making sure everything is filled in a form

**mdoghman** · Nov 3, 2008 17:04

Hi guys how r u doing ..
i made a form in my php file. It's for studying purposes not for actual website therefore i dont have database.

this is my form:

HTML Code:

<div id="contact-area">	
<form method="post" action="contactengine.php">
<label for="Name" id="Name">Naam:</label>
<input type="text" name="Name" />
<label for="Email" id="Email">E-mail:</label>
<input type="text" name="Email" />
<label for="Message"="Message">Bericht:</label><br />
<textarea name="Message" rows="20" cols="20"></textarea>
<input type="submit" name="submit" value="Verzenden" class="submit-button" />
</form>

then the page contactengine.php contains the following:

Code:

Dank u wel <?php echo $_POST["Name"]; ?>. We hebben uw formulier op <?php echo date(d) ?> <?php echo date(M) ?> ontvangen.<br />
Wij nemen zo spoedig mogelijk contact met u op.

is there any code i could u .. that will check first if everything is filled BEFORE directing me to contactengine.php?
i tried using if loop, but i dunno how to state in the else
to direct to contactengine.php

thanks in advance

**Shaydez** · Nov 3, 2008 17:10

use a javascript form validation.

**imaginethis** · Nov 3, 2008 19:46

Originally Posted by Shaydez

use a javascript form validation.

Er.... in a PHP forum? Besides, javascript validation only works if javascript is turned on.This is one of the easiest ways to sumbit invalid information to a server.

if every field is required you can just loop through all the fields and check if the value is empty.

PHP Code:


$clean = $_POST;
$error = false;
foreach($clean as $field)
  if(!trim($field) || empty($field)
  {
     $error = true;
     break;
  }

If every field is not required then you can just use

PHP Code:


if(!trim($field) || empty($field)

on every field

**priti** · Nov 3, 2008 22:27

you can either use

1. javascript validation - they at client side so saves server hits.
2. Server side validation - As 'imaginethis' already explained to you.
3. use both :-) but with trick that if the data is formatted then don't fall in server side valdiation.

4. use AJAX to validate your form before your submit.

Thanks

**mdoghman** · Nov 4, 2008 04:40

Thanks guys ..
the thing is .. i am doing this for college ..
we didnt get javascript now and only basics of php .
but i am allowed to use scripts from other people ..
i used a javascript for the pictures ..
bur i was trying to write my own php script ...
and i did got pretty far but i have a problem ..

method=post and action=contactengine.php

if i do this .. i can not make sure everything is filled since it will direct them to contactengine.php

i used if ..... echo please fill everything
else ("this is what i dunno .. how can i say go to contactengine.php")
becoz now i have
method = post action = Serverscript (i am using now normal language)

i just need something in my else to direct them to contactengine.php and i dont know how in php ..

thanks

**Jake Arkinstall** · Nov 4, 2008 05:22

You don't send them to contactengine.php through another file.

You send the form to contactengine.php then run validation before handling it.

**mdoghman** · Nov 4, 2008 05:57

how?
excuse me i am a newbie in php .. being doing this for 2 weeks only

**Jake Arkinstall** · Nov 4, 2008 06:16

Something like this at the minimum:

PHP Code:


<?php

$errors = array();

if(isset($_POST['submit'])){

    $requiredFields = array('email', 'subject', 'message');

    foreach($requiredFields as $field){

        if(!isset($_POST[$field])) $errors[] = 'Not found: ' . $field;

    }

    foreach($_POST as $key => $value){

        $_POST[$key] = mysql_real_escape_string($_POST[$key]);

    }

    if(count($errors) > 0){

        //handle the form...

    }

}

if(count($errors) > 0){

    echo '<h2>Errors:</h2><ul>';

    foreach($errors as $error){

        echo '<li>'.$error.'</li>';

    }

}

?>

**mdoghman** · Nov 4, 2008 07:13

i get your point ..
but i dont have a database for the website ..
first the teacher made us make it in html and now suddenly we had to convert it to php ..
just checking whether they filled it in or not .. wont help ..
i have a message is people do fill in, then in contactengine.php
they get notified that message is receive on date and hour.
but if dont direct them to that page ..
they will still be in contact.php and thus they form will still
be visible .. while they dont need it anymore ..

**Jake Arkinstall** · Nov 4, 2008 07:34

but i dont have a database for the website ..

Then don't use the mysql_real_escape_string()

You won't get anywhere by not using Google. Search for handling forms in PHP.

