inserting php text validation to database - php

hi guys i need your help Im new in this field
i have created a form and i want to validate it using php then after validation
i want to insert it in my database but the validation didnt work please help me :(
<?php
$fname = "";
$fnameErr = "";
if ($_SERVER['REQUEST_METHOD'] == "POST")
{
if (empty($_POST['firstname'])) {
$fnameErr = "Firsname required";
}else{
$fname = test_input($_POST["firstname"]);
if (!preg_match("/^[a-zA-Z ]*$/",$fname)) {
$fnameErr = "Only letters and white space allowed";
}
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
mysql_connect('localhost','root','G0cl');
mysql_select_db('db') or die ('Unable to connect to database');
$insert_query = "INSERT into tbl values('$fname')" ;
$record_insert = mysql_query($insert_query);
?>
<?php
include "process.php";
?>
<!DOCTYPE html>
<html>
<head>
<title>practice</title>
</head>
<body>
<h2>Absolute classes registration</h2>
<form method = "post" action = "<?php echo htmlspecialchars($_SERVER["PHP_SELF"]) ?>">
<input type = "text" name = "firstname" placeholder=" Firsname ">
<span class = "error">* <?php echo $fnameErr;?></span>
<input type = "submit" name = "submit" value = "Submit">
</form>
</body>
</html>

Your code reads:
If POST:
Do validation.
Do database insert.
Display form (with errors/feedback).
In other words it doesn't matter if validation fails or not.
You want logic along the lines of:
If POST
Do validation
If no validation errors:
Do database insert.
If insert success:
Redirect.
Display form (with errors/feedback).
Example here:
<?php
$errors = [];
if ($_SERVER['REQUEST_METHOD'] == "POST")
{
$firstname = isset($_POST['firstname']) ? trim($_POST['firstname']) : null;
if (empty($firstname)) {
$errors['firstname'] = "Firstname required.";
}
elseif (!preg_match("/^[a-zA-Z ]*$/", $firstname)) {
$errors['firstname'] = "Only letters and white space allowed.";
}
// etc.
if(! count($errors)) {
echo 'Passed validation, do database insert and then redirect here.';
}
}
$show_error = function($key) use ($errors) {
if(isset($errors[$key])) {
return '<span class = "error">*' . $errors[$key] . '</span>';
}
};
?>
<!DOCTYPE html>
<html>
<head>
<title>Form</title>
</head>
<body>
<h2>Absolute beginners</h2>
<form method = "POST" action = "">
<input type = "text" name = "firstname" placeholder="e.g. Joe.">
<?= $show_error('firstname'); ?>
<input type = "submit" name = "submit" value = "Submit">
</form>
</body>
</html>

try this one
<?php
$fname = "";
$fnameErr = "";
if ($_SERVER['REQUEST_METHOD'] == "POST")
{
if (empty($_POST['firstname'])) {
$fnameErr = "Firsname required";
}else{
$fname = test_input($_POST["firstname"]);
if (!preg_match("/^[a-zA-Z ]*$/",$fname)) {
$fnameErr = "Only letters and white space allowed";
}
else{
mysql_connect('localhost','root','G0cl');
mysql_select_db('db') or die ('Unable to connect to database');
$insert_query = "INSERT into tbl values('$fname')" ;
$record_insert = mysql_query($insert_query);
}
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<?php
include "process.php";
?>
<!DOCTYPE html>
<html>
<head>
<title>practice</title>
</head>
<body>
<h2>Absolute classes registration</h2>
<form method = "post" action = "<?php echo htmlspecialchars($_SERVER["PHP_SELF"]) ?>">
<input type = "text" name = "firstname" placeholder=" Firsname ">
<span class = "error">* <?php echo $fnameErr;?></span>
<input type = "submit" name = "submit" value = "Submit">
</form>
</body>
</html>
You need to include your insert query code after the preg_match. If preg_match false then then the firstname can be inserted to database table.

