I have signup form that posts all variables to signup.php. What I want to do is, during submit process collect all error codes to $err[] array and if submit process failed redirect user to msg.php and post $err array.
Then msg.php gets error messages from database with sent error codes from signup.php.
How can I pass array and redirect page to msg.php ? Is it possible with Location: header or something else?
Your architecture is wrong. You should not redirect a user to another page just to show the error messages. Why cant you just show the error messages on the same page.
Consider altering your application flow. But if you insist on doing something like this then you can use sessions for this. In signup.php if validation fails
if(!validation)
{
$_SESSION["err"] = $error;
}
Then in msg.php you can access the session variable easily as
foreach($_SESSION["err"] as $err) {
echo $err;
}
But if this is what you intend to do there is much better ways to do this and consider altering your flow to do in a better way.
Related
I am sending error values in the url.For example if i have a website named
www.example.com
and the url for login page is
www.example.com/login.php.
If the user enters wrong credentials url will be
www.example.com/login.php?invalid.
So everytime i refresh url remains
www.example.com/login.php?invalid.
How to remove invalid from url on refresh???
I think that by using the invalid GET variable you try to determine whether or not to display the error message to the user. This isn't really a good way to do so, due to the number of reasons, one of which made you ask this question.
You have a number of options instead, one of which would be using the session variables to store the error message. E.g., if the user login fails, you could store the message in your session:
if (badLogin()) {
$_SESSION['errorMessage'] = "Something's wrong";
}
and then on the login.php page you could try and see if it exists:
// ...your HTML...
if (!empty($_SESSION['errorMessage'])) {
echo $_SESSION['errorMessage']; // show it to the user
unset($_SESSION['errorMessage']); // so as not to display it every time
}
// ...your HTML continues...
This is not the perfect way either, but without knowing your application structure it's hard to suggest anything else.
I have created Login forms and registration forms for a website.
The form is posted for validation to checklogin.php and checksign.php, however when it finds any errors it displayes them in the separate file.
The following is the error message for the following validation statement
if (!$_POST['fullname'] | !$_POST['myusername'] | !$_POST['mypassword'] | !$_POST['remypassword']) {
die('You did not complete all of the required fields');
}
My question is: how do i show them in the same page? For instance; in a label next to the form. Thanks, any tips would be of great help. this is the website im making autosales
By structuring your code so that the order of validation can come before final processing, and if not, display the form page again
if($_SERVER['REQUEST_METHOD'] === 'POST')
{
$valid = false;
// perform input validations here
if(dosomething())
{
$valid = true;
}
// if valid, perform processing here, and either show success page (or redirect)
if($valid === true)
{
// SQL junk here
include('success.php');
exit();
}
}
// render original form after this line
Your form post data to checklogin.php, instead of that post data to index.php and handle validation on that page.
<form class="clearfix" action="checklogin.php" method="post">
In the past, I've used a custom error handler that uses sessions to store errors, I'd recommend that.
The advantage of using sessions (within a custom error handler) to store errors is that they can easily be read and displayed in whatever view page you have. If you want to throw errors in classes, for instance, you can display them whenever you choose once they've been saved to the session. So while for this particular problem you could simply move all your code to one php file, it's probably not the best solution.
Not to mention that if your "check login" redirects back to the login page, obviously all your variable's values will not persist.
When a user creates their own account, if there is an error I want to redirect them to the same page but display the errors at the top.
What's the best way to do this?
Structure your page as follows (in rough pseudo-code)
if (doing a post) {
process input
if (post is ok) {
redirect to success page
} else {
build error messages
}
}
if (error messages available) {
display errors
}
display form(filled in with previously submitted values)
i like to create a function named set_feedback() that sets the error in a session variable. then i have this other function get_feedback() that retrieves the information and unset the variable.
I save the error into the session and remove it once it was rendered. As you will probably abort the pages execution on a redirect it will never reach the code responsible for rendering thus leaving it in the session.
I have a login page.
User first enters information and submits the form.
And I have a php script that will see if the user exists.
