BorysSokolov Posted January 20, 2013 Share Posted January 20, 2013 (edited) Hello. Recently, I've been learning about registration forms in PHP, and I'm wandering how I could improve the one I've already written(this is only an excerpt, obviously): if(!empty($username) && !empty($password) && !empty($re_password) && !empty($firstname) && !empty($lastname)){ if($password === $re_password){ $query_run = mysql_query("SELECT username FROM users WHERE username = '$username'"); if(mysql_num_rows($query_run)==1){ echo 'User '."<strong>".$username."</strong>".' Already Exists!'; }else{ mysql_query("INSERT INTO users VALUES ('','".mysql_real_escape_string($username)."','".mysql_real_escape_string($hashed_password)."','".mysql_real_escape_string($firstname)."','".mysql_real_escape_string($lastname)."')"); header('Location: my119file.php?pass_username='.$username); } }else{ echo 'The Re-Entered Password Doesn\'t Match'; } }else{ echo 'Please Fill Out All The Fields'; } } }else{ echo 'You\'re already logged in'; } I'm mainly concerned about the fact that, if the user inputs invalid information into the fields, he will only be notified of the first error encountered; if there happen to be multiple errors with the filled-out information, the user will not know until the first error is solved. For instance, if the user omits one of the required fields, AND the "confirm password" does't match, only the "Please Fill Out All The Fields" error will be displayed, and the "Password Don't Match" error will be ignored until the first issue is resolved. I would much rather prefer if the form recognized all errors in a single run, but I'm not sure how to do that... Any ideas? Thanks. Edited January 20, 2013 by BorysSokolov Quote Link to comment Share on other sites More sharing options...
RobertP Posted January 21, 2013 Share Posted January 21, 2013 Simply append a variable, and echo it out at the end. Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted January 21, 2013 Share Posted January 21, 2013 See this reply - http://forums.phpfreaks.com/topic/273391-when-empty-prevent-insert-but-display-a-message/#entry1407090 Quote Link to comment Share on other sites More sharing options...
BorysSokolov Posted January 23, 2013 Author Share Posted January 23, 2013 See this reply - http://forums.phpfre...e/#entry1407090 Thanks for replying. Sorry, I'm still relatively new to programming. Would something like this be adequate? <?php $string = 'Hello!'; $verifyString = array('checkLength' => NULL, 'checkMatch' => NULL); if(strlen($string) >= 10){ $verifyString['checkLength'] = 'Input Too Long!'; } if($string != 'Hello!'){ $verifyString['checkMatch'] = 'Wrong Input!'; } if($verifyString['checkLength'] == NULL && $verifyString['checkMatch'] == NULL){ echo 'Logged In!';//continue on... }else{ if($verifyString['checkLength'] != NULL){ echo $verifyString['checkLength']; } if($verifyString['checkMatch'] != NULL){ echo $veryString['checkMatch']; } } ?> Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted January 23, 2013 Share Posted January 23, 2013 That method requires more code and the test for empty/not-empty is more complicated. Quote Link to comment Share on other sites More sharing options...
White_Lily Posted January 23, 2013 Share Posted January 23, 2013 To check if a a post variable is empty you could just use: <?php foreach($_POST as $key => $value){ if(empty($value)) $error = "Please fill out all fields of the form"; } ?> Quote Link to comment Share on other sites More sharing options...
Jessica Posted January 23, 2013 Share Posted January 23, 2013 (edited) A posted variable wont be empty. It will be a string. Not to mention your code is only going through what was actually posted. Edit: damn iPhone! fixed typos. Edited January 23, 2013 by Jessica Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted January 23, 2013 Share Posted January 23, 2013 @White_Lily, Please read the question that was asked in the thread. Quote Link to comment Share on other sites More sharing options...
White_Lily Posted January 23, 2013 Share Posted January 23, 2013 (edited) If you want multiple errors to appear should there be more than one fault in the form submitted, try using something that displays the errors in a list, like this: <?php $connect = mysqli_connect("localhost", "web113-social-1", "innov8er", "web113-social-1"); if(!$connect){ die('Connect Error (' . mysqli_connect_errno() . ') '. mysqli_connect_error()); } include "conf.php"; include "functions.php"; $error = array(); foreach($_POST as $key => $value){ if(empty($value) && $value == "undefined") $error[] = "Please fill in any blank fields. ".$key.":".$value; } $name = mysqli_real_escape_string($connect, $_POST["name"]); $email = mysqli_real_escape_string($connect, $_POST["email"]); $username = mysqli_real_escape_string($connect, $_POST["username"]); $password = mysqli_real_escape_string($connect, $_POST["password"]); $confirmPassword = mysqli_real_escape_string($connect, $_POST["confirmPassword"]); $getData = select("*", "users", "username = '$username'", NULL, 1); $data = mysqli_fetch_assoc($getData); if($username == $data["username"]) $error[] = "That username is already taken, please choose another."; if($email == $data["email"]) $error[] = "That email address is already in use."; if($password != $confirmPassword) $error[] = "The passwords you entered do not match."; if(strlen($username) < 6) $error[] = "That username is too short, it should be at least 6 characters long."; if(strlen($username) > 30) $error[] = "That username is too long, it should be no longer than 30 characters."; if(!preg_match('/^[a-zA-Z0-9]+$/', $username)) $error[] = "Invalid username, there should be no spaces or special charaters, please choose another."; if(!preg_match('/^(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{6,}$/', $password)) $error[] = "Invalid password, there should be 1 uppercase and lowercase letter, 1 digit, it must also be a minimum of 6 characters, and a maximum of 30 charaters."; if(count($error) == 0){ if(!mkdir($GLOBALS["siteRoot"]."social/users/".$username)) $error[] = "Could not create your account, either try again later, or contact the webmaster."; if(!mkdir($GLOBALS["siteRoot"]."social/users/".$username."/avatars")) $error[] = "Could not create your account, either try again later, or contact the webmaster."; if(!mkdir($GLOBALS["siteRoot"]."social/users/".$username."/images")) $error[] = "Could not create your account, either try again later, or contact the webmaster."; if(!mkdir($GLOBALS["siteRoot"]."social/users/".$username."/images/albums")) $error[] = "Could not create your account, either try again later, or contact the webmaster."; } if(count($error) > 0){ for($i = 0; $i < count($error); $i++) echo "<li class=\"error\">".$error[$i]."</li>"; } $password = hash('sha256', $password); if(count($error) == 0){ $regUser = insert("users", "first_name, username, password, directory, email", "'$name', '$username', '$password', '".$GLOBALS["siteRoot"]."social/users/".$username."', '$email'"); if($regUser) echo 'correct'; } ?> and before anyone starts to disagree: yes the foreach($_POST as $key => $value) DOES check to see if the form is empty, should you not believe me click the social network development link in my signature and click "Sign Up" and you will see that it works. Edited January 23, 2013 by White_Lily Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.