I am trying to validate a form field (to be used for First Name) for letters and dashes only, but regardless of how I implement the code, the value of $player_name is still being set.
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["player_name"])) {
$nameErr = "Name is required";
} else {
$player_name = test_input($_POST["player_name"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z -]+$/",$player_name)) {
$nameErr = "Only letters and white space allowed";
}
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
The form has been implemented using the following code:
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
Registration Date: <input type="text" name="date_captured" id="date_captured" value="<?php echo $current_date; ?>">
<br><br>
Name: <input type="text" name="player_name" id="player_name">
<span class="error">* <?php echo $nameErr;?></span>
<br><br>
<input type="submit" name="submit" value="Submit">
</form>
<?php
echo "<h2>Your Input:</h2>";
echo $date_captured;
echo $player_name;
echo "<br>";
?>
Even though the "Only letter and white space allowed" error is set and displayed, the value of $player_name is still set.
I fixed it using the following:
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$fieldTitle = "Player Name";
if (empty($_POST["player_name"])) {
$player_nameErr = $fieldTitle . $requiredErrorText;
} else {
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z -]*$/",test_input($_POST["player_name"]))) {
$player_nameErr = $nameValidationErrorText;
} else {
$player_name = test_input($_POST["player_name"]);
}
}
Related
I want to validate the input of a user so only letters/number and whitespace is allowed. I found a few examples on google and this is what I made out of it. For me this code is logic and should work but whenever I put a special character inside the form and after that press the submit button it wont show the error.
Does anyone know what I missed here or what I did wrong?
<?php
$Input1 = "";
$Input1Err = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if(empty($_POST["Input1"])){
$Input1Err = "Enter something.";
}else{
$Input1 = test_input($_POST["Input1"]);
if(!preg_match("/[^a-z0-9 _]+$/i", $Input1)){
$Input1Err = "Only letters and space is allowed.";
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
and here is the html code i use:
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" method="POST">
<p>Enter your name <input type="text" required name="Input1" placeholder="Enter here.."></p>
<span class="error">*<?php echo $Input1Err;?></span>
Try this :
<?php
if(isset($_POST['submit']) && $_POST['name'] != "")
{
$name = $_POST['name'];
$pattern = "/[^a-z0-9 _]+$/i";
$result = htmlspecialchars(stripslashes(preg_match($pattern, $name)));
echo $name;
} else {
echo "Please enter something.";
}
?>
HTML Form :
<form method="post" action="<?= $_SERVER['PHP_SELF']; ?>">
<input type="text" name="name" required="">
<input type="submit" name="submit" value="Submit Form">
</form>
Regular Expression to allow only letters numbers and space
^[a-z0-9 .\-]+$
Also there is one closing parenthesis missing in if else condition
$Input1 = "";
$Input1Err = "";
if ($_SERVER["REQUEST_METHOD"] == "POST")
{
if(empty($_POST["Input1"]))
{
$Input1Err = "Enter something.";
}
else
{
$Input1 = test_input($_POST["Input1"]);
if(!preg_match('/^[a-z0-9 .\-]+$/i', $Input1))
{
$Input1Err = "Only letters and space is allowed.";
}
}
}
I am attempting to display the results without the form being shown at the same time. So, initially when they go to the URL they see the form, and after they fill out the form and the form validation and required fields and URL is valid. Here is what I started with.
<!DOCTYPE HTML>
<html>
<head>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<?php
// define variables and set to empty values
$TXTlinknameErr = $TXTurlErr = "";
$TXTlinkname = $TXTurl = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["TXTlinkname"])) {
$TXTlinknameErr = "Name is required";
} else {
$TXTlinkname = test_input($_POST["TXTlinkname"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$TXTlinkname)) {
$TXTlinknameErr = "Only letters and white space allowed";
}
}
if (empty($_POST["TXTurl"])) {
$TXTurl = "";
} else {
$TXTurl = test_input($_POST["TXTurl"]);
// check if URL address syntax is valid (this regular expression also allows dashes in the URL)
if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&##\/%?=~_|!:,.;]*[-a-z0-9+&##\/%=~_|]/i",$TXTurl)) {
$TXTurlErr = "Invalid URL";
}
}
if (empty($_POST["TXTurl"])) {
$TXTurlErr = "URL is required";
} else {
$TXTurl = test_input($_POST["TXTurl"]);
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<h2>Create HTML Link</h2>
<p><span class="error">* required field</span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
Name: <input type="text" name="TXTlinkname" value="<?php echo $TXTlinkname;?>">
<span class="error">* <?php echo $TXTlinknameErr;?></span>
<br><br>
URL: <input type="text" name="TXTurl" value="<?php echo $TXTurl;?>">
<span class="error"><?php echo $TXTurlErr;?></span>
<br><br>
<input type="submit" name="submit" value="Submit">
</form>
<?php
echo "<h2>Your HTML Code:</h2>";
echo "<br>";
echo '<textarea name="htmlcode" rows="10" cols="60">' . $TXTlinkname . '</textarea>';
?>
</body>
</html>
Here is what I have tried.
