I have moved over the validation to the bikeInfo.php file. Not much changes have been made to the code, but not sure why the validation is not being processed... appreciate the help!
<?php
$nameErr = $phoneErr = $emailErr = $sErr = $errorMsg = "";
$name = $phone = $email = $serial = $type = $formSubmit = $description = "";
?>
<head>
<title>Register your bikes!</title>
</head>
<style>
body {
margin-left: auto;
margin-right: auto;
text-align: center;
padding: 8px;
}
div.sellerInfo {
position: relative;
top: 50px;
}
.error {
position: absolute;
color: red;
}
</style>
<html>
<body>
<form method="post" action="bikeInfo.php">
<b style="font-size: 20px;">Bike Information</b>
</br></br>
<div class="sellerInfo">
Name:
<input type="text" name="sName" value="<?php echo $name;?>"/>
<span class="error">* <?php echo $nameErr;?></span>
<br><br>
Phone:
<input type="text" name="sNum" value="<?php echo $phone;?>"/>
<span class="error">* <?php echo $phoneErr;?></span>
<br><br>
Email:
<input type="text" name="sEmail" value="<?php echo $email;?>"/>
<span class="error">* <?php echo $emailErr;?></span>
<br><br>
Serial:
<input type="text" placeholder="yy-nnn-cc" name="serial" value="<?php echo $serial;?>"/>
<span class="error">* <?php echo $sErr;?></span>
<br><br>
Type:
<input type="text" name="type" value="<?php echo $type;?>"/>
<span class="error">* <?php echo $errorMsg;?></span>
<br><br>
Description:
<textarea name="description" rows="5" cols="50" value="<?php echo $description;?>"></textarea>
<br><br>
<input type="submit" name="formSubmit" value="Submit"/>
</div><br><br><br>
</form>
</body>
</html>
This is my bikeInfo.php file which does validation and displaying of the submitted values. Not sure am i suppose to separate them...
<?php
//set to empty strings
$name = $phone = $email = $serial = $type = $formSubmit = $description = "";
$nameErr = $phoneErr = $emailErr = $sErr = $errorMsg = "";
if (isset($_POST["formSubmit"]))
{
if (empty($_POST["sName"]))
{
$nameErr = "Name is required";
} else {
$name = test_input($_POST['sName']);
}
//validate phone number
if (empty($_POST["sNum"]))
{
$phoneErr = "Phone number is required";
} else {
$phone = test_input($_POST['sNum']);
if (!is_numeric($phone)) //check for letters
{
$phoneErr = "No letters allowed";
}
}
//validate email
if (empty($_POST["sEmail"]))
{
$emailErr = "Email is required";
} else {
$email = test_input($_POST['sEmail']);
if (!filter_var($email, FILTER_VALIDATE_EMAIL))
{
$emailErr = "Invalid email format";
}
}
//validate serial
if (empty($_POST["serial"]))
{
$sErr = "Serial number is required";
} else {
$serial = test_input($_POST['serial']);
//determing the pattern of the serial no. yy-nnnn-cc
if (!preg_match("/[0-9][0-9]\-\d{3}\-[a-z]{2}/", $serial))
{
$sErr = "Format is yy-nnn-cc";
}
}
//validate type
if (empty($_POST["type"]))
{
$errorMsg = "Type is required";
} else {
$type = test_input($_POST["type"]);
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<html>
<style>
.body {
text-align: center;
padding: 20px;
}
</style>
<body>
<h1 style="text-align:center; padding: 20px">Bike listings</h1>
<?php
$listings = $name . "<br>" . $phone . "<br>" . $email . "<br>" . $serial . "<br>" . $type . "<br>" . $description;
echo "<div style='text-align:center; padding: 50px'>$listings</div>";
?>
</body>
</html>
I had a little play about refactoring the code so that you could use a single page to perform both the validation and display. Perhaps it may be of use.
