();				
$query	= "SELECT email
FROM #_jos_users
WHERE username = 'aa123' ";					
$db->setQuery( $query );
$result= $db->loadObject();
$form->data['Email']= $result['email'];
?>


I get similar error message:

Parse error: syntax error, unexpected T_STRING in /home/hilair/public_html/chef/administrator/components/com_chronoforms/form_actions/show_html/cfaction_show_html.php(108) : eval()'d code on line 4[/b]
Larion476 13 Jul, 2011
SOLVED
Several issues:
Needed backstroke for table names
Removed the#_ prefix from table names
Here is the final code:
<?php
$uname = $form->data['username'];	
$db=& JFactory::getDBO();				
$query	= "SELECT username, cb_typeofregistration
FROM  `jos_users' AS u
LEFT JOIN `jos_comprofiler` AS cb ON u.id = cb.user_id
WHERE cb_typeofregistration = 'chefs' AND username = '$uname' ";					
$db->setQuery( $query );
$result = $db->query();
if (!$result)	{
$form->validation_errors['username'] = "Wrong User Name";				 								 
 }
?>
GreyHead 14 Jul, 2011
Hi Larion476,

In MySQL queries table and column names require* back-ticks ``; strings require single quotes ''

Joomla! replaces the #_ prefix with the prefix used on your site. This is often, but not always 'jos'. What you don't want is to use both versions e.g. #_jos_table_name. I use #__table_name so that the query will work whatever prefix you have set.

There are still a quote bugs in the code you posted `jos_users' should be `jos_users`

Here's how I might have written that block:
<?php
$uname = $form->data['username'];   
$db=& JFactory::getDBO();            
$query = "
  SELECT COUNT(*)
    FROM  `#__users` AS u
      LEFT JOIN `#__comprofiler` AS cb ON u.`id` = cb.`user_id`
    WHERE cb.`cb_typeofregistration` = 'chefs' AND u.`username` = '$uname' 
";               
$db->setQuery($query);
$count = $db->loadResult();
if ( !$count )   {
  $form->validation_errors['username'] = "Wrong User Name";                                     
}
?>


Bob

* Not strictly required if the column names don't include any special characters but safer to use them. There are also Joomla! functions that will add quoted for you. $db->quote('some value') for values and $db->nameQuote('some name') for table and column names.
Larion476 14 Jul, 2011
Thanks Bob,

Always appreciate your help. I was wondering what the $db->quote('...") meant now I Know.
Larion476 14 Jul, 2011
More issues

I thought it was working yesterday, Alas No.😶

If I enter any username (even a wrong one) and the right CAPTCHA, the form is processed.(see 2nd image). This will beprocessed

If I enter the right user name and a wrong CAPTCHA I get the error with a message saying that both the UserName and captcha are wrong (see 1st image - aa123 is correct)

If Both are wrong I get the same message.[attachment=1]Test_Validation_NoEmail_1310649130892.jpeg[/attachment]
[attachment=0]Test_Validation_NoEmail_1310649204501.jpeg[/attachment]

In the Events on Submit I have the server Side Validation with an on Fail Event Loop first, followed the the CAPTCHA with an on fail Event Loop

I tried reversing the order without success.

Any help would be appreciated
Larion476 14 Jul, 2011
Solved

if ( !$count )   {
  $form->validation_errors['username'] = "Wrong User Name";
  return FALSE; } 


Added the return FALSE in the if, now message is displayed and the sequence is correct, first the message for the User Name then the message for the CAPTCHA
GreyHead 17 Jul, 2011
Hi Larion476 ,

Sorry, I missed that - I'm still not used to CFv4 requiring the False value returned :-(

Bob
This topic is locked and no more replies can be posted.