Change empty input border after submission - php

I want to have it so if the person clicks the submit button and leaves a input / textarea empty. I want it to change the now gray border to red (Whichever input was left empty).
My current code:
if(empty($_POST['email']) ||
empty($_POST['name']) ||
empty($_POST['message']) ||
empty($_POST['pref-job']) ||
empty($_POST['username']))
{
echo "<style type='text/css'>
input {
border: thin solid #e51923;
}
textarea {
border: thin solid #e51923;
}
</style>";
}

You can do this with php, but a much better option is to use HTML5.
The required attribute will stop submission and highlight the field red if it is not populated.
<input type="email" name="email" required="required" />
Note that this will only function correctly with those browsers that implement HTML5, and should not be relied upon for validation. You should still validate server side. In this case, I would suggest adding a class to the input field to show that it is invalid in php - something like:
if (empty($_POST['email'])) {
$emailClass = 'validationFailed';
} else {
$emailClass = '';
}
printf('<input type="email" name="email" class="%s" />', $emailClass);
For this to work, you would also need the validationFailed class to have been defined of course - something like in your question:
.validationFailed {
border: thin solid #e51923;
}

Since Both HTML require and PHP empty() can be bypassed my space
$email = null;
$name = null;
$message = null;
$pref_job = null;
$username = null;
if ($_POST) {
$error = false;
if(trim($_POST['email']) == false) {
$email = 'failed';
$error = true;
}
if (trim($_POST['name']) == false) {
$name = 'failed';
$error = true;
}
if (trim($_POST['message']) == false) {
$message = 'failed';
$error = true;
}
if (trim($_POST['pref_job']) == false) {
$pref_job = 'failed';
$error = true;
}
if (trim($_POST['username']) == false) {
$username = 'failed';
$error = true;
}
if ( ! $error) {
//passed all basic validation
}
}
?>
<style type='text/css'>
.failed {
border: thin solid #e51923;
}
</style>
<form method="post">
<input type="text" name="email" class="<?php echo $email; ?>" /> <br />
<input type="text"name="name" class="<?php echo $name; ?>"/> <br />
<input type="text" name="message" class="<?php echo $message; ?>"/> <br />
<input type="text" name="pref-job" class="<?php echo $pref_job; ?>"/> <br />
<input type="text" name="username" class="<?php echo $username; ?>"/> <br />
<input type="submit" value="Submit"/>
</form>
Unless you want to allow empty space values

Related

How i do check if record exists in variable then verify form input with variable record

Have this code i want to check if record exist in $pas before processing result
then try to verify $pas by form input
I have tried this:
$pas = "1234";
$text = "12345678910111213141516";
if(empty($pas)) {
echo $text;
}
else
{
if (isset($_POST["subscribe"]))
{
$phone = $_POST["phone"];
if ($phone == $pas)
{
echo $text;
}
else
{
if ($phone != "$pass")
{
echo erro;
}
}
}
}
if(!isset($_POST["phone"]) || $_POST["phone"] != $pas)
{
echo '<form action="#" method="POST">
Your Phone Number <br />
<input type="text" name="phone" value="080"/>
<input type="submit" name="subscribe" value="SEND PAYMENT"/>
</form>';
}
But I get result even when 'pas' is not there what am I doing Wrong?
<?php
$pas = "1234";
$text = "12345678910111213141516";
if(empty($pas)) {
echo $text;
}
else
{
if (isset($_POST["subscribe"]))
{
$phone = $_POST["phone"];
if ($phone == $pas)
{
echo $text;
}
else
{
if ($phone != "$pass")
{
echo erro;
}
}
}
if(!isset($_POST["phone"]) || $_POST["phone"] != $pas)
{
echo '<form action="#" method="POST">
Your Phone Number <br />
<input type="text" name="phone" value="080"/>
<input type="submit" name="subscribe" value="SEND PAYMENT"/>
</form>';
}
}
Your else bracket was closing sooner than you wanted so your echo would be executed anyway as it was outside of your if/else