<?php
error_reporting( E_ALL );
$errors=array();
$nameErr = $phoneErr = $emailErr = $sErr = $errorMsg = '';
$sName = $sNum = $sEmail = $serial = $type = $description = '';
if( $_SERVER['REQUEST_METHOD']=='POST' && isset(
$_POST['sName'],
$_POST['sNum'],
$_POST['sEmail'],
$_POST['serial'],
$_POST['type']
)){
# modified to accept uppercase chars at end and limited to 2 integers at atart
$pttn='/[0-9]{2}\-\d{3}\-[a-zA-Z]{2}/';
# config to filter POST vars
$args=array(
'sName' => FILTER_SANITIZE_STRING,
'sNum' => FILTER_SANITIZE_STRING,
'sEmail' => FILTER_SANITIZE_EMAIL,
'serial' => FILTER_SANITIZE_STRING,
'type' => FILTER_SANITIZE_STRING,
'description' => FILTER_SANITIZE_STRING
);
# test for unaccounted POST fields - possibly malicious
foreach( $_POST as $field => $value ){
if( !in_array( $field, array_keys( $args ) ) ){
$errors[]=sprintf('Unknown field %s',$field);
}
}
if( empty( $errors ) ){
# rebuild the POST array with only filtered values
$_POST=filter_input_array( INPUT_POST, $args );
# extract known values from POST array into variables
extract( $_POST );
#error messages
$nameErr=empty( $sName ) ? 'Name is required' : '';
$phoneErr=empty( $sNum ) ? 'Phone number is required' : '';
$emailErr=empty( $sEmail ) ? 'Email is required' : '';
$sErr=empty( $serial ) ? 'Serial number is required' : '';
$errorMsg=empty( $type ) ? 'Type is required' : '';
# Validate particular variables
$sEmail=filter_var( $sEmail, FILTER_VALIDATE_EMAIL );
# to filter the phone number might remove leading zero and thus appear invalid
# possibly reassign error message variables
if( !preg_match( $pttn, $serial ) )$sErr='Invalid Serial. The format is: yy-nnn-cc';
if( !$sEmail )$emailErr='Invalid email format';
if( !$sNum )$phoneErr='Invalid phone number. No letters allowed!';
# save to database, email somewhere, write text etc etc
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Register your bikes!</title>
<style>
body {
margin:auto;
text-align:center;
padding:8px;
}
div.sellerInfo {
top:50px;
}
.error {
position:absolute;
color:red;
}
section{
margin:2rem auto;
width:300px;
padding:1rem;
display:block;
border:1px solid black;
}
section *{
text-align:left;
}
</style>
</head>
<body>
<form method='post'>
<b>Bike Information</b>
<div class='sellerInfo'>
<div>
Name:
<input type='text' name='sName' value='<?php echo $sName;?>' />
<span class='error'>* <?php echo $nameErr;?></span>
</div>
<div>
Phone:
<input type='text' name='sNum' value='<?php echo $sNum;?>' />
<span class='error'>* <?php echo $phoneErr;?></span>
</div>
<div>
Email:
<input type='text' name='sEmail' value='<?php echo $sEmail;?>' />
<span class='error'>* <?php echo $emailErr;?></span>
</div>
<div>
Serial:
<input type='text' placeholder='yy-nnn-cc' name='serial' value='<?php echo $serial;?>' />
<span class='error'>* <?php echo $sErr;?></span>
</div>
<div>
Type:
<input type='text' name='type' value='<?php echo $type;?>' />
<span class='error'>* <?php echo $errorMsg;?></span>
</div>
<div>
Description:
<textarea name='description' rows='5' cols='50' value='<?php echo $description;?>'></textarea>
</div>
<input type='submit' />
</div>
</form>
<?php
if( $_SERVER['REQUEST_METHOD']=='POST' && isset(
$sName,
$sNum,
$sEmail,
$serial,
$type,
$description
)){
if( empty( $errors ) ){
printf('
<section>
<h1 style="text-align:center; padding: 20px">Bike listings</h1>
<ul>
<li>%s</li>
<li>%s</li>
<li>%s</li>
<li>%s</li>
<li>%s</li>
<li>%s</li>
</ul>
</section>',
$sName,
$sNum,
$sEmail,
$serial,
$type,
$description
);
}else{
foreach( $errors as $error )printf('<div class="error">%s</div>',$error);
}
}
?>
</body>
</html>
Related
I'm new to PHP and the validation. I have been asked by my lecturer to make a form with session and validation.I have 3 php pages such as pbt1.php , pbt2.php and validation.php After all validated, it will go to display page. However, it seems like it only stopped at validation page [validation.php]. I need someone to check if my codes are correct or wrong too.
pbt1.php
session_start();
?>
<html>
<?php
if(isset($_SESSION['pbt1']))
{
$nameError = $_SESSION['pbt1']['nameError'];
$numberError = $_SESSION['pbt1']['numberError'];
$cityError = $_SESSION['pbt1']['cityError'];
$addressError = $_SESSION['pbt1']['addressError'];
$zipcodeError = $_SESSION['pbt1']['zipcodeError'];
$dateError = $_SESSION['pbt1']['dateError'];
}
?>
<style>
.registrationform
{
padding: 20px;
margin: auto;
margin-top: 20px;
line-height: 30px;
width: 600px;
border: solid 3px red;
}
Label
{
width:200px;
display:inline-block;
}
</style>
<div class= "registrationform">
<h1>ONLINE MARATHON REGISTRATION</h1>
<br><br>
<form name = "pbt1" method = "post" action = "validation.php">
<Label>Name<span style="color: red;">*</span>: </Label>
<input type = "text" name = "name">
<span id = "warning" style="color: red;" > <?php echo isset($nameError)?$nameError :'';?></span>
<br><br>
<Label>Gender <span style="color: red;">*</span>:</Label>
<input type = "radio" name = "gender" value = "Female" required>Female
<input type = "radio" name = "gender" value = "Male" required>Male
<br><br>
<Label>Date Of Birth <span style="color: red;">*</span>:</Label>
<input type = "date" name = "date">
<span id = "warning" style="color: red;"><?php echo isset($dateError)?$dateError:'';?></span>
<br><br>
<Label>Contact Number <span style="color: red;">*</span>:</Label>
<input type = "text" name = "phonenumber">
<span id = "warning" style="color: red;"><?php echo isset($numberError)?$numberError:'';?></span>
<br><br>
