php to show array of $errors in javascript alert box

php to show array of $errors in javascript alert box - php

does anyone know how to return error array in a javascript alert box? The code below that I have doesn't do the trick right. Browser returns "Cannot use [] for reading". When using $error without the bracket, browser only returns the word "Array" in the alert box but the error message is not showing. Any help?
echo '<script type="text/javascript">alert("Error: '.$errors[].'");</script>';
Updated to include the extent of my code:
$errors = [];
$target_dirRFP = ('accounts/' . $order_list . '/rfp/');
$file_nameRFP = $_FILES['FileToUploadRFP']['name'];
$file_sizeRFP = $_FILES['FileToUploadRFP']['size'];
$extentionRFP = pathinfo($file_nameRFP, PATHINFO_EXTENSION);
$tempRFP = ($_FILES["FileToUploadRFP"]["tmp_name"]);
$target_fileRFP = ($target_dirRFP . $file_nameRFP);
$valid_formatsRFP = array("pdf");
$target_dirPSA = ('accounts/' . $order_list . '/psa/');
$file_namePSA = $_FILES['FileToUploadPSA']['name'];
$file_sizePSA = $_FILES['FileToUploadPSA']['size'];
$extentionPSA = pathinfo($file_namePSA, PATHINFO_EXTENSION);
$tempPSA = ($_FILES["FileToUploadPSA"]["tmp_name"]);
$target_filePSA = ($target_dirPSA . $file_namePSA);
$valid_formatsPSA = array("pdf");
if(!empty($file_nameRFP)) {
if(in_array($extentionRFP, $valid_formatsRFP) === false) {
$errors[] = "The RFP you selected to upload is not allowed. Only PDF file is permitted.";
}
if (file_exists($target_fileRFP)) {
$errors[] = "Attached RFP: \"'.$file_nameRFP.'\" already exists.\nPlease select another file to upload.";
}
}
if(!empty($file_namePSA)) {
if(in_array($extentionPSA, $valid_formatsPSA) === false ) {
$errors[]="The PSA you selected to upload is not allowed. Only PDF file is permitted.";
}
if (file_exists($target_filePSA)) {
$errors[] = "Attached PSA: \"'.$file_namePSA.'\" already exists.\nPlease select another file to upload.";
}
}
if(empty($errors)==true) {
move_uploaded_file($tempRFP, $target_fileRFP);
move_uploaded_file($tempPSA, $target_filePSA);
$stmt = $DB_CON_C->prepare("INSERT INTO `".$order_list."`
SET first_name = '$first_name', last_name = '$last_name'");
$stmt->execute();
echo '<script type="text/javascript">alert("Submitted.");</script>';
} else {
echo '<script type="text/javascript">alert("Error: ' . implode("; ", $errors) . '");</script>';
}

Using implode() and entering new lines is most likely the best way.
Example:
<?php
$errors = [];
if( validateFails() ){
$errors[] = "some error found";
}
if( failAgain() ){
$errors[] = "some other error";
}
echo '<script>alert("'.implode("\\n", $errors).'");</script>';
UPDATE:
Another error lies on your error message string syntax. Take a look at this line:
$errors[] = "Attached PSA: \"'.$file_namePSA.'\" already exists.\nPlease select another file to upload.";
This should be re-written to:
$errors[] = "Attached PSA: $file_namePSA already exists.\\nPlease select another file to upload.";
As any variable inside double quotes "..." will be echoed out correctly. And a new line in the string should be \\n not \n.

You could transform your array in string with implode()
echo '<script type="text/javascript">alert("Error: ' . implode("; ", $errors) . '");</script>';

You'd have to create a single string representation of some sort. For example, you could "implode" the array using a delimiter. Something like:
echo '<script type="text/javascript">alert("Error: ' . implode(', ', $errors) . '");</script>';
This would just be a simple comma+space delimiter between all of the array elements. If you need something more complex or with more styling (in which case you probably don't want an alert() in the first place) then you could manually build any string you like from the contents of the array. You just need to output a string to the page, not an array directly.

