Jump to content

Cannot activate error message involving radio selection of a button

facarroll

By facarroll
in PHP Coding Help

 Share

Recommended Posts

facarroll Member

facarroll

Posted
Posted

Some help would be great here.

The following snippets work, but I am unable to figure out how to activate the error message "You did not select a name for editing".

Both of the other error codes work but if I input 'given' and 'family' and forget to select the relevant radio button, the error message doesn't work.

No other problems with the code.

 

<html>
<table>
<?php
// Query member data from the database
$query1 = mysql_query("SELECT userId FROM users WHERE managerId='".$recid."' AND userGroup='".$group2."' ORDER BY userId ASC");
while($row1 = mysql_fetch_array($query1))
{
$firstGroup .=$row1['userId']. ' <input type="radio" name="snames" value="'.$row1['userId'].'" /> ' . "    <br /><br>";
}
?>
  <form method="post" enctype="multipart/form-data" action="<?PHP echo $_SERVER["PHP_SELF"]; ?>">
    <tr>
      <td><?php echo $firstGroup;?></td>
      <td><input type="text" name="given" value="" /><p>
          <input type="text" name="family" value="" /><p>
          <input type="submit" value="submit" name="Send Data"></form></td> 
    </tr>  
</table>
</html

 

Here are the error messages and their activation method.

 

<?php
// Process the form if it is submitted
if ($_POST['snames']) {
$snames = $_POST['snames'];
$family = preg_replace("/[^A-Za-z0-9]/", ".", $_POST['family']);
$given  = preg_replace("/[^A-Za-z0-9]/", ".", $_POST['given']);

//next section deals with error messaging
$errorMsg = "ERROR:";			
		if(!$snames) {
    		$errorMsg .= "--- You did not select a name for editing.";
			} 
		else if(!$family)	
		{
		$errorMsg .= "--- You did not enter a family name.";
		} 
		else if(!$given) 
 		{
		$errorMsg .= "--- You did not enter a given name.";
		} 
		else 
		{		

exit();
}
}// close if post
echo $errorMsg;
?>

Link to comment
Share on other sites
cyberRobot Prolific Member

cyberRobot

Posted
Posted

The problem most likely comes from the following:

 

<?php
// Process the form if it is submitted
if ($_POST['snames']) {
?>

 

 

If none of the radio button are selected, this if fails. So the part where the error messages are displayed never gets executed. To test if the form was submitted, you could change the if to:

 

<?php
// Process the form if it is submitted
if (isset($_POST['submit'])) {
?>

 

 

 

Side Note:

Due to security issues, it's recommended that you don't use $_SERVER["PHP_SELF"] as the action for forms. Here are some alternatives:

http://www.phpfreaks.com/forums/index.php?topic=339673.0

Link to comment
Share on other sites
AyKay47 Member

AyKay47

Posted
Posted

there are actually several problems with your script, I will list them, then provide you with a revised code.

 

1. the variable $firstGroup needs to be declared a value before it can be concatenated onto. I am assuming that is somewhere above the code provided, else it will output an error.

 

2. what is the point of adding 4 spaces before two line breaks? there are better ways to go about this, also, stick to either the html <br> or the xhtml <br />, depending on your doctype.

 

3. do not use $_SERVER['PHP_SELF'] for a forms action, ever, this value can be tampered with and leave your script open to xss injection, instead, set the forms action to an empty string ""

 

4. debugging should be added into your code, checking if queries have failed etc. before continuing with your script. Never assume that something is going to work.

 

5. you are exit()ing the script before the echo in your code, perhaps you are not quite sure what exit does, I recommend you read the manual on the subject. Exit is killing your script before the echo command is sent, so naturally nothing will output to the browser.

 

6. you should first check if the submit button has been clicked by using isset, as mentioned.

