Why is this not Sticky?

[doubledee]

Why is my First Name text box not "sticky" when my Form reloads due to data validation errors?

 

Here is a snippet...

<!-- First Name -->
<li>
	<label for="firstName"><b>*</b>First Name:</label>
	<input id="firstName" name="firstName" type="text" maxlength="20"
			value="<?php if(isset($firstName)){echo htmlspecialchars($firstName, ENT_QUOTES);} ?>" /><!-- Sticky Field -->
	<?php
		if (!empty($errors['firstName'])){
			echo '<span class="error">' . $errors['firstName'] . '</span>';
		}
	?>
</li>

 

I was certain that this was working before, but who knows?! 

 

 

At the top of the same file if my Form Handling PHP code.

 

Here is a snippet...

// *************************************************************
// HANDLE FORM.					 *
// *************************************************************
if ($_SERVER['REQUEST_METHOD']=='POST'){
	// Form was Submitted (Post).

	// Initialize Variables.
	$_SESSION['resultsCode'] = '';
	$errors = array();

	// Trim all Form data.
	$trimmed = array_map('trim', $_POST);

	// Connect to the database.
	require_once(WEB_ROOT . 'private/mysqli_connect.php');


	// ************************
	// Validate Form Data.	*
	// ************************

	// Validate First Name.
	if (empty($trimmed['firstName'])){
		$errors['firstName'] = 'Please enter your First Name.';
	}else{
		if (preg_match('#^[A-Z \'.-]{2,20}$#i', $trimmed['firstName'])){
			$firstName = $trimmed['firstName'];
		}else{
			$errors['firstName'] = 'First Name must be 2-20 characters (A-Z \' . -)';
		}
	}

 

Thanks,

 

 

Debbie

 

 

[scootstah]

Are you sure it actually got to the point that it assigned the variable?

[Psycho]

Look at your logic. You are only defining $firstName if validation passes. Just set $firstName, THEN do the validation. If validation passes then $firstName is set and if validation fails $firstName is set.

 

// Validate First Name.
$firstName = (!empty($trimmed['firstName'])) ? $trimmed['firstName'] : false;
if (!$firstName)
{
    $errors['firstName'] = 'Please enter your First Name.';
}
elseif(!preg_match('#^[A-Z \'.-]{2,20}$#i', $trimmed['firstName']))
{
    $errors['firstName'] = 'First Name must be 2-20 characters (A-Z \' . -)';
}

[doubledee]

Are you sure it actually got to the point that it assigned the variable?

 

Yes, because if I leave the First Name field blank and hit "Submit", then I get...

Please enter your First Name.

 

But if I type in "Debbie" and hit "Submit", then I get...

 

 

Debbie

 

[scootstah]

That doesn't mean it got to the part where it assigned $firstName...it just means it's not empty. It still has to pass a regex.

[doubledee]

Look at your logic. You are only defining $firstName if validation passes.

 

That's the point...  (I don't want *invalid data* to be sticky!!)

 

Debbie

 

[doubledee]

That doesn't mean it got to the part where it assigned $firstName...it just means it's not empty. It still has to pass a regex.

 

}else{
	if (preg_match('#^[A-Z \'.-]{2,20}$#i', $trimmed['firstName'])){
		echo "HERE";
		$firstName = $trimmed['firstName'];
	}else{
		$errors['firstName'] = 'First Name must be 2-20 characters (A-Z \' . -)';
	}
}

 

This gives me "HERE", so I am passing regex with "Debbie", yet the Form isn't sticky...

 

 

Debbie

 

 

[scootstah]

Then post the rest of the code, something else is at play.

[Psycho]

Look at your logic. You are only defining $firstName if validation passes.

 

That's the point...  (I don't want *invalid data* to be sticky!!)

 

And, why do you want to go with a completely different process than what has been working fine as an industry-wide standard. As a general rule the only fields that are not made sticky are password type fields because the user cannot see what they contain. If a user types in "username@mydomaincom" and simply forgets the period for the ".com" why would you want to wipe out what they had entered. Simply re-populate with the value they entered so they can enter the period. You are making this much more complicated than it needs to be.

 

If $firstName is getting set, then the problem would likely be in the order that you are running the code such that $firstName is not set when you are generating the form.