I've tried adding else statements after body and before results. I'd like the results not to show until after form submitted.
Here's what I have so far...
I tried to add the below after the body
<?php
//If form not submitted, display form.
if (!isset($_POST['submit'])||(($_POST['name']) == "")){
?>
Then I added:
<?php
} else {
//Retrieve show string from form submission.
Just after
// define variables and set to empty values
Finally added:
<?php
} ?>
Before /body
Here is what I tried.
<!DOCTYPE HTML>
<html>
<head>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<?php
//If form not submitted, display form.
if (!isset($_POST['submit'])||(($_POST['TXTlinkname'] && $_POST['TXTurl']) == "")){
?>
<?php
// define variables and set to empty values
$TXTlinknameErr = $TXTurlErr = "";
$TXTlinkname = $TXTurl = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["TXTlinkname"])) {
$TXTlinknameErr = "Name is required";
} else {
$TXTlinkname = HTML_input($_POST["TXTlinkname"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$TXTlinkname)) {
$TXTlinknameErr = "Only letters and white space allowed";
}
}
if (empty($_POST["TXTurl"])) {
$TXTurl = "";
} else {
$TXTurl = HTML_input($_POST["TXTurl"]);
// check if URL address syntax is valid (this regular expression also allows dashes in the URL)
if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&##\/%?=~_|!:,.;]*[-a-z0-9+&##\/%=~_|]/i",$TXTurl)) {
$TXTurlErr = "Invalid URL";
}
}
if (empty($_POST["TXTurl"])) {
$TXTurlErr = "URL is required";
} else {
$TXTurl = HTML_input($_POST["TXTurl"]);
}
}
function HTML_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<h2>Create HTML Link</h2>
<p><span class="error">* required field</span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
Name: <input type="text" name="TXTlinkname" value="<?php echo $TXTlinkname;?>">
<span class="error">* <?php echo $TXTlinknameErr;?></span>
<br><br>
URL: <input type="text" name="TXTurl" value="<?php echo $TXTurl;?>">
<span class="error"><?php echo $TXTurlErr;?></span>
<br><br>
<input type="submit" name="submit" value="Submit">
</form>
<?php
} else {
echo "<h2>Your HTML Code:</h2>";
echo "<br>";
echo '<textarea name="htmlcode" rows="10" cols="60">' . $TXTlinkname . '</textarea>';
?>
<button onclick="location = location.href">Go Back</button>
<?php
} ?>
</body>
</html>
So, initially when they go to the URL they see the form, and after they fill out the form and the form validation and required fields and URL is valid.
The big issue I see with your code is the if statement. The variables are not defined unless form hasn't been submitted. What I've changed is moved the function to be defined globally along with the variable names, and inverted the if statement. PHP Tags, you don't need them everywhere. One wrapper is good enough.
I'm not sure about what your result is, but for what you asked, I shall provide.
<!DOCTYPE HTML>
<html>
<head>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<?php
function HTML_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
$TXTlinkname = $TXTurl = "";
$TXTlinknameErr = $TXTurlErr = "";
//If form not submitted, display form.
