Jump to content

Redirecting to another page

doubledee

By doubledee
in PHP Coding Help

 Share

Recommended Posts

doubledee Advanced Member

doubledee

Posted
  • Author
Posted

Under what circumstances?

 

I have a "Create an Account" form.

 

When the User submits the Form, it is submitted back to itself for processing.

 

If the account creation is successful, I assign a particular "Outcome Code" and redirect to "results.php" where I display a success message.

If the account creation failed, I assign a different "Outcome Code" and redirect to "results.php" where I display a failed message.

 

Here is a code snippet...

// Verify Insert.
if (mysqli_stmt_affected_rows($stmt)==1){
	// Insert Succeeded.
	// Set Message.
	$_SESSION['resultsCode'] = 'ACCOUNT_MEMBER_ACCT_CREATED';

	//---------------------------------
	// Create Email Content.
	$body = "Thank you for creating a new account.\n\nTo activate your account, please click on the link below:\n\n";
	$body .= BASE_URL . 'activate.php?x=' . $activationCode;

	// Send Email.
	mail($trimmed['email'], 'Re: Please Activate Your Account', $body, 'From: [email protected] <[email protected]>');
}else{
	// Insert Failed.
	$_SESSION['resultsCode'] = 'ACCOUNT_MEMBER_ACCT_FAILED';
}// End of VERIFY INSERT.

// Close prepared statement.
mysqli_stmt_close($stmt);

// Close the connection.
mysqli_close($dbc);

// Redirect to Display Outcome.
header("Location: " . BASE_URL . "results.php");

 

 

I would like to do this so I don't have to have all of the HTML for two different pages - along with my php - all in one script?!

 

 

Debbie

 

Pikachu2000 Prolific Member

Pikachu2000

Posted
Posted

What I would not do is redirect for simple form validation errors, since doing so would wipe the $_POST array clean. And actually, in the situation you described, I would lean toward not redirecting unless the account creation was successful, especially if a failure reason could be something like a duplicate username, etc.

doubledee Advanced Member

doubledee

Posted
  • Author
Posted

What I would not do is redirect for simple form validation errors, since doing so would wipe the $_POST array clean. And actually, in the situation you described, I would lean toward not redirecting unless the account creation was successful, especially if a failure reason could be something like a duplicate username, etc.

 

I handle Validation Errors separately, and immediately display a message next to the offending field, including a duplicate e-mail.

 

Can I post my entire script here, and let you guys check it out and then comment on if my re-direct looks okay??

 

 

Debbie

 

doubledee Advanced Member

doubledee

Posted
  • Author
Posted

Pikachu2000,

 

Here is how my new script is laid out...

<? //Build Date: 2011-12-23

// Initialize a session.
session_start();

// Access Constants
require_once('../config/config.inc.php');


// *************************************************************
// HANDLE FORM.																								 *
// *************************************************************
if ($_SERVER['REQUEST_METHOD']=='POST'){
	// Form was Submitted (Post).

	// Initialize Variables.
	$_SESSION['resultsCode'] = '';
	$errors = array();

	// Trim all Form data.
	$trimmed = array_map('trim', $_POST);


	// ************************
	// Validate Form Data.		*
	// ************************

	// Validate First Name.
	if (empty($trimmed['firstName'])){
		$errors['firstName'] = 'Please enter your First Name.';
	}else{
		if (preg_match('#^[A-Z \'.-]{2,20}$#i', $trimmed['firstName'])){
			$firstName = $trimmed['firstName'];
		}else{
			$errors['firstName'] = 'First Name must be 2-20 characters (A-Z \' . -)';
		}
	}// End of VALIDATE FIRST NAME

	// Validate Email.
	if (empty($trimmed['email'])){
		$errors['email'] = 'Please enter your E-mail address.';
	}else{
		// ****************************
		// Check Email Availability.	*
		// ****************************

		// (Replacement for non-supported Email-Filter.)
		if (preg_match('#^[A-Z0-9_\+-]+(\.[A-Z0-9_\+-]+)*@[A-Z0-9-]+(\.[A-Z0-9-]+)*\.([A-Z]{2,7})$#i', $trimmed['email'])){
			// Valid Email.

			// Build query.
			$q = 'SELECT email
						FROM member
						WHERE email=?';

			// Prepare statement.
			$stmt = mysqli_prepare($dbc, $q);

			// Bind variable.
			mysqli_stmt_bind_param($stmt, 's', $trimmed['email']);

			// Execute query.
			mysqli_stmt_execute($stmt);

			// Transfer result-set from prepared statement.
			// (Required for all queries that return results.)
			mysqli_stmt_store_result($stmt);

			// Check # of Records Returned.
			if (mysqli_stmt_num_rows($stmt)==0){
				// Unique Email.
				$email = $trimmed['email'];
			}else{
				// Duplicate Email.
				$errors['email'] = 'This E-mail is taken.  Try again.';
			}
		}else{
			// Invalid Email.
			$errors['email'] = 'Please enter a valid E-mail address.';
		}// End of CHECK AVAILABILITY.
	}//End of VALIDATE EMAIL.