Hopefully you will get exact output.Please try
alert(JSON.stringify($errors));

Related

PHP Form processing algorithm

By way of partial explanation, my mind-set is strongly procedural, since I've been programming that way since the 60s
I'm working in PHP and trying to get my head around form handling starting with an interactive 404 error form. What I want in minimal pseudo-code is:
do {
OK = true;
display_form;
ask for optional name
ask for optional email address
ask for optional comments
on – submit{
sanitise input
validate input (which could be no input since all is optional)
if one or more inputs invalid set OK = false
}
} while (OK == false)
assemble email to webmaster using $_SERVER superglobals as well as input
send using mail function
Someone "helpfully" added curlies after the while AND at the end -- they really don't belong there -- the idea was that I wanted execution to "drop through" to those two statements only after the DO -- WHILE completed
The mail assembly could be in a separate file, or not
While this is a semi-specific problem, I'm working on the assumption that, if I can get this to work, then getting a database update working will be easier.
It seems to me that my whole conceptual algorithm is incorrect, and until I sort that I'm nowhere. I've been banging at this for a a couple of days – Google pointed at a number of semi-relevant answers here, so I'm giving it a go. The W3C examples clearly show the response code running even when there are problems with the input, which is not what I want.

The main switch you need to make here is probably the one to a request-response model of execution. You can't do a literal do..while, since you will need to send a response back to the client. The next iteration of that will be triggered by a new request to PHP, which begins again from the beginning and doesn't remember any previous state.
So, in pseudo code, it works like this:
if is POST request:
validate input, populate error variables
if input is valid:
send email with data
redirect to different page or display "thanks"
form start
for $field in fields:
output HTML for $field
maybe highlight if error
maybe set value to POSTed value to retain data
form end
So, upon the first page visit, it won't be a POST request and falls straight through to the form part. There won't be any errors or existing data, so the plain form will be output. When the form is submitted, the same code runs again and now enters the if is POST branch. If any values are invalid, it will fall through to the form again, which now can also output any error messages and existing submitted values. Only when all values are valid, will the server send an email and exit this "loop" by redirecting to another page, or maybe just outputting a "Thank you" note.
If you properly separate that into an MVC architecture, you'd have these components:
Model
data validation
email sending
View
outputs the form HTML
Controller
one for handling GET requests, just invoking the view
one for handling POST requests, essentially doing:
errors = model.validate(data)
if no errors:
model.send_email(data)
redirect()
else:
view.display_form(data, errors)
some form of router invoking the right controller based on the request URL and method
These could all be separate functions, or classes, or methods, or just files.