Related

PHP how to pass a variable from another page to a page that has a validation form

I want to pass a variable from another page to a page that has a validation form
Page1.php is the page contains the variable I want to pass. Let's say page2.php?var=$var
Page2.php is the page that has a validation form I want to store this variable from page1.php.
Let's say $var = $_REQUEST['var'];
The form of page2.php kind like this:
<?php
// define variables and set to empty values
$nameErr = $emailErr = "";
$name = $email = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["name"])) {
$nameErr = "Name is required";
} else {
$name = test_input($_POST["name"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z-' ]*$/",$name)) {
$nameErr = "Only letters and white space allowed";
}
}
if (empty($_POST["email"])) {
$emailErr = "Email is required";
} else {
$email = test_input($_POST["email"]);
// check if e-mail address is well-formed
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailErr = "Invalid email format";
}
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<!DOCTYPE HTML>
<html>
<head>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<?php
// define variables and set to empty values
$nameErr = $emailErr = $genderErr = $websiteErr = "";
$name = $email = $gender = $comment = $website = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["name"])) {
$nameErr = "Name is required";
} else {
$name = test_input($_POST["name"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z-' ]*$/",$name)) {
$nameErr = "Only letters and white space allowed";
}
}
if (empty($_POST["email"])) {
$emailErr = "Email is required";
} else {
$email = test_input($_POST["email"]);
// check if e-mail address is well-formed
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailErr = "Invalid email format";
}
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<h2>PHP Form Validation Example</h2>
<p><span class="error">* required field</span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
Name: <input type="text" name="name" value="<?php echo $name;?>">
<span class="error">* <?php echo $nameErr;?></span>
<br><br>
E-mail: <input type="text" name="email" value="<?php echo $email;?>">
<span class="error">* <?php echo $emailErr;?></span>
<br><br>
<input type="submit" name="submit" value="Submit">
</form>
<?php
echo "<h2>Your Input:</h2>";
echo $name;
echo "<br>";
echo $email;
?>
</body>
</html>
When I pass the variable from page1.php to page2.php, first time is ok.
But as long as I hit "submit", the passed variable will be lost.
How could I keep this variable after multiple times of "submit"? so I can insert this variable along with the form to database
to validate the data in different files you just need to require the folder that accepts the form contents to the validation file

