<?php
if (isset($_POST['ign'], $_POST['email'])) {
if($_POST['ign'] && $_POST['email']){
}
else {
echo ("Please enter all of the values!");
}
}
else {
echo ("Error in form data!");
}
if((FILTER_VALIDATE_EMAIL($_POST['email'] == TRUE))) {
$email = $_POST['email'];
echo ("Thanks, " . htmlentities($_POST['ign']) . ", you will recieve an email when the site is complete!");
}
else {
echo "Failure!";
}
// insert email and ign into database
?>
Is this going to work correctly? First time doing something completely from scratch lol!
OK! I have changed it. What about this? Should I also do the empty thing?
<?php
if (!isset($_POST['ign'], $_POST['email'])) {
if($_POST['ign'] && $_POST['email']){
echo "Please fill out all of the fields!";
die;
}
if(var_filter($_POST['email'], FILTER_VALIDATE_EMAIL))
$email = $_POST['email'];
echo ("Thanks, " . htmlentities($_POST['ign']) . ", you will recieve an email when the site is complete!");
}
else {
echo "Your email was invalid!";
}
// insert email and ign into database
?>
Use built in functions, don't re-invent the wheel:
if(filter_var($mail, FILTER_VALIDATE_EMAIL)){
echo "Mail is valid!";
}
WHY IS YOUR FUNCTION NAME ALL CAPS?
...and do you see the difference between this...
if(func($_POST['email'] == TRUE)){
and this..
if(func($_POST['email']) == TRUE){
?
There are lots of mistakes there. Here's what you should be doing:
// First check if both fields are present. Usually there is no point in doing this
// because the next check will also catch this case, but you had it so I put it in too.
if (!isset($_POST['ign'], $_POST['email'])) {
echo ("Error in form data!");
die; // or something else
}
// Then check if both values are non-"empty" (you might want to look at the docs for
// an explanation of what this means exactly).
if (empty($_POST['ign']) || empty($_POST['email'])) {
echo ("Please enter all of the values!");
die; // or something else
}
// Finally, validate the email. DO NOT COMPARE WITH true!
if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
echo "Failure!";
die; // etc
}
echo ("Thanks, " . htmlentities($_POST['ign']) . ", blah blah!");
Related
I'm working on an e-commerce website project, and I'm trying to validate customer's information using PHP. And I'm here trying to check if the customer put his/her phone number, and to check if the phone number is in the correct form. So first, I check the POST array if it's empty or not, if it is empty, I show an error message "Phone number must be entered". And if there is a phone number, I check the REGEX and if it does not match, I show an error message "Phone number is invalid". And everything is correct, just proceeds. But somehow, below my code, does not check REGEX. If it is empty, it shows an error message for the empty field, but not REGEX. Why is this so?
if (!empty($_POST)) {
$error = false;
if (empty($_POST["phone"])) {
echo "<p class='errorMessage'> Phone must be entered. </p>";
$error = true;
}
if (!empty($_POST["phone"])) {
if (!preg_match("/^[2-9]\d{2}-\d{3}-\d{4}$/", $_POST['phone'])) {
echo "<p class='errMessage'>Phone number is invalid</p>";
}
}
if (!$error) {
header("Location: confirmation.php");
exit;
}
}
And here is the HTML part:
<tr>
<th><label for="phone">Phone Number</label></th>
<td><input class="inputField" type="text" id="phone" name="phone"
<?php
if (isset($_POST["phone"])) echo "value='" . $_POST["phone"] . "'";
?>></td>
</tr>
This is because you don't declare error if the regex is invalid, so the code proceeds :
if (!empty($_POST)) {
$error = false;
if (empty($_POST["phone"])) {
echo "<p class='errorMessage'> Phone must be entered. </p>";
$error = true;
}
if (!empty($_POST["phone"])) {
if (!preg_match("/^[2-9]\d{2}-\d{3}-\d{4}$/", $_POST['phone'])) {
$error = true;
echo "<p class='errMessage'>Phone number is invalid</p>";
}
}
if (!$error) {
header("Location: confirmation.php");
exit;
}
}
Try the following code:
if (strlen($_POST["phone"]) >0) {
if (!preg_match("/^[2-9]\d{2}-\d{3}-\d{4}$/", $_POST['phone'])) {
$error = true;
echo "<p class='errMessage'>Phone number is invalid</p>";
}
else {
echo "<p class='errorMessage'> Phone must be entered. </p>";
$error = true;
}
In a Profile page of the User, I want to validate his input with PHP after submission and display errors on the same page before updating in the database.
