Jump to content

Redirecting to another page

doubledee

By doubledee
in PHP Coding Help

Recommended Posts

doubledee Advanced Member

doubledee

Posted
  • Author
Posted

Under what circumstances?

 

I have a "Create an Account" form.

 

When the User submits the Form, it is submitted back to itself for processing.

 

If the account creation is successful, I assign a particular "Outcome Code" and redirect to "results.php" where I display a success message.

If the account creation failed, I assign a different "Outcome Code" and redirect to "results.php" where I display a failed message.

 

Here is a code snippet...

// Verify Insert.
if (mysqli_stmt_affected_rows($stmt)==1){
	// Insert Succeeded.
	// Set Message.
	$_SESSION['resultsCode'] = 'ACCOUNT_MEMBER_ACCT_CREATED';

	//---------------------------------
	// Create Email Content.
	$body = "Thank you for creating a new account.\n\nTo activate your account, please click on the link below:\n\n";
	$body .= BASE_URL . 'activate.php?x=' . $activationCode;

	// Send Email.
	mail($trimmed['email'], 'Re: Please Activate Your Account', $body, 'From: [email protected] <[email protected]>');
}else{
	// Insert Failed.
	$_SESSION['resultsCode'] = 'ACCOUNT_MEMBER_ACCT_FAILED';
}// End of VERIFY INSERT.

// Close prepared statement.
mysqli_stmt_close($stmt);

// Close the connection.
mysqli_close($dbc);

// Redirect to Display Outcome.
header("Location: " . BASE_URL . "results.php");

 

 

I would like to do this so I don't have to have all of the HTML for two different pages - along with my php - all in one script?!

 

 

Debbie

 

Pikachu2000 Prolific Member

Pikachu2000

Posted
Posted

What I would not do is redirect for simple form validation errors, since doing so would wipe the $_POST array clean. And actually, in the situation you described, I would lean toward not redirecting unless the account creation was successful, especially if a failure reason could be something like a duplicate username, etc.

doubledee Advanced Member

doubledee

Posted
  • Author
Posted

What I would not do is redirect for simple form validation errors, since doing so would wipe the $_POST array clean. And actually, in the situation you described, I would lean toward not redirecting unless the account creation was successful, especially if a failure reason could be something like a duplicate username, etc.

 

I handle Validation Errors separately, and immediately display a message next to the offending field, including a duplicate e-mail.

 

Can I post my entire script here, and let you guys check it out and then comment on if my re-direct looks okay??

 

 

Debbie

 

doubledee Advanced Member

doubledee

Posted
  • Author
Posted

Pikachu2000,

 

Here is how my new script is laid out...

<? //Build Date: 2011-12-23

// Initialize a session.
session_start();

// Access Constants
require_once('../config/config.inc.php');


// *************************************************************
// HANDLE FORM.																								 *
// *************************************************************
if ($_SERVER['REQUEST_METHOD']=='POST'){
	// Form was Submitted (Post).

	// Initialize Variables.
	$_SESSION['resultsCode'] = '';
	$errors = array();

	// Trim all Form data.
	$trimmed = array_map('trim', $_POST);


	// ************************
	// Validate Form Data.		*
	// ************************

	// Validate First Name.
	if (empty($trimmed['firstName'])){
		$errors['firstName'] = 'Please enter your First Name.';
	}else{
		if (preg_match('#^[A-Z \'.-]{2,20}$#i', $trimmed['firstName'])){
			$firstName = $trimmed['firstName'];
		}else{
			$errors['firstName'] = 'First Name must be 2-20 characters (A-Z \' . -)';
		}
	}// End of VALIDATE FIRST NAME

	// Validate Email.
	if (empty($trimmed['email'])){
		$errors['email'] = 'Please enter your E-mail address.';
	}else{
		// ****************************
		// Check Email Availability.	*
		// ****************************

		// (Replacement for non-supported Email-Filter.)
		if (preg_match('#^[A-Z0-9_\+-]+(\.[A-Z0-9_\+-]+)*@[A-Z0-9-]+(\.[A-Z0-9-]+)*\.([A-Z]{2,7})$#i', $trimmed['email'])){
			// Valid Email.

			// Build query.
			$q = 'SELECT email
						FROM member
						WHERE email=?';

			// Prepare statement.
			$stmt = mysqli_prepare($dbc, $q);

			// Bind variable.
			mysqli_stmt_bind_param($stmt, 's', $trimmed['email']);

			// Execute query.
			mysqli_stmt_execute($stmt);

			// Transfer result-set from prepared statement.
			// (Required for all queries that return results.)
			mysqli_stmt_store_result($stmt);

			// Check # of Records Returned.
			if (mysqli_stmt_num_rows($stmt)==0){
				// Unique Email.
				$email = $trimmed['email'];
			}else{
				// Duplicate Email.
				$errors['email'] = 'This E-mail is taken.  Try again.';
			}
		}else{
			// Invalid Email.
			$errors['email'] = 'Please enter a valid E-mail address.';
		}// End of CHECK AVAILABILITY.
	}//End of VALIDATE EMAIL.