Attempting to use if !isset to display results without the form

I am attempting to display the results without the form being shown at the same time. So, initially when they go to the URL they see the form, and after they fill out the form and the form validation and required fields and URL is valid. Here is what I started with.
<!DOCTYPE HTML>
<html>
<head>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<?php
// define variables and set to empty values
$TXTlinknameErr = $TXTurlErr = "";
$TXTlinkname = $TXTurl = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["TXTlinkname"])) {
$TXTlinknameErr = "Name is required";
} else {
$TXTlinkname = test_input($_POST["TXTlinkname"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$TXTlinkname)) {
$TXTlinknameErr = "Only letters and white space allowed";
}
}
if (empty($_POST["TXTurl"])) {
$TXTurl = "";
} else {
$TXTurl = test_input($_POST["TXTurl"]);
// check if URL address syntax is valid (this regular expression also allows dashes in the URL)
if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&##\/%?=~_|!:,.;]*[-a-z0-9+&##\/%=~_|]/i",$TXTurl)) {
$TXTurlErr = "Invalid URL";
}
}
if (empty($_POST["TXTurl"])) {
$TXTurlErr = "URL is required";
} else {
$TXTurl = test_input($_POST["TXTurl"]);
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<h2>Create HTML Link</h2>
<p><span class="error">* required field</span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
Name: <input type="text" name="TXTlinkname" value="<?php echo $TXTlinkname;?>">
<span class="error">* <?php echo $TXTlinknameErr;?></span>
<br><br>
URL: <input type="text" name="TXTurl" value="<?php echo $TXTurl;?>">
<span class="error"><?php echo $TXTurlErr;?></span>
<br><br>
<input type="submit" name="submit" value="Submit">
</form>
<?php
echo "<h2>Your HTML Code:</h2>";
echo "<br>";
echo '<textarea name="htmlcode" rows="10" cols="60">' . $TXTlinkname . '</textarea>';
?>
</body>
</html>
Here is what I have tried.
I've tried adding else statements after body and before results. I'd like the results not to show until after form submitted.
Here's what I have so far...
I tried to add the below after the body
<?php
//If form not submitted, display form.
if (!isset($_POST['submit'])||(($_POST['name']) == "")){
?>
Then I added:
<?php
} else {
//Retrieve show string from form submission.
Just after
// define variables and set to empty values
Finally added:
<?php
} ?>
Before /body
Here is what I tried.
<!DOCTYPE HTML>
<html>
<head>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<?php
//If form not submitted, display form.
if (!isset($_POST['submit'])||(($_POST['TXTlinkname'] && $_POST['TXTurl']) == "")){
?>
<?php
// define variables and set to empty values
$TXTlinknameErr = $TXTurlErr = "";
$TXTlinkname = $TXTurl = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["TXTlinkname"])) {
$TXTlinknameErr = "Name is required";
} else {
$TXTlinkname = HTML_input($_POST["TXTlinkname"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$TXTlinkname)) {
$TXTlinknameErr = "Only letters and white space allowed";
}
}
if (empty($_POST["TXTurl"])) {
$TXTurl = "";
} else {
$TXTurl = HTML_input($_POST["TXTurl"]);
// check if URL address syntax is valid (this regular expression also allows dashes in the URL)
if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&##\/%?=~_|!:,.;]*[-a-z0-9+&##\/%=~_|]/i",$TXTurl)) {
$TXTurlErr = "Invalid URL";
}
}
if (empty($_POST["TXTurl"])) {
$TXTurlErr = "URL is required";
} else {
$TXTurl = HTML_input($_POST["TXTurl"]);
}
}
function HTML_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<h2>Create HTML Link</h2>
<p><span class="error">* required field</span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
Name: <input type="text" name="TXTlinkname" value="<?php echo $TXTlinkname;?>">
<span class="error">* <?php echo $TXTlinknameErr;?></span>
<br><br>
URL: <input type="text" name="TXTurl" value="<?php echo $TXTurl;?>">
<span class="error"><?php echo $TXTurlErr;?></span>
<br><br>
<input type="submit" name="submit" value="Submit">
</form>
<?php
} else {
echo "<h2>Your HTML Code:</h2>";
echo "<br>";
echo '<textarea name="htmlcode" rows="10" cols="60">' . $TXTlinkname . '</textarea>';
?>
<button onclick="location = location.href">Go Back</button>
<?php
} ?>
</body>
</html>
So, initially when they go to the URL they see the form, and after they fill out the form and the form validation and required fields and URL is valid.