if (isset($_POST['submit'])){
if (empty($_POST['TXTurl'])) {
$TXTurlErr = "URL is required";
} else {
$TXTurl = HTML_input($_POST['TXTurl']);
// check if URL address syntax is valid (this regular expression also allows dashes in the URL)
if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&##\/%?=~_|!:,.;]*[-a-z0-9+&##\/%=~_|]/i",$TXTurl)) {
$TXTurlErr = "Invalid URL";
}
}
if (empty($_POST['TXTname'])) {
$TXTlinknameErr = "Name is required";
} else {
$TXTlinkname = HTML_input($_POST['TXTname']);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$TXTlinkname)) {
$TXTlinknameErr = "Only letters and white space allowed";
}
}
}
if (empty($TXTurlErr) && empty($TXTlinknameErr) && isset($_POST['submit'])) {
echo "<h2>Your HTML Code:</h2>";
echo "<br>";
echo '<textarea name="htmlcode" rows="10" cols="60">' . $TXTlinkname . '</textarea>';
echo '<button onclick="location = location.href">Go Back</button>';
} else {
echo '<h2>Create HTML Link</h2>
<p><span class="error">* required field</span></p>
<form method="post" action="'.htmlspecialchars($_SERVER["PHP_SELF"]).'">
Name: <input type="text" name="TXTname" value="'.$TXTlinkname.'">
<span class="error">* '. $TXTlinknameErr .'</span>
<br><br>
URL: <input type="text" name="TXTurl" value="'.$TXTurl.'">
<span class="error">'.$TXTurlErr.'</span>
<br><br>
<input type="submit" name="submit" value="Submit">
</form>';
}
?>
</body>
</html>
Tested locally on XAMPP
You have to have a variable that tells you if you're going to show the textarea or not...
<!DOCTYPE HTML>
<html>
<head>
<style>
.error {color: #FF0000;}
</style>
</head>
<body>
<?php
// define variables and set to empty values
$TXTlinknameErr = $TXTurlErr = "";
$TXTlinkname = $TXTurl = "";
$show_textarea = false; //DEFAULT
if (isset($_POST['submit'])) { //The form is sent...
$show_textarea = true; //Then this is DEFAULT!!
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["TXTlinkname"])) {
$show_textarea = false; //DON'T SHOW TEXTAREA
$TXTlinknameErr = "Name is required";
} else {
$TXTlinkname = test_input($_POST["TXTlinkname"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$TXTlinkname)) {
$show_textarea = false; //DON'T SHOW TEXTAREA
$TXTlinknameErr = "Only letters and white space allowed";
}
}
if (empty($_POST["TXTurl"])) {
$show_textarea = false; //DON'T SHOW TEXTAREA
$TXTurl = "";
} else {
$TXTurl = test_input($_POST["TXTurl"]);
// check if URL address syntax is valid (this regular expression also allows dashes in the URL)
if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&##\/%?=~_|!:,.;]*[-a-z0-9+&##\/%=~_|]/i",$TXTurl)) {
$show_textarea = false; //DON'T SHOW TEXTAREA
$TXTurlErr = "Invalid URL";
}
}
if (empty($_POST["TXTurl"])) {
$show_textarea = false; //DON'T SHOW TEXTAREA
$TXTurlErr = "URL is required";
} else {
$TXTurl = test_input($_POST["TXTurl"]);
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
if ($show_textarea === false) {
?>
<h2>Create HTML Link</h2>
<p><span class="error">* required field</span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
Name: <input type="text" name="TXTlinkname" value="<?php echo $TXTlinkname;?>">
<span class="error">* <?php echo $TXTlinknameErr;?></span>
<br><br>
URL: <input type="text" name="TXTurl" value="<?php echo $TXTurl;?>">
<span class="error"><?php echo $TXTurlErr;?></span>
<br><br>
<input type="submit" name="submit" value="Submit">
</form>
<?php
}
if (isset($_POST['submit'])) { //The form is sent...
if ($show_textarea === true ) { //...AND the form has valid values
echo "<h2>Your HTML Code:</h2>";
echo "<br>";
echo '<textarea name="htmlcode" rows="10" cols="60">
' . $TXTlinkname . '
</textarea>';
}
}
?>
</body>
</html>
try this one:
if (!$_POST) || $_POST['TXTlinkname'] == "" && $_POST['TXTurl']) == "")){
When the user visits the Visitor Log page, they should be able to see a prompt asking them to enter their name. Upon submitting the form, the same page should display a completely different message welcoming the user to the web page. When the user refreshes the page, the process starts over.
This is what I have tried so far, it works, but I still don't understand how I would display a whole new message after the input.
Here is the code I have I need help with only using PHP to have the correct desired result
Attempt
<?php
// define variables and set to empty values
$nameErr = "";
$name = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["name"])) {
$nameErr = "Name is required";
}
else {
$name = test_input($_POST["name"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$name)) {
$nameErr = "Only letters and white space allowed";
}
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<p2 id="example-id-name" class="centered-text "></p>
<p><span class="error"></span></p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
<input type="text" name="name" value="<?php echo $name;?>">
<span class="error"> <?php echo $nameErr;?></span>
<br> <br>
<input type="submit" name="submit" value="Submit">
</form>
<?php
echo "$name";
echo "<br>";
?>
Where you're echoing name, you can check whether you have it or not and choose the message to display
<?php
if($name) {
echo "Hi $name!\n Welcome to our store!"