If( authenticated == true)
{
// I do a redirect
}
else
{
// I want to popup an error message on the same page.
}
1) I'm not sure how to show the popup message,
I would like to make my div element visible with an error message returned from the server,
I would have to use Ajax, right?
But how?
Or are there alternatives which are just as good.
if you would use ajax, use it for the whole process. So, no such problems at all. Get response and show it to user.
But as you stated yourself as a newbie, I'd strongly advise you to do it straight and simple way, just to learn how the things are.
As a general rule, a redirect always preferred after POST method request. In some cases one can omit this, but for the login form you would use a session anyway. So, you can start a session, write an error information there and then do Location: redirect.
After it, check session for the errors, and then notify user using any method you wish: a div, or a popup or anything.
If the form is posted to the same page, why not just use variables to display the error messages?
<?php
if (strlen($_POST['text']) < 5)
{
$error['text'] = "Too short";
}
?>
<?php
if (isset($error['text']))
{
// Print errors at each form element?
}
?>
Hide & show DIVs using Javascript:
http://csscreator.com/node/708
I would put the login page in a separate .HTML that you can run
$login = file_get_contents('login.html);
and in that markup put <!-- ERROR --> which you can then run a
$login = str_replace('<!-- ERROR -->', $error, $login);
to insert any text you want and when you're all done
print $login;
The simplest answer is to just place a php if condition where you want the message to appear. No need for ajax.
some text above
<?php if (! $authenticated) { echo '<div class="error">'.$your_error_message.'</div>'; } ?>
some text below
I don't know what $authenticated in your case means, but make sure it includes a check that there were post variables also, otherwise the error message will show up on the login page in the pre-submitted use case.
Possibly simplest way to
function render_auth($errors = false){
?>
<form action="/someURL">
<? if($errors) echo $errors ?>
<label>User name<input name="user_name"/></label><br/>
<label>Password<input name="user_password" /></label><br/>
<input type="submit"/>
</form>
<?
};
On first call to the authentication page/controller you'd call render_auth() then on processing the auth call, if there was an error you'd call it render_auth("Missing password.") or such.
Generally stuff like this is pretty trivial if you're using a Templating system for you're views but if not, this function emulates templating to an extent.
I have a login form in every page of a website so the user can login from everywhere. I have a login.php file that I refer to it from the form (using 'action').
I use $_SERVER['HTTP_REFERER'] to redirect the user to the same page he logged in from when he succesfully log in or when he logs out.
But if there was a problem logging in, how can I send an error to the same page he is trying to log in?? I have tried sending the error using $_GET, like this:
// process the script only if the form has been submitted
if (array_key_exists('login', $_POST)) {
// Login code goes here...
// If there was a problem, destroy the session and prepare error message
else {
$_SESSION = array();
session_destroy();
header('Location: '.$_SERVER['HTTP_REFERER'].'?error');
exit;
}
But the problem is that a lot of pages in the website are like this details.php?mid=0172495. They already recive information from the $_GET method and for security reasons I cant use another $_GET method...
So, How can I pass the error???
Thanks...
Since you're already using sessions, after you destroy the session why not create a new one with $_SESSION['error'] or something similar set? Or alternatively simply don't delete the session at all but set the error which you can immediately check in other pages?
To add to what Chad Birch said...
In your login script where you redirect, check the HTTP_REFERER value for the character '?'. If it is present, append '&error' to the HTTP_REFERER and redirect to that. Otherwise append '?error' to the HTTP_REFERER and redirect to that.
I'm not sure what exactly you mean by "for security reasons I cant use another $_GET method", but in the case that there's already something in the query string, you just need to append another variable to it, instead of replacing it.
That is, if the address is like details.php?mid=0172495, you should be sending them to details.php?mid=0172495&error, whereas if it was just details.php, you send them to details.php?error.
Another way of doing what you need is to include your login.php file in every page that has the login form and just post to that same page. So you won't need any redirection at all.
This maybe is not a good scalable and maintainable solution, but it is simple. It all depends what kind of app you are writing. But you are saying that you are new to php so you can start like this. You can always go fancy later...