Form Validation Problem

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
sree78
Forum Commoner
Posts: 39
Joined: Tue May 20, 2003 11:38 am

Form Validation Problem

Post by sree78 »

Hi..

I have a advance search form where users can put in either fname, lname, department or email address to look up for an employee. I want to make sure they at least choose one option before they submit the form. My code looks like this :-

Code: Select all

<?php
<form method="post" name="lib" action="search_1.php">
First Name:<input name="fname" size="25">
Last Name:<input name="lname" size="25">
Department:
<select name="dept">
<option value="" selected>Select a Department (optional)</option>
$sql="select * from department_2
	order by name";
$result=pg_query($sql);
for($i=0;$i<pg_numrows($result);$i++)
{
$arr=pg_fetch_array($result,$i);
echo "<OPTION value=".$arr["deptid"].">".$arr["name"];
}
</select> 

Email:<input name="email" size="30"></td>
<input type="submit" name="submit" class="submit_button" value="Search">
?>
The second section of the page :-

Code: Select all

<?php
if ($post == "yes") { 

MySQL Query goes here!!

$dbResult = pg_query($query); 
if(!pg_numrows($dbResult)) 

{ 
print("<tr><td>Sorry Nothing was found matched your query:</td>/n
</tr>"); 
} 
else 
{ 
print("<p><table border="0" cellpadding="5" cellspacing="4" summary="">");
print("<tr>
<td width="220"colspan="2"><strong>Name</strong></td>
<td width="280"><strong>Department</strong></td>
<td width="150"><strong>Phone</strong></td>
</tr>"); 

} 
{ 
$n="1"; 	
while($row = pg_fetch_row($dbResult)) 
{ // These 2 variables are hidden values  
$empid	=	$row[0];
$rank	 =	$row[B];
// Writes the search results by the designated rows (first name, last name, phone and department name) 
$fname	=	$row[1];
$lname	=	$row[2]; 
$phone	=	$row[3];
$name	 =	$row[5];	
print ( "<tr>
<td width="2">$n.". "</td>
<td width="220"><a href = "employee_details_page.php?employeeID= $empid ">$lname, $fname</a></td>
<td width="280">$name</td>
<td width="150">269-$phone</td>
</tr>");
$n++;

} 
print ("</table>"); 
} 

print ("</td></tr></table>");

} 
?>

I did not put my sql query because it will make the page even longer. I want to know how to make the page to return to the same search page if none of search field was submitted. I would like to Thank in advance on your feedback.

:roll:



?>
User avatar
JAM
DevNet Resident
Posts: 2101
Joined: Fri Aug 08, 2003 6:53 pm
Location: Sweden
Contact:

Post by JAM »

Some clues...
Whatever you add, add it at the "MySQL Query goes here!!" part of the script.

Code: Select all

if (empty($_POST['dept'])) { header('Location: first_page.php'); }
Actually kinda gave away the works here, but...
Lookup empty() and header() in the manual for more ideas.

Edit: Not really a subject for General Discussions, so it's moved. -- JAM
sree78
Forum Commoner
Posts: 39
Joined: Tue May 20, 2003 11:38 am

Post by sree78 »

I am still having the same problem.. does anyone have any ideas on how to do a quick fix for this problem.

I would like to thank every one in advance.
User avatar
mrvanjohnson
Forum Contributor
Posts: 137
Joined: Wed May 28, 2003 11:38 am
Location: San Diego, CA

Post by mrvanjohnson »

What problem are you still having JAM's solution should work.

So if you have mulitple searchs it would look something like

Code: Select all

<?php
if (empty($_POST['dept']) && empty($_POST['fname'])) 
  { 
   header('Location: first_page.php'); 
   } 
?>
you could also use the [php_man]isset[/php_man] command that might work better

Code: Select all

<?php
if (!isset($_POST['dept']) && !isset($_POST['fname']) 
  { 
   header('Location: first_page.php'); 
   } 
?>
Be sure to add these lines before any output is given to the HTML otherwise the redirect wont work.