[.josh]

Admittedly it's somewhat hard for me to understand what you're problem *really* is, since you are using random *labels* to describe your problem and putting them in *stars* instead of actually defining the problem.  But I *think* you are saying you only want your form to populate the fields with the user-inputted values if it passes your validation, but your form fields are being populated even when the data does not pass validation?

 

If this is the case, then solely based off the code you have provided, my guess is you have Register Globals turned on.  If this is the case, your $_POST['firstName'] is automatically being assigned to $firstName upon form submission. 

[doubledee]

Admittedly it's somewhat hard for me to understand what you're problem *really* is, since you are using random *labels* to describe your problem and putting them in *stars* instead of actually defining the problem.

 

What are you talking about?  (And why the sarcasm?  Do I even know you?)

 

 

But I *think* you are saying you only want your form to populate the fields with the user-inputted values if it passes your validation, but your form fields are being populated even when the data does not pass validation?

 

Where did I say that?  (All of this is spelled out above.)

 

From the top...

 

If I type in "Debbie" in the first field and there is some validation error - obviously somewhere else - then when the forms reloaded, I would expect "Debbie" to reappear (i.e. be "sticky") because I already entered it, and in my case it is correct as well.

 

Nothing is getting auto-populated in the fields regardless of whether it was valid or not.

 

As far as "incorrect entries should be sticky too", I guess I would be open to that, but I'm used to incorrect data being wiped clean and only correct data being kept.  (Why auto-populate something that users have to erase/retype anyways?)

 

 

 

If this is the case, then solely based off the code you have provided, my guess is you have Register Globals turned on.  If this is the case, your $_POST['firstName'] is automatically being assigned to $firstName upon form submission.

 

Register Globals is OFF and has nothing to do with this thread.

 

 

Debbie

 

[litebearer]

Debbie...

 

Perhaps it is time to post the entire code rather than snippets.

[.josh]

@doubledee: I was not being sarcastic. My point, which you missed, is that you aren't being very clear about your problem, it is not "spelled out", and I made a "best guess" accordingly, with a prefix of "If this is the case...". 

[doubledee]

@doubledee: I was not being sarcastic. My point, which you missed, is that you aren't being very clear about your problem, it is not "spelled out", and I made a "best guess" accordingly, with a prefix of "If this is the case...".

 

I wasn't sure with all of the *emphasis* going on?!

 

Did my last post clear things up, or are you still not following me?

 

 

Debbie

 

[Psycho]

As far as "incorrect entries should be sticky too", I guess I would be open to that, but I'm used to incorrect data being wiped clean and only correct data being kept.  (Why auto-populate something that users have to erase/retype anyways?)

 

Why? I gave you an example of why. If the user makes a simple typo they would only have to make a small correction instead of having to retype everything. You say you are "used to incorrect data being wiped clean" but I know that the vast majority of applications I use do repopulate the invalid date (except for data in password fields). In addition to allowing the user to make the minor correction it also allows the user to "see" the validation error for themselves. Most validation errors are from simple typos. So, if I was to submit a form and get a message that one or more of the fields was invalid (with or without the reasons) and the data I entered was not displayed, I would question whether or not the validation was in error vs. my input. I have encountered numerous instances where a site was incorrectly validating input I entered and I had to modify my input to allow it to pass. If the value I had entered was not displayed it would take numerous trial and error attempts to figure this out. For example, your current logic does not support accented characters; someone with the name "Valentín" would consider all their characters as being between A-Z, but your validation would tell them that their name is invalid (ALso, you might want to take a second look at the error message - since it is wrong).

 

Back your problem, if you are setting the value for $firstName and it is not being output when you do an echo then either 1) the same variable name is not being used (which doesn't seem to be the problem), 2) the variable is being unset or changed somewhere between where it is set and where it is output (unable to tell from what has been provided) or 3) the value is not begin set before it is being output (i.e. there is a problem with the logical flow).

 

For reasons #2 and #3 are why you have been asked to provide the entire code. It would be interesting to see where you are initiating the form validation logic vs. the output of the form. And, I just had a thought, are you doing a header() redirect to the form if validation fails? IF so, then reason #2 explains your problem.

 

EDIT: I just checked three "major" sites (Gmail, Facebook & Windows Live) and tried to create a new account with invalid data. In all three instances, the invalid data was not wiped. As I said, this is an industry standard.

[.josh]

@others: Whether or not it *should* be wiped is not really the point..if that's what doubledee wants to do, that's her prerogative.  Though FYI I do agree, it is the de facto standard to not wipe it, even if it's incorrect. 

