I have a problem with SESSIONs in wordpress. I have looked around but could not find any answer. A similar question has been asked in another post on stackaoverflow, but no answer yet.
I have followed this tutorial to build my own FORM:build your own wordpress contact form in 5 minutes.
The problem
To make my form more secure, I decided to generate a session string, and store this string in a SESSION global array (to prevent form hijacking). I send this same string as hidden field when the form is posted. And than I compare this 2 values. However, it seems to me that when the form is submitted, the SESSION is not the same as the one i stored in the SESSION array before submission.
function myfunction() {
ob_start();
$errors = array();
//deliver_mail();
if(isset( $_POST['cf-submitted'] ) ) {
if( $_POST['formtoken1'] !== $_SESSION['formtoken1'] ) {
$errors['token'] = '<div>The form submited is not valid.</div>';
//debug
echo $_SESSION['formtoken1'];//At this point, SESSION[formtoken1] should be same as the one we generated before FORM submit, but it is not!
}
if(empty($errors)) {
//No Errors! Send Email
}
}
$_SESSION['formtoken1'] = md5(uniqid(rand(), true));
$_SESSION['formtoken1'] = htmlspecialchars($_SESSION['formtoken1']);
echo '<form action="' . esc_url( $_SERVER['REQUEST_URI'] ) . '" method="post">';
echo '<input type="text" name="formtoken1" id="formtoken1" value="'. (isset($_SESSION['formtoken1']) ? $_SESSION['formtoken1'] : '') . '" />';
echo '<p><input type="submit" name="cf-submitted" value="Send"></p>';
echo '</form>';
return ob_get_clean();
}
add_shortcode( 'my_contact_form', 'myfunction' );//Create shortcode
When this form is submitted, it always creates error because SESSION variable is not same as the POST variable. When I test this same code outside wordpress on my local xampp server, it works. I will be greatful if anyone can help me. I have also tried session_start() at top of script, but still the same problem.
After some trials, I realized that the post title was displaying on top of the page. I was starting ob_start() inside myfunction(). So, title was outputting before SESSION was started. I changed the code as below, and it works for now. The only problem with this solution is that wordpress is calling ob_start() at every page load. it would be better if it worked inside the myfunction() because it would mean ob_start() is executed only when the short-code is called within a post.
`
//Plugin Name: test form
ob_start(); //put this outside the myfunction()
if(!session_id() ) {
session_start();
}
function myfunction() {
$errors = array();
//deliver_mail();
if(isset( $_POST['cf-submitted'] ) ) {
if( $_POST['formtoken1'] !== $_SESSION['formtoken1'] ) {
$errors['token'] = '<div>The form submited is not valid.</div>';
//debug
echo $_SESSION['formtoken1'];//At this point, SESSION[formtoken1] should be same as the one we generated before FORM submit, but it is not!
}
if(empty($errors)) {
//No Errors! Send Email
}
}
$_SESSION['formtoken1'] = md5(uniqid(rand(), true));
$_SESSION['formtoken1'] = htmlspecialchars($_SESSION['formtoken1']);
echo '<form action="' . esc_url( $_SERVER['REQUEST_URI'] ) . '" method="post">';
echo '<input type="text" name="formtoken1" id="formtoken1" value="'. (isset($_SESSION['formtoken1']) ? $_SESSION['formtoken1'] : '') . '" />';
echo '<p><input type="submit" name="cf-submitted" value="Send"></p>';
echo '</form>';
return ob_get_clean();
}
add_shortcode( 'my_contact_form', 'myfunction' );//Create shortcode`
Related
UPDATE: sorry, thanks for the solutions offered... not really clear how to implement, I think ive not been too clear... if I can understand how to implement the solutions thatd be neat...
Ive also successfully managed to get code working to create a new database table and insert test data but ommited that so its not so complex....