The big issue I see with your code is the if statement. The variables are not defined unless form hasn't been submitted. What I've changed is moved the function to be defined globally along with the variable names, and inverted the if statement. PHP Tags, you don't need them everywhere. One wrapper is good enough.
I'm not sure about what your result is, but for what you asked, I shall provide.
<!DOCTYPE HTML>
<html>
<head>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<?php
function HTML_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
$TXTlinkname = $TXTurl = "";
$TXTlinknameErr = $TXTurlErr = "";
//If form not submitted, display form.
if (isset($_POST['submit'])){
if (empty($_POST['TXTurl'])) {
$TXTurlErr = "URL is required";
} else {
$TXTurl = HTML_input($_POST['TXTurl']);
// check if URL address syntax is valid (this regular expression also allows dashes in the URL)
if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&##\/%?=~_|!:,.;]*[-a-z0-9+&##\/%=~_|]/i",$TXTurl)) {
$TXTurlErr = "Invalid URL";
}
}
if (empty($_POST['TXTname'])) {
$TXTlinknameErr = "Name is required";
} else {
$TXTlinkname = HTML_input($_POST['TXTname']);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$TXTlinkname)) {
$TXTlinknameErr = "Only letters and white space allowed";
}
}
}
if (empty($TXTurlErr) && empty($TXTlinknameErr) && isset($_POST['submit'])) {
echo "<h2>Your HTML Code:</h2>";
echo "<br>";
echo '<textarea name="htmlcode" rows="10" cols="60">' . $TXTlinkname . '</textarea>';
echo '<button onclick="location = location.href">Go Back</button>';
} else {
echo '<h2>Create HTML Link</h2>
<p><span class="error">* required field</span></p>
<form method="post" action="'.htmlspecialchars($_SERVER["PHP_SELF"]).'">
Name: <input type="text" name="TXTname" value="'.$TXTlinkname.'">
<span class="error">* '. $TXTlinknameErr .'</span>
<br><br>
URL: <input type="text" name="TXTurl" value="'.$TXTurl.'">
<span class="error">'.$TXTurlErr.'</span>
<br><br>
<input type="submit" name="submit" value="Submit">
</form>';
}
?>
</body>
</html>
Tested locally on XAMPP
You have to have a variable that tells you if you're going to show the textarea or not...
<!DOCTYPE HTML>
<html>
<head>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<?php
// define variables and set to empty values
$TXTlinknameErr = $TXTurlErr = "";
$TXTlinkname = $TXTurl = "";
$show_textarea = false; //DEFAULT
if (isset($_POST['submit'])) { //The form is sent...
$show_textarea = true; //Then this is DEFAULT!!
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["TXTlinkname"])) {
$show_textarea = false; //DON'T SHOW TEXTAREA
$TXTlinknameErr = "Name is required";
} else {
$TXTlinkname = test_input($_POST["TXTlinkname"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$TXTlinkname)) {
$show_textarea = false; //DON'T SHOW TEXTAREA
$TXTlinknameErr = "Only letters and white space allowed";
}
}
if (empty($_POST["TXTurl"])) {
$show_textarea = false; //DON'T SHOW TEXTAREA
$TXTurl = "";
} else {
$TXTurl = test_input($_POST["TXTurl"]);
// check if URL address syntax is valid (this regular expression also allows dashes in the URL)
if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&##\/%?=~_|!:,.;]*[-a-z0-9+&##\/%=~_|]/i",$TXTurl)) {
$show_textarea = false; //DON'T SHOW TEXTAREA
$TXTurlErr = "Invalid URL";
}
}
if (empty($_POST["TXTurl"])) {
$show_textarea = false; //DON'T SHOW TEXTAREA
$TXTurlErr = "URL is required";
} else {
$TXTurl = test_input($_POST["TXTurl"]);
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
if ($show_textarea === false) {
?>
<h2>Create HTML Link</h2>
<p><span class="error">* required field</span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
Name: <input type="text" name="TXTlinkname" value="<?php echo $TXTlinkname;?>">
<span class="error">* <?php echo $TXTlinknameErr;?></span>
<br><br>
URL: <input type="text" name="TXTurl" value="<?php echo $TXTurl;?>">
<span class="error"><?php echo $TXTurlErr;?></span>
<br><br>
<input type="submit" name="submit" value="Submit">
</form>
<?php
}
if (isset($_POST['submit'])) { //The form is sent...
if ($show_textarea === true ) { //...AND the form has valid values
echo "<h2>Your HTML Code:</h2>";
echo "<br>";
echo '<textarea name="htmlcode" rows="10" cols="60">
' . $TXTlinkname . '
</textarea>';
}
}
?>
</body>
</html>
try this one:
if (!$_POST) || $_POST['TXTlinkname'] == "" && $_POST['TXTurl']) == "")){