**mdoghman** · Nov 4, 2008 10:27

this is my code now

HTML Code:

<div id="contact-area">	
<form method="post" action="<?= $_SERVER['SCRIPT_NAME'] ?>" >
<label for="Name" id="Name">Naam:</label>
<input type="text" name="Name" value="<?$_POST['Name']?>" />
<label for="Email" id="Email">E-mail:</label>
<input type="text" name="Email" value="<?$_POST['Email']?>"/>
					
<label for="Message" id="Message">Bericht:</label><br />
<textarea value="<?$_POST['Message']?>" name="Message" rows="20" cols="20"></textarea>
<input type="submit" name="submit" value="Verzenden" class="submit-button" />
</form>
						
<?php 
if ($_SERVER['REQUEST_METHOD'] == 'POST' && (!$_POST['Name'] || !$_POST['Message'] || !$_POST['Email'])) 
echo '<p>Vul aub alles in!</p>'; 
else 
{ // sla op in database 			
header('Location: http://localhost/hovenier/contactengine.php');
exit;}
?>

i dunno why it is not working .. its not redirecting ..
it does validate, en does echo.
but if i do fill everything .. it does not redirect

Warning: Cannot modify header information - headers already sent by (output started at C:\inetpub\wwwroot\hovenier\contactus.php:7) in C:\inetpub\wwwroot\hovenier\contactus.php on line 59

**Jake Arkinstall** · Nov 4, 2008 10:42

I keep telling you, do the validation on the handling page (contactengine.php)!

Otherwise you'll run into all kinds of trouble.

First of all, anyone could submit raw data to contactengine.php, bypassing the validation on contactus.php, and do any amount of damage.

Secondly, you can't pass post information through a redirect.

**mdoghman** · Nov 4, 2008 11:15

hahahaha .. i never understood what u meant ..
i just ran the validation on contactengine without reading ur comment .. i came to tell u that i did it .. then i noticed this message .. thanks for the help man ..

i have this now in contactengine.php

HTML Code:

<?php 
if ((!$_POST['Name'] || !$_POST['Message'] || !$_POST['Email'])) 
echo '<p>U heeft niet alles ingevuld.'."<BR>".'Klik op de "terugknop" en vul aub alles in!</p>'; 
else { // sla op in database 
echo '<p> Dank u wel '.$_POST['Name'].' .';
echo 'We hebben uw formulier op '.date(d).' '.date(M).' ontvangen.'."<BR>";
echo 'Wij nemen zo spoedig mogelijk contact met u op.</p>';
}?>

by the way ..
do i need to put BR in Blokletter and in "?
i tried '<br>' it kept saying error.

**priti** · Nov 4, 2008 23:42

what happen if you kept it as below

echo '<p>U heeft niet alles ingevuld <br/> Klik op de "terugknop" en vul aub alles in!</p>';

**mdoghman** · Nov 5, 2008 03:09

sometimes it gives error sometimes it doesnt.
very weird.

**mdoghman** · Nov 5, 2008 03:10

Originally Posted by arkinstall

I keep telling you, do the validation on the handling page (contactengine.php)!

Otherwise you'll run into all kinds of trouble.

First of all, anyone could submit raw data to contactengine.php, bypassing the validation on contactus.php, and do any amount of damage.

Secondly, you can't pass post information through a redirect.

i did it in the same page .. it worked now ..
but indeed lots of work ..

**Iimitk** · Nov 5, 2008 15:01

Originally Posted by imaginethis

if every field is required you can just loop through all the fields and check if the value is empty.

That would exclude "0", which might be a legitimate value for a from field. E.g. How many children (or cars, etc.) do you have? or What is your allowed credit limit? If a user entered "0" as value, then it would evaluates to FALSE when checking it with empty() & hence would produce an error that a required form field is empty!

The best way to check whether a user entered something is actually using strlen(), since all submitted form data are treated as strings & strlen() will count the number of characters entered regardless of their internal type.

PHP Code:


if (strlen(trim($clean)) < 0 && is_numeric(trim($clean))) {
    
    $error = TRUE;
}

**crmalibu** · Nov 6, 2008 00:33

Originally Posted by simsim

since all submitted form data are treated as strings

get post and cookie can also contain arrays.
http://www.php.net/manual/en/faq.htm...aq.html.arrays

**Iimitk** · Nov 9, 2008 11:38

Originally Posted by crmalibu

get post and cookie can also contain arrays.
http://www.php.net/manual/en/faq.htm...aq.html.arrays

Still every single element's value is returned as a string, not an array, nor could it be.

HTML Code:

<input type="text" name="myarray[]" />

If a user enter a value of, say, 5, it will be returned as '5', not 5, nor could it be array('5').

User Tag List

Thread: making sure everything is filled in a form

Thread Tools

Display

making sure everything is filled in a form

Bookmarks

Bookmarks

Posting Permissions