	// Check Password.							/* TBD */
	if (empty($trimmed['pass1'])){
		$errors['pass'] = 'Please enter your Password.';
	}else{
		// Compare Passwords.
		if ($trimmed['pass1'] == $trimmed['pass2']){
			// Passwords Match.
			$pass = $trimmed['pass1'];
		}else{
			// Passwords Different.
			$errors['pass'] = 'Your Passwords did not match.';
		}
	}//End of VALIDATE PASSWORD


	// Check for Form Errors.
	if (empty($errors)){
		// No Validation Errors.
		// Create Member Account.

		// Create Activation Code.
		$activationCode = md5($email . uniqid(rand(), true));

		// Build query.
		$q = "INSERT INTO member(email, pass, first_name, activation_code, created_on)
						VALUES(?, ?, ?, ?, NOW())";

		// Prepare statement.
		$stmt = mysqli_prepare($dbc, $q);

		// Bind variables.
		mysqli_stmt_bind_param($stmt, 'ssss', $email, $pass, $firstName, $activationCode);

		// Execute query.
		mysqli_stmt_execute($stmt);

		// Verify Insert.
		if (mysqli_stmt_affected_rows($stmt)==1){
			// Insert Succeeded.
			// Set Message.
			$_SESSION['resultsCode'] = 'ACCOUNT_MEMBER_ACCT_CREATED';

			//---------------------------------
			// Create Email Content.
			$body = "Thank you for creating a new account.\n\nTo activate your account, please click on the link below:\n\n";
			$body .= BASE_URL . 'activate.php?x=' . $activationCode;

			// Send Email.
			mail($trimmed['email'], 'Re: Please Activate Your Account', $body, 'From: [email protected] <[email protected]>');
		}else{
			// Insert Failed.
			$_SESSION['resultsCode'] = 'ACCOUNT_MEMBER_ACCT_FAILED';
		}// End of VERIFY INSERT.

		// Close prepared statement.
		mysqli_stmt_close($stmt);

		// Close the connection.
		mysqli_close($dbc);

		// Redirect to Display Outcome.
		header("Location: " . BASE_URL . "results.php");

		// End script.
		exit();
	}else{
		// Validation Errors.
		// Drop through to Form to display errors.
	}// End of CHECK FORM VALUES.

}else{
	// Form was NOT Submitted (Get).
	// Drop through to display Form.
}// End of HANDLE FORM.
?>


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<!-- ################## DEBBIE ##################### -->
<!-- HTML Metadata -->
<title>Create an Account</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

<!-- Page Stylesheets -->
<link type="text/css" rel="stylesheet" href="/css/_main.css" />
<link type="text/css" rel="stylesheet" href="/css/_layout.css" />
<link type="text/css" rel="stylesheet" href="/css/top_menu.css" />
<link type="text/css" rel="stylesheet" href="/css/components.css" />
</head>

<body>
  <div id="pageWrapper" class="clearfix">
    <div id="pageInner">
		<!-- BODY HEADER -->
		<?php	require_once(WEB_ROOT . 'components/body_header.inc.php');	?>


		<!-- MIDDLE COLUMN -->
		<div id="pageMidCol_3">

			<!-- Create Account Form -->
			<form id="createAccount" action="" method="post">
				<fieldset>
					<legend>Create a Member Account</legend>
					<ul>
						<!-- Required Note -->
						<li id="requiredNote">
							<b>*</b> = Required Field
						</li>

						<!-- First Name -->
						<li>
							<label for="firstName"><b>*</b>First Name:</label>
							<input id="firstName" name="firstName" type="text" maxlength="20"
									value="<?php if(isset($firstName)){echo htmlspecialchars($firstName, ENT_QUOTES);} ?>" /><!-- Sticky Field -->
							<?php
								if (!empty($errors['firstName'])){
									echo '<span class="error">' . $errors['firstName'] . '</span>';
								}
							?>
						</li>

						<!-- Email -->
						<li>
							<label for="email"><b>*</b>E-mail:</label>
							<input id="email" name="email" type="text" maxlength="40"
									value="<?php if(isset($email)){echo htmlspecialchars($email, ENT_QUOTES);} ?>" /><!-- Sticky Field -->
							<?php
								if (!empty($errors['email'])){
									echo '<span class="error">' . $errors['email'] . '</span>';
								}
							?>
						</li>

						<!-- Password1 -->
						<li>
							<label for="pass1"><b>*</b>Password:</label>
							<input id="pass1" name="pass1" type="password" maxlength="40" />
							<?php
								if (!empty($errors['pass'])){
									echo '<span class="error">' . $errors['pass'] . '</span>';
								}
							?>
						</li>

						<!-- Password2 -->
						<li>
							<label for="pass2"><b>*</b>Confirm Password:</label>
							<input id="pass2" name="pass2" type="password" maxlength="40" />
						</li>

						<!-- Submit Form -->
						<li>
							<input type="submit" name="createAccount" class="button" value="Create Account"/>
						</li>
					</ul>
				</fieldset>
			</form>
		</div><!-- End of #MIDDLE -->


	</div><!-- End of #INNER -->
</div><!-- End of #WRAPPER -->


<!-- BODY FOOTER -->
<?php	require_once(WEB_ROOT . 'components/body_footer.inc.php');	?>
</body>
</html>

 

 

Does that look okay??  :shrug:

 

 

Debbie

 

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.