Form Validation

[stig1]

Hey People's.

 

Short quick question, probably the most easiest to answer aswell...

 

How do you create a script which will show up all the errors on a form instead of using if statements, and only getting one at a time? I'd like to show the user all the errors they have made on the form at once. How would I output this?

 

Anyone got any scripts that might help.

[dezkit]

Just an example...

Index.php

<form action="whatever.php" action="post">
Full Name: <input type="text" name="full_name"><br>
Last Name: <input type="text" name="last_name"><br>
<input type=submit name="Submit" value="Reset"><input type=reset name="Reset" value="Reset">
</form>

 

whatever.php

<?php

if($full_name == ""){
  echo "You have let the field \"Full Name\" blank.";
} else {
  echo $full_name;
}

if($full_name == ""){
  echo "You have let the field \"Last Name\" blank.";
} else {
  echo $last_name;
}

?>

[stig1]

ive been reading u put it in an array or something?

 

cause the data once validate will be inserted into a database.

[Lodius2000]

stig, tear this apart, its what you want

pay particular attention to the $errors array in validate_form() and how it is used in show_form()

 

// pay no attention to the sql, I use pear db so you will think its weird

 

<?php
session_start();
//this is the login page
require ('../../install/PEAR/DB.php');
require ('../../../dbfiles/db_login.php');
require ('requires/formhelpers.php');
$db->setErrorHandling(PEAR_ERROR_DIE);
$db->setFetchMode(DB_FETCHMODE_ASSOC);

if($_POST['_submit_check']){
if($form_errors = validate_form()){
	show_form($form_errors);
} else {
	process_form();
}
} else {
show_form();
}

function show_form($errors = '') {
print '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 TRANSITIONAL//EN">
<html>

<head>
<link href="requires/main.css" rel="stylesheet" type="text/css" />
	<title></title>

</head>
<body>

<div class="divaligncenter">
<div class="contentbox">';
if ($errors){
	print 'Please correct these errors: <ul><li>';
	print implode('</li><li>', $errors);
	print '</li></ul>';
}

print '<form name="login" method="POST" action="'.htmlentities($_SERVER['PHP_SELF']).'">';
//begin the unique form

print "<table>\n";

print '<tr><td>Username:</td><td>';
input_text('username', $_POST);
print "</td></tr>\n";

print '<tr><td>Password:</td><td>';
input_password('password', $_POST);
print "</td></tr>\n";

print '<tr><td></td><td>';
input_submit('submit', 'Log in');
print "</td></tr>\n";
print '<input type="hidden" name="_submit_check" value="1" />';
print "</table>\n";
print '</form>';
print '<script language="JavaScript">
    document.login.username.focus();
    </script>


</div>
</div>


</body>
</html>';
}

function validate_form(){
global $db;
$username = mysql_real_escape_string($_POST['username']);

//check that username is entered
if (trim(strlen($username)) == 0) {
	$errors[]= "You must enter a username.";
}

//check that username is only letters or numbers
if (! preg_match('/^[a-zA-Z0-9]+$/i', $username)){
	$errors[]= "Your username must be <i><b>ONLY</b></i> letters or numbers.";
}

//check that the username exists
$q = $db->query("SELECT username FROM users WHERE username = ?", array($username));
if ($q->numrows() == 0 ){
	$errors[] = 'Please enter a valid username.';
}


//check that password is entered
if (trim(strlen($_POST['password'])) == 0) {
	$errors[]= "You must enter a password.";
}

//check that password is only letters or numbers
if (! preg_match('/^[a-zA-Z0-9]+$/i', $_POST['password'])){
	$errors[]= "Your password must be <i><b>ONLY</b></i> letters or numbers.";
}

//check that password matches username
$encrypted_password = $db->getOne("SELECT password FROM users WHERE username = ?", array($username));
if ($encrypted_password != crypt($_POST['password'], $encrypted_password)){
	$errors[] = 'Please enter a valid password.';
}

return $errors;

}

function process_form(){
//add username to session
$_SESSION['username'] = $_POST['username'];
header('Location: /0/admin/managearticle/index.php');
}

?>