I REALLY want to be able to...
display some content that I can put in success.php (or else where) when the message is sent successfully
that content would say Message Sent - YAY! and then Id like to be able to add, exisiting wp content - some services or products you might be interested in and display them on that same success result page after the message is sent...
maybe there is a better way to redirect users after the message is sent...
then....I also need to save the form data (not yet done) to the new table that I have created (got the table created via plugin), and then display a table of all form submission records in admin panel (not done)
I replaced the content of my main.php file (the plugin's main php file in plugin-name root.
<?php
/** template info etc...
**/
// Find all .php files in the includes dir of my plug in folder.
foreach ( glob( plugin_dir_path( __FILE__ ) . "includes/*.php" ) as $file ) {
include_once $file;
}
?>
and all my files except the main one (which is in the plugin root) are in plugins/plugin-name/includes and are being found - YAY
so my includes/webform.php displays the form nicely it sends an email but I can't get this error or success message via success.php or error.php thing to work.
includes/success.php now looks like this... as per DK's suggestion
<?Php
$Errors = implode(' ', $_SESSION['errMsg']);
echo $Errors; ?>
includes/webform.php now looks like this...
<?php
function d6s_opp_html_form() {
echo '<form action="' . esc_url( $_SERVER['REQUEST_URI'] ) . '" method="post">';
//Form action page is the current url. the form is called by a shortcode that will run functions that are written within this plugin's files, they can be in different files in different folders within the plug in because we have told the plug in to load them in the main plug in file.php horray thay is working..
// other form fields removed to shorten this stakoverflow post
echo '<p>';
echo 'Your Name* <br />';
echo '<input type="text" name="d6s-opp-name" pattern="[a-zA-Z0-9 ]+" value="' . ( isset( $_POST["d6s-opp-name"] ) ? esc_attr( $_POST["d6s-opp-name"] ) : '' ) . '" size="40" placeholder="First & Last name" required />';
// Now using required - is that better than having to check if not empty in success or fail bit????
echo '<p><input type="submit" name="d6s-submitted" value="Send"/></p>';
echo '</form>';
}
//Short code function is here and works GREAT
Then below that in the same file this is the function i figured DK meant that I should put the first part of his solution 1
I Guess this is where I have it wrong still
function deliver_opp_mail() {
// if the submit button is clicked, send the email
if ( isset( $_POST['d6s-submitted'] ) ) {
//sanitise form values so that form data is readable... eg/ if users enter code/script or formatting symbols, it is not missinterpretted as code and is seen as all text.
$name = sanitize_text_field( $_POST["d6s-opp-name"] );
$email = sanitize_email( $_POST["d6s-opp-email"] );
$messagesubject = sanitize_text_field( $_POST["d6s-opp-subject"] );
$messagecontent = esc_textarea( $_POST["d6s-opp-message"] );
$phone = ( $_POST["d6s-opp-phone"] );
// Would like to consider calling form values via global Variables.
$subject = "NEW OPPURTUNITY: $messagesubject";
$d6sdir = plugin_dir_path( __FILE__ );
//Create the Email Body Message using free text and data from the form.
$message = "New Message From: $name \n MESSAGE: $messagecontent \n Return Email: $email \n Return Phone $phone ";
// get the blog administrator's email address, form data is emailed to this email address.
$to = get_option( 'admin_email' );
// Look into setting a to: Email address in WP Admin Console.
$headers = "From: $name <$email>" . "\r\n";
if ( wp_mail( $to, $subject, $message, $headers ) ) {
//maybe this is in the wrong spot, or perhaps this is not the solution I need, but I have tried this in a few different places and can't get it to work..
$Msg = array(
"You have an error",
"Your mail sent succesfully"
);
$_SESSION['errMsg'] = $Msg;
//this take the user to www.mydomain.com/.....wp-content/plugins/my-plugin/includes/success.php - the file is there, but WP theme not found is displayed.
header("Location: $d6sdir/success.php");
exit;
}
}
}
?>
*Dont want to display a message above the form on success or error... future plans for workflow need to take users to a page with no form and other content after they hit submit.
