Page 1 of 1

PHP form Validation Error Checking?

Posted: Tue Oct 12, 2010 6:12 pm
by mfleming
Hi.

I have a simple form and have included an array with a set of values depending on the error. My echo for each if statement displays properly at the top of the browser, but when using my array values to display the error just above the "Name" field it doesn't work. It only shows the last if statement error.

I cannot figure out what is wrong?

PHP Code

Code: Select all

<?php 
$submit = $_POST['submit'];
// Form Data
$name = strip_tags($_POST['name']);
$address = strip_tags($_POST['address']);
$email = strip_tags($_POST['email']);
$repeatemail = strip_tags($_POST['repeatemail']);
$phone = strip_tags($_POST['phone'], "Enter your Phone Number");
$salonname = strip_tags($_POST['salonname']);
$salonaddress = strip_tags($_POST['salonaddress']);
$salonprov = strip_tags($_POST['salonprov']);
$salonpostal = strip_tags($_POST['salonpostal']);
$salonconfirm = strip_tags($_POST['salonconfirm']);
$enewsletter = strip_tags($_POST['enewsletter']);
$saloncountry = strip_tags($_POST['saloncountry']);
$password = strip_tags($_POST['password']);
$repeatpassword = strip_tags($_POST['repeatpassword']);
$date = date("Y-m-d");
// Set e-mail recipient
$myemail = "info@fusionfashionhair.com";

$form_error_array[0] = "Please Enter in ALL Fields!";
$form_error_array[1] = "Please Enter Valid Name";
$form_error_array[2] = "Please Enter Valid Address";
$form_error_array[3] = "Please Enter Valid Email";
$form_error_array[4] = "Your Email address do not match!";
$form_error_array[5] = "Please Enter Valid Phone Number";
$form_error_array[6] = "Password must be between 6 and 32 characters";
$form_error_array[7] = "Password do not match!";
$form_error_array[8] = "Please Enter Valid Salon Name";
$form_error_array[9] = "Please Enter Valid Salon Address";
$form_error_array[10] = "Please Select Province/State";
$form_error_array[11] = "Please Enter Valid Postal/Zip Code";
$form_error_array[12] = "Please Select Country";
$form_error_array[13] = "Please Confirm Salon Professional ";
$current_error = "No Errors";


if ($submit)
{
    // check for existance
    if ($name&&$address&&$email&&$phone&&$password&&$salonname&&$salonaddress&&$salonpostal)
    {
        // check password input match
        if ($password==$repeatpassword)
        {
            // checks email input match
            if ($email==$repeatemail)
            {
                // Checks Proper input of Province/State
                if ($salonprov=="Please Select" || $salonprov=="------------")
                {
                    echo '<p class="formecho">Please Select a Valid Province/State!</p>';
                    $current_error=$form_error_array[10];
                } // End checks Province/State input
                else
                    // Checks Proper input of Country
                    if ($saloncountry=="Please Select")
                    {
                        echo '<p class="formecho">Please Select a Valid Country!</p>';
                        $current_error=$form_error_array[12];
                    } // End checks Country input
                    else
                    
                    
                        // Checks Proper input Salon Confirmation
                        if (isset($_POST['$salonconfirm'])=='1')
                        {
                            echo '<p class="formecho">Please Confirm You are your Salon</p>';
                            $current_error=$form_error_array[13];
                        } // End checks Salon Confirm input
                        else    
                    
                    
                            //check password length
                            if (strlen($password)>32||strlen($password)<6)
                            {
                                echo '<p class="formecho">Password must be between 6 and 32 characters</p>';
                                $current_error=$form_error_array[6];
                            } //end of password length check
                            
                            else
                            {
                                // Thank you Page
                                $insertGoTo = "thankyou.php";
                                header(sprintf("Location: %s", $insertGoTo));
                                
                                // encrypt password
                                $temppass = $password;
                                $password = md5($password);
                                $repeatpassword = md5($repeatpassword);
                                
                                // dBase file
                                include "dbConfig.php";
                                //open database
                                //generate random number for activation process
                                $random = md5(rand(23456789,987654321));
                                
                                
                                // register the user!                
                                // Set default username
                                $username = $email;
                
                                // INSERT INTO user...  replace user with table name
                                // make sure you have the same number and order of values as the database has
                                $queryreg = mysql_query("
                                
