Jump to content

[SOLVED] Keeping Form Values After Error Message


Recommended Posts

Ok I have multiple forms (for registration) and if someone were to fill out all the information but have an error in what they entered, how do I keep the form values they entered in the form after they get an error message? Basically so they don't have to re-type all their information after one little error. The script goes from the registration page to a process page, and if there is an error it sends the user back to the registration page with the error message.
Save the values to the session.

On the processing page, create an array, say $form. Then say $form['name'] = $_POST['name']; //Make sure to actually sanitize your data.

Before redirecting back to the form with the error, do $_SESSION['form'] = $form;
On the form page get the form out of the session: $form = $_SESSION['form'];
In each of the inputs add value="<?=$form['name']?>"

etc.
Javascript is client side - PHP is server side. Javascript validation can be bypassed - PHP cannot (as long as you do it correctly)

To clarify: Javascript runs in your visitor's browser, meaning they have control over it. Your PHP runs on your server.
[quote author=jesirose link=topic=119769.msg490793#msg490793 date=1166907185]
Save the values to the session.

On the processing page, create an array, say $form. Then say $form['name'] = $_POST['name']; //Make sure to actually sanitize your data.

Before redirecting back to the form with the error, do $_SESSION['form'] = $form;
On the form page get the form out of the session: $form = $_SESSION['form'];
In each of the inputs add value="<?=$form['name']?>"

etc.
[/quote]Pheww.. blame me for not having a clue what that is

anyway, how I'd suggest you do it is to point your action to point your form to the file you're submitting from; here's how
[code]<?php
if(isset($_POST['submit']))
{
$error = "";
if(!strlen($_POST['username']))
{
$error .= "You need to enter a username<br />";
}
if(!strlen($_POST['password']))
{
$error .= "You need to enter a password<br />";
}
if(strlen($error))
{
showForm($error);
} else {
// process our input here

}
} else {
showForm();
}
function showForm($e="")
{
if(strlen($e))
{
$e = "<font class='error'>".$e."</font>";
} else {
$e = "";
$_POST = NULL;
}
print "<html>
<head>
<title>My Test Form - kamasheto</title>
<style>body { font-size:14px;font-family:Verdana, Sans } .error { font-variant: small-caps; }</style>
</head>
<body>
{$e}
<form action='?' method='post'>
<input type='hidden' name='submit'>
Username: <input type='text' name='username' value='{$_POST['username']}'><br />
Password: <input type='password' name='password' value='{$_POST['password']}'><br />
<input type='submit' value='login'>
</form>
</body>
</html>";
}
?>[/code]
I would recommend having a separate processing file - although I can't think of a way to explain why :(
Also, make sure to sanitize your user's data before printing it back to the screen, or you open yourself up to XSS attacks.
I was just telling him how, no security involved.

The way I'd normally do it is pass my $_POST array to a function that does all those fancy little checks and replacements before I use them anywhere, whether it's something as plain as this to print them back to the user or as severe as inserting them in a database.
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.