I got a php form that needs to send info to another page from contact_form.php to user_input.php without losing the validation capabilities.
Here's the form :
<form action="user_input.php" method="post">
<table style="width:35%">
<tr>
<td><p>Name:</td><td><input type="text" name="name" value="<?php echo $_SESSION["name"];?>"><span class="error"> * <?php echo $_SESSION["nameErr"];?></span></p></td></tr>
<td><p>Email:</td><td> <input type="text" name="email" value="<?php echo $_SESSION["email"];?>"><span class="error"> * <?php echo $_SESSION["emailErr"];?></span></p></td></tr>
<td><p>Address:</td><td> <input type="text" name="address" value="<?php echo $_SESSION["address"];?>"><span class="optional"> Optional</span></p></td></tr>
<td><p>Phone: </td><td><input type="tel" name="phone" value="<?php echo $_SESSION["phone"];?>"><span class="error"> * <?php echo $_SESSION["phoneErr"];?></span></p></td><tr>
<td><p>Message: </td><td><textarea name="message" rows="5" cols="40"><?php echo $_SESSION["message"];?></textarea><span class="error"> * <?php echo $_SESSION["messageErr"];?></span></p></td></tr>
Here's the validation part:
if($_SERVER["REQUEST_METHOD"] == "POST") {
if(empty($_POST["name"])) {
$_SESSION["nameErr"] = "Name required";
} else {
$_SESSION["name"] = input($_POST["name"]);
}
if(empty($_POST["email"])) {
$_SESSION["emailErr"] = "Email required";
} else {
$_SESSION["email"] = input($_POST["email"]);
// check if email is valid
if(!filter_var($_SESSION["email"], FILTER_VALIDATE_EMAIL)) {
$_SESSION["emailErr"] = "Invalid email";
}
}
if(empty($_POST["phone"])) {
$_SESSION["phoneErr"] = "Phone number required";
} else {
$_SESSION["phone"] = input($_POST["phone"]);
if(!preg_match("/^[0-9]/", $_SESSION["phone"]) || strlen($_SESSION["phone"]) > 20) {
$_SESSION["phoneErr"] = "Invalid phone number";
}
}
if (empty($_POST["message"])) {
$_SESSION["messageErr"] = "Message required";
} else {
$_SESSION["message"] = input($_POST["message"]);
}
}
function input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
what am I doing wrong it seems that when I send the data on user_input.php the data validation part disappears. And I want on user_input.php a button to redirect the user to the form.
In user_input.php push the received data into session and in contact_form.php prefill form if data in session available. Other option is to do the common validatiin part into a separate file that you include in both files. Or just use Silex from Sensiolabs
CONTACT FORM
<?php session_start();?>
<form action="user_input2.php" method="post">
<table style="width:35%">
<tr>
<td><p>Name:</td><td><input type="text" name="name" value="<?php echo $_SESSION["name"];?>"><span class="error"> * <?php echo $_SESSION["nameErr"];?></span></p></td></tr>
<td><p>Email:</td><td> <input type="text" name="email" value="<?php echo $_SESSION["email"];?>"><span class="error"> * <?php echo $_SESSION["emailErr"];?></span></p></td></tr>
<td><p>Address:</td><td> <input type="text" name="address" value="<?php echo $_SESSION["address"];?>"><span class="optional"> Optional</span></p></td></tr>
<td><p>Phone: </td><td><input type="tel" name="phone" value="<?php echo $_SESSION["phone"];?>"><span class="error"> * <?php echo $_SESSION["phoneErr"];?></span></p></td><tr>
<td><p>Message: </td><td><textarea name="message" rows="5" cols="40"><?php echo $_SESSION["message"];?></textarea><span class="error"> * <?php echo $_SESSION["messageErr"];?></span></p></td></tr></p>
<td><input type="submit" name="btn" value="Submit"></td>
</table>
</form>
USER_INPUT2.PHP
<?php
if($_SERVER["REQUEST_METHOD"] == "POST") {
echo "skdjksjd";
if(empty($_POST["name"])) {
$_SESSION["nameErr"] = "Name required";
} else {
$_SESSION["name"] = input($_POST["name"]);
}
if(empty($_POST["email"])) {
$_SESSION["emailErr"] = "Email required";
} else {
$_SESSION["email"] = input($_POST["email"]);
// check if email is valid