For this, I'm doing something like:
<div>
<?php
if (isset($_POST["submitted"])) {
if (!isValidEmail($_POST["email"])) {
echo "<p>Please enter a valid email address.</p>";
return; // or exit;
}
if (!isValidPhoneNumber($_POST["phoneNumber"])) {
echo "<p>Please enter a valid phone number.</p>";
return; // or exit;
}
...
if (updateUser($id, $email, $phoneNumber, $name)) {
echo("<meta http-equiv='refresh' content='0'>");
} else {
echo "<p>An error occurred! Could not update your profile information!</p>";
}
}
?>
</div>
<my-footer></my-footer>
So when an error occurs upon PHP validation, the footer doesn't appear. So I understood that with return or exit the page will stop rendering at that command.
What can I do to solve this issue?
I want it to stop execution of the PHP script but display the rest of the HTML page.
You could put your validation logic inside a function at the top of your page, and change all your echo to return.
function validate() {
if (isset($_POST["submitted"])) {
if (!isValidEmail($_POST["email"])) {
return "<p>Please enter a valid email address.</p>";
}
if (!isValidPhoneNumber($_POST["phoneNumber"])) {
return "<p>Please enter a valid phone number.</p>";
}
//...
if (updateUser($id, $email, $phoneNumber, $name)) {
return "<meta http-equiv='refresh' content='0'>";
} else {
return "<p>An error occurred! Could not update your profile information!</p>";
}
}
}
Then simply echo the string returned from the function above the footer.
<div>
<?php echo validate(); ?>
</div>
<my-footer></my-footer>
Note that the above will work because $_POST is a superglobal. However, you may consider changing your function to pass email, phoneNumber, name and id as parameters instead.
Change your flow up a little bit...
if (isset($_POST["submitted"])) {
$has_errors = FALSE;
$err_msg = '';
if (!isValidEmail($_POST["email"])) {
$err_msg .= "<p>Please enter a valid email address.</p>";
$has_errors = TRUE;
}
if (!isValidPhoneNumber($_POST["phoneNumber"])) {
$err_msg .= "<p>Please enter a valid phone number.</p>";
$has_errors = TRUE;
}
if ( $has_errors ) {
echo "<p>Please Correct the following and resubmit...</p>" . $err_msg;
} else {
if (updateUser($id, $email, $phoneNumber, $name)) {
echo("<meta http-equiv='refresh' content='0'>");
} else {
echo "<p>An error occurred! Could not update your profile information!</p>";
}
}
}
Many times you will see PHP frameworks that can handle this for you.
Here's a good website to compare a few: http://phpframeworks.com/
But what you can do is put your footer (and / or the rest of your code) into a function that holds the rest of your code for you, and you can call it later or whenever you need to so you can still end code execution gracefully.
<div>
<?php
function footer() {
$string = "</div>";
$string .= "<my-footer></my-footer>";
return $string;
}
if (isset($_POST["submitted"])) {
if (!isValidEmail($_POST["email"])) {
echo "<p>Please enter a valid email address.</p>";
die(footer()); // Displays footer
}
if (!isValidPhoneNumber($_POST["phoneNumber"])) {
echo "<p>Please enter a valid phone number.</p>";
die(footer()); // Displays footer
}
...
if (updateUser($id, $email, $phoneNumber, $name)) {
echo("<meta http-equiv='refresh' content='0'>");
} else {
die("<p>An error occurred! Could not update your profile information!</p>" . footer()); // kills the page execution, but still returns the foot of the page.
}
}
echo footer();
?>
I cannot get this to work for the life of me, it is PHP.