*also using error reporting - seems like something happen or flashes up before the not found from the theme bit is displayed and no other error are reported...
<?Php error_reporting(E_ALL); ini_set('display_errors', 1);
************************** FROM INITAL POST....
Really keen to learn. First post, thanks for help
Purpose of plug in: Create a plugin that I can eventually build into a custom CRM tool for my small business and Learn to code.
*Why is this so not simple...
Solution 1 passing messages to success.php
$Msg = array(
"You have an error",
"Your mail sent succesfully"
);
$_SESSION['errMsg'] = $Msg;
success.php
$Errors = implode(' ', $_SESSION['errMsg']);
echo $Errors;
Solution 2 :
$_SESSION["errMsg"] = "Your mail sent succesfully";
if(isset($_SESSION['errMsg']) AND !empty($_SESSION['errMsg']) ):
echo "<div class='alert danger'>".$_SESSION['errMsg']."</div>";
endif;
Not found solution :
You can use $_SERVER['DOCUMENT_ROOT']; to find root D:/wamp/www
and then full url to page like so :
echo $_SERVER['DOCUMENT_ROOT']."/yourFolder/test.php";
output :D:/wamp/www/yourFolder/test.php
Note : will be nice if you use exit(); right after header("Location:");
I am trying to save the status of my checkbox whether it is true or false (checked/unchecked) to a file. I managed to write the checkbox value to a file but I have no idea if this is even the right way to do it and I also don't know how to load it again.
I want that my checkbox status of the last time is "remembered" by reloading the page.
Using local storage isn't a option for me sadly.....
here my code:
<form action="database.php" method="post">
<input type="hidden" name="check2" value="0" />
<input type="checkbox" name="check2" value="1" />
<input type="submit" value="senden" />
</form>
<?php
$handle = fopen("saver.json", "a");
$fh = fopen( 'saver.json', 'w' );
fclose($fh);
foreach($_POST as $value) {
fwrite ($handle, $value);
}
fclose($handle);
?>
so this first deletes the old saved value and then writes a 1 or a 0 in the file.
Am I on a good way or do I think too simple?
All help is highly apprecciated !
Thanks a lot
Try this solution, all checkbox status are preserved after submit, reload and even restart your browser:
<?php
// Use SESSION to store checkbox status data. SESSION seems to have a lifetime, that will erase itself if exceed.
// If you need preserve status after browser closed (), you might need to consider storing them into a file.
session_start();
$sessionTgt = NULL;
// You probaby won't need this, but if you have corrupted session
// , use "localhost://my/url/thisScript.php?reset=1" to reset/erase this session key ("saveCheckBox").
if ($_SERVER["REQUEST_METHOD"] === "GET" && isset($_GET["reset"]) && $_GET["reset"] === "1" ) {
unset($_SESSION["saveCheckBox"]);
echo("Ok, have just reset \$_SESSION[\"saveCheckBox\"]:");
exit();
}
// Reset this session key ("saveCheckBox") if it was not set.
if (!isset($_SESSION["saveCheckBox"])) {
$_SESSION["saveCheckBox"] = [
// "0" means server tell client no redirect. "1" means redirect immediately.
"ifRedirect" => "0",
// Store checkbox checked status. Example data will look like this:
// [
// "ckBox1" => "checked",
// "ckBox4" => "checked"
// ]
// , it means checkbox "ckBox1" and "ckBox4" are checked, others are not.
"checkBoxData" => [],
];
}
// Passing "reference", not value, to variable $sessionTgt.
$sessionTgt = &$_SESSION["saveCheckBox"];
// Print html form, by some condition. if some of the checkbox have "checked" status
// , then append the string "checked" inside their html <input> tag
// , so the input box will displayed as "checked".
function printFormAndCheckStatus ($checkStatus = NULL) {
echo(
'<form action="" method="post">' .