 

@doubledee: yes, that makes things clearer, but as others have said, can't really tell from the snippets of code what is going wrong, you should post complete version.

 

 

[doubledee]

As far as "incorrect entries should be sticky too", I guess I would be open to that, but I'm used to incorrect data being wiped clean and only correct data being kept.  (Why auto-populate something that users have to erase/retype anyways?)

 

Why? I gave you an example of why. If the user makes a simple typo they would only have to make a small correction instead of having to retype everything. You say you are "used to incorrect data being wiped clean" but I know that the vast majority of applications I use do repopulate the invalid date (except for data in password fields). In addition to allowing the user to make the minor correction it also allows the user to "see" the validation error for themselves. Most validation errors are from simple typos. So, if I was to submit a form and get a message that one or more of the fields was invalid (with or without the reasons) and the data I entered was not displayed, I would question whether or not the validation was in error vs. my input. I have encountered numerous instances where a site was incorrectly validating input I entered and I had to modify my input to allow it to pass. If the value I had entered was not displayed it would take numerous trial and error attempts to figure this out. For example, your current logic does not support accented characters; someone with the name "Valentín" would consider all their characters as being between A-Z, but your validation would tell them that their name is invalid (ALso, you might want to take a second look at the error message - since it is wrong).

 

Okay, so maybe the way you are recommending is better.

 

 

Back your problem, if you are setting the value for $firstName and it is not being output when you do an echo then either 1) the same variable name is not being used (which doesn't seem to be the problem), 2) the variable is being unset or changed somewhere between where it is set and where it is output (unable to tell from what has been provided) or 3) the value is not begin set before it is being output (i.e. there is a problem with the logical flow).

 

For reasons #2 and #3 are why you have been asked to provide the entire code. It would be interesting to see where you are initiating the form validation logic vs. the output of the form. And, I just had a thought, are you doing a header() redirect to the form if validation fails? IF so, then reason #2 explains your problem.

 

Okay here is all of my code...

<?php //Build Date: 2011-12-26

// Initialize a session.
session_start();

// Access Constants
require_once('../config/config.inc.php');


// *************************************************************
// HANDLE FORM.																								 *
// *************************************************************
if ($_SERVER['REQUEST_METHOD']=='POST'){
	// Form was Submitted (Post).

	// Initialize Variables.
	$_SESSION['resultsCode'] = '';
	$errors = array();

	// Trim all Form data.
	$trimmed = array_map('trim', $_POST);

	// Connect to the database.
	require_once(WEB_ROOT . 'private/mysqli_connect.php');


	// ************************
	// Validate Form Data.		*
	// ************************

	// Validate First Name.
	if (empty($trimmed['firstName'])){
		$errors['firstName'] = 'Please enter your First Name.';
	}else{
		if (preg_match('#^[A-Z \'.-]{2,20}$#i', $trimmed['firstName'])){
			echo "HERE";
			$firstName = $trimmed['firstName'];
		}else{
			$errors['firstName'] = 'First Name must be 2-20 characters (A-Z \' . -)';
		}
	}

	// Validate Email.
	if (empty($trimmed['email'])){
		$errors['email'] = 'Please enter your E-mail address.';
	}else{
		// ****************************
		// Check Email Availability.	*
		// ****************************

		// (Replacement for non-supported Email-Filter.)
// Limit to 60 characters.
		if (preg_match('#^[A-Z0-9_\+-]+(\.[A-Z0-9_\+-]+)*@[A-Z0-9-]+(\.[A-Z0-9-]+)*\.([A-Z]{2,7})$#i', $trimmed['email'])){
			// Valid Email.

			// Build query.
			$q = 'SELECT email
						FROM member
						WHERE email=?';

			// Prepare statement.
			$stmt = mysqli_prepare($dbc, $q);

			// Bind variable.
			mysqli_stmt_bind_param($stmt, 's', $trimmed['email']);

			// Execute query.
			mysqli_stmt_execute($stmt);

			// Transfer result-set from prepared statement.
			// (Required for all queries that return results.)
			mysqli_stmt_store_result($stmt);

			// Check # of Records Returned.
			if (mysqli_stmt_num_rows($stmt)==0){
				// Unique Email.
				$email = $trimmed['email'];
			}else{
				// Duplicate Email.
				$errors['email'] = 'This E-mail is taken.  Try again.';
			}
		}else{
			// Invalid Email.
			$errors['email'] = 'Please enter a valid E-mail address.';
		}// End of CHECK AVAILABILITY.
	}//End of VALIDATE EMAIL.