<?php
if (!isset($_POST['ign']) || ($_POST['email'])) {
echo "Please enter all of the values!";
}
else {
echo "Thanks, " . $_POST['ign'] . ", you will recieve an email when the site is complete!";
}
?>
I've also tried using !isset twice.
isset() accepts more than just oneparameter, so just pass as many variables as you need to check:
<?php
if (!isset($_POST['ign'], $_POST['email'])) {
echo "Please enter all of the values!";
}else{
echo "Thanks,". $_POST['ign'].", you will receive an email when the site is complete!";
}
?>
You could use empty() as well, but it doesn't accept more than a variable at a time.
This is how I solved this issue:
$expression = $_POST['ign'] || $_POST['email'] ;
if (!isset($expression) {
echo "Please enter all of the values!";
}
else {
echo "Thanks, " . $_POST['ign'] . ", you will recieve an email when the site is
complete!";
}
Simplest way I know of:
<?php
if (isset($_POST['ign'], $_POST['email'])) {//do the fields exist
if($_POST['ign'] && $_POST['email']){ //do the fields contain data
echo ("Thanks, " . $_POST['ign'] . ", you will recieve an email when the site is complete!");
}
else {
echo ("Please enter all of the values!");
}
}
else {
echo ("Error in form data!");
}
?>
Edit: Corrected the code to show the form data and empty values errors seperatly.
Explanation: The first if statement checks that the submitted form contained two fields, ign and email. This is done to stop the second if statement , in the case that ign or email weren't passed in at all, from throwing an error(message would be printed to server logs). The second if statement checks the values of ign and email to see if they contain data.
Try this:
<?php
if (!isset($_POST['ign']) || isset($_POST['email'])) {
echo "Please enter all of the values!";
}
else {
echo "Thanks, " . $_POST['ign'] . ", you will recieve an email when the site is complete!";
}
?>
isset($_POST['ign'],$_POST['email']));
and then check for the empty values.
When you work with POST, use empty(). because when your form send data. It async null for empty input!
best way is that:
if ((!isset($_POST['ign']) || empty($_POST['ign'])) &&
(!isset($_POST['email']) || empty($_POST['email'])) {
YES! It's Ugly...
So you can use:
<?php
if ( checkInput($_POST['ign']) || checkInput($_POST['email']) ) {
echo "Please enter all of the values!";
}
else {
echo "Thanks, " . $_POST['ign'] . ", you will recieve an email when the site is complete!";
}
function checkInput($input){
return ( !isset($input) || empty($input) );
}
?>
You can try this code:
<?php
if(!isset($_POST['ign'], $_POST['email'])) {
echo "Please enter all of the values!";
} else {
echo "Thanks, " . $_POST['ign'] . ", you will receive an email when the site is complete!";
}
?>
// if any of this session is set then
if (isset($_SESSION['tusername']) || isset($_SESSION['student_login'])) {
it will return true;
} else {
it will return false;
}
Yes I believe I have this done but I am getting a message that is saying Parse error: parse error, unexpected $end in C:\wamp\www\contactform.php on line 106. I look down on that line.The only think I can think of is that the else, elseif and if are wrong i been trying to switch them around to see if that makes a different. But nothing so far.
</style>
</head>
<body>
<div id="container">
<?php
if (isset($_POST['submit'])){
if (trim($_POST['name'])==""){
$strMessage="Please enter your name!";
showForm($strMessage);
} elseif (isset($_POST['submit'])){
if (trim($_POST['email'])==""){
$strMessage="Please enter your email!";
showForm($strMessage);
}
if(isset($_POST['submit'])){
if (trim($_POST['username'])==""){
$strMessage="Please enter your username!";
showForm($strMessage);
} elseif ($_POST['pword1'] != $_POST['pword2']) {
$_POST['pword1'] = NULL; // Reset the values of pword1 so it is not in the form
$_POST['pword2'] = NULL; // Reset the values of pword2 so it is not in the form
$strMessage="Passwords do not match!";
showForm($strMessage);
} elseif (strlen(trim($_POST['pword1']))<=3){
$strMessage="Your password must be at least 4 characters long!";
showForm($strMessage);
} else {
$strMessage="Thank you, your information has been submitted. Below is the information you sent:";
$strMessageBody.="Name: ".trim(stripslashes($_POST['name']))."<br />";
$strMessageBody.="E-mail: ".trim(stripslashes($_POST['Email']))."<br />";
$strMessageBody.="UserName: ".trim(stripslashes($_POST['username']))."<br />";
$strMessageBody.="Password: ".trim(stripslashes($_POST['pword1']))."<br />";
$strMessageBody.="Re-enter Password: ".trim(stripslashes($_POST['pword2']))."<br />";
echo "<h1>".$strMessage."</h1>";
echo $strMessageBody;
}
} else {
$strMessage= "Please fill out the form below to send your information:";
showForm($strMessage);
}
}
?>
</div>
</body>
</html>
I believe this is what you want. You have been repeating the "if (isset($_POST['submit'])){" two times too many!