PHP Single Page Form Validation HTML - form not validating

PHP portion, where variables are initialized and set to empty. As well as the post methods and isset functions
The functions seem to be right, no errors when running the code. However, nothing is processed when the user submits everything. This is just a small portion of the code.
<?php
//define variables and set them to empty values
$fname_error= $phone_error= $address1_error= $address2_error= $city_error= $state_error= $zipcode_error= "";
$fname= $phone= $address1= $address2= $city= $state= $zipcode= "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["fname"])) {
$fname_error = "Missing";
}
else {
$fname = test_input($_POST["fname"]);
//now we check to see that the name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$fname)) {
$fname_error = "Please use letters and white space only";
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
The Html portion:
<div class="userinput">
<label for="fname"><b>First Name</b></label>
<input type="text" name="fname" value="<?php
echo $fname ?>">
<span class="error">
<?php echo $fname_error;?></span>
</div>
Close the conditional REQUEST_METHOD.
Your code should look like this:
<!DOCTYPE HTML>
<html>
<head>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<?php
//define variables and set them to empty values
$fname_error = $phone_error = $address1_error = $address2_error = $city_error = $state_error = $zipcode_error = "";
$fname = $phone = $address1 = $address2 = $city = $state = $zipcode = "";
//flag to validate and allow SQL insert if true
$valid=true;
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["fname"])) {
$fname_error = "Missing";
$valid=false;
} else {
$fname = test_input($_POST["fname"]);
//now we check to see that the name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/", $fname)) {
$valid=false;
$fname_error = "Please use letters and white space only";
}
}
}
//filter your input for security reason
function test_input($data) {
$data1 = trim($data);
$data2 = stripslashes($data1);
$data3 = htmlspecialchars($data2);
return $data3;
}
if($valid){
//Add you insert SQL
}
?>
<h2>PHP Form Validation Example</h2>
<p><span class="error">* required field</span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>">
<label for="fname"><b>First Name</b></label>
<input type="text" name="fname" value="<?php echo $fname ?>">
<span class="error">
<?php echo $fname_error; ?></span>
<br><br>
<input type="submit" name="submit" value="Submit">
</form>
<?php
//For testing porpuses:
echo "<h2>Your Input:</h2>";
echo $fname;
?>
</body>
Reference: https://www.w3schools.com/php/php_form_complete.asp
Form validation

php preg_match not showing output

I am currently making a simple login page. I am using preg_match to check if a username contains only letters and whitespace. If it helps, I am basing it off w3schools example: https://www.w3schools.com/php/php_form_url_email.asp
PHP
<?php
$username = $password = "";
$usernameErr = $passwordErr = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["username"])) {
$usernameErr = "A Username Is Required!";
} elseif (!preg_match("/^[a-zA-Z ]*$/",$username) === 0) {
$usernameErr = "Letters and White Space Only!";
} else {
$username = input(isset($_POST["username"]));
}
if (empty($_POST["password"])) {
$passwordErr = "A Password Is Required!";
}
else {
$password = input(isset($_POST["password"]));
}
}
function input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
}
?>
HTML
<!DOCTYPE HTML>
<html>
<head>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<h2>PHP Form Validation Example</h2>
<p><span class="error">* required field.</span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
Username: <input type="text" name="username">
<span class="error">* <?php echo $usernameErr;?></span>
<br><br>
Password: <input type="text" name="password">
<span class="error">* <?php echo $passwordErr;?></span>
<br><br>
<input type="submit" name="submit" value="Submit">
</form>
</body>
</html>
The value of $username is not changed between
$username = $password = "";
and
} elseif (!preg_match("/^[a-zA-Z ]*$/",$username) === 0) {
I think you meant to write
} elseif (!preg_match("/^[a-zA-Z ]*$/",$_POST['username']) === 0) {
Further, attempting to do an explicit integer type match on the return value for preg_match() is a bit silly. Particuarly if you perform a boolean negate on the value. This would be better:
} elseif (!preg_match("/^[a-zA-Z ]+$/",trim($_POST['username']))) {
Then just when we though it couldn't get any worse...
$username = input(isset($_POST["username"]));
Are you aware of what isset() does? It returns a boolean which you are processing with your input function. But since your function doesn't return a value you are setting $username to null.
Consider
$username = input($_POST["username"]);
...
function input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
There's a lot more wrong with the code, but that is enough clues.
I would strongly recommend that you when experimenting with code you put
error_reporting(E_ALL | E_STRICT);
at the top of your code and clean out all the warnings PHP will tell you about (the "| E_STRICT" is redundant if your PHP install is up to date).