PHP session array and input validation

Currently I am sending error messages and storing the value of my input fields in sessions.
Form example
<label class="errormsg"><?php echo $_SESSION['msgProductPrice']; unset($_SESSION['msgProductPrice']); ?></label>
<input type="text" name="product_price" value="<?php echo $_SESSION['val_ProductPrice']; unset($_SESSION['val_ProductPrice']); ?>" />
PHP
$Price = $_POST['product_price'];
$errorcount = 0;
if(empty($Price) === true){
$PriceErrormsg = "empty";
$errorcount++;
}
if($errorcount === 0) {
// success
} else {
$_SESSION['val_ProductPrice'] = $Price;
$_SESSION['msgProductPrice'] = $PriceErrormsg;
}
This works perfectly with one of a kind input field. If I try with multiple input fields with the same name, it doesn't work.
Form example
<label class="errormsg"><?php echo $_SESSION['msgProductAmount']; unset($_SESSION['msgProductAmount']); ?></label>
<input type="text" name="product_amount[]" value="<?php echo $_SESSION['val_ProductAmount']; unset($_SESSION['val_ProductAmount']); ?>" />
<label class="errormsg"><?php echo $_SESSION['msgProductAmount']; unset($_SESSION['msgProductAmount']); ?></label>
<input type="text" name="product_amount[]" value="<?php echo $_SESSION['val_ProductAmount']; unset($_SESSION['val_ProductAmount']); ?>" />
This is where I'm unsure on how to validate all the input fields, how to keep the value in each input field when you hit submit and how to send an errormsg about each field?
PHP
$Amount= $_POST['product_amount'];
$errorcount = 0;
if(empty($Amount) === true){
$AmountErrormsg = "empty";
$errorcount++;
}
if($errorcount === 0) {
// success
} else {
$_SESSION['val_ProductAmount'] = $Amount;
$_SESSION['msgProductAmount'] = $AmountErrormsg;
}
If I understand your problem, multiple product amounts are being submitted, and you want to validate each one individually and display the error message next to the appropriate textbox?
Because you are receiving an array of values, you need to create a corresponding array of error messages.
It's a while since I've done any PHP, so this might not be 100% correct, but I think you need something along these lines...
$AmountErrorMessage = Array();
foreach ($Amount as $key => $value) {
if (empty($value)) {
$AmountErrorMessage[$key] = 'empty';
}
}
if ($AmountErrorMessage->count() > 0) {
// success
} else {
$_SESSION['val_ProductAmount'] = $Amount;
$_SESSION['msgProductAmount'] = $AmountErrorMessage;
}
You would then also need to iterate through the array in order to generate the HTML for your form, creating a label and input box for each value submitted.
This code help you to do it as per your wish..
<?php
session_start();
?>
<html>
<head>
<title></title>
<style>
.errormsg{
color:red;
}
</style>
</head>
<body>
<?php
if(isset($_POST['product_amount']))
{
$errorcount = 0;
for($i=0;$i<count($_POST['product_amount']);$i++){
$Amount[$i] = $_POST['product_amount'][$i];
if(empty($Amount[$i]) === true){
$_SESSION['msgProductAmount'][$i] = "empty";
$errorcount++;
}
else
$_SESSION['val_ProductAmount'][$i] = $Amount[$i];
}
if($errorcount === 0) {
unset($_SESSION['msgProductAmount']);
echo "success";
}
}
?>
<form action="" method="POST">
<?php
$cnt = 10;
for($i=0;$i<$cnt;$i++){
?>
<input type="text" name="product_amount[<?=$i?>]" value="<?php echo isset($_SESSION['val_ProductAmount'][$i]) ? $_SESSION['val_ProductAmount'][$i] : '';?>" />
<label class="errormsg"><?php echo $res = isset($_SESSION['msgProductAmount'][$i]) ? $_SESSION['msgProductAmount'][$i] : '' ; ?></label>
<br/>
<?php
}
?>
<input type="submit" name="submit" value="submit" />
</form>
</body>
</html>
<?php
unset($_SESSION['msgProductAmount'],$_SESSION['val_ProductAmount']);
?>

