I'm having some trouble with this and am hoping that someone can point me in the right direction. I have a registration form that I built using the great tutorial on SSbits here: http://www.ssbits.com/tutorials/2010/site-members-registering-users-and-allowing-them-to-edit-their-details/
Within that registration form, I have 2 fields that need to be validated against a database of numbers that have already been entered. These fields are "SourceCode" and "VoucherNumber". I need to make sure that the 2 fields match 2 rows in the database, basically just like a username and password. On the old site I used this code:
// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// source code and card number sent from form
$sourcecode=$_POST['location_code_c'];
$cardnumber=$_POST['card_number_c'];
// To protect MySQL injection
$sourcecode = stripslashes($sourcecode);
$cardnumber = stripslashes($cardnumber);
$sourcecode = mysql_real_escape_string($sourcecode);
$cardnumber = mysql_real_escape_string($cardnumber);
$sql="SELECT * FROM $tbl_name WHERE location_code='$sourcecode' and card_number='$cardnumber' AND registered='0'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $sourcecode and $cardnumber, table row must be 1 row
if($count==1){
//
mysql_query ("UPDATE $tbl_name
SET registered=1
WHERE location_code='$sourcecode' and card_number='$cardnumber'");
As you can see from this code, I also make sure that the card isn't already registered by making sure that the value for "registered" is 0. If everything passes then I need the form to also change that to "1".
Here is the code to my registration form:
Card Numbers are now called Voucher Numbers and Location Codes are now called Source Codes.
<?php
class RegistrationPage extends Page {
}
class RegistrationPage_Controller extends Page_Controller {
static $allowed_actions = array(
'RegistrationForm'
);
function RegistrationForm() {
$fields = new FieldSet(
new TextField('SourceCode', 'Source Code'),
new TextField('VoucherNumber', 'VoucherNumber'),
new TextField('FirstName', '<span>*</span> First Name'),
new TextField('Surname', '<span>*</span> Last Name'),
new EmailField('Email', '<span>*</span> Email'),
new TextField('Address', '<span>*</span> Address'),
new TextField('AddressLine2', 'Address Line 2'),
new TextField('City', '<span>*</span> City'),
new TextField('State', '<span>*</span> State'),
new TextField('PostalCode', '<span>*</span> Zip'),
new TextField('HomePhone', 'Main Contact Phone'),
new ConfirmedPasswordField('Password', '<span>*</span> Password'),
new CheckboxField('UpdateMe', 'Update Me When New Merchants Join'),
new CheckboxField('PrefAll', 'All'),
new CheckboxField('PrefFoodDrink', 'Food/Drink'),
new CheckboxField('PrefSports', 'Sports/Family Entertainment'),
new CheckboxField('PrefRetail', 'Retail'),
new CheckboxField('PrefHealth', 'Health & Wellness'),
new CheckboxField('PrefEvents', 'Local Events')
);
$actions = new FieldSet(
new FormAction('doRegister', 'Register')
);
$validator = new RequiredFields ('FirstName', 'LastName', 'Email', 'Street', 'City', 'State', 'Zip');
return new Form($this, 'RegistrationForm', $fields, $actions, $validator);
}
function doRegister($data, $form) {
if($member = DataObject::get_one("Member", "`Email` = '" . Convert::raw2sql($data['Email']) . "'"))
{
$form->AddErrorMessage('Email', "Sorry, that email address already exists. Please choose another.", 'bad');
Session::set("FormInfo.Form_RegistrationForm.data", $data);
return Director::redirectBack();;
}
//Create Member and log them in
$Member = new UrbanMember();
$form->saveInto($Member);
$Member->write();
$Member->login();
//Findo or create 'user' group
if(!$userGroup = DataObject::get_one('Group', "Code = 'users'"))
{
$userGroup = new Group();
$userGroup->Code = "users";
$userGroup->Title = "Users";
$userGroup->Write();
$userGroup->Members()->add($Member);
}
//Add member to user group
$userGroup->Members()->add($Member);
//Get profile page
if($ProfilePage = DataObject::get_one('EditProfilePage'))
{
return Director::redirect($ProfilePage->Link('?success=1'));
}
}
}
?>
Here is the code for the CardNumbers DataObject which is pre-populated that I want to validate against.
<?php
class CardNumbers extends DataObject {
static $db = array(
'VoucherNumber' => 'Varchar(255)',
'SourceCode' => 'Varchar(255)',
'Registered' => 'Boolean',
'Processed' => 'Boolean'
);
static $summary_fields = array(
'SourceCode' => 'Source Code',
'VoucherNumber' => 'Voucher Number',
'CreatedText' => 'Created',
'Registered' => 'Registered',
'Processed' => 'Processed'
);
}
?>
So, what would be the easiest way to validate those 2 fields against the existing database? I have some ideas, but not sure how to implement it. I have been all over the forums and can't find any examples of this type of validation. Any advice would be greatly appreciated. Let me know if more info is needed.