}
else {
echo "Please enter your name"
}
echo "<br>";
?>
You can write inline php and functions.
Code:
<?php
# filter input
function filter($var) {
return htmlspecialchars(stripslashes(trim($var)));
}
# validate name
function validate_name(&$name, &$err){
if(empty($name)){
$err = "Name is required";
return;
}
$name = filter($name);
if (!preg_match("/^[a-zA-Z ]*$/",$name)) {
$err = "Only letters and white space allowed";
}
}
$method = filter_input(INPUT_SERVER, 'REQUEST_METHOD');
$err = "";
# If client post a name, then validate the name
if ($method === "POST"){
$name = $_POST["name"] ?? "";
validate_name($name, $err);
}
?>
<!-- The form -->
<form method="post">
<label>
<input type="text" name="name" value="<?=$name ?? ""; ?>">
</label>
<!-- Show if error -->
<?php if (!empty($err)) { ?>
<span class="error">
<?=$err ?>
</span>
<?php } ?>
<br>
<input type="submit" name="submit" value="Submit">
</form>
<?php if (isset($name) && empty($err)) { ?>
<p>Hi <?=$name ?>!</p>
<p>Welcome to our store!</p>
<?php } ?>
I'm receiving an undefined index erroron one line of my code. I've double checked the spelling and verified it's also correctly identified in my database. I even swapped out another section of code that doesn't generate an error and changed the variable to no effect. The variable in question is FinalReviewDate.
<h2>Project Updates</h2>
<p class="first"></p>
<form action="http://www.oldgamer60.com/Project/Update.php" method="post">
<div class="fieldset">
<fieldset>
Project: <input type="text" name="Project" value="<?php if(isset($Project)){ echo $Project; } ?>">
<br><br>
Client: <input type="text" name="Client" value="<?php if(isset($Client)){ echo $Client; } ?>">
<br><br>
Date Received: <input type="text" name="DateReceived" value="<?php if(isset($DateReceived)){ echo $DateReceived; } ?>">
<br><br>
Last Name: <input type="text" name="LastName" value="<?php if(isset($LastName)){ echo $LastName; } ?>">
<br><br>
Final Review Date: <input type="text" name="FinalReviewDate value="<?php if(isset($FinalReviewDate)){ echo $FinalReviewDate; } ?>">
<br><br>
Date Delivered: <input type="text" name="DateDelivered" value="<?php if(isset($DateDelivered)){ echo $DateDelivered; } ?>">
<br><br>
Date Accepted: <input type="text" name="DateAccepted" value="<?php if(isset($DateAccepted)){ echo $DateAccepted; } ?>">
<br><br>
<input type="submit" name="submit" value="Submit">
</fieldset>
</div>
</form>
<br>
<?php
function test_input($data){
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
$servername = "localhost";
$username = "xxx";
$password = "xxx";
$dbname = "oldga740_SeniorProject";
// create connection
$connection = new mysqli($servername, $username, $password, $dbname);
if(isset($_POST['submit']) && !$connection->connect_error){
// to track errors
$error = false;
// now validate input fields
if(!preg_match("/^[a-zA-Z\s]{1,}$/",$_POST['Project'])){
// check if project only contains letters and whitespace
$ProjectErr = "Only letters and white space allowed";
$error = true;
}else{
$Project = test_input($_POST['Project']);
}
if(!preg_match("/^[a-zA-Z\s]{1,}$/",$_POST['Client'])){
// check if client only contains letters and whitespace
$ClientErr = "Only letters, numbers and white space allowed";
$error = true;
}else{
$Client = test_input($_POST['Client']);
}
if(!preg_match("/^[a-zA-Z\s]{1,}$/",$_POST['DateReceived'])){
// check if last name only contains letters and whitespace
$DateReceivedErr = "Only letters and white space allowed";
$error = true;
}else{
$DateReceived = test_input($_POST['DateReceived']);
}
if(!preg_match("/^[a-zA-Z\s]{1,}$/",$_POST['LastName'])){
// check if data received only contains letters and whitespace
$LastNameErr = "Only letters and white space allowed";
$error = true;
}else{
$LastName = test_input($_POST['LastName']);
}
if(!preg_match("/^[0-9]{1}-[0-9]{3}-[0-9]{3}-[0-9]{4}$/",$_POST['FinalReviewDate'])){
// check if data received only contains letters and whitespace
$FinalReviewDateErr = "Only letters and white space allowed";
$error = true;
}else{
$FinalReviewDate = test_input($_POST['FinalReviewDate']);
}
if(!preg_match("/^[0-9]{1}-[0-9]{3}-[0-9]{3}-[0-9]{4}$/",$_POST['DateDelivered'])){
