php Validation

phpanon · March 18, 2008

Hello there,

I have a simple php system and have simple validation currently inplace.

Here is my code

<?php
session_start();
if (isset($_SESSION['username']) == false){
	header("Location: login.php");
	exit();
}
if (($_SESSION['type']) == 'user') {
        header("Location: AccessDenied.php");
	exit();
   	}

if (($_SESSION['type']) == 'manager') {
        header("Location: AccessDenied.php");
   		exit();
   	}
require "connect.php";
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Add User</title>
<link rel="stylesheet" type="text/css"
href="mystylelogin.css" />

</head>
<body>
<?php 
include ("headerAdmin.php"); 
?>

<div id="Adminheader">Create User</div>

<form action="addUserQuery.php" method="post">
<div id="AdminTable">
  <table width="99%" border="0">
  <hr />
      <tr>
        <td width="23%">Title:</td>
        <td width="56%"><select name="title">
          <option >Title</option>
          <option >Mr</option>
          <option >Mrs</option>
	  <option >Ms</option>
	  <option >Miss</option>
        </select></td>
        <td width="21%"><span class="style2">
          <?php
if(isset($_GET['message1']))
{
	echo $_GET['message1'];
}
?>
        </span></td>
        <td width="21%">Username:</td>
        <td width="21%"><input name="username" type="text" value="<?php if (isset($_POST['username'])) echo $_POST['username'];?>" /></td>
        <td width="21%"><span class="style2">
          <?php if(isset($_GET['message5']))
{
	echo $_GET['message5'];
} ?>
        </span></td>
      </tr>
      <tr>
        <td> </td>
        <td> </td>
        <td> </td>
        <td> </td>
        <td> </td>
        <td> </td>
      </tr>
      <tr>
        <td>First Name:</td>
        <td><input name="fName" type="text" value="<?php if (isset($_POST['fName'])) echo $_POST['fName'];?>" /></td>
        <td><span class="style2">
          <?php if(isset($_GET['message2']))
{
	echo $_GET['message2'];
} ?>
        </span></td>
        <td>Password:</td>
        <td><input name="password" type="password" value="<?php if (isset($_POST['password'])) echo $_POST['password'];?>" /></td>
        <td><span class="style2">
          <?php if(isset($_GET['message6']))
{
	echo $_GET['message6'];
} ?>
        </span></td>
      </tr>
      <tr>
        <td> </td>
        <td> </td>
        <td> </td>
        <td> </td>
        <td> </td>
        <td> </td>
      </tr>
      <tr>
        <td>Surname:</td>
        <td><input name="sName" type="text" value="<?php if (isset($_POST['sName'])) echo $_POST['sName'];?>" /></td>
        <td><span class="style2">
          <?php if(isset($_GET['message3']))
{
	echo $_GET['message3'];
} ?>
        </span></td>
        <td>Access: </td>
        <td><select name="type">
          <option >Access</option>
          <option >user</option>
          <option >admin</option>
          <option >manager</option>
        </select></td>
        <td><span class="style2">
          <?php if(isset($_GET['message8']))
{
	echo $_GET['message8'];
} ?>
        </span></td>
      </tr>
      <tr>
        <td> </td>
        <td> </td>
        <td> </td>
        <td> </td>
        <td> </td>
        <td> </td>
      </tr>
      <tr>
        <td>Job Role:</td>
        <td><input type="text" name="jobRole" size="50" value="<?php if (isset($_POST['jobRole'])) echo $_POST['jobRole']; ?>" /></td>
        <td><span class="style2">
          <?php if(isset($_GET['message4']))
{
	echo $_GET['message4'];
} ?>
        </span></td>
        <td> </td>
        <td> </td>
        <td> </td>
      </tr>
      <tr>
        <td> </td>
        <td> </td>
        <td> </td>
        <td> </td>
        <td> </td>
        <td> </td>
      </tr>
      <tr>
        <td> </td>
        <td> </td>
        <td> </td>
        <td> </td>
        <td> </td>
        <td> </td>
      </tr>
      