	// Check Password.							/* TBD */
	if (empty($trimmed['pass1'])){
		$errors['pass'] = 'Please enter your Password.';
	}else{
		// Compare Passwords.
		if ($trimmed['pass1'] == $trimmed['pass2']){
			// Passwords Match.
			$pass = $trimmed['pass1'];
		}else{
			// Passwords Different.
			$errors['pass'] = 'Your Passwords did not match.';
		}
	}//End of VALIDATE PASSWORD


	// Check for Form Errors.
	if (empty($errors)){
		// No Validation Errors.
		// Create Member Account.

		// Create Activation Code.
		$activationCode = md5($email . uniqid(rand(), true));

		// Build query.
		$q = "INSERT INTO member(email, pass, first_name, activation_code, created_on)
						VALUES(?, ?, ?, ?, NOW())";

		// Prepare statement.
		$stmt = mysqli_prepare($dbc, $q);

		// Bind variables.
		mysqli_stmt_bind_param($stmt, 'ssss', $email, $pass, $firstName, $activationCode);

		// Execute query.
		mysqli_stmt_execute($stmt);

		// Verify Insert.
		if (mysqli_stmt_affected_rows($stmt)==1){
			// Insert Succeeded.
			// Set Message.
			$_SESSION['resultsCode'] = 'ACCOUNT_MEMBER_ACCT_CREATED';

			//---------------------------------
			// Create Email Content.
			$body = "Thank you for creating a new account.\n\nTo activate your account, please click on the link below:\n\n";
			$body .= BASE_URL . 'activate.php?x=' . $activationCode;

			// Send Email.
			mail($trimmed['email'], 'Re: Please Activate Your Account', $body, 'From: [email protected] <[email protected]>');
		}else{
			// Insert Failed.
			$_SESSION['resultsCode'] = 'ACCOUNT_MEMBER_ACCT_FAILED';
		}// End of VERIFY INSERT.

		// Close prepared statement.
		mysqli_stmt_close($stmt);

		// Close the connection.
		mysqli_close($dbc);

		// Redirect to Display Outcome.
		header("Location: " . BASE_URL . "results.php");

		// End script.
		exit();
	}else{
		// Validation Errors.
		// Drop through to Form to display errors.
	}// End of CHECK FORM VALUES.

}else{
	// Form was NOT Submitted (Get).
	// Drop through to display Form.
}// End of HANDLE FORM.
?>


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<!-- ################## DEBBIE ##################### -->
<!-- HTML Metadata -->
<title>Create an Account</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

<!-- Page Stylesheets -->
<link type="text/css" rel="stylesheet" href="/css/_main.css" />
<link type="text/css" rel="stylesheet" href="/css/_layout.css" />
<link type="text/css" rel="stylesheet" href="/css/top_menu.css" />
<link type="text/css" rel="stylesheet" href="/css/components.css" />
</head>

<body>
  <div id="pageWrapper" class="clearfix">
    <div id="pageInner">
		<!-- BODY HEADER -->
		<?php	require_once(WEB_ROOT . 'components/body_header.inc.php');	?>


		<!-- MIDDLE COLUMN -->
		<div id="pageMidCol_3">

			<!-- Create Account Form -->
			<form id="createAccount" action="" method="post">
				<fieldset>
					<legend>Create a Member Account</legend>
					<ul>
						<!-- Required Note -->
						<li id="requiredNote">
							<b>*</b> = Required Field
						</li>

						<!-- First Name -->
						<li>
							<label for="firstName"><b>*</b>First Name:</label>
							<input id="firstName" name="firstName" type="text" maxlength="20"
									value="<?php if(isset($firstName)){echo htmlspecialchars($firstName, ENT_QUOTES);} ?>" /><!-- Sticky Field -->
							<?php
								if (!empty($errors['firstName'])){
									echo '<span class="error">' . $errors['firstName'] . '</span>';
								}
							?>
						</li>

						<!-- Email -->
						<li>
							<label for="email"><b>*</b>E-mail:</label>
							<input id="email" name="email" type="text" maxlength="40"
									value="<?php if(isset($email)){echo htmlspecialchars($email, ENT_QUOTES);} ?>" /><!-- Sticky Field -->
							<?php
								if (!empty($errors['email'])){
									echo '<span class="error">' . $errors['email'] . '</span>';
								}
							?>
						</li>

						<!-- Password1 -->
						<li>
							<label for="pass1"><b>*</b>Password:</label>
							<input id="pass1" name="pass1" type="password" maxlength="40" />
							<?php
								if (!empty($errors['pass'])){
									echo '<span class="error">' . $errors['pass'] . '</span>';
								}
							?>
						</li>

						<!-- Password2 -->
						<li>
							<label for="pass2"><b>*</b>Confirm Password:</label>
							<input id="pass2" name="pass2" type="password" maxlength="40" />
						</li>

						<!-- Submit Form -->
						<li>
							<input type="submit" name="createAccount" class="button" value="Create Account"/>
						</li>
					</ul>
				</fieldset>
			</form>
		</div><!-- End of #MIDDLE -->


	</div><!-- End of #INNER -->
</div><!-- End of #WRAPPER -->


<!-- BODY FOOTER -->
<?php	require_once(WEB_ROOT . 'components/body_footer.inc.php');	?>
</body>
</html>

 

 

Does that look okay??  :shrug:

 

 

Debbie

 

 

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.