Below is the final code for the page. It's a basic 404 error page that may be of use to someone. And it should answer the requests that I supply the code that I was working with
It includes three files that I've not supplied:
top.php and footer.php and functions.php
top produces the HTML head statements including meta codes and also including top level banners and menu, as well as establishing the basic page format.
footer-- using the server superglobal just before the footer include, the page can provide a code update date for the page. And a consistent name and registration number for our organisation
functions.php supplies a bunch of reused functions. There are a couple of little (fairly obvious) functions in used in this code:
spacer outputs code to create an empty cell in a table.
spanCol creates a column spanning cell in a table, with the specified text and
specified tag open and close
The full page is at http://www.vfmc.org.au/notfound.php -- please don't send me too much junk email.
Code for the guts is here - I don't claim that it's brilliant, but it works thanks to help from here:
<?php
$pageTitle = "File Not Found";
$authorName = "Don Gingrich";
$styleSheet = "./css/mainstyle.css";
include_once 'top.php';
require_once "functions.php";
$indicesServer = array(
'PHP_SELF',
'HTTP_REFERER',
'SCRIPT_FILENAME',
'SCRIPT_NAME',
'REQUEST_URI',
'ORIG_PATH_INFO'
);
if (isset($_SERVER['HTTP_REFERER'])) {
$refering = $_SERVER['HTTP_REFERER'];
} else {
$refering = NULL;
}
$requested = $_SERVER['REQUEST_URI'];
// $refering = $_SERVER['HTTP_REFERER'];
if ($refering == NULL || $refering == " ") {
$refering = "referrer field was blank\n - may be due to mis-typing address\n";
}
/* basic "sanitise input" function */
function test_input($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
function send_webmaster_email($name, $email, $comment, $requested, $refering)
{
global $sent;
$subject = "File not Found: $requested";
$txt = "Trying to access $requested from $refering\n" . "Visitor comments follow:\n" . $comment;
if ($name != "") {
$txt .= "\n\tReporting person's name is: $name\n";
}
if ($email != "") {
$txt .= "\n\tReporting person's email is: $email\n";
}
$to = "webmaster#vfmc.org.au";
$additional_headers = "From: webmaster#vfmc.org.au\r\n";
mail($to, $subject, $txt, $additional_headers);
$sent = true;
}
// define variables and set to empty values
$nameErr = $emailErr = "";
$name = $email = $comment = "";
$myError = false;
global $sent;
$sent = false;
/********************************************************
* Processing code follows -- Only executed after POST
*
*******************************************************/
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$requested = $_POST['requested'];
$refering = $_POST['refering'];
$requested = test_input($requested);
$refering = test_input($refering);
$myError = false;
if ($_POST["button"] == "Submit") {
if (empty($_POST["name"])) {
$name = "";
} else {
$name = test_input($_POST["name"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z -]*$/", $name)) {
$myError = true;
$nameErr = "Only letters, hyphen, and white space allowed";
}
}
if (empty($_POST["email"])) {
$email = "";
} else {
$email = test_input($_POST["email"]);
// check if e-mail address is well-formed
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$myError = true;
$emailErr = "Invalid email format";
}
}
if (empty($_POST["comments"])) {
$comment = "";
} else {
$comment = test_input($_POST["comments"]);
}
if ($myError == false) {
send_webmaster_email($name, $email, $comment, $requested, $refering);
}
}
}
echo "\n";
echo "<h2>File Not Found</h2>\n";
echo "<br>\n";
echo "<br>\n";
if ($sent == true ){
echo "<h5>Email sent to Webmaster, Thank you</h5>\n";
echo "<br>Use the menu to the left or the back button<br>\n";
echo "to return to the VFMC site<br>\n";
} else {
echo " Unfortunately the file that you have asked for is unavailable.\n";
echo "<br>\n";
echo "<br>\n";
echo "This may mean that the Webmaster has forgotten to load it or the link to it is broken in some way.<br>\n";
echo "Or, if you typed a page in the browser address bar, you may have mis-typed, remember that everything<br>\n";
echo "after the <b>www.vfmc.org.au/</b> is CaSeSensitive -- FiresideFiddlers, is spelled as written.<br>\n";
echo " <br>\n";
echo " <br>\n";
echo "<h6>Please tell the webmaster by sending a message:</h6>\n";
echo " <br>\n";
echo " <br>\n";
$myFile = htmlspecialchars($_SERVER['PHP_SELF']);
echo " <form action= \"$myFile\" method=\"post\">\n";
echo "<input type=\"hidden\" name=\"refering\" value=\"$refering\" />\n";
echo "<input type=\"hidden\" name=\"requested\" value=\"$requested\" />\n";
echo " <table border=\"0\" cellpadding=\"8\" cellspacing=\"8\">\n";
echo " <colgroup>\n";
echo " <col width = auto>\n";
echo " <col width = auto>\n";
echo " <col width = auto>\n";
echo " </colgroup>\n";
echo " <tr>\n";
spanCol("3", "Your name and email address are optional,<br> but the webmaster will be unable to respond <br>directly without them", "h5");
echo " <tr>\n";
echo " <td><label for=\"tswname\">Name</label>:</td>\n";
echo " <td><input type=\"text\" name=\"name\" id=\"tswname\" size=\"25\" /></td>\n";
echo " <td>\t";
if ($nameErr == "") {
echo "(Optional)\n";
} else {
echo "<span class=\"error\">*" . $nameErr . "</span>\n";
}
echo "</td></tr>\n";
echo " <tr>\n";
echo " <td>\n";
echo " <label for=\"tswemail\">Email address</label>:</td>\n";
echo " <td>\n";
echo " <input type=\"text\" id=\"tswemail\" name=\"email\" size=\"25\" />\n";
echo " </td>\n";
echo " <td>\n";
if ($emailErr == "") {
echo "(Optional)\n";
} else {
echo "<span class=\"error\">*" . $emailErr . "</span>\n";
}
echo "</td></tr>\n";
echo " <tr>\n";
echo " <td>\n";
echo " <label for=\"tswcomments\">Comments</label></td>\n";
echo " <td colspan=\"2\">\n";
echo " <textarea rows=\"15\" cols=\"45\" name=\"comments\" id=\"tswcomments\"></textarea>\n";
echo " </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"center\" colspan=\"2\">\n";
echo " <input type=\"submit\" name=\"button\" value=\"Submit\" /><br>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </form>\n";
}
echo " <br>\n";
echo " <br>\n";
echo " <br>\n";
echo " <br>\n";
echo "</td>\n";
echo "</tr>\n";
$filename = $_SERVER['SCRIPT_NAME'];
require_once "footer-code.php";
?>
</tbody>
</table> <!--PWK-EDIT END FOOTER-->
</body>
</html>

It says that file doesnt exist when it does. when i do $file on the page it shows the variable and not view/herethehtmlformpostnumber.txt

