I have a few simple html text inputs. I would like to check that the user inputted something and not just spaces. My code below isn't working.
HTML (in a form):
<input type='text' name='email' id='email' />
PHP (the "action" page of the form):
$email=mysql_real_escape_string(strtolower(trim($_POST['email'])));
if (!$email || empty($email)){ // these are the checks that don't work
echo "no email entered";
}
First, you should use mysql_real_escape_string only when inputting data inside of mysql. Don't use it while checking.
My typical manual verification syntax is this:
if(!isset($_REQUEST['email']) || strlen(trim($_REQUEST['email'])) == 0){
$errors[] = 'No email provided';
}
Then after checking, use mysql_real_escape_string while inputting data into mysql
mysql_query('UPDATE myusers SET email = "'.mysql_real_escape_string($_REQUEST['email']).'" WHERE id = "'.mysql_real_escape_string($_REQUEST['id']).'"');
Good luck