PHP How to print selected answer in green

This is similar to a previous question I asked about matching the selected radio button with the value in the input field.
The code lets a user build a quiz by entering a question and 4 possible answers. You must select one of the answers as the correct one and on a separate PHP page, the answers must be displayed with the correct one in green. Originally this problem was solved, but after I modified the code for validation, the original loop for display would not work.
Here is the output of the code:
I need Albany to print in green since it's the correct answer and was selected with the radio button.
Here is my code for the form:
<?php
session_start();
// Define variables and set to empty values
$questionErr = $answer0Err = $answer1Err = $answer2Err = $answer3Err = "";
$question = $answer0 = $answer1 = $answer2 = $answer3 = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$valid = True;
if (empty($_POST['question'])) {
$questionErr = "Please supply a question";
$valid = False;
} else {
$question = test_input($_POST['question']);
$_SESSION['question'] = $_POST['question'];
}
if (empty($_POST['answer0'])) {
$answer0Err = "Please supply a possible answer";
$valid = False;
} else {
$answer0 = test_input($_POST['answer0']);
$_SESSION['answer0'] = $_POST['answer0'];
}
if (empty($_POST['answer1'])) {
$answer1Err = "Please supply a possible answer";
$valid = False;
} else {
$answer1 = test_input($_POST['answer1']);
$_SESSION['answer1'] = $_POST['answer1'];
}
if (empty($_POST['answer2'])) {
$answer2Err = "Please supply a possible answer";
$valid = False;
} else {
$answer2 = test_input($_POST['answer2']);
$_SESSION['answer2'] = $_POST['answer2'];
}
if (empty($_POST['answer3'])) {
$answer3Err = "Please supply a possible answer";
$valid = False;
} else {
$answer3 = test_input($_POST['answer3']);
$_SESSION['answer3'] = $_POST['answer3'];
}
}
// Function to sanitize data
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
// If valid, send to QuestionReview.php to display answers
if ($valid) {
$_SESSION['radio'] = $_POST['radio'];
header('location: QuestionReview.php');
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>User-Created Quiz</title>
<style>
.shadow {
-webkit-box-shadow: 3px 3px 5px 6px #ccc; /* Safari 3-4, iOS 4.0.2 - 4.2, Android 2.3+ */
-moz-box-shadow: 3px 3px 5px 6px #ccc; /* Firefox 3.5 - 3.6 */
box-shadow: 3px 3px 5px 6px #ccc; /* Opera 10.5, IE 9, Firefox 4+, Chrome 6+, iOS 5 */
}
.instructions {
color: #696D6E;
}
#form-background {
background-color: #ECEDE8;
}
.error {
color: red;
}
</style>
</head>
<body>
<div style="width:600px">
<fieldset id="form-background" class="shadow">
<h1 class="instructions" style="text-align:center">User-Created Quiz</h1>
<p class="instructions" style="text-align:center">
<strong>Please enter a question of your own,
along with 4 possible answers in the
form below. Be sure to select the
correct answer to your question
before submitting the form.</strong>
</p>
<form style="text-align:center;" method="POST" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
<br>
<label class="instructions" for="question" >Enter your question here</label><br>
<input type="text" name="question" size="50" value='<?php echo $question;?>' />
<span class="error">* <br /><?php echo $questionErr; ?></span>
<br><br>
<p class="instructions">
Please provide four answers to your question and select the
correct one.
</p>
<input type="radio" name="radio" value="answer0">
<input type="text" name="answer0" value="<?php echo $answer0; ?>" style="width:400px">
<span class="error">* <br /><?php echo $answer0Err; ?></span>
<br><br>
<input type="radio" name="radio" value="answer1">
<input type="text" name="answer1" value="<?php echo $answer1; ?>" style="width:400px">
<span class="error">* <br /><?php echo $answer1Err; ?></span>
<br><br>
<input type="radio" name="radio" value="answer2">
<input type="text" name="answer2" value="<?php echo $answer2; ?>" style="width:400px">
<span class="error">* <br /><?php echo $answer2Err; ?></span>
<br><br>
<input type="radio" name="radio" value="answer3">
<input type="text" name="answer3" value="<?php echo $answer3; ?>" style="width:400px">
<span class="error">* <br /><?php echo $answer3Err; ?></span>
<br><br>
<input type="submit" value="Submit Entry">
</form>
</fieldset>
</div>
</body>
</html>
And here is my code for the result page:
<?php
session_start();
// Pull all variables from SESSION
$question = $_SESSION['question'];
$answer0 = $_SESSION['answer0'];
$answer1 = $_SESSION['answer1'];
$answer2 = $_SESSION['answer2'];
$answer3 = $_SESSION['answer3'];
$radio = $_SESSION['radio'];
$answerArray = array($answer0, $answer1, $answer2, $answer3);
shuffle($answerArray);
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Entry Review</title>
<style>
.instructions {
color: #696D6E;
}
</style>
</head>
<body>
<h1 class="instructions">Entry Review</h1>
<p><em>You entered the following question:</em></p>
<p><strong><?php echo $question; ?></strong></p><br>
<p><em>These are the answers you provided:</em>
<p>
<strong>
<?php
if(isset($_SESSION['radio'])) {
$radio = $_SESSION['radio'];
foreach ($answerArray as $value) {
echo $value . "<br />";
}
} else {
echo "Please click the back button in your browser and select a correct answer";
}
?>
</strong>
</p>
</body>
</html>
Get a bit of A4 plain paper, work away from your computer for ten minutes.
Now, establish what you're trying to achieve in blocks, what do you want each part of your skillset/language/operator-syntax (PHP, javascript, CSS, HTML etc.) to do?
You have a list of outputs already displayed on your project and you want to mark a chosen output, as differet from the others.
work backwards from that end result, what will make this change? That's right, CSS, so you can write on your paper, you need a CSS class (or other identifier) for a chosen output, that you can call for that answer.
So how will the CSS know which output to choose? Where is this data held?
This data appears to be in PHP somewhere, (but it's not immediately obvious from your code). So, you need a PHP IF statement to check If the answer that is being displayed to the browser is the answer that the user has chosen then that answer needs to be encased in a CSS class somehow (<div> or <span> ) to effect the dfference in appearance.
And that's it. You should have enough of a structure now to go away and to write out notes on that A4 sheet and then use those notes to break your various issues down into component parts (here, there are parts for difining what behaviour should happen and then parts for making that behaviour happen).
Rewrite your code in 5-10 minutes you'll have it exactly as you want it.
On QuestionReview.php page, get the correct answer like this,
$correct_answer = $_SESSION[$_SESSION['radio']];
So keep your quiz page as it is and after submitting, process your form like this:
QuestionReview.php:
<?php
session_start();
// Pull all variables from SESSION
$question = $_SESSION['question'];
$answer0 = $_SESSION['answer0'];
$answer1 = $_SESSION['answer1'];
$answer2 = $_SESSION['answer2'];
$answer3 = $_SESSION['answer3'];
$correct_answer = $_SESSION[$_SESSION['radio']];
$answerArray = array($answer0, $answer1, $answer2, $answer3);
shuffle($answerArray);
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Entry Review</title>
<style>
.instructions {
color: #696D6E;
}
</style>
</head>
<body>
<h1 class="instructions">Entry Review</h1>
<p><em>You entered the following question:</em></p>
<p><strong><?php echo $question; ?></strong></p><br>
<p><em>These are the answers you provided:</em>
<p>
<strong>
<?php
if(isset($_SESSION['radio'])) {
foreach ($answerArray as $value) {
$output = "<span";
if($value == $correct_answer){
$output .= " class='instructions'";
}
$output .= ">" . $value . "</span><br />";
echo $output;
}
} else {
echo "Please click the back button in your browser and select a correct answer";
}
?>
</strong>
</p>
</body>
</html>
In each iteration of the foreach loop, check if the current option equals to the correct answer or not. If it is then apply the class instructions to the current option.
Output: (Screenshot)
You are almost there... just make it simple:
If you have:
$question = $_SESSION['question'];
$radio = $_SESSION['radio'];
$answerArray = [$_SESSION['answer0'], $_SESSION['answer1'], $_SESSION['answer2'], $_SESSION['answer3']];
Then you can:
if(isset($_SESSION['radio'])) {
foreach ($answerArray as $value) {
echo $_SESSION['radio'] == $value ? "<span style=\"color:green\">Make $value green.</span><br />" : "<span style=\"color:#666\">Make $value grey or red.</span><br />";
}
} else {
echo "Please click the back button in your browser and select a correct answer";
}
Which equals to:
if(isset($_SESSION['radio'])) {
foreach ($answerArray as $value) {
if ($_SESSION['radio'] == $value){
echo "<span style=\"color:green\">Make $value green.</span><br />";
} else {
echo "<span style=\"color:#666\">Make $value grey or red.</span><br />";
}
}
} else {
echo "Please click the back button in your browser and select a correct answer";
}