	// Check Password.							/* TBD */
	if (empty($trimmed['pass1'])){
		$errors['pass'] = 'Please enter your Password.';
	}else{
		// Compare Passwords.
		if ($trimmed['pass1'] == $trimmed['pass2']){
			// Passwords Match.
			$pass = $trimmed['pass1'];
		}else{
			// Passwords Different.
			$errors['pass'] = 'Your Passwords did not match.';
		}
	}//End of VALIDATE PASSWORD


	// ****************************
	// Attempt to Create Member.	*
	// ****************************
	if (empty($errors)){
		// Valid form data.

		// Create Activation Code.
		$activationCode = md5($email . uniqid(rand(), true));

		// Build query.
		$q = "INSERT INTO member(email, pass, first_name, activation_code, created_on)
						VALUES(?, ?, ?, ?, NOW())";

		// Prepare statement.
		$stmt = mysqli_prepare($dbc, $q);

		// Bind variables to query.
		mysqli_stmt_bind_param($stmt, 'ssss', $email, $pass, $firstName, $activationCode);

		// Execute query.
		mysqli_stmt_execute($stmt);

		// Verify Insert.
		if (mysqli_stmt_affected_rows($stmt)==1){
			// Insert Succeeded.
			// Set Message.
			$_SESSION['resultsCode'] = 'ACCOUNT_MEMBER_ACCT_CREATED';
			$_SESSION['registrationEmail'] = $email;

			//---------------------------------
			// Create Email Content.
			$body = "Thank you for creating a new account.\n\nTo activate your account, please click on the link below:\n\n";
			$body .= BASE_URL . 'members/activate.php?x=' . $activationCode;

			// Send Email.
			mail($trimmed['email'], 'Re: Please Activate Your Account', $body, 'From: admin@MySite.com <admin@MySite.com>');
		}else{
			// Insert Failed.
			$_SESSION['resultsCode'] = 'ACCOUNT_MEMBER_ACCT_FAILED';
		}// End of VERIFY INSERT.

		// Close prepared statement.
		mysqli_stmt_close($stmt);

		// Close the connection.
		mysqli_close($dbc);

		// Redirect to Display Outcome.
		header("Location: " . BASE_URL . "members/create_account_results.php");

		// End script.
		exit();
	}else{
		// Invalid form data.
		// Drop through to display Form.
	}//End of ATTEMPT TO CREATE MEMBER

}else{
	// Form was not Submitted (Get).
	// Drop through to display Form.
}//End of HANDLE FORM
?>


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<!-- ################## DEBBIE ##################### -->
<!-- HTML Metadata -->
<title>Create an Account</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

<!-- Page Stylesheets -->
<link type="text/css" rel="stylesheet" href="/css/_main.css" />
<link type="text/css" rel="stylesheet" href="/css/_layout.css" />
<link type="text/css" rel="stylesheet" href="/css/top_menu.css" />
<link type="text/css" rel="stylesheet" href="/css/components.css" />
</head>

<body>
  <div id="pageWrapper" class="clearfix">
    <div id="pageInner">
		<!-- BODY HEADER -->
		<?php	require_once(WEB_ROOT . 'components/body_header.inc.php');	?>


		<!-- MIDDLE COLUMN -->
		<div id="pageMidCol_1">

			<!-- CREATE ACCOUNT FORM -->
			<form id="createAccount" action="" method="post">
				<fieldset>
					<legend>Create a Member Account</legend>
					<ul>
						<!-- Required Note -->
						<li id="requiredNote">
							<b>*</b> = Required Field
						</li>

						<!-- First Name -->
						<li>
							<label for="firstName"><b>*</b>First Name:</label>
							<input id="firstName" name="firstName" type="text" maxlength="20"
									value="<?php if(isset($firstName)){echo htmlspecialchars($firstName, ENT_QUOTES);} ?>" /><!-- Sticky Field -->
							<?php
								if (!empty($errors['firstName'])){
									echo '<span class="error">' . $errors['firstName'] . '</span>';
								}
							?>
						</li>

