Validation Help

[hoponhiggo]

Hello

 

Im still really new to PHP and im trying to use some form validation for the first time.

 

i have just added

 

f(isset($_POST['username'])){
if($_POST['username'] == ""){
//username empty
die("You must enter a username");
}
} else {
//username not set
} 

 

to my script to ensure a registering user supplies a username. This works ok, exept that it prints the error message in a new blank page.

 

How can i adjust this so that the error message is printed next to the blank field in the existing page?

[WebStyles]

 

you can join both conditions so that you only have 1 IF statement

die() will completely stop your script. maybe you just need to echo the error, or redirect back to another page?

 

if(isset($_POST['username']) && $_POST['username'] != ''){
   // ok to proceed
} else {
   echo "You must enter a username";
}

 

 

hope this helps

[IrOnMaSk]

yes you can do that one way is to have the register or the login code in one page with the form and do the $_SERVER['PHP_SELF'] (if you don't have it on same page) instead of grabing user info from the html form from another page... And do a simple if condition. if condition not met (in your case no username supply) show the form again. get it? give me full code i can tweak it for ya... hahaha

 

[WebStyles]

$_SERVER['PHP_SELF'] is not safe, and allows malicious users to include all sorts of XSS code

 

[IrOnMaSk]

you're right if you just grab the data and process it without checking the content first striping the query string from the current url or escape it with the esc_url...

but other than that i've using it  what would you suggest? i wanna use new method

[WebStyles]

here's a nice explanation: http://www.mc2design.com/blog/php_self-safe-alternatives