if(!filter_var($_SESSION["email"], FILTER_VALIDATE_EMAIL)) {
$_SESSION["emailErr"] = "Invalid email";
}
}
if(empty($_POST["phone"])) {
$_SESSION["phoneErr"] = "Phone number required";
} else {
$_SESSION["phone"] = input($_POST["phone"]);
if(!preg_match("/^[0-9]/", $_SESSION["phone"]) || strlen($_SESSION["phone"]) > 20) {
$_SESSION["phoneErr"] = "Invalid phone number";
}
}
if (empty($_POST["message"])) {
$_SESSION["messageErr"] = "Message required";
} else {
$_SESSION["message"] = input($_POST["message"]);
}
}
function input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
get to back
Related
Validation doesn't work on my form
I want validation to run in my form and show errors
here's my code for Contact Form.php
<p><span class="error"> * required field(s)</span></p>
<form action="user_input.php" method="post">
<table>
<tr>
<td><label>Name: <span class="error"> *<?php echo $nameErr;?> </span></label></td></tr>
<td><input name="name" type="text" placeholder="Type your name" value="<?php echo $name;?>"></td>
<tr><td><label>Email: <span class="error"> *<?php echo $emailErr;?> </span></label></td></tr>
<td><input name="email" type="email" placeholder="Type your email" value="<?php echo $email;?>"></td>
<tr><td><label>Address: <span class="optional"> Optional</span></label></td></tr>
<td><input name="address" type="text" placeholder="Type your location" value="<?php echo $address;?>"></td>
<tr><td><label>Phone: <span class="error"> * <?php echo $phoneErr;?></span></label></td></tr>
<td><input name="phone" type="tel" placeholder="Type your phone number" value="<?php echo $phone;?>"></td>
<tr><td><label>Message: <span class="error"> * <?php echo $messageErr;?> </span></label></td></tr>
<td><textarea name="message" row="5" cols="40" placeholder="Type your message here" value="<?php echo $message;?>"></textarea></td>
</table>
<input type="submit" value="Submit">
and my code for user_input.php
<?php
$nameErr = $emailErr = $addressErr = $phoneErr = $messageErr = "";
$name = $email = $address = $phone = $message = "";
if($_SERVER["REQUEST_METHOD"] == "POST") {
if(empty($_POST["name"])) {
$nameErr = "Name required";
header("location: contact_form.php");
} else {
$name = input($_POST["name"]);
}
if(empty($_POST["email"])) {
$emailErr = "Email required";
header("location: contact_form.php");
} else {
$email = input($_POST["email"]);
// check if email is valid
if(!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailErr = "Invalid email";
header("location: contact_form.php");
}
}
if(empty($_POST["address"])) {
$addressErr = "Invalid Address";
header("location: contact_form.php");
} else {
$address = input($_POST["address"]);
}
if(empty($_POST["phone"])) {
$phoneErr = "Phone number required";
header("location: contact_form.php");
} else {
$phone = input($_POST["phone"]);
if(!preg_match("/^[0-9]+$/", $phone) || strlen($phone) > 20) {
$phoneErr = "Invalid phone number";
header("location: contact_form.php");
}
}
if (empty($_POST["message"])) {
$messageErr = "Message required";
header("location: contact_form.php");
} else {
$message = input($_POST["message"]);
}
}
I don't know where I have errors it should be able to output errors and validating.
I want only php not jquery or javascript
You should store the error messages in a session.
What you do now is setting a variable that is limited to the runtime. As soon as the user changes the page (what he does with location header) they will be flushed. Sessions are not flushed and can be used on per user basis and will be viable for 30 minutes default I think (config can change the duration)
Just add errors like
session_start();
$_SESSION['errors'][] = 'Name required';
On the page you can now access them like foreach($_SESSION['errors'] as $error){... and then delete them unset($_SESSION['errors']);
Remove header() function from error condition and also use an array for storing your errors. instead of multiple variables.