Display PHP Form Validation Results on Same Page

I'm sure the initial reaction is going to be something like, "Doesn't this guy have Google?" Yes, I'll admit this does seem like a pretty basic concept and I've tried and tried to wrap my head around it, looked up all manner of posts and articles on the topic, etc., but all to no avail. Perhaps you can point me in the right direction?
I have a basic contact form (contact.html) that I run with an external PHP script (contact.php). Here's the HTML form code:
<form id="form1" action="contact.php" method="post">
<div class="form1">
<label>Your Name:</label>
<span><input type="text" name="name" /></span>
</div>
<div class="form1">
<label>Your School:</label>
<span><input type="text" name="school" /></span>
</div>
<div class="form1">
<label>Phone Number:</label>
<span><input type="text" name="phone" /></span>
</div>
<div class="form1">
<label>E-Mail Address:</label>
<span><input type="text" name="email" /></span>
</div>
<div class="form3">
<span><textarea cols="1" rows="1" name="message"></textarea></span>
</div>
<div class="wrapper">
<input class="submit" type="image" src="images/contact_submit.png" name="submit" alt="Submit" />
</div>
</form>
The PHP script validates that all of the fields were entered and then processes the form:
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
//Validate the name:
if (!empty($_POST['name'])) {
$name = $_POST['name'];
} else {
echo "You forgot to enter your name.<br>";
}
//Validate the school:
if (!empty($_POST['school'])) {
$school = $_POST['school'];
} else {
echo "You forgot to enter your school.<br>";
}
//Validate the e-mail:
if (!empty($_POST['email'])) {
$email = $_POST['email'];
} else {
echo "You forgot to enter your e-mail.<br>";
}
//Validate the message:
if (!empty($_POST['message'])) {
$message = $_POST['message'];
} else {
echo "You forgot to enter a message.";
}
if (!empty($_POST['name']) && !empty($_POST['school']) && !empty($_POST['email']) && !empty($_POST['message'])) {
$phone = $_POST['phone'];
$body = "$name\n$school\n$phone\n$email\n\n$message";
mail("***", "PAL Website - Message from a Visitor", $body);
header("Location: confirm.html");
}
}
?>
Everything works great and the form is validated and processed as intended. However, I REALLY want to set it up so that the error messages are displayed on the same page or at least have the form refreshed with the error messages included.
I've seen this done in other demonstrations (Larry Ullman's book, for example), but still can't quite figure out how to make it happen. Can you please offer advice? What's the simplest way to go about it?
Here's the page URL, if it helps: http://www.712jefferson.org/pal/contact.html
Thank you!
I'd use jQuery for this.
Modifications to be made:
in HTML:
add id to your input fileds, so you can "grab" them with jQuery (You can see the usage in the $.post method below).
<form id="form1" action="contact.php" method="post">
<div class="form1">
<label>Your Name:</label>
<span><input id="name" type="text" name="name" /></span>
</div>
<div class="form1">
<label>Your School:</label>
<span><input id="school" type="text" name="school" /></span>
</div>
<div class="form1">
<label>Phone Number:</label>
<span><input id="phone" type="text" name="phone" /></span>
</div>
<div class="form1">
<label>E-Mail Address:</label>
<span><input id="email" type="text" name="email" /></span>
</div>
<div class="form3">
<span><textarea id="message" cols="1" rows="1" name="message"></textarea></span>
</div>
<div class="wrapper">
<input class="submit" type="image" src="images/contact_submit.png" name="submit" alt="Submit" />
</div>
</form>
in PHP:
if there is no error in validation echo this: "success"
if (!empty($_POST['name']) && !empty($_POST['school']) && !empty($_POST['email']) && !empty($_POST['message'])) {
echo "success";
$phone = $_POST['phone'];
$body = "$name\n$school\n$phone\n$email\n\n$message";
mail("***", "PAL Website - Message from a Visitor", $body);
header("Location: confirm.html");
}
Attach jQuery library to your site and use the code below in your HTML file inside brackets or in an external *.js file attached to Your site.
In Your HTML file's section use this:
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js">
</script>
jQuery script:
$('#form1').submit(function() {
event.preventDefault();
$.post("contact.php", {name: $("#name").val(), school: $("#school").val(), phone: $("#phone").val(), email: $("#email").val(), message: $("#message").val()}, function(data){
if(data !="success"){
alert(data);
}
});
});
This will give Your error messages in a alert window and Your site won't reload if I'm not mistaken.
There are many ways of doing this so this is a opinion based question which will get you several ways of accomplishing this.
You could do an ajax request to submit the data that way no reloading of the page and on the success of the call if any errors are in the response show the errors near the input that caused the error. This would require the use of javascript and setting a hidden element to the error and displaying it or generating the element containing the error and appending it to the DOM.
do as Amal Murali shows and put the html and validation script in the same script file and output the errors right away, or even better echo the errors near the inputs that caused them
yet another way would be to have contact.php do the validation and then on invalid data print out contact.html and again put the errors near the inputs.
<?php
// define variables and set to empty values
$firstnameErr = $lastnameErr = $usernameErr = $passwordErr = $genderErr = $courseErr = "";
$firstname = $lastname = $username = $password = $gender = $comments = "";
$course = array();
//var_dump($_POST['gender']);
//exit;
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['submit'])) {
$variables = array();
$variables = initialize();
$errors = array();
$errors = validate_errors($variables);
if (count($errors) == 0) {
//database operation
//exit;
}
}
function clean($data) {
