menios Posted November 27, 2007 Share Posted November 27, 2007 I m new to php and i m currently trying to create a server side form validation with php. The idea is to send the user's input to an errors.php that checks the integrity of input and then store it to a database, if i m not wrong. There are many errors here so if someone can look at the code and point some basic instructions on what i m doing wrong with my functions? Thanks in advance for the help My Form [hr]<form action="errors.php" method="post" name="Errors" onreset="return confirm('Do you want to reset the form?')" > <h2> Create a User Account:<br></h2> <fieldset> <legend>Personal Info</legend> <table border="0"> <tr > <th><label for="Username">*Username</label></th> <td><input type="text" name="username" id="Username" value="" maxlength="15" class="Username" ></td> <tr > <th><label for="Name">*Name</label></th> <td><input type="text" name="name" id="Name" value="" maxlength="15" class="First Name" ></td> </tr> <tr > <th><label for="Surname">*Surname</label></th> <td><input type="text" name="surname" id="Surname" value="" maxlength="20" class="Surname" ></td> </tr> <tr> <th><label for="password">*Password</label></th> <td><input type="password" name="password" id="password" maxlength="15" class="password" ></td> </tr> <tr> <th><label for="password2">*Confirm Pass.</label></th> <td><input type="password" name="Password2" id="password2" maxlength="15" class="password" ></td> </tr> </table> </fieldset> <fieldset> <legend>Contact Details</legend> <table border="0"> <tr> <th><label for="email">*Email </label></th> <td><input type="text" name="email" id="email" maxlength="25" class="email" ></td> </tr> <tr> <th><label for="Phone">Phone </label></th> <td><input type="text" name="phone" id="Phone" maxlength="10" class="phone" ></td> </tr> </table> </fieldset> <fieldset> <legend>Postal Address</legend> <table border="0"> <tr> <th><label for="Town">*Town</label></th> <td><input type="text" name="town" id="Town" value="" maxlength="20" class="town" ></td> </tr> <tr> <th><label for="Address">*Address</label></th> <td><input type="text" name="address" id="Address" value="" maxlength="30" class="address" ></td> </tr> <tr> <th><label for="PostCode">*PostCode</label></th> <td><input type="text" name="postCode" id="PostCode" value="" maxlength="8" class="Post Code" ></td> </tr> </table> <input id="submit" type="submit" value="Sign Up"> <input id="reset" type="reset" value="Reset"> </fieldset> </form> And my errors.php [hr]<?php extract($_POST); /* Validation */ /*USername*/ function checkUsername($username) { if(!preg_match("/[^a-zA-Z0-9\.\-\Ä\ä\Ö\ö\Ü\ü\ ]+$/s",$username)) return TRUE; else return FALSE; } /*Name*/ function checkName($name) { if(!preg_match("/[^a-zA-Z\\Ä\ä\Ö\ö\Ü\ü\ ]+$/s",$name)) return TRUE; else return FALSE; } /*Surname*/ function checkSurname($surname) { if(!preg_match("/[^a-zA-Z\\Ä\ä\Ö\ö\Ü\ü\ ]+$/s",$surname)) return TRUE; else return FALSE; } /*Password*/ function checkPassword($password) { $length = strlen ($password); if ($length < { return FALSE; } $unique = strlen (count_chars ($password, 3)); $difference = $unique / $length; echo $difference; if ($difference < .60) { return FALSE; } return preg_match ("/[A-z]+[0-9]+[A-z]+/", $password); } /*Email*/ function checkEmail($email) { $pattern = "/^[A-z0-9\._-]+" . "@" . "[A-z0-9][A-z0-9-]*" . "(\.[A-z0-9_-]+)*" . "\.([A-z]{2,6})$/"; return preg_match ($pattern, $email); } /*Phone*/ function checkPhone($phone) { if(!preg_match("/[^0-9\ ]+$/",$phone)) return TRUE; else return FALSE; } /*Town*/ function checkTown($town) { if(!preg_match("/[^a-zA-Z\\Ä\ä\Ö\ö\Ü\ü\ ]+$/s",$town)) return TRUE; else return FALSE; } /*Address*/ function checkAddress($address) { if(!preg_match("/[^a-zA-Z0-9\.\-\Ä\ä\Ö\ö\Ü\ü\ ]+$/s",$address)) return TRUE; else return FALSE; } /*PostCode*/ function checkPostCode($postCode) { if(!preg_match("/[^0-9]+$/ ",$postcode)) return TRUE; else return FALSE; } /* Validation */ $error=0; // check up variable /* get it checking */ if(!checkUsername($username)) { echo "Illegal input $username in 'Username'"; $error++; // $error=$error+1; } if(!checkName($name)) { echo "Illegal input $name in 'Name'"; $error++; } if(!checkSurname($surname)) { echo "Illegal input $surname in 'Surname'"; $error++; } if(!checkPassword($password)) { echo "Illegal input $password in 'Password'"; $error++; } if(!checkEmail($email)) { echo "Illegal input $email in 'Email'"; $error++; } if(!checkPhone($phone)) { echo "Illegal input $phone in 'phone'"; $error++; } if(!checkTown($town)) { echo "Illegal input $town in 'Town'"; $error++; } if(!checkAddress($address)) { echo "Illegal input $address in 'Address'"; $error++; } if(!checkPostCode($postcode)) { echo "Illegal input $postcode in 'PostCode'"; $error++; } if($error == 0) { echo " The data you entred was correct, thank you!<p> Your data:<br> Your Username: $username<br> Your Name: $name<br> Your Surname: $surname<br> Your Email: $email<br> Your Town: $town<br> Your Address: $address<br> Your phone: $phone<br> Your PostCode: $postcode<br> "; }else{ echo "Number of errors: $error"; } ?> Quote Link to comment Share on other sites More sharing options...
revraz Posted November 27, 2007 Share Posted November 27, 2007 Why not just check it on the same page and send it to the DB if it's valid? Quote Link to comment Share on other sites More sharing options...
menios Posted November 27, 2007 Author Share Posted November 27, 2007 How could i check it? I d prefer to use php cause i m not familia with JS at all. Could i pass all these functions in the form.html? And how could i do that? Too many questions sorry.. Quote Link to comment Share on other sites More sharing options...
boushley Posted November 27, 2007 Share Posted November 27, 2007 yes, make your form.html a form.php. And have the form submit to itself. Then you wrap your PHP in an if(isset($_POST[...])) You have quite a few naming capitalization problems. Where you didn't follow your convention. Such as with the postal code on the errors.php code. Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted November 27, 2007 Share Posted November 27, 2007 <?php if (isset($submit)) { //do stuff } else { //do stuff }?> Quote Link to comment Share on other sites More sharing options...
menios Posted November 27, 2007 Author Share Posted November 27, 2007 I ll start and i ll post questions along the way thanks Quote Link to comment Share on other sites More sharing options...
revraz Posted November 27, 2007 Share Posted November 27, 2007 Remember, variables are case sensitive. Quote Link to comment Share on other sites More sharing options...
Distant_storm Posted November 27, 2007 Share Posted November 27, 2007 Its always best to make validaiton as a function / universal that way you could do something like. validate_data('TYPE','string'); example validate_data('Email',$string); within the function you could have a switch case between different forms of validation. such as email,numbers only,letters only,single digits,dates. You could then output a flag and do this if (validate_data('email',$string) { echo "your data is corrrect"; } This makes the function re-usable. Takes less code, less space, less effort of typing it out for every form u need to validate. and if any changes are needed to your code to check something else you only have to change one bit of code and not loadz. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.