PHP form validation failure

I am trying to do form field validation with php. I am checking if the submit button isset first and then if the form fields are empty, save it in a error variable, else if its not empty I have a function doing som form cleanup and setting the value to the textfield.Then submitted to another page.
But my error handling never happens and the form with empty fields are submitted to my action page url.
Whats wrong with code:
<html>
<head>
<meta charset="UTF-8">
<title></title>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<?php
$fnameErr = "";
$lnameErr = "";
$Fname = "";
$Lname = "";
if(isset($_POST["submit"])) {
if (empty($_POST["FirstName"])) {
$fnameErr = "First name is required";
} else {
$Fname = form_input($_POST["FirstName"]);
}
if (empty($_POST["LastName"])) {
$lnameErr = "Last name is required";
} else {
$Lname = form_input($_POST["LastName"]);
}
}
function form_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<h2>PHP Form Validation Example</h2>
<p><span class="error">* required field.</span></p>
<form action="intro.html.php" method="POST">
Förnamn: <input type="text" name="FirstName">
<span class="error">* <?php echo $fnameErr;?></span>
<br>
Efternamn: <input type="text" name="LastName">
<span class="error">* <?php echo $lnameErr;?></span>
<br>
<input type="submit" name="submit" value="Skicka">
</form>
</body>
</html>
Thank you
UPDATE
if file of action form is different with the form file you need to check the input on action.
here the index.php
<html>
<head>
<meta charset="UTF-8">
<title></title>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<?php
/* get the return value when is not valid on into.html.php*/
$fname = $_GET['fName']; $lname = $_GET['lName'];
if($_GET['fName']=='false'){
$fnameErr = "First name is required"; /*set value to show notif*/
$fname ="";
}
if($_GET['lName']=='false'){
$lnameErr = "First name is required"; /*set value to show notif*/
$lname ="";
}
?>
<h2>PHP Form Validation Example</h2>
<form action="intro.html.php" method="POST">
Förnamn: <input type="text" name="FirstName" value="<?php echo $fname;?>">
<span class="error">* <?php echo $fnameErr;?></span>
<br>
Efternamn: <input type="text" name="LastName" value="<?php echo $lname;?>">
<span class="error">* <?php echo $lnameErr;?></span>
<br>
<input type="submit" name="submit" value="Skicka">
</form>
</body>
</html>
and then set your intro.html.php like this
<?php
function form_input($data) {
if($data!=""){ /*add condition if data != "" then run so we don't need more else on section if $_POST is empty*/
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
}
return $data;
}
if(isset($_POST["submit"])) { /*check the submit*/
$Fname = form_input($_POST["FirstName"]); /* get post data from input val to variable $Fname*/
$Lname = form_input($_POST["LastName"]); /* get post data from input val to variable $Lname*/
if(!empty($_POST["FirstName"]) and !empty($_POST["LastName"])!=""){ /*cek if FirstName and LasName is not empty*/
/* do what you want to do here*/
echo ' FName : '.$Fname.' | LName : '.$Lname;
}
else{
/*we will redirect to index.php using javascript*/
echo '
<script>
alert("all input must be field!");
window.location.href="index.php?fName='.($_POST["FirstName"]==""?'false':$Fname).'&lName='.($_POST["LastName"]==""?'false':$Lname).'"; /* this ridect to index.php and set variable $_GET fName and variable lName */
</script>
';
}
}
else{
echo 'submit is undefined!'; /*echo submit empty, */
}
?>
if you want to check input before submit, you can use HTML <input> required Attribute here the documentation
or you can use jquery to proses ajax submit or just check the input value you can see more in here
hope this help.

Categories