$data = strip_tags(htmlspecialchars(stripslashes(trim($data))));
//trim :- Strip whitespace (or other characters) from the beginning and end of a string
//The stripslashes() function removes backslashes.Prevents XSS
//htmlspecialchars :- Converts the predefined characters "<" (less than) and ">" (greater than) to HTML entities:< (less than) becomes < and > (greater than) becomes >Helps in preventing XSS
//The strip_tags() function strips a string from HTML, XML, and PHP tags.
return $data;
}
function initialize(){
$var = array();
$var['firstname'] = clean($_POST['firstname']);
$var['lastname'] = clean($_POST['lastname']);
$var['username'] = clean($_POST['username']);
$var['password'] = clean($_POST['password']);
if(!empty($_POST['gender'])) { //if-else condition is used because here we don't type in any data,but just select data
$var['gender'] = $_POST['gender'];
} else {
$var['gender'] = '';
}
//var_dump($_POST[gender]);
if(!empty($_POST['course'])) { //if-else condition is used because here we don't type in any data,but just select data
$var['course'] = $_POST['course'];
} else {
$var['course'] = '';
}
$var['comments'] = clean($_POST['comments']);
return $var;
}
function validate_errors($var) { //is an array being passed into this function??have a look at arg of validateFirstName.
$errors = array();
$errors['firstname'] = validateFirstName($var['firstname']);//should return error string or ''
$errors['lastname'] = validateLastname($var['lastname']);
$errors['username'] = validateUserName($var['username']);
$errors['password'] = validatePassword($var['password']);
$errors['gender'] = validateGender($var['gender']);
$errors['course'] = validateCourse($var['course']);
$errors['comments'] = validateComments($var['comments']);
return $errors;
}
function validateFirstName($fname){
if(empty($fname)){
global $firstnameErr;
$firstnameErr = "First name is required";
return $firstnameErr;
} else if (!preg_match("/^[a-zA-Z ]*$/", $fname)){ // check if name only contains letters and whitespace.Performs a regular expression match
global $firstnameErr;
$firstnameErr = "Only letters are allowed";
return $firstnameErr;
} else {
global $firstname;
$firstname = $fname;
return '';
}
}
function validateLastName($lname){
if(empty($lname)){
return '';
} else if (!preg_match("/^[a-zA-Z ]*$/", $lname)) { // check if name only contains letters and whitespace,performs a regular expression match
global $lastnameErr;
$lastnameErr = "Only letters are allowed";
return $lastnameErr;
} else {
global $lastname;
$lastname = $lname;
return '';
}
}
function validateUserName($uname) {
if(empty($uname)) {
global $usernameErr;
$usernameErr = "Username is required";
return $usernameErr;
} else if (!preg_match("/^[a-zA-Z0-9 ]*$/", $uname)){ // checks if username contains only letters and digits
global $usernameErr;
$usernameErr = "Only letters and digits are allowed";
return $usernameErr;
} else {
global $username;
$username = $uname;
return '';
}
}
function validatePassword($pword){
if(empty($pword)) {
global $passwordErr;
$passwordErr = "Password is required";
return $passwordErr;
} else if (preg_match("/^.*(?=.{8,})(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z]).*$/", $pword) === 0) {
global $passwordErr;
$passwordErr = "Password must be at least 8 characters and must contain at least one lower case letter, one upper case letter and one digit";
return $passwordErr;
} else {
global $password;
$password = $pword;
return '';
}
}
function validateGender($gen){
if(empty($gen)) {
global $genderErr;
$genderErr = "Gender is required";
return $genderErr;
} else {
global $gender;
$gender = $gen;
return '';
}
}
function validateCourse($cour){
if(empty($cour)) {
global $courseErr;
$courseErr = "Select atleast one";
return $courseErr;
} else {
global $course;
$course = $cour;
return '';
}
}
function validateComments($comm){
if(empty($comm)) {
return '';
} else {
global $comments;
$comments = $comm;
return '';
}
}
//renderform();
?>
<html>
<head>
<title>Sample Form</title>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<p><span class="error">* required field.</span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>">
<label for="firstname">Firstname:</label>
<input type="text" name="firstname" id="firstname" value="<?php echo $firstname; ?>" /><span class="error">* <?php echo $firstnameErr; ?></span><br/><br/>
<label for="lastname">Lastname:</label>
<input type="text" name="lastname" id="lastname" value="<?php echo $lastname; ?>" /><span class="error"> <?php echo $lastnameErr; ?></span><br/><br/>
<label for="username">Username:</label>
<input type="text" name="username" id="username" value="<?php echo $username; ?>" /><span class="error">* <?php echo $usernameErr; ?></span><br/><br/>
<label for="password">Password:</label>
<input type="password" name="password" id="password" /><span class="error">* <?php echo $passwordErr; ?></span><br/><br/>
Gender:
<label for="male">Male</label>
<input type="radio" name="gender" id="male" <?php if (isset($gender) && $gender == "male") echo "checked"; ?> value="male" />
<label for="female">Female</label>
<input type="radio" name="gender" id="female" <?php if (isset($gender) && $gender == "female") echo "checked"; ?> value="female" /><span class="error">* <?php echo $genderErr; ?></span><br/><br/>
<label for="course">Course:</label>
PHP<input type="checkbox" name="course[]" id="course" <?php if((!empty($_POST["course"])&& in_array("PHP",$_POST["course"]))){echo "checked";}?> value="PHP" />
HTML<input type="checkbox" name="course[]" id="course" <?php if((!empty($_POST["course"])&& in_array("HTML",$_POST["course"]))){echo "checked";}?> value="HTML" />
CSS<input type="checkbox" name="course[]" id="course" <?php if((!empty($_POST["course"])&& in_array("CSS",$_POST["course"]))){echo "checked";}?> value="CSS" />
Javascript<input type="checkbox" name="course[]" id="course" <?php if((!empty($_POST["course"])&& in_array("Javascript",$_POST["course"]))){echo "checked";}?> value="Javascript" /><span class="error">* <?php echo $courseErr; ?></span><br/><br/>