                                INSERT INTO user VALUES ('','$name','$username','$password','$date','$email','$phone','$address','$salonname','$salonaddress','$salonprov','$salonpostal','$saloncountry','$salonconfirm','$enewsletter','$random','0')");
                                
                                //Insert ID based on last ID in database
                                $lastid = mysql_insert_id();
                                
                                //send activation email
                                $to = $email;
                                $subject = "Activate Salon Member Acctount at Fusion Fashion Hair";
                                $headers = "From:  webmaster@fusionfashionhair.com";
                                $server = "mail.fusionfashionhair.com";
                                
                                //change php.ini and set SMTP to $server
                                ini_set("SMTP",$server);
                                
                                
                                $body = "
                                
                                $name from $salonname is wanting a membership, \n\n
                                
                                Please click on the link provided below to activate the account with Fusion Fashion Hair
                                http://www.fusionfashionhair.com/activate.php?id=$lastid&code=$random \n\n
                                
                                Username = $username \n
                                Password = $temppass \n
                                
                                
                                Thank you,
                                
                                Customer Service
                                ";
                                
                                //function to send email
                                mail($to, $subject, $body, $headers);
                        }
                
            }// End of Check Emails    
            else
                echo '<p class="formecho">Your email address do not match!</p>';
                $current_error=$form_error_array[4];
        }// End of Check Passwords
        else
            echo '<p class="formecho">Your Passwords do not match!</p>';
            $current_error=$form_error_array[7];
    }// End check Existance
    else
        echo '<p class="formecho">Please fill in <b>ALL</b> fields!</p>';
        $current_error=$form_error_array[0];
        
}// End if Sumbit

?> 
Form Code:

Code: Select all

     <form action='registration.php' method='post' id="regform">
      <fieldset>
         
        <legend>Personal Information</legend>
        <p>&nbsp;</p>
        <?php echo $current_error; ?>
        <p>&nbsp;</p>
        <p>
          <label for='name'>Name:</label>
          <!--using the value = and php echo you can store the value in the forms without re-entering the values-->
          <input name='name' type='text' value='<?php echo $name; ?>' maxlength="25"/>
          <span class="required">*<?php (($error_array['name']) ? ' <span style="color:red;">The name you entered is invalid</span>' : ''); ?></span><br />
        </p>
        <p>
          <label for="address">Address: </label>
          <!--using the value = and php echo you can store the value in the forms without re-entering the values-->
          <input name='address' type='text' value='<?php echo $address; ?>' maxlength="25"/>
          <span class="required">*</span><br />
        </p>
        <p>
          <label for="email">Email: </label>
          <!--using the value = and php echo you can store the value in the forms without re-entering the values-->
          <input name='email' type='text' value='<?php echo $email; ?>' maxlength="25"/>
          <span class="required">*</span><br />
        </p>
        <p>
          <label for="repeatemail">Confirm Email:</label>
          <input type='text' name='repeatemail' />
          <span class="required">*</span><br />
        </p>
        <p>
          <label for="phone">Phone: </label>
          <!--using the value = and php echo you can store the value in the forms without re-entering the values-->
          <input name='phone' type='text' value='<?php echo $phone; ?>' maxlength="14"/>
          <span class="required">*</span><br />
        </p>
        <p>
          <label for="password">Password: </label>
          <input name='password' type='password' maxlength="32"/>
          <span class="required">*</span><br />
        </p>
        <p>
          <label for="repeatpassword">Confirm Password: </label>
          <input name='repeatpassword' type='password' maxlength="32"/>
          <span class="required">*</span><br />
        </p>
      </fieldset> 

Re: PHP form Validation Error Checking?

Posted: Tue Oct 12, 2010 11:44 pm
by requinix
mfleming wrote:It only shows the last if statement error.
Right. = means "assignment", not "assignment, but keeping track of the previous value too".

You have an array of error messages. Why do you need an array? Because there's more than one error message.
Apply that same logic to $current_error.

Re: PHP form Validation Error Checking?

Posted: Wed Oct 13, 2010 3:52 am
by pkphp
Form validation is something about security. Very important for you scripts.
I suggest you have a look at these scripts, http://phpkode.com/scripts/category/php-validation/
There are lots of php form validation scripts in this site. I hope you can get your answer there.

Good luck.