The Customer <form>

The script customer.2 is shown in Example 10-2. The script displays a <form> for customer data entry. If the user is logged in and validation has not previously failed, the customer data is retrieved from the customer table and used to populate the <form> widgets. If the user isn't logged in, and validation has not previously failed, a blank <form> is shown to collect new member details. If data has failed validation, the formVars array that is registered as a session variable is used to repopulate the <form>, and the error messages from the errors array are displayed.

Two external functions from are used in Example 10-2:

void showMessage( )

This function outputs any errors or notices created by other scripts. These messages include login errors, cart update problems, ordering problems, etc.

void showLogin( )

This function outputs in the top-right corner of the browser whether the user is logged in or not. If the user is logged in, it outputs his email address.

The country widget has only three possible values: Australia, United States, and Zimbabwe, In a full implementation of our case study, a database table of country names would be maintained, and the function selectDistinct( ) would present the <select> list. The function selectDistinct( ) is discussed in Chapter 5.

Example 10-2. The customer <form> script customer.1
  // This script shows the user a customer <form>.
  // It can be used both for INSERTing a new customer and
  // for UPDATE-ing an existing customer. If the customer
  // is logged in, then it is an UPDATE; otherwise, an
  // INSERT.
  // The script also shows error messages above widgets
  // that contain erroneous data; errors are generated
  // by example.customer.1.php
  include '';
  // Show an error in a red font
  function fieldError($fieldName, $errors)
    if (isset($errors[$fieldName]))
      echo "<font color=\"red\">" .
           $errors[$fieldName] .
  // Connect to a session
  session_start(  );
  // Is the user logged in and were there no errors from
  // a previous validation?
  // If so, look up the customer for editing
  if (session_is_registered("loginUsername") &&
     if (!($connection = @ mysql_pconnect($hostName,
        showerror(  );
     if (!mysql_select_db($databaseName, $connection))
        showerror(  );
     $custID = getCustomerID($loginUsername, $connection);
     $query = "SELECT * FROM customer
               WHERE cust_id = " . $custID;
     if (!($result = @ mysql_query($query, $connection)))
        showerror(  );
     $row = mysql_fetch_array($result);
     // Reset $formVars, since we're loading from
     // the customer table
     $formVars = array(  );
     // Reset the errors
     $errors = array(  );
     // Load all the form variables with customer data
     $formVars["title"] = $row["title"];
     $formVars["surname"] = $row["surname"];
     $formVars["firstName"] = $row["firstname"];
     $formVars["initial"] = $row["initial"];
     $formVars["address1"] = $row["addressline1"];
     $formVars["address2"] = $row["addressline2"];
     $formVars["address3"] = $row["addressline3"];
     $formVars["city"] = $row["city"];
     $formVars["state"] = $row["state"];
     $formVars["zipcode"] = $row["zipcode"];
     $formVars["country"] = $row["country"];
     $formVars["phone"] = $row["phone"];
     $formVars["fax"] = $row["fax"];
     $formVars["email"] = $row["email"];
     $formVars["dob"] = $row["birth_date"];
     $formVars["dob"] = substr($formVars["dob"], 8, 2) .
                        "/" .
                        substr($formVars["dob"], 5, 2) .
                        "/" .
                        substr($formVars["dob"], 0, 4);
   "-//W3C//DTD HTML 4.0 Transitional//EN"
   "" >
<head><title>Customer Details</title></head>
<body bgcolor="white">
  // Show the user login status
  showLogin(  );
<form method="post" action="example.customer.1.php">
<h1>Customer Details</h1>
  // Display any messages to the user
  showMessage(  );
  // Show meaningful instructions for UPDATE or INSERT