<label for="comments">Comments:</label><br/>
<textarea name="comments" rows="4" cols="20" id="comments"/><?php echo $comments; ?></textarea><br/><br/>
<input type = "submit" value="Submit" name="submit">
</form>
<?php
echo "<h2>Your Input:</h2>";
echo "Firstname:" . $firstname;
echo "<br>";
echo "Lastname:" . $lastname;
echo '<br>';
echo "Username:" . $username;
echo '<br>';
echo "Password:" . $password;
echo '<br>';
echo "Gender:" . $gender;
echo '<br>';
global $string;
$string = implode(",",$course);
echo "Course(/s):" . $string;
echo '<br>';
echo "Comments:" . $comments;
echo '<br>';
?>
</body>
</html>
code of index.php(This file is run first)
<?php
define('PROJECT',$_SERVER['DOCUMENT_ROOT'].'PhpSample');
include (PROJECT.'/utilities.php');
include ('constant.php');
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['submit'])) {
$errors = validate_errors($variables);
$counter = 0;
foreach ($errors as $value) {
if ($value === '') {
$counter++;
}
}
//if there are no errors
if ($counter == 7) {
//database operation
$con = mysqli_connect($host, $user, $pword);
if (!$con) {
echo 'Error connecting to database. Please try again later';
exit;
}
$val = cleanandinsert($variables,$con,$dbname);
mysqli_close($con);
if(!$val){
echo 'Could not register. Please try again later';
exit;
}
header("Location:http://localhost/PhpSample/target.php?vals=" . urlencode(serialize($variables)));
exit;
}
}
include('myform.phtml');
?>
Code of target.php
<?php
include 'process.php';
$Values= unserialize(urldecode($_GET['vals']));
echo "<h2>Your Input:</h2>";
echo "Firstname:".$Values['firstname'];
echo "<br>";
echo "Lastname:".$Values['lastname'] ;
echo '<br>';
echo "Username:".$Values['username'] ;
echo '<br>';
echo "Password:".$Values['password'] ;
echo '<br>';
echo "Gender:".$Values['gender'] ;
echo '<br>';
if (!empty($Values['course'])) {
$string = implode(',', $Values['course']);
} else {
$string = "";
}
echo "Course(/s):" . $string;
echo '<br>';
echo "Comments:".$Values['comments'] ;
echo '<br>';
?>
Code of constant.php
<?php
// define variables and set to empty values
$firstnameErr = $lastnameErr = $usernameErr = $passwordErr = $genderErr = $courseErr = "";
$firstname = $lastname = $username = $password = $gender = $comments = "";
$course = array();
$variables = initialize();
$host = 'localhost';
$user = 'root';
$pword = '';
$dbname = 'mydb';
$tablename = 'userdata';
?>
Code of myform.phtml
<html>
<head>
<title>Sample Form</title>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<p><span class="error">* required field.</span></p>
<form method="post" action="./index.php">
<label for="firstname">Firstname:</label>
<input type="text" name="firstname" id="firstname" value="<?php if (isset($variables['firstname']) ? print_r($variables['firstname']) : '') ; ?>" /><span class="error">* <?php if (isset($errors['firstname']) ? print_r($errors['firstname']) : '') ; ?></span><br/><br/>
<label for="lastname">Lastname:</label>
<input type="text" name="lastname" id="lastname" value="<?php if (isset($variables['lastname']) ? print_r($variables['lastname']) : '') ; ?>" /><span class="error"> <?php if (isset($errors['lastname']) ? print_r($errors['lastname']) : '') ; ?></span><br/><br/>
<label for="username">Username:</label>
<input type="text" name="username" id="username" value="<?php if (isset($variables['username']) ? print_r($variables['username']) : '') ; ?>" /><span class="error">* <?php if (isset($errors['username']) ? print_r($errors['username']) : '') ; ?></span><br/><br/>
<label for="password">Password:</label>
<input type="password" name="password" id="password" /><span class="error">* <?php if (isset($errors['password']) ? print_r($errors['password']) : '') ; ?></span><br/><br/>
Gender:
<label for="male">Male</label>
<input type="radio" name="gender" id="male" <?php if (isset($variables['gender']) && ($variables['gender'] == "male")) echo "checked"; ?> value="male" />
<label for="female">Female</label>
<input type="radio" name="gender" id="female" <?php if (isset($variables['gender']) && ($variables['gender'] == "female")) echo "checked"; ?> value="female" /><span class="error">* <?php if (isset($errors['gender']) ? print_r($errors['gender']) : '') ; ?></span><br/><br/>
<label for="course">Course:</label>
PHP<input type="checkbox" name="course[]" id="course" <?php echo getChecked("PHP") ?> value="PHP" />
HTML<input type="checkbox" name="course[]" id="course" <?php echo getChecked("HTML") ?> value="HTML" />
CSS<input type="checkbox" name="course[]" id="course" <?php echo getChecked("CSS") ?> value="CSS" />
Javascript<input type="checkbox" name="course[]" id="course" <?php echo getChecked("Javascript") ?> value="Javascript" /><span class="error">* <?php if (isset($errors['course']) ? print_r($errors['course']) : '') ; ?></span><br/><br/>
<label for="comments">Comments:</label><br/>
<textarea name="comments" rows="4" cols="20" id="comments"/><?php if (isset($variables['comments']) ? print_r($variables['comments']) : '') ; ?></textarea><br/><br/>
<input type = "submit" value="Submit" name="submit">
</form>
Code of utilities.php
<?php
/**
* It cleans the variable and returns variable free from cross site cripting.
* #return variable free from whitespaces,stripped of slashes,tags.
*/
function clean($data, $ishtmltype = FALSE) {
if ($ishtmltype) { //for database operation
$data = htmlspecialchars(stripslashes(trim($data)));
return $data;
}
$data = strip_tags(htmlspecialchars(stripslashes(trim($data))));
return $data;
}
/**
* It returns an array of variables which are cleansed with the help of "clean()"
* #return $var array
*/
function initialize() {
$var = array();
$var['firstname'] = isset($_POST['firstname']) ? clean($_POST['firstname']) : '';
$var['lastname'] = isset($_POST['lastname']) ? clean($_POST['lastname']) : '';
$var['username'] = isset($_POST['username']) ? clean($_POST['username']) : '';
$var['password'] = isset($_POST['password']) ? $_POST['password'] : '';
if (!empty($_POST['gender'])) {
$var['gender'] = $_POST['gender'];
} else {
$var['gender'] = '';