if (isset($_POST['submit'])){
if (trim($_POST['name'])==""){
$strMessage="Please enter your name!";
showForm($strMessage);
} elseif (trim($_POST['email'])==""){
$strMessage="Please enter your email!";
showForm($strMessage);
} elseif (trim($_POST['username'])==""){
$strMessage="Please enter your username!";
showForm($strMessage);
} elseif ($_POST['pword1'] != $_POST['pword2']) {
$_POST['pword1'] = NULL; // Reset the values of pword1 so it is not in the form
$_POST['pword2'] = NULL; // Reset the values of pword2 so it is not in the form
$strMessage="Passwords do not match!";
showForm($strMessage);
} elseif (strlen(trim($_POST['pword1']))<=3){
$strMessage="Your password must be at least 4 characters long!";
showForm($strMessage);
} else {
$strMessage="Thank you, your information has been submitted. Below is the information you sent:";
$strMessageBody.="Name: ".trim(stripslashes($_POST['name']))."<br />";
$strMessageBody.="E-mail: ".trim(stripslashes($_POST['Email']))."<br />";
$strMessageBody.="UserName: ".trim(stripslashes($_POST['username']))."<br />";
$strMessageBody.="Password: ".trim(stripslashes($_POST['pword1']))."<br />";
$strMessageBody.="Re-enter Password: ".trim(stripslashes($_POST['pword2']))."<br />";
echo "<h1>".$strMessage."</h1>";
echo $strMessageBody;
}
} else {
$strMessage= "Please fill out the form below to send your information:";
showForm($strMessage);
}
one closing } is missing. the only question is where? if you put it before ?> the parse error will disappear, but i'm not sure this is apropieate place. depends on your difficult logic.
How do I get this to not display when you first go to the page???
if ($error) {
echo "Error: $error<br/>";
}
if ($keycode) {
echo "Keycode: $keycode<br/>";
}
<?php
session_start();
if ($_SESSION['been_here'] == true) {
// show what you need to show
}
else {
// don't show it
$_SESSION['been_here'] = true;
}
?>
The point here is that $_SESSION-variables "last" (as long as you session_start()).
Google "php sessions" for more information, and ask more questions on SO if necessary. :)
Use session_destroy(); to destroy the session.
<?php
if ($error){ echo "Error: $error
"; } if ($keycode) { echo "Keycode: $keycode
"; }
Based on the comments, it seems that your conditional is evaluating to true before you expect it to. Without seeing more of your code, this is only a guess, but I believe your problem is that you're giving the variable $error a default/temporary value when you create it that doesn't mean false. For example:
$error = "default error message, change me later";
// Later...
if ($error) { // This evaluates to true
echo "Error: $error<br/>";
}
If so, you'll want to check out PHP's documentation on casting to booleans, and maybe use something like this (with contribution from Christian's answer):
$error = "0"; // Default error message, change it later
// Later...
if($_SESSION['been_here'] == true)
$error = "This is the real error message.";
// Even later...
if ($error) {
echo "Error: $error<br/>";
}
This probably works for you:
if (isset($error) && !empty($error)) {
echo "Error: $error<br/>";
}
I cannot say more, because you have not specified what the value of $error might be.
Or you just have to introduce a flag that indicates that an error occurred:
$error = 'Error message.';
$has_error = false;
if(!empty($_POST) && some_condition) { // means it is a POST request
$has_error = true;
}
if($has_error) {
echo "Error: $error<br/>";
}