 

<html>
<table>
<?php
// Query member data from the database
$firstGroup = "";
$query1 = mysql_query("SELECT userId FROM users WHERE managerId='".$recid."' AND userGroup='".$group2."' ORDER BY userId ASC");
if(!$query1)
{
   echo "Error: " . $query1 . "<br />" . mysql_error();
   exit;
}
if(mysql_num_rows($query1) > 1)
{
   while($row1 = mysql_fetch_array($query1))
   {
      $firstGroup .= '<td>' . $row1['userId'] .  ' <input type="radio" name="snames" value="' . $row1['userId'] . '" /> ' . '</td><br /><br />';
   }
}
else
{
   $firstGroup = NULL; //do not display output when echoed
}

?>
  <form method="post" action="">
    <tr>
      <?php echo $firstGroup; ?>
      <td><input type="text" name="given" value="" /><p>
          <input type="text" name="family" value="" /><p>
          <input type="submit" value="submit" name="submit"></form></td> 
    </tr>  
</table>
</html

 

// Process the form if it is submitted
if (isset($_POST['submit'])) 
{
   $snames = $_POST['snames'];
   $family = preg_replace("/[^A-Za-z0-9]/", ".", $_POST['family']);
   $given  = preg_replace("/[^A-Za-z0-9]/", ".", $_POST['given']);

//next section deals with error messaging
$errorMsg = "";
if(isset($_POST['snames']))
{
	$errorMsg = "ERROR: --- You did not select a name for editing.";	
}
else if(empty($family))	
{
   $errorMsg .= "ERROR: --- You did not enter a family name.";
} 
else if(empty($given)) 
{
   $errorMsg .= "ERROR: --- You did not enter a given name.";
} 
if(!empty($errorMsg))
{
   echo $errorMsg;
}
}

Link to comment
Share on other sites
cyberRobot Prolific Member

cyberRobot

Posted
Posted
5. you are exit()ing the script before the echo in your code, perhaps you are not quite sure what exit does, I recommend you read the manual on the subject. Exit is killing your script before the echo command is sent, so naturally nothing will output to the browser.

 

For what it's worth, the exit() only happens if all fields are filled out. This might make it a little more obvious:

 

<?php
//...

if(!$snames)      { $errorMsg .= "--- You did not select a name for editing."; } 
else if(!$family) { $errorMsg .= "--- You did not enter a family name."; } 
else if(!$given)  { $errorMsg .= "--- You did not enter a given name."; } 
else              { exit(); }

//...
?>

Link to comment
Share on other sites
AyKay47 Member

AyKay47

Posted
Posted

5. you are exit()ing the script before the echo in your code, perhaps you are not quite sure what exit does, I recommend you read the manual on the subject. Exit is killing your script before the echo command is sent, so naturally nothing will output to the browser.

 

For what it's worth, the exit() only happens if all fields are filled out. This might make it a little more obvious:

 

<?php
//...

if(!$snames)      { $errorMsg .= "--- You did not select a name for editing."; } 
else if(!$family) { $errorMsg .= "--- You did not enter a family name."; } 
else if(!$given)  { $errorMsg .= "--- You did not enter a given name."; } 
else              { exit(); }

//...
?>

 

thanks, i misread the code since it is poorly written.

Link to comment
Share on other sites
facarroll Member

facarroll

Posted
  • Author
Posted

Thanks AyKay for your kind help. I was able to solve this problem by working through your suggestion. While your solution did not work as it stood, I realised that if I included a hidden type with name= 'submit' in the input form, then there would be a point to the isset function.

Many thanks for your other helpful comments as well. I'll work through them.

Link to comment
Share on other sites
AyKay47 Member

AyKay47

Posted
Posted

Thanks AyKay for your kind help. I was able to solve this problem by working through your suggestion. While your solution did not work as it stood, I realised that if I included a hidden type with name= 'submit' in the input form, then there would be a point to the isset function.

Many thanks for your other helpful comments as well. I'll work through them.

 

your logic is a little off, while having a hidden input in the form, then checking for it to be set will work, it is unnecessary. The point of the isset is to check for the submit button being clicked. Because if it has not been clicked, there is no point in running any code to handle the form.

Link to comment
Share on other sites
AyKay47 Member

AyKay47

Posted
Posted

I have to reply that wile I did try your useful advice, it quite simply did nothing.

 

you have to make sure that the $_POST index matches the submit name. In your case, you have the submit name set to "Send Data", so to check if the submit button is set you would use: isset($_POST['Send Data'])

Link to comment
Share on other sites
PaulRyan Member

PaulRyan

Posted
Posted

@AyKay - I'm sure you knew this already, but you should not rely on a submit button for processing form data.

Not all browsers send the submit button name and value along with the form, as facarroll suggested, using a hidden field is the safest method to submit a form and process it too.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.