The code is available below.
The issue is explained on the title of this post....
<?php
$filenumber = $_POST['filenumber'];
$file = 'view/$filenumber.txt';
$sharedfile = 'view/$shared.txt';
if(!isset($filenumber) || trim($filenumber) == '')
{
echo "The file number field is empty or #$filenumber does not exist. Redirecting you in 3 seconds.";
header ( "refresh:3;url=https://2.survivaltimepe.com" );
exit;
}
$shared = $_POST['shared'];
if(!isset($shared) || trim($shared) == '')
{
echo "The shared number field is empty or #$shared does not exist. Redirecting you in 3 seconds.";
header ( "refresh:3;url=https://2.survivaltimepe.com" );
exit;
}
$file = view/$filenumber.txt;
if (file_exists($file)) {
echo "";
} else {
echo "The field is empty or the #$filenumber file number does not exist. Redirecting you in 3 seconds.<br>";
}
$sharedfile = view/$shared.txt;
if (file_exists($sharedfile)) {
echo "";
} else {
echo "The field is empty or the #$shared shared number does not exist. Redirecting you in 3 seconds.";
header ( "refresh:3;url=https://2.survivaltimepe.com" );
exit;
}
$file = "view/$filenumber.txt";
unlink($file);
$sharedfile = "view/$shared.txt";
unlink($sharedfile);
echo ("File #$filenumber has been successfully removed.<br>Remember that you can always create a new link on the site.<br><br>Redirecting you in 10 seconds.");
header( "refresh:10;url=https://2.survivaltimepe.com" );
?>
title explains most of all that it displays the variable , instead it should be view/thehtmlformpostnumberhere.txt

Change $file = 'view/$filenumber.txt'; to $file = 'view/'.$filenumber'.'.txt';
Update:
I saw in your script you have more of this cases. When you use a variable in a string use '.$variable.'

PHP echo printing language construct

In an assignment I'm having trouble running a php script with page handling. It's outputting actual php code when submitted through another php page but works fine on its own.
I have a html login page which submits via submit buttons rather than form submit [a requirement]. This submits to login.php.
Seperately I have testBalance.php which checks a file balance.txt on my server which simply has an amount (1000). testBalance.php calls a function in getBalance.php to return the amount here.
THE PROBLEM IS when I run testBalance.php by itself it works just fine. Displaying "Account Balance: 1000.00" but when I attempt to set (in login.php) testBalance.php as the redirect url, the page literally displays code from my testBalance.php page: "Account balance: "); printf ( "%01.2f", $returnValue ); echo ("
"); ?> " I know it's convoluted, this is an intro to php portion of an web prog. class. I'm guessing it has to do with the value pairs that are being passed through to the pages. Can anyone help?
LOGIN.HTML snippit
<input type="button" name="sub_but" id="bal" value="check balance"
onclick="location.href = 'login.php' + '?' + 'name='+ document.forms[0].username.value +
'&redirectURL=' + 'bal';" />
LOGIN.PHP
<?php
$NAME=$_GET["name"];
$PAGE=$_GET["redirectURL"];
$DESTINATION="";
if ($NAME == ''){ /* HANDLES NAME ERRORS */
echo "PLEASE RETURN AND ENTER A NAME.";
}
elseif (ctype_alpha(str_replace(' ', '', $NAME)) === false) {
echo "$NAME is not a valid name. Name must contain letters and spaces only";
}
else{
if($PAGE=='with'){
$DESTINATION = "withdraw.html";
}
elseif($PAGE=='bal'){
//$DESTINATION = "balance.html";
$DESTINATION = "testBalance.php";
}
elseif($PAGE=='depos'){
$DESTINATION = "deposit.html";
}
elseif($PAGE=='weath'){
$DESTINATION = "weather.html";
}
elseif($PAGE=='xchang'){
$DESTINATION = "currency.html";
}
/*echo("$DESTINATION\r\n");*/
header("Content-Length: " .
strlen(file_get_contents($DESTINATION)));
header("Cache-Control: no-cache");
readfile($DESTINATION);
}
?>
testBalance.php body snippit
<?php
include 'getBalance.php';
$returnValue = readBalance();
echo "<p>Account balance: ";
printf( "%01.2f", $returnValue );
echo "</p>";
?>
getBalance.php
<?php
function readBalance(){
$file = "balance.txt";
$fp = fopen($file, "r");
if (!$fp){
echo "<p>Could not open the data file.</p>";
$balance = 0;
}
else{
$balance = fgets($fp);
fclose ($fp);
}
return $balance;
}
?>

readfile() doesn't EXECUTE anything it reads. It's literally just slurping in the file's bytes and spitting them out to the client. It's basically doing
echo file_get_contents(...);
If you want your other files to be executed, you need to include() or require() them instead. Or you could try eval(), but you really don't want to go down that route. eval() is evil and dangerous.