						<!-- Email -->
						<li>
							<label for="email"><b>*</b>E-mail:</label>
							<input id="email" name="email" type="text" maxlength="60"
									value="<?php if(isset($email)){echo htmlspecialchars($email, ENT_QUOTES);} ?>" /><!-- Sticky Field -->
							<?php
								if (!empty($errors['email'])){
									echo '<span class="error">' . $errors['email'] . '</span>';
								}
							?>
						</li>

						<!-- Password1 -->
						<li>
							<label for="pass1"><b>*</b>Password:</label>
							<input id="pass1" name="pass1" type="password" maxlength="40" />
							<?php
								if (!empty($errors['pass'])){
									echo '<span class="error">' . $errors['pass'] . '</span>';
								}
							?>
						</li>

						<!-- Password2 -->
						<li>
							<label for="pass2"><b>*</b>Confirm Password:</label>
							<input id="pass2" name="pass2" type="password" maxlength="40" />
						</li>

						<!-- Submit Form -->
						<li>
							<input type="submit" name="createAccount" class="button" value="Create Account"/>
						</li>
					</ul>
				</fieldset>
			</form>
		</div><!-- End of #MIDDLE -->


	</div><!-- End of #INNER -->
</div><!-- End of #WRAPPER -->


<!-- BODY FOOTER -->
<?php	require_once(WEB_ROOT . 'components/body_footer.inc.php');	?>
</body>
</html>

 

 

BTW, since I posted my entire script, if you gurus could check my code out overall from a coding and security standpoint, that would be appreciated!!

 

Sincerely,

 

 

Debbie

 

[Psycho]

OK, I just ran your script (I commented out the code that would cause me failures: DB stuff and includes) and the fields without validation failures were sticky. So, the problem may be with your browser doing some weird caching, something in one of the include files, or a configuration setting such as the register globals. Although I can't think of a config setting that would cause this not to work. I don't see anything in the DB code that would cause this not to work, but I do see three include files that are called before the form loads.

require_once('../config/config.inc.php');
require_once(WEB_ROOT . 'private/mysqli_connect.php');
require_once(WEB_ROOT . 'components/body_header.inc.php');

 

But, only the last one is called after $firstName is set and before you use it to set the saved value in the field. Here is your PHP code from that script where I have added some debugging code to see what the value of $firstName is along the processing of the PHP code. Here you can see if it is getting properly set and if it is getting unset() somewhere along the line due to the included file.

 

<?php

//Build Date: 2011-12-26
// Initialize a session.
session_start();

// Access Constants
require_once('../config/config.inc.php');

// *************************************************************
// HANDLE FORM.
// *************************************************************

if ($_SERVER['REQUEST_METHOD']=='POST')
{
    // Form was Submitted (Post).
    // Initialize Variables.
    $_SESSION['resultsCode'] = '';
    $errors = array();
    // Trim all Form data.
    $trimmed = array_map('trim', $_POST);
    // Connect to the database.
    require_once(WEB_ROOT . 'private/mysqli_connect.php');

    // ************************
    // Validate Form Data.
    // ************************
    // Validate First Name.
    if (empty($trimmed['firstName'])){
        $errors['firstName'] = 'Please enter your First Name.';
    }else{
        if (preg_match('#^[A-Z \'.-]{2,20}$#i', $trimmed['firstName'])){
            $firstName = $trimmed['firstName'];
            echo "First name is set as ($firstName)<br>\n"; ##DEBUGGING LINE
        }else{
            $errors['firstName'] = 'First Name must be 2-20 characters (A-Z \' . -)';
        }
    }

    // Validate Email.
    if (empty($trimmed['email'])){
        $errors['email'] = 'Please enter your E-mail address.';
    }else{
        // ****************************
        // Check Email Availability.
        // ****************************
        // (Replacement for non-supported Email-Filter.)
        // Limit to 60 characters.
        if (preg_match('#^[A-Z0-9_\+-]+(\.[A-Z0-9_\+-]+)*@[A-Z0-9-]+(\.[A-Z0-9-]+)*\.([A-Z]{2,7})$#i', $trimmed['email'])){
            // Valid Email.
            // Build query.
            $q = 'SELECT email
                  FROM member
                  WHERE email=?';
            // Prepare statement.
            $stmt = mysqli_prepare($dbc, $q);
            // Bind variable.
            mysqli_stmt_bind_param($stmt, 's', $trimmed['email']);
            // Execute query.
            mysqli_stmt_execute($stmt);
            // Transfer result-set from prepared statement.
            // (Required for all queries that return results.)
            mysqli_stmt_store_result($stmt);
            // Check # of Records Returned.
            if (mysqli_stmt_num_rows($stmt)==0){
                // Unique Email.
                $email = $trimmed['email'];
            }else{
                // Duplicate Email.
                $errors['email'] = 'This E-mail is taken.  Try again.';
            }
        }else{
            // Invalid Email.
            $errors['email'] = 'Please enter a valid E-mail address.';
        }// End of CHECK AVAILABILITY.
    }//End of VALIDATE EMAIL.