<Label>Address <span style="color: red;">*</span>:</Label>
<input type = "text" name = "address" >
<span id = "warning" style="color: red;"><?php echo isset($addressError)?$addressError :'';?></span>
<br><br>
<Label>City <span style="color: red;">*</span>:</Label>
<input type = "text" name = "city" >
<span id = "warning" style="color: red;"><?php echo isset($cityError)?$cityError:'';?></span>
<br><br>
<Label>Zip Code <span style="color: red;">*</span>:</Label>
<input type = "text" name = "zipcode" >
<span id = "warning" style="color: red;"><?php echo isset($zipcodeError)?$zipcodeError:'';?></span>
<br><br>
<div style="text-align:center;">
<input type = "submit" value = "Submit" name="Submit">
</div>
</form>
</div>
<br><br>
</html>
pbt2.php
<?php
session_start();
?>
<html>
<style>
table
{
text-align:center;
}
</style>
<div style="background-color:cyan;">
<h1 align = 'center'> YOUR INFORMATION AS THE TABLE BELOW </h1>
<table width = '400' border = '1' align = 'center'>
<tr>
<td>Name</td>
<td><?php echo $_SESSION['Userdata']['name'];?></td>
</tr>
<tr>
<td>Phone Number</td>
<td><?php echo $_SESSION['Userdata']['phonenumber'];?></td>
</tr>
<tr>
<td>Address</td>
<td><?php echo $_SESSION['Userdata']['address'];?></td>
</tr>
<tr>
<td>City</td>
<td><?php echo $_SESSION['Userdata']['city'];?></td>
</tr>
<tr>
<td>Zip Code</td>
<td><?php echo $_SESSION['Userdata']['zipcode'];?></td>
</tr>
<tr>
<td>Gender</td>
<td><?php echo $_SESSION['Userdata']['gender'];?></td>
</tr>
<tr>
<td>Date</td>
<td><?php echo $_SESSION['Userdata']['date'];?></td>
</tr>
</table>
</div>
</html>
validation.php
<?php
session_start();
if(isset($_POST['Submit']))
{
$name = $_POST['name'];
if(isset($name) && empty($name))
{
$_SESSION['pbt1']['nameError']="Name must be required!";
header('location:pbt1.php');
}
else
{
if(!preg_match("/^[a-zA-Z ]*$/",$name))
{
$_SESSION['pbt1']['nameError'] = "Only letters and white space allowed";
header('location:pbt1.php');
}
}
$phonenumber = $_POST['phonenumber'];
if(isset($phonenumber) && empty($phonenumber))
{
$_SESSION['pbt1']['numberError'] = "Error, insert phone number";
header('location:pbt1.php');
}
else
{
if(!preg_match('/^([0-9]*)$/', $phonenumber))
{
$_SESSION['pbt1']['numberError'] = "Numbers only";
header('location:pbt1.php');
}
}
$address = $_POST['address'];
if(isset($address) && empty($address))
{
$_SESSION['pbt1']['addressError'] = "Error, enter your address";
header('location:pbt1.php');
}
$city = $_POST['city'];
if(isset($city) && empty($city))
{
$_SESSION['pbt1']['cityError'] = "Error, enter your city";
header('location:pbt1.php');
}
$zipcode = $_POST['zipcode'];
if(isset($zipcode) && empty($zipcode))
{
$_SESSION['pbt1']['zipcodeError'] = "Error, enter your zipcode";
header('location:pbt1.php');
}
else
{
if(!preg_match('/^([0-9]*)$/', $zipcode))
{
$_SESSION['pbt1']['zipcodeError'] = "Numbers only";
header('location:pbt1.php');
}
}
$gender = $_POST['gender'];
$date = $_POST['date'];
if(isset($date) && empty($date))
{
$_SESSION['pbt1']['dateError'] = "Error, select the date";
header('location:pbt1.php');
}
$_SESSION['Userdata'] = ['name'=>$name ,'phonenumber'=>$phonenumber,'address'=>$address,'city'=>$city,
'zipcode'=>$zipcode,'gender'=>$gender,'date'=>$date ];
}
function test_input($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
if($_SESSION['pbt1']['nameError'] == "" && $_SESSION['pbt1']['numberError'] == "" && $_SESSION['pbt1']['addressError']== "" && $_SESSION['pbt1']['cityError']=="" && $_SESSION['pbt1']['zipcodeError']=="" && $_SESSION['pbt1']['dateError']=="")
{
header("location:pbt2.php");
exit; }
?>
Depending on the PHP version (>= 7.0) you are using, you could change
<?php echo isset($nameError)?$nameError :'';?>
to
<?php echo $nameError ?? ''; ?>
As for HTML, you might want to change
<form name = "pbt1" method = "post" action = "validation.php">
to
<form name="pbt1" method="post" action="validation.php">
That doesn't change the outcome, but easier to read.
What's next...
$name = $_POST['name'];
if(isset($name) && empty($name))
{
could be changed into
if (array_key_exists('name', $_POST) && trim($_POST['name']) === '') {
Looks like more code, but the intention of the if becomes more clear.
As far as this one goes
if(isset($_SESSION['pbt1']))
{
$nameError = $_SESSION['pbt1']['nameError'];
$numberError = $_SESSION['pbt1']['numberError'];
$cityError = $_SESSION['pbt1']['cityError'];
$addressError = $_SESSION['pbt1']['addressError'];
$zipcodeError = $_SESSION['pbt1']['zipcodeError'];
$dateError = $_SESSION['pbt1']['dateError'];
}
...don't trust your session. I would change it to
if (array_key_exists('pbt1', $_SESSION)) {
$nameError = $_SESSION['pbt1']['nameError'] ?? '';
$numberError = $_SESSION['pbt1']['numberError'] ?? '';
$cityError = $_SESSION['pbt1']['cityError'] ?? '';
$addressError = $_SESSION['pbt1']['addressError'] ?? '';
$zipcodeError = $_SESSION['pbt1']['zipcodeError'] ?? '';
$dateError = $_SESSION['pbt1']['dateError'] ?? '';
}
This one
$_SESSION['Userdata'] = ['name'=>$name ,'phonenumber'=>$phonenumber,'address'=>$address,'city'=>$city,
'zipcode'=>$zipcode,'gender'=>$gender,'date'=>$date ];
I would change to
$_SESSION['Userdata'] = [
'name' => $_POST['name'] ?? '',
'phonenumber' => $_POST['phonenumber'] ?? '',
'address'. => $_POST['address'] ?? '',
'city'. => $_POST['city'] ?? '',
'zipcode' => $_POST['zipcode'] ?? '',
'gender'. => $_POST['gender'] ?? '',
'date'. => $_POST['date'] ?? '',
];
Since validation.php is pure PHP, get rid of
?>
at the end of the file.