}
//var_dump($_POST[gender]);
if (!empty($_POST['course'])) {
$var['course'] = $_POST['course'];
} else {
$var['course'] = '';
}
$var['comments'] = isset($_POST['comments']) ? clean($_POST['comments']) : '';
return $var;
}
/**
* It returns an array of error variables which have error messages in them
* #param type $var array
* #return $errors array
*/
function validate_errors($var) {
$errors = array();
$errors['firstname'] = validateFirstName($var['firstname']); //should return error string or ''
$errors['lastname'] = validateLastname($var['lastname']);
$errors['username'] = validateUserName($var['username']);
$errors['password'] = validatePassword($var['password']);
$errors['gender'] = validateGender($var['gender']);
$errors['course'] = validateCourse($var['course']);
$errors['comments'] = validateComments($var['comments']);
return $errors;
}
/**
* It returns an error message, if any, in the first name
* #param type $fname
* #return string or null if not found
*/
function validateFirstName($fname) {
if (empty($fname)) {
$firstnameErr = "First name is required";
return $firstnameErr;
} else if (!preg_match("/^[a-zA-Z']*$/", $fname)) { // check if name only contains letters and whitespace.Performs a regular expression match
$firstnameErr = "Only letters are allowed";
return $firstnameErr;
}
else if (strlen($fname) < 3){
$firstnameErr = "Atleast 3 characters";
return $firstnameErr;
}
else if (strlen($fname) > 60){
$firstnameErr = "Not more than 60 characters";
return $firstnameErr;
}
return '';
}
/**
* It returns an error message, if any, in the last name
* #param type $lname
* #return string or null if not found
*/
function validateLastName($lname) {
if (empty($lname)) {
return '';
} else if (!preg_match("/^[a-zA-Z ]*$/", $lname)) { // check if name only contains letters and whitespace,performs a regular expression match
$lastnameErr = "Only letters are allowed";
return $lastnameErr;
}
else if (strlen($lname) > 60){
$firstnameErr = "Not more than 60 characters";
return $firstnameErr;
}
return '';
}
/**
* It returns an error message, if any, in the user name
* #param type $uname
* #return string or null if not found
*/
function validateUserName($uname) {
if (empty($uname)) {
$usernameErr = "Username is required";
return $usernameErr;
} else if (!preg_match("/^[a-zA-Z0-9 ]*$/", $uname)) { // checks if username contains only letters and digits
$usernameErr = "Only letters and digits are allowed";
return $usernameErr;
}
else if (strlen($uname) < 3){
$firstnameErr = "Atleast 3 characters";
return $firstnameErr;
}
else if (strlen($uname) > 60){
$firstnameErr = "Not more than 60 characters";
return $firstnameErr;
}
return '';
}
/**
* It returns an error message, if any, in the password
* #param type $pword
* #return string or null if not found
*/
function validatePassword($pword) {
if (empty($pword)) {
$passwordErr = "Password is required";
return $passwordErr;
} else if (preg_match("/^.*(?=.{8,})(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z]).*$/", $pword) === 0) {
$passwordErr = "Password must be at least 8 characters and must contain at least one lower case letter, one upper case letter and one digit";
return $passwordErr;
}
return '';
}
/**
* It returns an error message, if any, in the gender
* #param type $gen
* #return string or null if not found
*/
function validateGender($gen) {
if (empty($gen)) {
$genderErr = "Gender is required";
return $genderErr;
} else if (($gen != "male") && ($gen != "female")) {
$genderErr = "Not a valid selection";
return $genderErr;
}
return '';
}
/**
* It returns an error message, if any, in the course
* #param type $cour
* #return string or null if not found
*/
function validateCourse($cour) {
if (empty($cour)) {
$courseErr = "Select atleast one";
return $courseErr;
} else if (array_values($cour) != ("PHP" && "HTML" && "CSS" && "Javascript")) {
$courseErr = "Not a valid selection";
return $courseErr;
}
return '';
}
/**
* It doesnot return an error message, but accepts any content
* #param type $comm
* #return null
*/
function validateComments($comm) {
if (empty($comm)) {
return '';
}
return '';
}
/**
* It removes any special characters in a string and inserts the validated user data into the database
* #param type $variables array
* #param type $con
* #param type $dbname
* #return boolean
*/
function cleanandinsert($variables, $con, $dbname) {
$firstname = mysqli_real_escape_string($con, $variables['firstname']); //The mysqli_real_escape_string() function escapes special characters in a string for use in an SQL statement.
$lastname = mysqli_real_escape_string($con, $variables['lastname']);
$username = mysqli_real_escape_string($con, $variables['username']);
$password = sha1($variables['password']);
$gender = mysqli_real_escape_string($con, $variables['gender']);
$string = implode(',', ($variables['course']));
$course = mysqli_real_escape_string($con, $string);
$comments = mysqli_real_escape_string($con, $variables['comments']);
$sql = "INSERT INTO $dbname.userdata (firstname,lastname,username,password,gender,course,comments)
VALUES ('$firstname','$lastname','$username','$password','$gender','$course','$comments')";
if (!mysqli_query($con, $sql)) {
return FALSE;
}
return TRUE;
}
/**
* It checks the checked checkboxes on the submission of the wrong data i.e it remembers the checked checkbox.
* #param type $course
* #return checked checkbox or null if a checkbox is not checked
*/
function getChecked($course){
if(!empty($_POST['course']) && in_array($course, $_POST["course"])){
return 'checked';
}
return '';
}
?>
You can use ladder if..else structure for your code
in if() you will put your condition and if the condition is false it will go to the error message and then you can put link of the main form, so that the user can go back...
There are many ways for doing this, but the easy way to do this is "Put your Whole form code in php file and just make one file, i am not sure but it should work, the error will be shown below the form for that first write your form code and after write your php script".:)