    // Check Password.
    /* TBD */
    if (empty($trimmed['pass1'])){
     $errors['pass'] = 'Please enter your Password.';
    }else{
        // Compare Passwords.
        if ($trimmed['pass1'] == $trimmed['pass2']){
            // Passwords Match.
            $pass = $trimmed['pass1'];
        }else{
            // Passwords Different.
            $errors['pass'] = 'Your Passwords did not match.';
        }
    }//End of VALIDATE PASSWORD

    // ****************************
    // Attempt to Create Member.
    // ****************************
    if (empty($errors)){
        // Valid form data.
        // Create Activation Code.
        $activationCode = md5($email . uniqid(rand(), true));
        // Build query.
        $q = "INSERT INTO member(email, pass, first_name, activation_code, created_on)
        VALUES(?, ?, ?, ?, NOW())";
        // Prepare statement.
        $stmt = mysqli_prepare($dbc, $q);
        // Bind variables to query.
        mysqli_stmt_bind_param($stmt, 'ssss', $email, $pass, $firstName, $activationCode);
        // Execute query.
        mysqli_stmt_execute($stmt);
        // Verify Insert.
        if (mysqli_stmt_affected_rows($stmt)==1){
            // Insert Succeeded.
            // Set Message.
            $_SESSION['resultsCode'] = 'ACCOUNT_MEMBER_ACCT_CREATED';
            $_SESSION['registrationEmail'] = $email;
            //---------------------------------
            // Create Email Content.
            $body = "Thank you for creating a new account.\n\nTo activate your account, please click on the link below:\n\n";
            $body .= BASE_URL . 'members/activate.php?x=' . $activationCode;
            // Send Email.
            mail($trimmed['email'], 'Re: Please Activate Your Account', $body, 'From: admin@MySite.com <admin@MySite.com>');
        }else{
            // Insert Failed.
            $_SESSION['resultsCode'] = 'ACCOUNT_MEMBER_ACCT_FAILED';
        }// End of VERIFY INSERT.
        // Close prepared statement.
        mysqli_stmt_close($stmt);
        // Close the connection.
        mysqli_close($dbc);
        // Redirect to Display Outcome.
        header("Location: " . BASE_URL . "members/create_account_results.php");
        // End script.
        exit();
    }else{
        // Invalid form data.
        // Drop through to display Form.
    }//End of ATTEMPT TO CREATE MEMBER
}else{
    // Form was not Submitted (Get).
    // Drop through to display Form.
}//End of HANDLE FORM
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<!-- ################## DEBBIE ##################### -->
<!-- HTML Metadata -->
<title>Create an Account</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<!-- Page Stylesheets -->
<link type="text/css" rel="stylesheet" href="/css/_main.css" />
<link type="text/css" rel="stylesheet" href="/css/_layout.css" />
<link type="text/css" rel="stylesheet" href="/css/top_menu.css" />
<link type="text/css" rel="stylesheet" href="/css/components.css" />
</head>

<body>
  <div id="pageWrapper" class="clearfix">
    <div id="pageInner">
<!-- BODY HEADER -->
<?php
echo "First name value before 'body_header.inc.php' is called: ($firstName)<br>\n"; ##DEBUGGING LINE
require_once(WEB_ROOT . 'components/body_header.inc.php');
echo "First name value after 'body_header.inc.php' is called: ($firstName)<br>\n"; ##DEBUGGING LINE
?>