What else...
At the beginning of validation.php, make sure you clear out $_SESSION['pbt1'] aka.
unset($_SESSION['pbt1']);
Instead of doing header('location:pbt1.php'); after every issue, remove header('location:pbt1.php'); from every individual if block and put it at the end, as in
if(isset($date) && empty($date)) {
$_SESSION['pbt1']['dateError'] = "Error, select the date";
// header('location:pbt1.php');
}
if (array_key_exists('pbt1', $_SESSION)) {
header('location:pbt1.php');
exit;
}
$_SESSION['Userdata'] = ...
that way you don't have to fix every error by itself and you show them all at once.
im creating a php registration form using ajax, the below code that i have pasted isnt seems to be working , im literially new to this ajax concept
when i click the register button it wont respond anything, and even in the database the values are not getting stored i have seached a lot for this ajax concept
but i don seem to get the result what i want please can any one help me where im actually going wrong please help me.
index.php
<!DOCTYPE HTML>
<html>
<head>
<script src="http://code.jquery.com/jquery-1.9.1.js"></script>
<script src="script.js"></script>
<style>
.error {
color:red;
}
.button {
background-color: #4CAF50;
border: none;
color: white;
padding: 10px 25px;
text-align: center;
text-decoration: none;
display: inline-block;
font-size: 16px;
margin: 4px 2px;
cursor: pointer;
}
.div1 {
margin-top: -19px;
margin-bottom: -25px;
margin-left: -19px;
}
.copy {
border-radius: 4px;
padding: 6px 20px;
border-style: ridge;
}
.copy1{
border-radius: 4px;
padding: 6px 28px;
border-style: ridge;
}
.copy2{
border-radius: 4px;
padding: 4px 2px;
}
</style>
</head>
<body style="background-color: #f2f2f2;">
<?php
// define variables and set to empty values
include_once 'connect.php';
$nameErr = $emailErr = $usernameErr = $passwordErr = $ageErr = "" ;
$name = $email = $username = $password = $age = "";
if (isset($_POST['name'])) {
if (empty($_POST["name"])) {
$nameErr = "Name is required";
} else {
$name = test_input($_POST["name"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$name)) {
$nameErr = "Only letters";
}
}
if (empty($_POST["email"])) {
$emailErr = "Email is required";
} else {
$email = test_input($_POST["email"]);
// check if e-mail address is well-formed
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailErr = "Invalid email format";
}
}
if (empty($_POST["username"])) {
$usernameErr = "Username is required";
} else {
$username = test_input($_POST["username"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$username)) {
$usernameErr = "Only letters";
}
}
if (empty($_POST["password"])) {
$passwordErr = "Password is required";
} else {
$password = test_input($_POST["password"]);
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
// check weather password is alphanumeric
if(!preg_match('/^(?=.*\d)(?=.*[A-Za-z])[0-9A-Za-z!##$%]{6,}$/', $password))
{
$passwordErr = "Password must be alphanumeric and atleast 6 characters long!";
}
}
if (empty($_POST["age"])) {
$ageErr = "Age is required";
}
elseif($_POST["age"]< 17 ) {
$ageErr = "Age should be above 18 years";
}
else {
$age = $_POST["age"];
}
if($nameErr == "" && $emailErr == "" && $usernameErr == "" && $passwordErr == "" && $ageErr == "")
{
$check="SELECT * FROM users WHERE username = '$_POST[username]'";
$rs = mysqli_query($mysqli,$check);
$da = mysqli_fetch_array($rs, MYSQLI_NUM);
if($da[0] > 0) {
echo "Username Already in Exists<br/>";
}
else
{
$sql = "INSERT INTO users(`userid`,`username`, `password`, `email` , `name` , `age` )
VALUES ('','".$username."', '".$hashed_password."', '".$email."' , '".$name."' , '".$age."' )";
if (mysqli_query($mysqli, $sql)) {
echo "Registered successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($mysqli);
}
mysqli_close($mysqli);
}
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<div style="padding-left: 250px" class="div1">
<h2 style="color:#009999">Registration Form :</h2>
<p><span class="error">All fields are required </span></p>
<form action="" method="post" enctype="multipart/form-data">
<span style="color:#0099ff">Name: </span>
<input type="text" name="name" class= "copy" style="margin-left: 52px" value ="<?php
if (isset($name))
echo $name;
?>">
<span class="error"> <?php echo $nameErr;?></span>
<br><br>
<span style="color:#0099ff"> E-mail: </span>
<input type="text" name="email" class= "copy" style="margin-left: 48px" value ="<?php
if (isset($email))
echo $email;
?>">
<span class="error"><?php echo $emailErr;?></span>
<br><br>
<span style="color:#0099ff"> Username: </span>
<input type="text" name="username" class= "copy" style="margin-left:26px" value ="<?php
if (isset($username))
echo $username;
?>">
<span class="error"> <?php echo $usernameErr;?></span>
<br><br>
<span style="color:#0099ff"> Password: </span>
<input type="password" name="password" class= "copy" style="margin-left:30px">
<span class="error"> <?php echo $passwordErr;?></span>
<br><br>
<span style="color:#0099ff"> Age : </span>
<input type="number" name="age" class= "copy" style="margin-left:62px" value ="<?php
if (isset($age))
echo $age;
?>">
<span class="error"> <?php echo $ageErr;?></span>
<br><br>
<input type="button" class="submit" name="submit" value="submit">
</form>
</div>
</body>
</html>
script.js
$(document).ready(function(){
$(".submit").click(function(){
var name = $("name").val();
var email = $("email").val();
var username = $("username").val();
var password = $("password").val();
var age = $("age").val();
// Returns successful data submission message when the entered information is stored in database.