Thank you in advance, I am trying to figure out why my code isn't running the
if($error != true) {
echo "working";} block of code. I wish to replace this with mysql functionality later on but for now i need to know how to get the form submission working when all the fields are valid.
<head>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<?php
// define variables and set to empty values
$error = $fnameErr = $lnameErr = $doberror = $SnameErr = $state_Err = $post_code_num_Err = $sex_Err= $emailErr = $pwd1 = "";
$fname = $lname = $dob = $street_name = $state =$post_code_num = $sex = $email = $pwd1_Err = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["fname"])) {
$fnameErr = "Name is required";
$error = true;
} else {
$fname = test_input($_POST["fname"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$fname)) {
$error = true;
$fnameErr = "Only letters and white space allowed";
}
}
if (empty($_POST["lname"])) {
$lnameErr = "last name is required";
$error = true;
} else {
$lname = test_input($_POST["lname"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$lname)) {
$lnameErr = "Only letters and white space allowed";
$error = true;
}
}
if (empty($_POST["dob"])) {
$doberror = "dob name is required";
$error = true;
} else {
$dob = test_input($_POST["dob"]);
// check if name only contains letters and whitespace
if (!preg_match("/^(0?[1-9]|[12]\d|3[01])\/(0?[1-9]|1[012])\/(19|20)\d\d$/",$dob)) {
$doberror = "format must match dd/mm/yyyy";
$error = true;
}
}
if (empty($_POST["street_name"])) {
$SnameErr = "street name is required";
$error = true;
} else {
$street_name = test_input($_POST["street_name"]);
// check if name only contains letters and whitespace
if (!preg_match("/\d{1,3}.?\d{0,3}\s[a-zA-Z]{2,30}\s[a-zA-Z]{2,15}/",$street_name)) {
$SnameErr = "must be in format like 123 fake street or 12/2 fake street";
$error = true;
}
}
if (empty($_POST["state"])) {
$state_Err = "state is required";
$error = true;
} else {
$state = test_input($_POST["state"]);
$error = true;
}
if (empty($_POST["post_code_num"])) {
$post_code_num_Err = "Post code is required";
$error = true;
} else {
$post_code_num = test_input($_POST["post_code_num"]);
// check if name only contains letters and whitespace
if (!preg_match("/^\d{4,4}$/",$post_code_num)) {
$post_code_num_Err = "4 digit postcode only";
$error = true;
}
}
if (empty($_POST["sex"])) {
$sex_Err = "Gender is required";
$error = true;
} else {
$sex = test_input($_POST["sex"]);
}
if (empty($_POST["email"])) {
$emailErr = "Email is required";
$error = true;
} else {
$email = test_input($_POST["email"]);
// check if e-mail address is well-formed
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailErr = "Invalid email format";
$error = true;
}
}
if (empty($_POST["pwd1"])) {
$pwd1 = "password is required";
$error = true;
} else {
$pwd1 = test_input($_POST["pwd1"]);
// check if name only contains letters and whitespace
if (!preg_match("/^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])\w{6,}$/",$pwd1)) {
$pwd1_Err = "Must contain at least one number, one lowercase and one uppercase letter. must have a minimum of 6 characters";
$error = true;
}
}
if($error != true) {
echo "working";
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<h2>PHP Form Validation Example</h2>
<p><span class="error">* required field.</span></p>
<form method="post" action="<?php echo ($_SERVER["testphp.php"]);?>">
First Name:<br>
<input type="text" name="fname" value="<?php echo $fname;?>">
<span class="error">* <?php echo $fnameErr;?></span>
<br>
Last Name:<br>
<input type="text" name="lname" value="<?php echo $lname;?>">
<span class="error">* <?php echo $lnameErr;?></span>
<br>
Date of Birth:<br>