// check if data received only contains letters and whitespace
$DateDeliveredErr = "Only letters and white space allowed";
$error = true;
}else{
$DateDelivered = test_input($_POST['DateDelivered']);
}
if(!preg_match("/^[0-9]{1}-[0-9]{3}-[0-9]{3}-[0-9]{4}$/",$_POST['DateAccepted'])){
// check if data received only contains letters and whitespace
$DateAcceptedErr = "Only letters and white space allowed";
$error = true;
}else{
$DateAccepted = test_input($_POST['DateAccepted']);
}
//set var field to update
if(!$error){
$query = "UPDATE `Projects` SET `Project`=[value-1],`Client`=[value-2],`DateReceived`=[value-3],`LastName`=[value-4],`FinalReviewDate`=[value-5],`DateDelivered`=[value-6],`DateAccepted`=[value-7] WHERE Project = '$Project'";
if($connection->query($query)){
echo "record is successfully updated!";
}else{
echo "error: record could not be updated";
}
}
}
?>
<?php
$connection->close();
?>
Forget to close name attribute
<input type="text" name="FinalReviewDate" value="<?php if(isset($FinalReviewDate)){ echo $FinalReviewDate; } ?>">
^
I'm just starting off with PHP and I've been trying to validate an HTML form and then POST the form's data onto another page, for some reason this doesn't seem to want to work. The issue is that when submit is clicked the page simply refreshes if there are no errors. Here are snippets of the code:
<?php
$nameErr = $surnameErr = " ";
$name = $surname = " ";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$valid = 0;
if (empty($_POST["name"])) {
$nameErr = "Name is required";
$valid++;
} else {
$name = test_input($_POST["name"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$name)) {
$nameErr = "Only letters and white space allowed";
}
}
if (empty($_POST["surname"])) {
$surnameErr = "Surname is required";
$valid++;
} else {
$surname = test_input($_POST["surname"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$surname)) {
$surnameErr = "Only letters and white space allowed";
}
}
if($valid == 0){
header('LOCATION: page2.php');
exit();
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
And here is the HTML
<form method="post" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']);?>">
<div class="label1">
<label>First Name</label>
<input type="text" name="name" id="name" placeholder="John" value="<?php echo $name;?>" onblur="validateName('name')">
<label>Surname</label>
<input type="text" name="surname" id="surname" placeholder="Smith" value="<?php echo $surname;?>" onblur="validateSurname('surname')"> <br />
<input type="submit" name="submit" value="Submit">
</div>
</form>
page2.php
<html>
<body>
Welcome <?php echo $_POST["name"]; ?><br>
Your surname is: <?php echo $_POST["surname"]; ?>
</body>
</html>
When you do your header('LOCATION: page2.php'); you will loose all your posted data, that will not be available in page2.php.
There are several solutions to that, for example:
use include instead of a header redirect;
store the posted data in a session or a database so that it is available in other pages.
I don't see any reason why you could not use an include here, is there a specific reason you want to redirect?
Try this
**main page**
<form method="post" action="page2.php">
<div class="label1">
<label>First Name</label>
<input type="text" name="name" id="name" placeholder="John" onblur="validateName('name')">
<label>Surname</label>
<input type="text" name="surname" id="surname" placeholder="Smith" onblur="validateSurname('surname')"> <br />
<input type="submit" name="submit" value="submit">
</div>
</form>
**page2.php**
<?php
if (isset($_POST['submit'])) {
$valid = 0;
if (empty($_POST["name"])) {
$name = "Name is required";
$valid++;
} else {
$name = test_input($_POST["name"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$name)) {
$name = "Only letters and white space allowed";
}
else{$name=$_POST["name"];}
}
if (empty($_POST["surname"])) {
$surname = "Surname is required";
$valid++;
} else {
$surname = test_input($_POST["surname"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$surname)) {
$surname = "Only letters and white space allowed";
} else{$surname=$_POST["surname"];}
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<html>
<body>
Welcome <?=$name?><br>
Your surname is: <?=$surname?>
</body>
</html>