var dataString = 'name='+ name + '&email='+ email + '&username='+ username + '&password='+ password + '&age='+ age;
var dataString = $("form").serialize();
if(name==''|| email==''|| username==''|| password==''|| age=='')
{
// AJAX Code To Submit Form.
$.ajax({
type: "POST",
url: "index.php",
data: dataString,
cache: false,
success: function(result){
alert(result);
}
});
}
return false;
});
});
connect.php
<?php
$databaseHost = 'localhost';
$databaseName = 'ajax1';
$databaseUsername = 'root';
$databasePassword = '';
$mysqli = mysqli_connect($databaseHost, $databaseUsername, $databasePassword, $databaseName);
?>
Update the submit button with submit class
<input type="button" class="submit" name="submit" value="submit">
Update the js code with . insted of # // as # is for id
$(".submit").click(function(){
Also, use the form serialize
var dataString = $("form").serialize();
Php code change the submit to name
if(isset($_POST['name']))
<!DOCTYPE HTML>
<html>
<head>
<style>
.error {
color:red;
}
.button {
background-color: #4CAF50;
border: none;
color: white;
padding: 10px 25px;
text-align: center;
text-decoration: none;
display: inline-block;
font-size: 16px;
margin: 4px 2px;
cursor: pointer;
}
.div1 {
background-color: #f2f2f2;
margin-top: -19px;
margin-bottom: -25px;
margin-left: -19px;
}
.copy {
border-radius: 4px;
padding: 6px 20px;
border-style: ridge;
}
.copy1{
border-radius: 4px;
padding: 6px 28px;
border-style: ridge;
}
.copy2{
border-radius: 4px;
padding: 4px 2px;
}
</style>
</head>
<body>
<?php
session_start();
if (isset($_SESSION['id'])){
header('location:welcome.php');
}
?>
<?php
// define variables and set to empty values
include_once 'connect.php';
$nameErr = $emailErr = $usernameErr = $passwordErr = $DateOfBirthErr = $departmentErr = $ageErr = $fileToUploadErr = $fileToUploadErrr = $fileToUploadErrrr = $fileToUploadErrrrr = $fileToUploadErrrrrr = "" ;
$name = $email = $username = $password = $DateOfBirth = $department = $age = $fileToUpload = $filename = $file = "";
if (isset($_POST['submit'])) {
if (empty($_POST["name"])) {
$nameErr = "Name is required";
} else {
$name = test_input($_POST["name"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$name)) {
$nameErr = "Only letters";
}
}
if (empty($_POST["email"])) {
$emailErr = "Email is required";
} else {
$email = test_input($_POST["email"]);
// check if e-mail address is well-formed
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailErr = "Invalid email format";
}
}
if (empty($_POST["username"])) {
$usernameErr = "Username is required";
} else {
$username = test_input($_POST["username"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$username)) {
$usernameErr = "Only letters";
}
}
if (empty($_POST["password"])) {
$passwordErr = "Password is required";
} else {
$password = test_input($_POST["password"]);
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
// check weather password is alphanumeric
if(!preg_match('/^(?=.*\d)(?=.*[A-Za-z])[0-9A-Za-z!##$%]{6,}$/', $password))
{
$passwordErr = "Password must be alphanumeric and atleast 6 characters long!";
}
}
if (empty($_POST["Date_of_birth"])) {
$DateOfBirthErr = "Date Of Birth is required";
} else {
$DateOfBirth = test_input($_POST["Date_of_birth"]);
}
if (empty($_POST["department"])) {
$departmentErr = "Department is required";
} else {
$department = test_input($_POST["department"]);
}
if (empty($_POST["age"])) {
$ageErr = "Age is required";
} else {
$age = test_input($_POST["age"]);
}
//UPLOAD FILE
$uploaddir = 'upload/';
$uploadfile = $uploaddir . basename($_FILES['fileToUpload']['name']);
$imageFileType = pathinfo($uploadfile,PATHINFO_EXTENSION);
if($_FILES['fileToUpload']['name'] != '')
{
// Check the image is actaully image or not
$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if($check == false)
{
$fileToUploadErrrrr = "File is not an image.";
}
// Check if file already exists
if (file_exists($uploadfile)) {
$fileToUploadErrrrrr = "Sorry, file already exists.";
}
if($imageFileType != "jpg" && $imageFileType != "png" )
{
$fileToUploadErr = "Sorry, only JPG,PNG files are allowed.";
}
elseif($_FILES['fileToUpload']['size'] > 500000)
{
$fileToUploadErrrr = "Sorry, your file is too large.";
}
else
{
/* if($filename != '')
{
$target = "upload/".$filename;
unlink($target);
}*/
$uploaded = move_uploaded_file($_FILES['fileToUpload']['tmp_name'], $uploadfile);
if ($uploaded) {
$file = $_FILES['fileToUpload']['name'];
}
else{
$file = $filename;
}
}
}
elseif($_FILES['fileToUpload']['name'] = " ")
{
$fileToUploadErrr = "Please Select an image!";
}
else {
$file = $filename;
}
if($nameErr == "" && $emailErr == "" && $usernameErr == "" && $passwordErr == "" && $fileToUploadErr == "" && $fileToUploadErrr == "" && $fileToUploadErrrr == "" && $fileToUploadErrrrr == "" && $fileToUploadErrrrrr == "" )