Don't Display Photo if Not Found

I'm developing a browser extension (content script) that scans and highlights certain words on a page, and uses AJAX and PHP to echo back content into a tooltip that appears when a user hover over said words. One thing that gets echoed back from the PHP file is an image, but my problem is that I don't have an image for every keyword - what I want is the PHP to only echo back an image when one exists at the given URL. As of now, certain words show images, others show the "image not found" icon. What I want is for no "image not found" icon if the image doesn't exist.
I have the AJAX send the variable ($data) to the PHP files hosted on my website. Maybe have it check the HTTP header of the url before echoing?
Here is my code:
$data = $_POST['id'];
echo "http://extension.nicholasrub.in/headshots/" . $data . ".png'>";

Why don't you just check it like this?
$data = $_POST['id'];
if($data !== "") {
echo "http://extension.nicholasrub.in/headshots/" . $data . ".png'>";
}
else {
echo "http://extension.nicholasrub.in/headshots/notFound.png'>";
}
EDIT:
Use file_exists():
$data = $_POST['id'];
$imagePath = "/path/images/" . $data . ".png";
if (file_exists($imagePath)) {
echo "http://extension.nicholasrub.in/headshots/" . $data . ".png'>";
}
else {
echo "http://extension.nicholasrub.in/headshots/notFound.png'>";
}

You can check if a file exists using this function
http://php.net/manual/en/function.file-exists.php

if you want to check image what is not exist on your server then use this code:
$data = $_POST['id'];
$imagePath = "http://extension.nicholasrub.in/headshots/$data.png";
echo "http://extension.nicholasrub.in/headshots/".(file_get_contents(imagePath) ? $data : 'notFound').".png'>"

I ended up solving the problem by checking whether the HTTP headers were 404 or not.
My Code:
$file = "http://extension.nicholasrub.in/headshots/" . $data . ".png";
$file_headers = #get_headers($file);
if($file_headers[0] == 'HTTP/1.1 404 Not Found') {
$exists = false;
}
else {
$exists = true;
}
if ($exists == true) {
echo "<div id='my-tooltip-2986234'><div><img src='http://extension.nicholasrub.in/headshots/" . $data . ".png'>";
}
else {
echo "<div id='my-tooltip-2986234'><div>";
}

HTML Form Not Outputting To CSV File (Or Displaying Correct Error Messages)

I'm having trouble creating a form that exports to a .CSV file in PHP. I created a fiddle for the HTML which is here:
http://jsfiddle.net/tqs6g/
I'm coding in PHP so I can't really show the full code on JSFiddle since it can't support the PHP but here's my PHP code:
<?php
if($_POST['formSubmit'] == "Submit")
{
$errorMessage = "";
if(empty($_POST['brandname']))
{
$errorMessage .= "<li>Please enter a business/brand name.</li>";
}
if(empty($_POST['firstname']))
{
$errorMessage .= "<li>Please enter your first name.</li>";
}
$varBrand = $_POST['brandname'];
$varFName = $_POST['firstname'];
$varLName = $_POST['lastname'];
$varEmail = $_POST['email'];
$varSite = $_POST['website'];
if(empty($errorMessage))
{
$fs = fopen("mydata.csv","a");
fwrite($fs,$varBrand . ", " . $varFName . ", " . $varLName . ", " . $varEmail . ", " . $varSite . "\n");
fclose($fs);
exit;
}
}
?>
When I click Submit it successfully goes to 'thankyou.php' (which is set in the form action) but I can't figure out why it's not posting the correct error messages or filling in my 'mydata.csv' file upon click. Possibly it's a sight syntax error? Let me know if you need any more info, I know this is kind of confusing seeing as the PHP is separated from the Fiddle.

<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') { // better method to check for a POSt
... validation stuff ...
$data = array();
$data[] = $_POST['brandname'];
$data[] = $_POST['firstname'];
etc...
if (empty($errrorMessage)) {
$fs = fopen('mydata.csv', 'a') or die("Unable to open file for output");
fputcsv($fs, $data) or die("Unable to write to file");
fclose($fs);
exit();
} else {
echo $errormessage;
}
}
A few things of note:
1) using $_SERVER['REQUEST_METHOD'] to check for submit type is absolutely reliable - that value is always set, and will always be POST if a post is being performed. Checking for a particular form field (e.g. the submit button) is hacky and unreliable.
2) Using fputcsv() to write out to a csv file. PHP will do all the heavy work for you and you jus tprovide the function an array of data to write
3) Note the or die(...) constructs, which check for failures to open/write to the file. Assuming that a file is available/writeable is unreliable and will bite you at some point in the future. When dealing with "external" resources, always have error handling.

We Keep Coding

PHP, A popular general-purpose scripting language that is especially suited to web development.