Jump to content

Php Form Validation?


scm22ri

Recommended Posts

Hi Everyone,

 

I'm having trouble with php form validation. If a user clicks on "submit" after they no input boxes their information is automatically submitted into my mysql database. I don't want that. I want it so if a person forgets to fill out a certain part of the form they get presented with a error but there information isn't submitted into my mysql database. Any help would you appreciated. Thanks Everyone!

 

http://whatsmyowncarworth.com/class-work/sign2/join.php

Link to comment
Share on other sites

Grab the input and the check whether it has the values you want or not.

 

Something like this:

 

if (isset($_POST['Submit'])) {

$user_name = trim($_POST['username']);
if ($username == "") $error = "You must enter a username";


if (!isset($error)) {
// submit the form
} else {
// display the error by echoing out $error wherever you want it on the page
}

}

Link to comment
Share on other sites

@scm22ri,

 

You've provided no code from us to work with or clarified what you exact requirements are for the form validation. There are a lot of "gotchas" with respect to form validation. I would suggest you start by looking at each field and writing down what would be considered "valid" for that input. Here are some examples based upon the fields you have:

 

Username: I would require that the field contains at least 6 characters. It would also not be unheard of to restrict that input to only certain characters, but is not required as long as you handle the display appropriately (e.g. htmlentities) and that goes for ANY input that could be used to display to the page.

Email: There are many debates on validating email addresses and PHP even has a built in method nowadays. But, for this you should at least verify that the input is a properly formatted email address (I have my own function that I use)

Password: At a minimum I would have a minimum length check on the password: see note below about using trim()

 

When doing your validations you should do them in a specific order. You wouldn't check an email format before you check if it is empty. Also, always trim your input unless you have a valid reason not to. I've seen different positions on trimming password input. You also have to be careful about HOW you do the validations. You could, for example use empty() on a value, but if 0 is a valid value that function would return false.

 

FYI: Your password fields should be of the type "password", i.e. not "text"

 

So, here is sample fully working script based upon your fields.

 

<?php

//Create variables for submitted values (if posted)
//We create tehse regardless if the form was posted to enable "sticky" values in the form
$username = (isset($_POST['username'])) ? trim($_POST['username']) : '';
$email    = (isset($_POST['email']))    ? trim($_POST['email'])    : '';
$password = (isset($_POST['password'])) ? $_POST['password']	   : '';
$confirmp = (isset($_POST['confirmp'])) ? $_POST['confirmp']	   : '';

$errorMsg = '';

function validEmail($email)
{
   $formatTest = '/^[\w!#$%&\'*+\-\/=?^`{|}~]+(\.[\w!#$%&\'*+\-\/=?^`{|}~]+)*@[a-z\d]([a-z\d-]{0,62}[a-z\d])?(\.[a-z\d]([a-z\d-]{0,62}[a-z\d])?)*\.[a-z]{2,6}$/i';
   $lengthTest = '/^(.{1,64})@(.{4,255})$/';
   return (preg_match($formatTest, $email) && preg_match($lengthTest, $email));
}

//Only validate if form was POSTed
if($_SERVER['REQUEST_METHOD'] == 'POST')
{
   //Start validations
   $errors = array();

   //Validate username
   if($username == '')
   {
    $errors[] = 'Username is required.';
   }
   elseif(strlen($username) < 6)
   {
    $errors[] = 'Username must be at least 6 characters.';
   }

   //Validate email
   if($email == '')
   {
    $errors[] = 'Email is required.';
   }
   elseif(!validEmail($email))
   {
    $errors[] = 'Email is not properly formatted.';
   }

   //Validate passwords
   if($password == '' || $confirmp == '')
   {
    $errors[] = 'Password and confirmation are required';
   }
   elseif(strlen($password) < 6)
   {
    $errors[] = 'Password must be at least 6 characters.';
   }
   elseif($password != $confirmp)
   {
    $errors[] = "Password and password confirmation do not match.";
   }

   //Check if there were any validation errors
   if(count($errors))
   {
    //Create error message
    $errorMsg .= "The following error(s) occured:\n";
    $errorMsg .= "<ul>\n";
    foreach($errors as $err)
    {
	    $errorMsg .= "<li>{$err}</li>";
    }
    $errorMsg .= "</ul>\n";
   }
   else
   {
    //Form validation passed, include script to process the data
    echo "Validation passes. Include script to process the data.<br>";
    //Redirect or load confirmation page
    echo "After processing the data, redirect or load confirmation page<br>";
    echo "Click <a href=''>here</a> to reload form";
    exit();
   }
}

?>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Member Registration</title>
</head>
<body>
<form action="" method="post" enctype="multipart/form-data">
<table width="600" align="center" cellpadding="4" border="0">
   <tr>
  <th colspan="2">REGISTER AS A MEMBER</th>
   </tr>
   <tr>
  <td colspan="2"><font color="#FF0000"><?php echo $errorMsg; ?></font></td>
   </tr>
   <tr>
  <td width="163"><div align="right">User Name:</div></td>
  <td width="409"><input name="username" type="text" value="<?php echo $username; ?>" /></td>
   </tr>
   <tr>
  <td><div align="right">Email:</div></td>
  <td><input name="email" type="text" value="<?php echo $email; ?>"/></td>
   </tr>
   <tr>
  <td><div align="right">Password:</div></td>
  <td><input name="password" type="password" />
   </tr>
    <tr>
  <td><div align="right">Confirm Password:</div></td>
  <td><input name="confirmp" type="password" />
   </tr>
   <tr>
  <td><div align="right"></div></td>
  <td><input type="submit" name="Submit" value="Submit Form" /></td>
   </tr>
</table>
</form>
</body>
</html>

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.