'<input type="checkbox" name="ckBox1" value="checked" ' . printCheckedMaybe("ckBox1", $checkStatus) . ' />' .
'<input type="checkbox" name="ckBox2" value="checked" ' . printCheckedMaybe("ckBox2", $checkStatus) . ' />' .
'<input type="checkbox" name="ckBox3" value="checked" ' . printCheckedMaybe("ckBox3", $checkStatus) . ' />' .
'<input type="checkbox" name="ckBox4" value="checked" ' . printCheckedMaybe("ckBox4", $checkStatus) . ' />' .
'<input type="submit" value="Submit" />' .
'</form>'
);
}
function printCheckedMaybe ($nameAttribute, $checkStatus) {
if (isset($checkStatus[$nameAttribute])) {
return "checked";
} else {
return "";
}
}
// POST "bouncing" logic. Notice the sequence is like this:
// -> Client get new page (client)
// -> Client user checked checkbox and post (client)
// -> Server save post data to SESSION (server)
// -> Server ask client for redirect (server)
// -> Client redirect immediately without doing anything (client)
// -> Server give back modified form content, that some input box has "checked" string
// appended inside the tag (client).
// The reason using double request instead of one, is to PREVENT POST DATA GET POSTED TWICE, which confuse server.
if ($_SERVER["REQUEST_METHOD"] === "POST") {
$sessionTgt["ifRedirect"] = "1";
$sessionTgt["checkBoxData"] = [];
if (isset($_POST)) {
foreach ($_POST as $name => $value) {
$sessionTgt["checkBoxData"][$name] = $value;
}
}
header("Refresh:0");
// When client get this response header pattern/content, client (browser) know he need to
// refresh the page immediately (request the same url again).
} else {
if ($sessionTgt["ifRedirect"] !== "1") {
if (isset($sessionTgt["checkBoxData"])) {
printFormAndCheckStatus($sessionTgt["checkBoxData"]);
} else {
printFormAndCheckStatus();
}
} else {
// Just after redirect.
$sessionTgt["ifRedirect"] = "0";
printFormAndCheckStatus($sessionTgt["checkBoxData"]);
}
}
Does this solve your problem? This solution save your checkbox status inside server SESSION, but SESSION seems to have a lifetime, that will erase itself if exceed. (maybe I'm wrong). If you need long term storing you can write it into a file or database.
** SOLVED **
I had failed to require Wordpress in the form processor. Adding this line at the top fixed it (always the simplest thing, right!?):
require_once( explode( "wp-content" , __FILE__ )[0] . "wp-load.php" );
I've created a custom front-end profile for a client's site, and I'm adding a way for other users to favorite that profile. (Please don't suggest anything like BuddyPress or another plugin -- I've tried about a dozen, and none of them have all of the capabilities I need. Thanks.) :)
Anyway.... here is the overview. I hope it's clear. Let's say that USER 1 is viewing the profile of USER 10.
In the database, user 1 has a field called favorite_10 which can be set to "yes" or "no" (or null)
When someone clicks the "Favorite" button in another user's profile, it will run a simple script to change the value from "yes" to "no" or vice-versa
That's it. I think it's a pretty good solution, but the form processing script is breaking at the update_user_meta line.
Here we go.