<input type="text" name="dob" value="<?php echo $dob;?>">
<span class="error">* <?php echo $doberror;?></span>
<br>
<fieldset>
<br>
<legend>Address:</legend>
<br>
Street Name:
<input type="text" name="street_name" value="<?php echo $street_name;?>">
<span class="error">* <?php echo $SnameErr;?></span>
<br>
State:
<select name="state" id="state" placeholder="Select a state"
<option value="">Please Select</option>
<option value="QLD">QLD</option>
<option value="NT">NT</option>
<option value="WA">WA</option>
<option value="SA">SA</option>
<option value="NSW">NSW</option>
<option value="ACT">ACT</option>
<option value="TAS">TAS</option>
<option value="VIC">VIC</option>
</select>
<span class="error">* <?php echo $state_Err;?></span>
<br>
Post Code:
<input type="text" name="post_code_num" value="<?php echo $post_code_num;?>">
<span class="error">* <?php echo $post_code_num_Err;?></span>
</fieldset>
<br>
Sex:
<input type="radio" name="sex" value="male" checked>Male
<input type="radio" name="sex" value="female">Female
<span class="error">* <?php echo $sex_Err;?></span>
<br>
Email:
<input type="text" name="email" value="<?php echo $email;?>">
<span class="error">* <?php echo $emailErr;?></span>
<br>
password:
<input type="password" name="pwd1" value="<?php echo $pwd1;?>">
<span class="error">* <?php echo $pwd1_Err;?></span>
<br>
<input type="submit"></input>
</form>
<?php
echo "<h2>Your Input:</h2>";
echo $fname;
echo "<br>";
echo $lname;
echo "<br>";
echo $house_num;
echo "<br>";
echo $street_name;
echo "<br>";
echo $state;
echo "<br>";
echo $post_code_num;
echo "<br>";
echo $dob;
echo "<br>";
echo $sex;
echo "<br>";
echo $email;
echo "<br>";
echo $pwd1;
echo "<br>";
?>
</body>
if (empty($_POST["state"])) {
$state_Err = "state is required";
$error = true;
} else {
$state = test_input($_POST["state"]);
$error = true;
}
So always $error=true.
I have separate email script; however, how would we run that code if there are no errors. I have a array with form errors $errors = array($nameErr, $emailErr, $phoneErr, $zipErr, $serviceErr); but they have different strings, if there are no strings or Null or '' inside the array, we would like to send email.
<!DOCTYPE HTML>
<html>
<head>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<?php
// define variables and set to empty values
$nameErr = $phoneErr = $emailErr = $zipErr = $serviceErr = "";
$name = $phone = $email = $zip = $service = $comment = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["name"])) {
$nameErr = "name required.";
} else {
$name = test_input($_POST["name"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$name)) {
$nameErr = "letters and spaces only.";
}
}
if (empty($_POST["email"])) {
$emailErr = "email required.";
} else {
$email = test_input($_POST["email"]);
// check if e-mail address is well-formed
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailErr = "invalid email format.";
}
}
if (empty($_POST["phone"])) {
$phoneErr = "phone required.";
} else {
//Check phone for numbers () or - only
$phone = test_input($_POST["phone"]);
if (!preg_match("/^[\+0-9\-\(\)\s]*$/", $phone)) {
$phoneErr = "format.";
}
}
if (empty($_POST["zip"])) {
$zipErr = "zip required.";
} else {
$zip = test_input($_POST["zip"]);
}
if (!preg_match("/^[\+0-9\-\(\)\s]*$/", $zip)){
$zipErr = "format.";
}
if ($_POST["service"] == NULL ) {
$serviceErr = "service required.";
}else {
$service = test_input($_POST["service"]);
}
$comment = test_input($_POST["comment"]);
//**********************************************************************
$errors = array($nameErr, $emailErr, $phoneErr, $zipErr, $serviceErr);
if (isset($_POST['Submit'])) {
//if no errors run send email CODE.