  if (session_is_registered("loginUsername"))
     echo "<h3>Please amend your details below as " .
          "required. Fields shown in " .
          "<font color=\"red\">red</font> are " .
     echo "<h3>Please fill in the details below to " .
          "join. Fields shown in " .
          "<font color=\"red\">red</font> are ".
<col span="1" align="right">
    <tr><td><font color="red">Title:</font></td>
   <td><select name="title">
       <option <?php if ($formVars["title"]=="Mr")
                 echo "selected";?>>Mr
       <option <?php if ($formVars["title"]=="Mrs")
                 echo "selected";?>>Mrs
       <option <?php if ($formVars["title"]=="Ms")
                 echo "selected";?>>Ms
       <option <?php if ($formVars["title"]=="Dr")
                 echo "selected";?>>Dr
    <tr><td><font color="red">First name:</font></td>
   <td><? echo fieldError("firstName", $errors); ?>
       <input type="text" name="firstName"
      value="<? echo $formVars["firstName"]; ?>"
    <tr><td><font color="red">Surname:</font></td>
   <td><? echo fieldError("surname", $errors); ?>
       <input type="text" name="surname"
      value="<? echo $formVars["surname"]; ?>"
    <tr><td>Initial: </td>
   <td><? echo fieldError("initial", $errors); ?>
       <input type="text" name="initial"
      value="<? echo $formVars["initial"]; ?>"
    <tr><td><font color="red">Address:</font></td>
   <td><? echo fieldError("address", $errors); ?>
       <? echo fieldError("address1", $errors); ?>
       <input type="text" name="address1"
      value="<? echo $formVars["address1"]; ?>"
   <td><? echo fieldError("address2", $errors); ?>
       <input type="text" name="address2"
      value="<? echo $formVars["address2"]; ?>"
   <td><? echo fieldError("address3", $errors); ?>
       <input type="text" name="address3"
      value="<? echo $formVars["address3"]; ?>"
    <tr><td><font color="red">City:</font></td>
   <td><? echo fieldError("city", $errors); ?>
       <input type="text" name="city"
      value="<? echo $formVars["city"]; ?>"
    <tr><td>State: </td>
    <td><? echo fieldError("state", $errors); ?>
   <input type="text" name="state"
       value="<? echo $formVars["state"]; ?>"
    <tr><td><font color="red">Zipcode:</font></td>
    <td><? echo fieldError("zipcode", $errors); ?>
   <input type="text" name="zipcode"
       value="<? echo $formVars["zipcode"]; ?>"
    <tr><td>Country: </td>
   <td><? echo fieldError("country", $errors); ?>
      <select name="country">
      <option <?php
          if ($formVars["country"]=="Australia")
             echo "selected";?>>Australia
      <option <?php
          if ($formVars["country"]=="United States")
             echo "selected";?>>United States
      <option <?php
         if ($formVars["country"]=="Zimbabwe")
            echo "selected";?>>Zimbabwe
    <tr><td>Telephone: </td>
   <td><? echo fieldError("phone", $errors); ?>
   <input type="text" name="phone"
       value="<? echo $formVars["phone"]; ?>"
    <tr><td>Fax: </td>
   <td><? echo fieldError("fax", $errors); ?>
       <input type="text" name="fax"
      value="<? echo $formVars["fax"]; ?>"
    <tr><td><font color="red">Date of birth
                             (dd/mm/yyyy):</font> </td>
   <td><? echo fieldError("dob", $errors); ?>
       <input type="text" name="dob"
      value="<? echo $formVars["dob"]; ?>"
  // Only show the username/email and password
  // <input> widgets to new users
  if (!session_is_registered("loginUsername"))
?>    <tr><td><font color="red">Email/username:</font></td>
   <td><? echo fieldError("email", $errors); ?>
       <input type="text" name="email"
      value="<? echo $formVars["email"]; ?>"
    <tr><td><font color="red">Password:</font></td>
   <td><? echo fieldError("loginPassword", $errors); ?>
       <input type="password" name="loginPassword"
      value="<? echo $formVars["loginPassword"]; ?>"
   <td><input type="submit" value="Submit"></td>
<br><a href="">
    <img src=""
     height="31" width="88" align="right" border="0"
     alt="Valid HTML 4.01!"></a>