{
$check="SELECT * FROM users WHERE username = '$_POST[username]'";
$rs = mysqli_query($mysqli,$check);
$da = mysqli_fetch_array($rs, MYSQLI_NUM);
if($da[0] > 0) {
echo "Username Already in Exists<br/>";
}
else
{
$sql = "INSERT INTO users(`userid`,`username`, `password`, `email` , `name` , `Date_of_birth` , `department` ,`age` , `filename` )
VALUES ('','".$username."', '".$hashed_password."', '".$email."' , '".$name."' , '".$DateOfBirth."' , '".$department."' , '".$age."' , '".$file."')";
if (mysqli_query($mysqli, $sql)) {
echo "Registered successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($mysqli);
}
mysqli_close($mysqli);
}
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<div style="padding-left: 250px" class="div1">
<h2 style="color:#009999">Registration Form :</h2>
<p><span class="error">All fields are required </span></p>
<form action="" method="post" enctype="multipart/form-data">
<span style="color:#0099ff">Name: </span>
<input type="text" name="name" class= "copy" style="margin-left: 52px" value ="<?php
if (isset($name))
echo $name;
?>">
<span class="error"> <?php echo $nameErr;?></span>
<br><br>
<span style="color:#0099ff"> E-mail: </span>
<input type="text" name="email" class= "copy" style="margin-left: 48px" value ="<?php
if (isset($email))
echo $email;
?>">
<span class="error"><?php echo $emailErr;?></span>
<br><br>
<span style="color:#0099ff"> Username: </span>
<input type="text" name="username" class= "copy" style="margin-left:26px" value ="<?php
if (isset($username))
echo $username;
?>">
<span class="error"> <?php echo $usernameErr;?></span>
<br><br>
<span style="color:#0099ff"> Password: </span>
<input type="password" name="password" class= "copy" style="margin-left:30px">
<span class="error"> <?php echo $passwordErr;?></span>
<br><br>
<span style="color:#0099ff"> Date Of Birth : </span>
<input type="date" class= "copy1" name="Date_of_birth" value ="<?php
if (isset($DateOfBirth))
echo $DateOfBirth;
?>">
<span class="error"> <?php echo $DateOfBirthErr;?></span>
<br><br>
<span style="color:#0099ff"> Age : </span>
<input type="number" name="age" class= "copy" style="margin-left:62px" value ="<?php
if (isset($age))
echo $age;
?>">
<span class="error"> <?php echo $ageErr;?></span>
<br><br>
<span style="color:#0099ff"> Department : </span>
<select name="department" class= "copy2" style="margin-left:14px" value ="<?php
if (isset($department))
echo $department;
?>">
<option value="EE">Electrical & Electronics</option>
<option value="EC">Electronics & Communication</option>
<option value="ME">Mechanical</option>
<option value="CS">Computer Science</option>
<option value="CV">Civil</option>
<option value="IS">Information Science</option>
</select>
<span class="error"> <?php echo $departmentErr;?></span>
<br><br>
<span style="color:#0099ff"> Select image : </span>
<input type="file" name="fileToUpload">
<?php if($filename !=''){ ?> <img src="<?php echo "upload/" .$filename ?>" style="width:180px;height:100px;padding:10px;"/> <?php } ?>
<span class="error"><br> <?php echo $fileToUploadErr; ?></span>
<span class="error"><br> <?php echo $fileToUploadErrr; ?></span>
<span class="error"><br> <?php echo $fileToUploadErrrr; ?></span>
<span class="error"><br> <?php echo $fileToUploadErrrrr; ?></span>
<span class="error"><br> <?php echo $fileToUploadErrrrrr; ?></span>
<input type="submit" class="button" name="submit" value="Register">
<p style="color:black">Already Registered? Login.</p>
</form>
</div>
</body>
</html>
Hi, guys I have only one small issue please help me, I have a registration form with the various input,
my problem is if I give blank space to the name input field and then if I give submit then it should
show any error that no space are allowed
i.e., their should be only letters except that it should not accept any numbers special characters and other thing please.
Can any one help me in this please ?
This line if (!preg_match("/^[a-zA-Z ]*$/",$name)) { must be like this:
if (!preg_match("/^[a-zA-Z]*$/",$name)) {
Explanation:
Your regex has a space at the end. Removing it will solve your problem.
I have my index.php form and if a valid student name and student number are entered I'd like "Student name and number are valid." to be echoed.
I have validated the student names and student numbers. However, even when entering a valid student name and student number the message echoed is "The information you have entered is not valid. Please enter your information again."
I'm calling the function validateStudent but I must be calling it in the wrong place or incorrectly. This function is called towards the end of the PHP scrip and just before the HTML starts. Thank you.