foreach($sitterlist as $sitteritem) {
$code = 'favorite_'.(esc_html($sitteritem->ID));
$key = esc_html($sitteritem->ID);
$favorite[$key] = get_the_author_meta( $code, $currentuser);
}
$is_favorite=null;
if ($favorite[$usertosearch]=='yes') {
$is_favorite = true;
} else {
$is_favorite = false;
}
?>
<form method="post" action="updatefavorite.php">
<input type="hidden" value="<?php echo $usertosearch; ?>" name="usertosearch" id="usertosearch">
<input type="hidden" value="<?php echo $currentuser; ?>" name="currentuser" id="currentuser">
<input type="hidden" value="<?php echo $is_favorite; ?>" name="is_favorite" id="is_favorite">
<button type="submit" id="favoritebutton" name="favoritebutton"><span>Favorite</span></button>
</form>
And here is updatefavorite.php
<?php
if(isset($_POST['favoritebutton'])) {
$currentuserid = $_POST['currentuser'];
$currentprofileid = $_POST['usertosearch'];
$currentfavorite = $_POST['is_favorite'];
$code = 'favorite_'.$currentprofileid;
if ($currentfavorite) {
$currentfavorite = 'no';
} else {
$currentfavorite = 'yes';
}
update_user_meta($currentuserid,$code,$currentfavorite);
}
header('Location: ' . $_SERVER['HTTP_REFERER']);
?>
After a lot of testing and debugging, I've figured out that it's breaking at update_user_meta ... but I don't know why.
Thank you!
** SOLVED ** I had failed to require Wordpress in the form processor. Adding this line at the top fixed it (always the simplest thing, right!?): require_once( explode( "wp-content" , __FILE__ )[0] . "wp-load.php" );
The Problem
I am trying to submit a form in php but due to the nature of what i want i need the page to not go onto the next one i just want it to submit the data and refresh the current page or whatever, at current it submits the data and goes onto page 2 which i dont want i just need it to submit the data and stay on the current page, if thats possible!
The Code
//page 1 code
<center>
<h1>What Is Jacob Dailey Doing?</h1>
<form method="post" action="jacob_dailey.php">
<select name="baby_status">
<option value="playing">Playing</option>
<option value="awake">Awake</option>
<option value="sleeping">Sleeping</option>
</select>
<br />
<input type="submit" value="Submit"/>
</form>
</center>
//page 2 code
<?php
if (isset($_POST['baby_status'])) {
$baby = $_POST['baby_status'];
setcookie("baby_status", $baby, time() + 31556926, '/'); // Data will Store For 1 Year
header('Location: ' . $_SERVER['PHP_SELF']);
}
$status = $_COOKIE['baby_status'];
echo '<center> <h1>Baby Jacob Dailey Is Currently ' . ucwords($status) . '</h1>';
if ($status == "playing") {
echo '<img src="http://cdn.sheknows.com/articles/2013/02/baby-playing-with-blocks.jpg"/>';
}
elseif ($status == "awake") {
echo '<img src="http://www.westheimphoto.com/lightbox/gallery/TaiwanStockPhotos/TWNhw1221.jpg"/>';
}
elseif ($status == "sleeping") {
echo '<img src="http://www.babycare.onlymyhealth.com/imported/images/neonatal/2012/July/19_Jul_2012/6-Months-Old-ssl.jpg"/>';
}
echo '</center>';
?>
Page 2 code shouldnt be as important but i just need it so when i click submit on page 1 it updates the information on page 2 but doesnt take me to page 2.
Cheers!
Your form can submit onto itself. Just in the action="xyz" either leave it (the whole action=... attribute) out entirely or else name the page that also contains the form there between quotes.
Then when you load the page you check the $_POST or $_GET array (depending on the method) to see if the submit button was pushed or if someone just navigated to the page. (You'll want to give you submit button a name="foo".)
action="jacob_dailey.php" in your form takes you to that page, you either paste your php code to main page and replace action with just "" or you will search AJAX and learn how to it with that
You can use jQuery.ajax(). Example here:
http://www.formget.com/form-submission-using-ajax-php-and-javascript/
This example uses a database, but you can use a php file to return values and read them from the response in javascript. Do not put any action to the form but enable a click event handler on the submit button to enable the function.
Also my example here: http://dev.ossipesonen.fi/alkoholilaskuri/
A very simple form where you insert values, pass them onto PHP with $_POST and then calculates the right amounts and sums, and you print them in the response.
