Basic forms handling question; sticky input like in cgi.pl?

[phpfreaksuser]

Hi. I have a form that I would like to validate, and if there are any errors, I would like to re-display the same form but with some error messages, similar to how CGI.pl allows you keep sticky input (filled-out form fields).

In some PHP books I've read, the form's "action" leads to another PHP page, which checks the input, throws an exception if there's an error, and then the catch clause prints a message saying "Press the back button to fix the error." But then how can I re-display the form?

Here is an approach I've been using. [b]Please let me know if it's a sound approach[/b]. The form's "action" leads back to the same Php page as the form. Before the first <html> tag, I check the input. Then if there errors, I re-populate the fields but with error messages. If there are no errors, I do a re-direct immediately to another page.

Is that a commonly-used approach?

[Cep]

I do a similar thing to what you have suggested, my php script will in its flow check to

1. See if any data has been submitted (which there won't as this will be the first time its run)
2. Output html of form
3. Form submits back to the php script
4. See if any data has been submitted (which it has this time)
5. Validate the information
6. Output whatever is required based on that information.

To be honest I don't think its the best method, even though I use it. I believe AJAX is the preferred method of checking and validating form information, returning the information back to the form without technically reloading all of it.

[HuggieBear]

I'd say Cep's method is the most widely used.

This can be achieved with [url=http://uk.php.net/manual/en/ref.session.php]$_SESSION[/url] variables.

Regards
Huggie

[phpfreaksuser]

[quote author=Cep link=topic=123631.msg511257#msg511257 date=1169553858]
I do a similar thing to what you have suggested, my php script will in its flow check to

1. See if any data has been submitted (which there won't as this will be the first time its run)
2. Output html of form
3. Form submits back to the php script
4. See if any data has been submitted (which it has this time)
5. Validate the information
6. Output whatever is required based on that information.

To be honest I don't think its the best method, even though I use it. I believe AJAX is the preferred method of checking and validating form information, returning the information back to the form without technically reloading all of it.
[/quote]

If there are no errors when you validate, do you immediately go to another page? I use 'header("Location: newpage.php")' to produce an HTTP redirect.

Without getting into AJAX, I'm surprised that validating input isn't well documented in tutorials. The approach I described was used in an old CGI.pm book.

[phpfreaksuser]

[quote author=HuggieBear link=topic=123631.msg511293#msg511293 date=1169559118]
I'd say Cep's method is the most widely used.

This can be achieved with [url=http://uk.php.net/manual/en/ref.session.php]$_SESSION[/url] variables.

Regards
Huggie
[/quote]


Can you describe how you use the _SESSION variables to validate and re-display the form?

[Cep]

If there are no errors I just change the results of the control statement (if, switch whatever) to whatever I need the script to do, which may be to forward the user to another page.

You would be surprised at how many tutorials there are for validating fields inputs, google helps here :)

Anyway back to your question. You use session variables as a checkmarker in your script for a control statement, I have also done this with post variables too. Here's a simple script to show how the script can check for something, I have included a redirector function which is a better than header for redirecting scripts to different pages, I found it on php.net and have been using it ever since.

[code]
<?php
session_start();
/***************************************** header redirector function *****************************************/
function redirector($location) {
  $sname = session_name();
  $sid = session_id();

  if (strlen($sid) < 1) {
      header($location);
      return;
  }

  if (isset($_COOKIE[$sname]) || strpos($location, $sname."=".$sid)!==false) {
      header($location);
      return;
  } else {
      if (strpos($location, "?") > 0) {
          $separator = "&";
      } else {
          $separator = "?";
      }   

      $fixed = $location . $separator . $sname."=".$sid;
      header( $fixed );
      return;
  }
}
/**************************************** Main code **********************************************************/

if (isset($_POST['ispost'])) {

  //Grab your post data here
  if (isset($_POST['name'])) { $name = $_POST['name']; } else { $name = ""; }

  //Validate your data here excuse the silly example :D
  if ($name=="") {
      // Failed validation
      $_SESSION['error'] = "No name";
      redirector("./thispage.php");
      exit;
  } else {
      // Validation passed
      $string = "Well done ".$name;
      echo $string;
  }
 
} else {
 
  // Check for error
  if (isset($_SESSION['error'])) { $error = $_SESSION['error']; unset($_SESSION['error']); } else { $error = ""; }

  echo '<html>
        <head></head>
        <body>
        <form name="thispage" method="post" action="thispage.php">
        Enter your name <input name="name" type="text" size="10" /> '.$error.'
        <br />
        <input name="ispost" type="hidden" value="ispost" />
        <input name="send" type="submit" value="Submit" />
        </form>
        </body>
        </html>';
}
?>
[/code]

I knocked this up in about 5 mins so if its not working 100% that will be why but its basically just to give you an idea of how things are done.