<?php
ini_set('display_errors', 1);
error_reporting(E_ALL);
// Define and set variables
$student = "";
$studentname = "";
$studentnumber = "";
$studentfile = "student.txt";
$course = "";
$coursename = "";
$coursenumber = "";
$coursemax = 0;
$coursefile = "course.txt";
$in = fopen ('course.txt', 'r') or die ("course.txt cannot be opened for reading.");
// Sanitization and Validation coding will go here
if (isset($_POST['submit'])) {
$studentname = $_POST['studentname'];
$studentnumber = $_POST['studentnumber'];
}
if (isset($_POST['studentname'])) {
$studentname = strip_tags ($_POST['studentname']);
$studentname = htmlentities ($_POST['studentname']);
}
if (isset($_POST['studentnumber'])) {
$studentnumber = strip_tags ($_POST['studentnumber']);
$studentnumber = htmlentities ($_POST['studentnumber']);
}
if (isset($_POST['course'])) {
$course = strip_tags ($_POST['course']);
$course = htmlentities ($_POST['course']);
}
$studentname = trim($_POST['studentname']);
$studentnumber = trim($_POST['studentnumber']);
// Validate student name/number against text file
function validateStudent($studentName, $studentNumber)
{
$found = false;
$fh = fopen('student.txt', 'r');
while(($line = fgetcsv($fh, null, ':')) != false) {
if(count($line) > 1) {
if($line[0] == $studentName and $line[1] == $studentNumber) {
$found = true;
break;
}
}
}
return $found;
}
// Validate course name/number against text file
function validateCourse($courseName, $courseNumber, $courseMax)
{
$found = false;
$fh = fopen('course.txt', 'r');
while(($line = fgetcsv($fh, null, ':')) != false) {
if(count($line) > 1) {
if($line[0] == $courseName and $line[1] == $courseNumber and $line[2] == $courseMax) {
$found = true;
break;
}
}
}
return $found;
}
//$DB = fopen ($coursefile, 'r') or die ("$coursefile cannot be opened for reading.");
//while ($record = fgets ($DB) ) {
//$field = explode (":", htmlentities (trim ($record)));
//echo "<option value=\"$field[1]\">$field[0] $field[1] $field[2]</option>\n";
//}
//fclose ($DB);
if (isset ($_POST[$studentname], $_POST[$studentnumber])) {
validateStudent($_POST['$studentname'], $_POST['$studentnumber']);
echo 'Student name and number are valid.\n';
}
else {
echo '<p style="color: red; text-align: center; font-size: 15px; font-weight: bold;">**The information you have entered is not valid. Please enter your information again.**</p>';
}
?>
<html>
<head>
<title>Registration Form</title>
<style>
body{background-color: #ffffe6; width:610px;}
h1 {color: #29a3a3;}
.inputbox {padding: 7px; border: #FF9966 1px solid; border-radius: 4px;}
.btn {padding: 10px; background-color: #29a3a3; border: solid 1px #FF9966; border-radius: 4px; color: #FFFFFF; font-weight: bolder; cursor: pointer;}
</style>
</head>
<body>
<h1>Course Registration</h1>
<form method="post" action="index.php">
<fieldset><legend><strong>Student Information</strong></legend>
<dl>
<dt>Student Name:</dt>
<dd><input class="inputbox" name="studentname" type="text" id="studentname" value='<?php echo htmlentities($studentname) ?>' required autofocus placeholder="Please enter your first and last name" tabindex="10" size="50"></dd>
<br>
<br>
<dt>Student Number:</dt>
<dd><input class="inputbox" name="studentnumber" type="text" id="studentnumber" value='<?php echo htmlentities($studentnumber) ?>' required placeholder="Please enter using the following format: PX-03-046" tabindex="20" size="50"></dd>
</dl>
<br>
</fieldset>
<br>
<fieldset><legend><strong>Course Selection</strong></legend>
<br>
Select a Course:<select name="course" tabindex="30">\n";
<option value="-1" >Available Courses...</option>
<?php
while(($fields = fgetcsv($in, null, ':')) != false) {
if (count($fields) > 1) {
echo "
<option value=\"$fields[1]\">$fields[0] $fields[1]</option>";
}
}
?>
</select>
<br>
<br>
<br>
<br>
<br>
<br>
</fieldset>
<div>
<p>
<input name="reset" type="reset" tabindex="40" value="Clear Form" class="btn">
<input name="submit" type="submit" tabindex="50" value="Submit Form" class="btn">
</p>
</div>
</form>
</body>
</html>
Your code has a logical error:
if (isset ($_POST[$studentname], $_POST[$studentnumber])) {
validateStudent($_POST['$studentname'], $_POST['$studentnumber']);
echo 'Student name and number are valid.\n';
}
else {
echo '<p style="color: red; text-align: center; font-size: 15px; font-weight: bold;">**The information you have entered is not valid. Please enter your information again.**</p>';
}
your code should be:
if (isset ($_POST['studentname'], $_POST['studentnumber'])) {
if (validateStudent($_POST['studentname'], $_POST['studentnumber'])){
echo 'Student name and number are valid.\n';
}
else {
echo '<p style="color: red; text-align: center; font-size: 15px; font-weight: bold;">**The information you have entered is not valid. Please enter your information again.**</p>';
}
}
also you need a form to post your variables studentname and studentnumer like:
<form method="post">
<input type="text" name="studentname"/>
<input type="text" name="studentnumber"/>
<input type="submit" name="submit"/>
</form>
Your output is because your variables $_POST['studentname'] and $_POST['studentnumber'] are not set.