Solution: Update Status Without Page Reload Using XHR and Filesystem Storage
If you want someone on another computer to see the update, then you'll need to store that information on the server. You could store the information in a database, but for this small bit of information I'm using the filesystem.
page1.php
<?php
// get baby status if available
if ( is_readable('baby_status.php') ) {
include 'baby_status.php';
}
$status = ( $status )? $status: '??';
// prepare to update select list
list($pl_check, $pl_check, $pl_check) = array('', '', '');
switch ( $status ) {
case 'playing': $pl_check = ' selected '; break;
case 'awake': $aw_check = ' selected '; break;
case 'sleeping': $sl_check = ' selected '; break;
}
?>
<center>
<h1>What Is Jacob Dailey Doing?</h1>
<form id="baby_form" method="post" action="update_baby.php">
<select id="baby_status" name="baby_status">
<option value="playing" <?php echo $pl_check ?>>Playing</option>
<option value="awake" <?php echo $aw_check ?>>Awake</option>
<option value="sleeping"<?php echo $sl_check ?>>Sleeping</option>
</select><br />
<input type="submit" value="Submit"/>
</form>
See Baby Status
</center>
<script>
// XHR/PHP/Filesystem method
function update_baby () {
var baby_status = document.getElementById('baby_status');
var status=encodeURIComponent(baby_status.options[baby_status.selectedIndex].value)
var parameters = 'baby_status=' + status
// set up XHR object
var xhr = new XMLHttpRequest()
xhr.open('POST', 'update_baby.php', true)
xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded')
// handle response
xhr.onload = function () {
console.log(this.responseText)
alert(this.responseText)
}
xhr.send(parameters)
}
// hook up baby status function to form submit
document.getElementById('baby_form').addEventListener('submit', function(evt){
evt.preventDefault()
update_baby()
})
</script>
page2.php
<?php
// execute baby update code and get current status
include 'update_baby.php';
echo '<center> <h1>Baby Jacob Dailey Is Currently ' . ucwords($status) . '</h1>';
if ($status == "playing") {
echo '<img src="http://cdn.sheknows.com/articles/2013/02/baby-playing-with-blocks.jpg"/>';
}
elseif ($status == "awake") {
echo '<img src="http://www.westheimphoto.com/lightbox/gallery/TaiwanStockPhotos/TWNhw1221.jpg"/>';
}
elseif ($status == "sleeping") {
echo '<img src="http://www.babycare.onlymyhealth.com/imported/images/neonatal/2012/July/19_Jul_2012/6-Months-Old-ssl.jpg"/>';
}
?>
<br>
Update Baby Status
</center>
update_baby.php
<?php
if (isset($_POST['baby_status'])) {
$status = $_POST['baby_status'];
// prepare php script text for baby status file
$status_write = <<<EOT
<?php
\$status = '$status';
?>
EOT;
// write status to baby_status.php
if ( $baby_status_file = fopen('baby_status.php', 'w') ) {
fwrite($baby_status_file, $status_write);
fclose($baby_status_file);
}
echo 'Baby status updated.';
}
else {
if ( is_readable('baby_status.php') ) {
include 'baby_status.php';
}
$status = ( $status )? $status: '??';
}
?>
Note: To use this option the directory these files are in must be writeable by the web server.
I am trying to wrap up this contact/quote form which has same page validation but external processing. I have set up a variable to go in the form action and the variable/url changes from the same page to the processing page when the form validates. However, it is taking two clicks on the submit button to process the form after all the required fields have been filled in: All the required fields will be filled in, I click submit, the page reloads with the saved data variables and then when I hit submit agin, it finally goes through, sending the email and loading the thankyou page. I have searched the posts here and tried multiple things but have not found a solution. I am definitely not a php expert, still a newbie so this may not be the best way to accomplish this but I'd appreciate any ideas on how to finish this up. Here is what I have:
<?php
....