}
//***********************************************************************
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<form <form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
<table>
<tr>
<td> Name:
<br />
<input name="name" type="text" size="20" value="<?php echo $name;?>">
<span class="error">* <?php echo "<br />"; echo $nameErr;?></span>
</td>
</tr>
<tr>
<td> Phone:
<br />
<input name="phone" type="text" size="20" value="<?php echo $phone;?>">
<span class="error">* <?php echo "<br />"; echo $phoneErr;?></span>
</td>
</tr>
<tr>
<td> E-mail:
<br />
<input name="email" type="text" size="20" value="<?php echo $email;?>">
<span class="error">* <?php echo "<br />"; echo $emailErr;?></span>
</td>
</tr>
<tr>
<td> Zip:
<br />
<input name="zip" type="text" size="20" value="<?php echo $zip;?>">
<span class="error">* <?php echo "<br />"; echo $zipErr;?></span>
</td>
</tr>
<tr>
<td> Service:
<br />
<select name="service">
<option selected="selected" value="<?php echo $service;?>"><?php echo $service;?></option>
<option value="A">A</option>
<option value="B">B</option>
<option value="C">C</option>
<option value="D">D</option>
</select>
<span class="error">* <?php echo "<br />"; echo $serviceErr;?></span>
</td>
</tr>
<tr>
<td> Message:
<br />
<textarea name="comment" rows="2" cols="20"><?php echo $comment;?></textarea></td>
</tr>
<tr>
<td>
<input type="submit" name="Submit" value="Send" />
</td>
</tr>
</table>
</form>
<?php
echo "<h2>Your Input:</h2>";
echo $name;
echo "<br>";
echo $email;
echo "<br>";
echo $phone;
echo "<br>";
echo $zip;
echo "<br>";
echo $service;
echo "<br>";
echo "$comment";
?>
</body>
</html>
try with the below code:
$errors = array($nameErr, $emailErr, $phoneErr, $zipErr, $serviceErr);
if (isset($_POST['Submit'])) {
if(!array_filter($errors)){
// code here
}
else {
echo "Error";
}
}
Save your errors in an array, then check if the array is empty at the end. If so, no errors - submit email. Else, display errors:
//dont declare separate variables,use an array
//$nameErr = $phoneErr = $emailErr = $zipErr = $serviceErr = "";
$errors = [];
if (empty($_POST["name"])) {
$errors['nameErr'] = "name required.";
} else {
$name = test_input($_POST["name"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$name)) {
$errors['nameErr'] = "letters and spaces only.";
}
}
//other validation here, then
if(empty($errors){
//no errors, submit
your_submit_function();
}else{
//display errors
foreach($errors as $val){
echo $val . '<br/>';
}
}
here is the code
<body>
<?php
$name=$email=$pwd=$nameErr=$emailErr=$pwdErr=$flag="";
function test_input($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
if ($_SERVER["REQUEST_METHOD"] == "POST")
{
if (empty($_POST["name"]))
{
$nameErr = "Name is required";
}
else
{
$name = test_input($_POST["name"]);
if (!preg_match("/^[a-zA-Z ]*$/",$name))
{
$nameErr = "Only letters and white space allowed";
$flag=0;
}
else
{
$flag=1;
}
}
if (empty($_POST["email"]))
{$emailErr = "Email is required";}
else
{
$email = test_input($_POST["email"]);
if (!preg_match("/([\w\-]+\#[\w\-]+\.[\w\-]+)/",$email))
{
$emailErr = "Invalid email format";
$flag=0;
}
else
{
$flag=2;
}
}
if(empty($_POST["pwd"]))
{$pwdErr="enter password";}
else
{
$pwd=test_input($_POST["pwd"]);
if(!preg_match("/^[a-zA-Z ]*$/",$pwd))
{
$pwdErr="Only characters and white spaces are allowed";
$flag=0;
}
else
{
$flag=3;
}
}
if($flag=1 && $flag=2 && $flag=3)
{
header("Location: login.php");
}
else
{
header("Location:form.php");
}
}
?>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" method="post">
Name:<input type="text" name="name" value="<?php echo $name; ?>"/>
<span class="error"><?php echo $nameErr; ?></span><br />
Password:<input type="password" name="pwd" value="<?php echo $pwd; ?>" />
<span class="error"><?php echo $pwdErr; ?></span><br />
Email:<input type="text" name="email" value="<?php echo $email; ?>"/>
<span class="error"><?php echo $emailErr; ?></span><br />
<input type="submit" name="submit" value="submit" />
</form>
The problem is that I want the webpage to navigate to "login.php" after validations are completed. But it is getting navigated to the "login.php" page by clicking on button and the navigations are also not getting checked.
Can anyone help me to fix this? Thanks in advance.
