Jump to content

better error handling without nested if statements

showyoudawei

By showyoudawei
in PHP Coding Help

 Share

Recommended Posts

showyoudawei Newbie

showyoudawei

Posted
Posted

Hi, I'm creating a user registration page and the code for error check is getting messy... Is there a better way to clean this up?

<?php
  if (isset($_POST['register'])) {
    $username = mysql_real_escape_string($_POST['username']);
    $password = strtolower(mysql_real_escape_string($_POST['password']));
    $email = mysql_real_escape_string($_POST['email']);

    if ((strlen($username) > 2) && (strlen($username) < 17)) {
      if ((strlen($password) > 5) && (strlen($password) < 17)) {
        if (eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$", $email)) {
          $userQuery = mysql_query("SELECT userID FROM user WHERE userID='$username'") or die(mysql_error());

          if (!mysql_num_rows($userQuery)) {
            $password = md5($password);

            $userQuery = mysql_query(
              "INSERT INTO user (userID, password, email) VALUES($username, $password, $email)"
            ) or die(mysql_error());

            header("Location: login.php");
            return;
          }
        }
        else {
          $error = "User registration error: invalid email";
        }
      }
      else {
        $error = "User registration error: password length must be between 6 and 16 characters";
      }
    }
    else {
      $error = "User registration error: username length must be between 3 and 16 characters";
    }
  }
?>

<Html code for the user registration page follows>

 

Is there a better way to handle all the error checks than using a bunch of nested if statements? It would be much cleaner if I could simply return to the end of the php block ie: ...

 

if (strlen($username) < 3) || (strlen($username) > 16) {
  $error = "User registration error: username length must be between 3 and 16 characters";
  return;
}

 

But that does not display the rest of the html form. Any help is appreciated. Thanks.

tibberous Advanced Member

tibberous

Posted
Posted

Wrap the logic in a function, then use returns.

 

<?php
function login(){
    $username = mysql_real_escape_string($_POST['username']);
    $password = strtolower(mysql_real_escape_string($_POST['password']));
    $email = mysql_real_escape_string($_POST['email']);

    if (! ((strlen($username) > 2) && (strlen($username) < 17))) return "User registration error: username length must be between 3 and 16 characters";

    if (! ((strlen($password) > 5) && (strlen($password) < 17))) return "User registration error: password length must be between 6 and 16 characters";
    
    if (!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$", $email)) return "User registration error: invalid email";

    $userQuery = mysql_query("SELECT userID FROM user WHERE userID='$username'") or die(mysql_error());

    if (!mysql_num_rows($userQuery)){
      $password = md5($password);

      $userQuery = mysql_query("INSERT INTO user (userID, password, email) VALUES($username, $password, $email)") or die(mysql_error());

      header("Location: login.php");
    }
    return false;
}

  if (isset($_POST['register'])) {
   $error = login();
  }
?>

<Html code for the user registration page follows>

 

That's the correct way to do it in PHP. You could also use try... catch statements, which is the correct way to do it in java, but will get you made fun of here.

DarkWater Member

DarkWater

Posted
Posted

I don;t think exceptions should be used for this task neither in Java nor in PHP. Checking if user input correct data is nothing exceptional after all.

 

I know, I'm just making a point.  Exceptions are SO useful when something goes wrong.

PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

The ideal user experience would be to check all the values submitted and display all the validation errors at one time, rather than handling one at a time. Something like -

 

<?php

$errors = array();

if(check for an error condition) {

   $errors[0] = "some error message";

}

if(check for the next error condition) {

   $errors[1] = "some other error message";

}

 

if(!empty($errors)) {

   // do error processing here

   return $errors;

}

// do next step in normal processing here

?>

DarkWater Member

DarkWater

Posted
Posted

I know, I'm just making a point.  Exceptions are SO useful when something goes wrong.

 

They are. I was also pleasantly surprised when I noticed that assert() is available in PHP. :)

 

Ah yeah.  I don't use it that often though. D:

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.