<!-- MIDDLE COLUMN -->
<div id="pageMidCol_1">
<!-- CREATE ACCOUNT FORM -->
<form id="createAccount" action="" method="post">
<fieldset>
<legend>Create a Member Account</legend>
<ul>
<!-- Required Note -->
<li id="requiredNote">
<b>*</b> = Required Field
</li>
<!-- First Name -->
<li>
<label for="firstName"><b>*</b>First Name:</label>
<input id="firstName" name="firstName" type="text" maxlength="20"
value="<?php if(isset($firstName)){ echo htmlspecialchars($firstName, ENT_QUOTES); } ?>" /><!-- Sticky Field -->
<?php
if (!empty($errors['firstName'])){
echo '<span class="error">' . $errors['firstName'] . '</span>';
}
?>
</li>
<!-- Email -->
<li>
<label for="email"><b>*</b>E-mail:</label>
<input id="email" name="email" type="text" maxlength="60"
value="<?php if(isset($email)){echo htmlspecialchars($email, ENT_QUOTES);} ?>" /><!-- Sticky Field -->
<?php
if (!empty($errors['email'])){
echo '<span class="error">' . $errors['email'] . '</span>';
}
?>
</li>
<!-- Password1 -->
<li>
<label for="pass1"><b>*</b>Password:</label>
<input id="pass1" name="pass1" type="password" maxlength="40" />
<?php
if (!empty($errors['pass'])){
echo '<span class="error">' . $errors['pass'] . '</span>';
}
?>
</li>
<!-- Password2 -->
<li>
<label for="pass2"><b>*</b>Confirm Password:</label>
<input id="pass2" name="pass2" type="password" maxlength="40" />
</li>
<!-- Submit Form -->
<li>
<input type="submit" name="createAccount" class="button" value="Create Account"/>
</li>
</ul>
</fieldset>
</form>
</div><!-- End of #MIDDLE -->

</div><!-- End of #INNER -->
</div><!-- End of #WRAPPER -->

<!-- BODY FOOTER -->
<?php
###require_once(WEB_ROOT . 'components/body_footer.inc.php');
?>
</body>
</html>

[doubledee]

I just figured it out...

 

I had this code in my Header for my Welcome Message...

<!-- WELCOME MESSAGE -->
<?php
	$firstName = (isset($_SESSION['memberFirstName']) ? $_SESSION['memberFirstName'] : '');

 

So when the form had errors and reloaded I was erasing the $firstName from the form?!  Oops!!

 

----

 

Which leads me to another question that I had...

 

When should I display this in the Header...

Hello.  Log In to access premium content.   Not a Member?  Start Here 

 

 

I would think you would want to hide that when you:

- Create an Account

- Log In

 

What is the best way to show/hide that message in the Header depending on which page I am on?

 

(Hope that makes sense?!)

 

 

 

Debbie

 

 

[scootstah]

Why hide it?

[doubledee]

Why hide it?

 

Doesn't it seem silly to have that mast show when a User is Creating an Account or Logging In?

 

(You would be amazed, but it might confuse some people while creating an account or logging in?!)

 

Also, on some screens (e.g. Account Creation Results, Checkout, etc) I don't think you want to give people to many paths to drift off course or flat out screw the flow up!

 

 

Debbie

 

[.josh]

have it show/hide based on logged in status.  I assume you have a session var somewhere in there that is only set when user is logged in, yah?

[doubledee]

have it show/hide based on logged in status.  I assume you have a session var somewhere in there that is only set when user is logged in, yah?

 

Yes, I have a Session.

 

Okay, but it isn't a matter whether they are logged in.

 

Normally (e.g. on Home Page) there are two flavors...

 

Logged Out:

Hello.  Log In to access premium content.  Not a Member? Start Here

 

 

Logged In:

Hello, <firstName>!!  My Account | Log Out

 

 

What I am saying, though, is that I don't feel either of those "Welcome Masts" should be displayed if you are:

- Creating an Account

- Logging In (on the actual Log In page)

- At the "Create Account Results" page

- Changing Your Password

- Resetting Your Password

- Checking Out

- etc.

 

Because on those pages you need to focus on the issue at hand and not be screwing Logging/Logging Out/Creating an Account?!

 

Do I put all of those "offending" pages in an Array and say "If you are one of these, hide the Welcome Mast"??

 

(I think that is what I did in Release #1, but it seemed like it could be improved...)

 

Make sense?

 

 

Debbie

 

[.josh]

Yes that makes sense...but isnt the common denominator between all those pages/scenarios that you ARE logged in? Therefore, you can just base the logic on logged in status.

[.josh]

Well i guess point 1 you arent logged in yet so thats kinda superfluous. Point 2 you wouldnt be either but IMO you should show it on that page.  And the others work under logged in status logic so really the only thing is first point.