I am trying to send a form that it has taken me about 3 days to manage to build! I am really struggling with php but learning. Anyway, I have done what I think is correct but my form is not getting to me? I hope this is an easy fix! Code is as follows and I really appreciate any help:
<?php
// define variables and set to empty values
$addDateErr = $nameErr = $emailErr = $subjectErr = $messageErr = $questionErr = "";
$addDate = $name = $email = $subject = $message = $WebSearch = $SocialMedia = $WordOfMouth = $Other ="";
if ($_SERVER["REQUEST_METHOD"] == "POST")
{
//Date
if (empty($_POST["addDate"]))
{$comment = "";}
else
{$comment = test_input($_POST["addDate"]);}
//Name
if (empty($_POST["name"]))
{$nameErr = "Name is required";}
else
{
$name = test_input($_POST["name"]);
if (!preg_match("/^[a-zA-Z ]*$/",$name))
{
$nameErr = "Only letters and white space allowed";
}
}
//Email
if (empty($_POST["email"]))
{$emailErr = "Email is required";}
else
{
$email = test_input($_POST["email"]);
if (!preg_match("/([\w\-]+\#[\w\-]+\.[\w\-]+)/",$email))
{
$emailErr = "Invalid email format";
}
}
//Subject
if (empty($_POST["subject"]))
{$comment = "";}
else
{$comment = test_input($_POST["subject"]);}
//Message
if (empty($_POST["message"]))
{$messageErr = "A message is required";}
else
{$comment = test_input($_POST["message"]);}
//Question
if (isset($_POST['question']))
{
$menuVar = $_POST['question'];
} else {
$menuVar = "----------";}
}
function test_input($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<form method="post" id="form" action="send.php">
<p><span class="error">* required field.</span></p><br />
<!--<form method="post" id="form" action="<php echo htmlspecialchars($_SERVER["PHP_SELF"]);>">-->
<!--Date--><div class="contact-font">
Date Photography needed (if necessary)<br />
<input type="text" name="addDate" id="datepicker" size="25" value="<?php if(isset($_POST['addDate'])) {echo $_POST['addDate']; } ?>">
</div>
<!--Name--><div class="contact-font" style=" margin-top: 20px;">
<span class="asterix">* </span>Name:<br />
<input type="text" name="name" class="border" size="25" value="<?php if(isset($_POST['name'])) {echo $_POST['name']; } ?>">
<span class="error"><?php echo $nameErr;?></span>
</div>
<!--Email--><div class="contact-font" style=" margin-top: 20px;">
<span class="asterix">* </span>Email: (please double check enty)<br />
<input type="text" name="email" class="border" size="25" value="<?php if(isset($_POST['email'])) {echo $_POST['email']; } ?>"><span class="error">
<?php echo $emailErr;?></span>
</div>
<!--Subject--><div class="contact-font" style=" margin-top: 20px;">
Subject:<br />
<input type="text" name="subject" class="border" size="25" value="<?php if(isset($_POST['subject'])) {echo $_POST['subject']; } ?>">
</div>
<!--Message--><div class="contact-font" style=" margin-top: 20px;">
<span class="asterix">* </span>Message:<br />
<textarea cols="40" rows="10" name="message" class="border"><?php if(isset($_POST['message'])) {echo $_POST['message']; } ?></textarea>
<span class="error"><?php echo $messageErr;?></span>
</div><br />
<select name="question">
<option <?php if($menuVar=="----------") echo 'selected="selected"'; ?> value="----------">----------</option>
<option <?php if($menuVar=="WebSearch") echo 'selected="selected"'; ?> value="WebSearch">Web Search</option>
<option <?php if($menuVar=="SocialMedia") echo 'selected="selected"'; ?> value="SocialMedia">Social Media</option>
<option <?php if($menuVar=="Wordofmouth") echo 'selected="selected"'; ?> value="Wordofmouth">Word of mouth</option>
<option <?php if($menuVar=="Other") echo 'selected="selected"'; ?> value="Other">Other</option>
</select>
<div>
<input type="submit" value="Send" id="submit">
</div>
</form>
<script>
$(document).ready(function() {
$("#datepicker").datepicker({minDate: 129, maxDate: "+5Y", changeMonth: true,changeYear: true, showButtonPanel: true, dateFormat: 'dd MM yy'});
});
$('#form').on('submit', function(){
return $('#email').val() == $('#emailConfirmation').val();
});
</script>
<style type="text/css">
.asterix{color: #bc2021;font-size: 20px;}
.contact-font, #info-req, #opening-text{font-family: 'Raleway', sans-serif; font-weight: 100; color: #000;}
.border:focus{border: 2px solid #bc2021;}
#datepicker:focus{border: 2px solid #bc2021;}
.error {color: #FF0000;}
#marketing{border: 1px solid black; width: 150px; height: 22px;}
#submit{width: 100px; height: 25px; font-size: 15px;}
#submit:active{background-color: #bc2021;}
</style>
Below is the send.php file contents:
<?php
$addDate = $_POST['addDate'];
$name = $_POST['name'];
$email = $_POST['email'];
$subject = $_POST['subject'];
$question = $_POST['question'];
$to = "some#email.com";
$subject = "Help!";
$body = "Please do not reply!";
mail($to,$subject,$body);
echo "Message Sent!<a href='index.html'>Home</a>";
?>