if (empty($Name) && empty($Company) && empty($Address1) && empty($City) && empty($State) && empty($Phone))
{
echo '<p class="tan">The fields marked with an * are required.</p>';
$Process = 'samepageurl';
}
/*else if (empty($Name) || is_numeric($Name))
{
echo '<p class="tan"><b>Please enter your name.</b></p>';
}*/
else if (empty($Company) || is_numeric($Company))
{
echo '<p class="tan"><b>Please enter your company name.</b></p>';
$Process = 'samepageurl';
}
else if (empty($Address1) || is_numeric($Address1))
{
echo '<p class="tan"><b>Please enter your address.</b></p>';
$Process = 'samepageurl';
}
else if (empty($City) || is_numeric($City))
{
echo '<p class="tan"><b>Please enter your city.</b></p>';
$Process = 'samepageurl';
}
else if (empty($State) || is_numeric($State))
{
echo '<p class="tan"><b>Please enter your state.</b></p>';
$Process = 'samepageurl';
}
else if (empty($Phone) || ctype_alpha($Phone))
{
echo '<p class="tan"><b>Please enter your phone number.</b></p>';
$Process = 'samepageurl';
}
else if (strlen($Phone) < 10 || strlen($Phone) > 12 || ctype_alpha($Phone) || ctype_space($Phone))
{
echo '<p class="tan"><b>Please enter a phone number with an area code.</b></p>';
$Process = 'samepageurl';
}
else if (isset($Name) && isset($Company) && isset($Address1) && isset($City) && isset($State) && isset($Phone))
{
$Process = 'processingurl';
}
?>
<form action="<?php echo $Process; ?>" method="post" class="print" >
<p><input type="hidden" name="recipient" value="responses#url.com"/>
<input type="hidden" name="subject" value="Web Site Response"/>
<input type="hidden" name="redirect" value="thankyou.html"/></p>
... form fields ...
</form>
Thank you in advance!
First check for missing variables, then extract and validate the variables, then serve content based on them.
<?php
function verifyPostContains(&$req) {
global $_POST;
$missing = array();
foreach($req as $var => $_) {
if(!isset($_POST[$var])) {
$missing[] = $var;
}
}
return $missing;
}
$requirements = array('name'=>'','city'=>'','state'=>'',...);
$missing = verifyPostContains($requirements);
if(count($missing)>0) {
$content = formErrorReport($missing);
sendHeaders();
echo $content;
exit();
}
// extract, making sure to sanitize
$name = sanitize($_POST["name"]);
...
$errorHtml = array();
// validate by reference. Effectively call testName($name).
if(failsValidation($name, "testName")) {
$errorHtml [] = generateError(NAME_ERROR, $name);
} else { $requirements["name"] = $name; }
if(failsValidation($city, "testCity")) {
$errorHtml [] = generateError(CITY_ERROR, $city);
} else { $requirements["city"] = $name; }
...
if(count($errorHTML)>0) {
generateErrorPage($requirements, $missing, $errorHTML);
} else { processForm($requirements); }
?>
this code assumes you have functions to do the various bits that need to be done, and has some string constants for generating error HTML.
As a newcomer you may want to google for some tutorials that explain doing form processing using PHP at the server, and JavaScript at the client. If you find a tutorial that gives you code that echos errors while it's testing the data, such as you code does, move along. It's not a good tutorial. If you find one that stops after it finds one error, move along too. If you find one that tells you to make sure the values are right in JavaScript, and then says "we already validated this at the client so we use the values directly in PHP", move along, too. Look for a tutorial that explains:
ensuring there's data in all the form fields, using JavaScript, so the submit button is disabled until there's data for all the fields.
ensuring the data matches your criteria, in PHP, so that people who just POST to your server without ever using your page don't get away with injecting all manner of fun stuff they weren't supposed to be able to do
you generate a page with all the errors explained, if there are any, and the form repopulated with the wrong data, but highlighted as wrong
you process the post request if there are no errors.
(Bonus points if the tutorial explains that a POST request is not required to actually ever generate page content as a response, other than a header that indicates whether or not the POST call was accepted or rejected.)