There is a logical problem here if($flag=1 && $flag=2 && $flag=3) and secondly you should use == for comparison. And also how $flag has a value 1,2 and 3 simultaneously?
Adittionaly you should implement some session handling
http://www.w3schools.com/php/php_sessions.asp
http://www.php.net/manual/en/book.session.php
i am a newbie in this php. i am trying to make some validation for my form which will show the error msg if it exploits my validation rules.
my connection file.
<?php
$con = mysql_connect("localhost","root","") or die('could not connect the server: '. mysql_error());
mysql_select_db("interview",$con);
?>
my validate.php file
<?php
require_once('connect.php');
$realnameErr = $nickErr = $passwordErr = $emailErr = "";
$realname = $nick = $password = $email = "";
?>
my form
<form name='v2' id='login' method='post' action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
<fieldset>
<legend>Login</legend>
<label for='realname' >Real Name*:</label>
<input type='text' name='realname' id='realname' maxlength="50" value="<?php echo $realname;?>" /></br>
<span class="error"><?php echo $realnameErr;?></span>
<br>
<label for='nick' >Nick*:</label>
<input type='text' name='nick' id='nick' maxlength="50" value="<?php echo $nick;?>" /></br>
<span class="error"><?php echo $nickErr;?></span>
<br>
<label for='password' >Password*:</label>
<input type='password' name='password' id='password' maxlength="50" /></br>
<span class="error"><?php echo $passwordErr;?></span>
<br>
<label for='email' >Email*:</label>
<input type='text' name='email' id='email' maxlength="50" value="<?php echo $email;?>"/></br>
</fieldset>
<input type='submit' name='submit' value='submit' />
</form>
validation begins here
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if(isset($_POST['submit'])) {
if (empty($_POST["realname"]))
{
$realnameErr = "Name is required";
}
else
{
$realname=test_input($_POST["realname"]);
if(!preg_match("/^[a-zA-z ]*$/",$realname))
{
$realnameErr = "only letters and white space allowed";
}}
if(empty($_POST["nick"]))
{
$nickErr = "Nick is required";
}
else {
$nick=($_POST["nick"]);
}
if(empty($_POST["password"]))
{
$passwordErr = "password is required";
}
else {
$password=($_POST["password"]);
}
if(empty($_POST["email"]))
{
$emailErr = "email is required";
}
else {
$email=test_input($_POST["email"]);
if(!preg_match("/([\w\-]+\#[\w\-]+\.[\w\-]+)/",$email))
{
$emailErr = "Invalid email format";
}}
checking then inserting
if((!$realnameErr) && (!$nickErr) && (!$passwordErr) && (!$emailErr)) {
$query="INSERT INTO `main`"."(realname,nick,password,email)". "VALUES". "('$realname','$nick',SHA('$password'),'$email')";
$res=mysql_query($query);
echo '<p>Your account has been Successfully created,You are now ready to login. </p>';
}
}}
function test_input($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
You need to have your working Script before you display your form. Because at the moment, the time you output <span class="error"><?php echo $nickErr;?></span> the variable $nickErr is still empty and therefore does not display anything.
Try this:
// Init
$errors = array();
// Validate Post Data
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (isset($_POST['submit'])) {
if (empty($_POST["realname"])) {
$errors[] = "Name is required";
} else {
$realname = test_input($_POST["realname"]);
if (!preg_match("/^[a-zA-z ]*$/", $realname)) {
$errors[] = "only letters and white space allowed";
}
}
if (empty($_POST["nick"])) {
$errors[] = "Nick is required";
} else {
$nick = ($_POST["nick"]);
}
if (empty($_POST["password"])) {
$errors[] = "password is required";
} else {
$password = ($_POST["password"]);
}
if (empty($_POST["email"])) {
$errors[] = "email is required";
} else {
$email = test_input($_POST["email"]);
if (!preg_match("/([\w\-]+\#[\w\-]+\.[\w\-]+)/", $email)) {
$errors[] = "Invalid email format";
}
}
}
}
// If there is any error
if (sizeof($errors))
{
// display it
echo '<div>Following error(s) occured:<br /><br />'. implode('<br />', $errors) .'</div>';
}
else
{
// proceed with db insert here
}