Form values variables and submission problems

Can someone help me fix this code? What I want to fix is:
If a person doesn't enter a username or password, I just want the error text (the red messages on the side) without the 'sorry, no access' message on top.
Also, if a person gains access (or doesn't), I want the text fields and submit button go away.
This isn't going to be a real form, so please don't worry about how I'm using a username and password....and if its possible do you think most of my code could stay the same?
Thanks!
<?php
echo '<style type="text/css">
.error
{
color: red;
}
</style>';
$error = false;
if (isset($_POST['submitted']))
{
if (empty($_POST['username']) || empty($_POST['password']))
{
$error = TRUE;
}
if (!$error && $_POST['username']=='test' && $_POST['password']=='abc123') {
echo '<p>Correct. Thank you for entering.<p/>';
}
else
{
echo '<p>Sorry, no access.</p>
';
}
}
?>
<form action="" method="post">
Username: <input type="text" name="username" size="20" value="<?php
if (isset($_POST['submitted']) && !empty($_POST['username']))
{
echo $_POST['username'];
} ?>" />
<?php
if (isset($_POST['submitted']) && empty($_POST['username']))
{
echo '<span class="error">Please enter a username.</span>';
}
?>
<br />Password: <input type="password" name="password" size="20" value="<?php
if (isset($_POST['submitted']) && !empty($_POST['password']))
{
echo $_POST['password'];
} ?>" />
<?php
if (isset($_POST['submitted']) && empty($_POST['password']))
{
echo '<span class="error">Please enter a password.</span>';
}
?>
<br /><input type="submit" value="Log in" />
<br /><input type="hidden" name="submitted" value="true" />
</form>
Try this:
<style type="text/css">
.error {
color: red;
}
</style>
<?php
$submitted = isset($_POST['submitted']);
$userName = isset($_POST['username']) ? $_POST['username'] : null;
$password = isset($_POST['password']) ? $_POST['password'] : null;
if($submitted) {
if (!$userName || !$password) {
echo '<p class="error">Please go back and fill the inputs.</p>';
} elseif($userName == 'test' && $password == 'abc123') {
echo '<p>Correct. Thank you for entering.<p/>';
} else {
echo '<p class="error">Sorry, no access.</p>';
}
} else {
?>
<form action="" method="post">
Username: <input type="text" name="username" size="20" value="<?php echo $userName; ?>" />
<br />
Password: <input type="password" name="password" size="20" value="" />
<br /><input type="submit" value="Log in" />
<br /><input type="hidden" name="submitted" value="true" />
</form>
<?php } ?>
Consider using the onSubmit event on your form.
You need to combine php and javascript here in order to prevent it from submitting. Make a Jscript function that's called by onSubmit. If a value isn't filled in, return false. It'll kill the submit button and print out directly on the screen.
So just take this:
$submitted = isset($_POST['submitted']);
$userName = isset($_POST['username']) ? $_POST['username'] : null;
$password = isset($_POST['password']) ? $_POST['password'] : null;
if($submitted)
{
if (!$userName || !$password) {
echo '<p class="error">Please go back and fill the inputs.</p>';
}
}
And then on your form:
<form action="" method="post" onSubmit="checkForm()">
Then figure out how you're going to check the form with javascript. You can piece together the rest.

Categories