      
      <tr>
        <td> </td>
        <td> </td>
        <td> </td>
        <td> </td>
        <td> </td>
        <td> </td>
      </tr>
      <tr>
        <td> </td>
        <td> </td>
        <td> </td>
        <td> </td>
        <td><input name="Save" type="submit" value="Create User" /></td>
        <td> </td>
      </tr>
      
      <tr>
        <td> </td>
        <td><?php if(isset($_GET['message7']))
{
	echo $_GET['message7'];
} ?></td>
        <td> </td>
        <td> </td>
        <td> </td>
        <td> </td>
      </tr>
    </table>
</div>
</form>
</body>
</html>

<?php
session_start();
if (isset($_SESSION['username']) == false){
	header("Location: login.php");
	exit();
}
if (($_SESSION['type']) == 'user') {
        header("Location: AccessDenied.php");
	exit();
   	}

if (($_SESSION['type']) == 'manager') {
        header("Location: AccessDenied.php");
   		exit();
   	}

require "connect.php";
$title = $_POST['title'];
$fName = $_POST['fName'];
$sName = $_POST['sName'];
$jobRole = $_POST['jobRole'];
$username = $_POST['username'];
$password = $_POST['password'];
$type = $_POST['type'];

if($title == "Title") 
{
	$message1 = "Please select the employees title";
	header("Location: UserADD.php?message1=$message1");
	exit();
}
if($fName == "") 
{
	$message2 = "Please enter the employees first name";
	header("Location: UserADD.php?message2=$message2");
	exit();
}

if($sName == "") 
{
	$message3 = "Please enter the employees surname";
	header("Location: UserADD.php?message3=$message3");
	exit();
}
if($jobRole == "") 
{
	$message4 = "Please enter the employees job role";
	header("Location: UserADD.php?message4=$message4");
	exit();
}
if($username == "") 
{
	$message5 = "Please enter the employees Username";
	header("Location: UserADD.php?message5=$message5");
	exit();
}
if($password == "") 
{
	$message6 = "Please enter the employees Password";
	header("Location: UserADD.php?message6=$message6");
	exit();
}
if($type == "") 
{
	$message8 = "Please enter the employees access level";
	header("Location: UserADD.php?message8=$message8");
	exit();
}
else if($title == !null || $fName == !null || $sName == !null || $jobRole == !null || $username == !null || $password == !null)
{
	$query = "insert into employee values ('','".$title."','".$fName."','".$sName."','".$jobRole."','".$username."','".$password."', '".$type."','y')";
	$result = mysql_query($query, $connection) or die ("Unable to perform query<br>$query");
	$message7 = "The User ".  basename ($_POST['fName']). "added successfully. ";
	header("Location: UserADD.php?message7=$message7");
	exit();
}
?>

The problem with this is that when a user leaves a field blank then and the error message is passed back, all the information that the user typed in before is lost so they are required to type it all in again...

Does anybody know how this information can be saved??

megz90 · March 18, 2008

sorry not what you asked for i know but rather then checking for empty fields in the php server side u could if wanted check local for missing values.

use javascript to check for missing data and have a pop up which just says "error required field left blank" or something

it would save a bit of time for the user filling out forms again and again by just making sure its done before its sent off,

after its sent u can check if its all correct before you pass it back and make them fill it all out again.

i know its not what you asked but hope it might help.

phpanon · March 18, 2008

Yeah, ive looked into java script validation and wanted to do it in php ideally and was just wondering..

a) if that was possible

b) how?

Sign In

php Validation

Recommended Posts

phpanon

Link to comment

Share on other sites

megz90

Link to comment

Share on other sites

phpanon

Link to comment

Share on other sites

Join the conversation

Browse

Activity

Important Information