Let us know what's not working
sree78
Forum Commoner
Posts: 39
Joined: Tue May 20, 2003 11:38 am

Form Validation Problem

Post by sree78 »

Hi,

I would like to thank you for your fast reply, I tried placing your code at the top of my page but still if I submit the form without even entering any data, it populates every single result. If you can see below, I have provided the code for mysql query.. which i did not before.. I am not sure if this will of much help but I hope it will help you understand the picture better

Code: Select all

<?php 
if ($post == "yes") { 

###MySQL Query goes here!! ###

$dbResult = pg_query($query); 
if(!pg_numrows($dbResult)) 

{ 
print("<tr><td>Sorry Nothing was found matched your query:</td>/n 
</tr>"); 
} 
else 
{ 
print("<p><table border="0" cellpadding="5" cellspacing="4" summary="">"); 
print("<tr> 
<td width="220"colspan="2"><strong>Name</strong></td> 
<td width="280"><strong>Department</strong></td> 
<td width="150"><strong>Phone</strong></td> 
</tr>"); 

} 
{ 
$n="1";     
while($row = pg_fetch_row($dbResult)) 
{ // These 2 variables are hidden values  
$empid   =   $row[0]; 
$rank    =   $row[B]; 
// Writes the search results by the designated rows (first name, last name, phone and department name) 
$fname   =   $row[1]; 
$lname   =   $row[2]; 
$phone   =   $row[3]; 
$name    =   $row[5];    
print ( "<tr> 
<td width="2">$n.". "</td> 
<td width="220"><a href = "employee_details_page.php?employeeID= $empid ">$lname, $fname</a></td> 
<td width="280">$name</td> 
<td width="150">269-$phone</td> 
</tr>"); 
$n++; 

} 
print ("</table>"); 
} 

print ("</td></tr></table>"); 

} 

?>
### My SQL code ###

Code: Select all

<?php
<h4>Search Results</h4>
<?php 
$where_clause = 'WHERE '; 
$and_clause = ''; 

// Checks to see if first name is entered for search / if not proceed to the next option
if(isset($_GET['fname']) && $_GET['fname'] !== "") 
{ 
$fname = trim($_GET['fname']);
$where_clause .= (strlen($where_clause) > 7) ? 'AND ' : ''; 
$where_clause .= 'lower(employee.fname) LIKE lower (''%' .$fname. '%'') '; 
$and_clause .= ' AND department_2.deptid = emp_info.deptid'; 
} 

// Checks to see if last name is entered for search / if not proceed to the next option
if(isset($_GET['lname']) && $_GET['lname'] !== "") 
{ 
$lname = trim($_GET['lname']);
$where_clause .= (strlen($where_clause) > 7) ? 'AND ' : ''; 
$where_clause .= 'lower(employee.lname)LIKE lower(''%' .$lname. '%'') ';
$and_clause .= ' AND department_2.deptid = emp_info.deptid';
}
 
// Checks to see if department is entered for search / if not proceed to the next option
if(isset($_GET['dept']) && $_GET['dept'] !== "") 
{ 
$where_clause .= (strlen($where_clause) > 7) ? 'AND ' : ''; 
$where_clause .= 'department_2.deptid=' .$_GET['dept']. ' '; 
$and_clause .= ' AND department_2.deptid = emp_info.deptid'; 
} 

// Checks to see if email is entered for search.
if(isset($_GET['email']) && $_GET['email'] !== "") 
{ 
$email = trim($_GET['email']);
$where_clause .= (strlen($where_clause) > 7) ? 'AND ' : ''; 
$where_clause .= 'lower(emp_info.email)LIKE lower (''%' .$email. '%'') ';
$and_clause .= ' AND department_2.deptid = emp_info.deptid';  
} 

$where_clause .= ((strlen($where_clause) > 7) ? 'AND ' : ''). 'employee.empid = emp_info.empid '; 
{ 
print("<table border="0" summary="">
<tr> 
<td> 
<table border="0" summary=""> "); 
}
$query = "SELECT DISTINCT 
employee.empid, employee.fname, employee.lname, emp_info.phone, emp_info.rank, department_2.name FROM employee, department_2, emp_info " .$where_clause.$and_clause. " 
ORDER by emp_info.rank"; 
//echo $query;

?>

I Placed this code:-

Code: Select all

<?php
<?php 
if (!isset($_POST['lib]) && !isset($_POST['fname']) 
  { 
   header('Location: first_page.php'); 
   } 
?>
?>
at the top of my page but still I am getting the same thing. The page is populating all the results. I would really appreciate any feedback. Thanks a lot
User avatar
mrvanjohnson
Forum Contributor
Posts: 137
Joined: Wed May 28, 2003 11:38 am
Location: San Diego, CA

Post by mrvanjohnson »

I'm seeing Get's in your SQL but you mentioned using POST in your orginal code for the form which is it. You might want to just change the $_POST to $_REQUEST (less secure) or $_GET if you know it's a GET.
sree78
Forum Commoner
Posts: 39
Joined: Tue May 20, 2003 11:38 am

Post by sree78 »

I am sorry It was my mistake, I had everything in _GET. I have changed everything to _GET but this time there is a slight improvement, the page is not populating all the result but either when I put in something in the search box it does not search...

Code: Select all

<?
if (!isset($_REQUEST['lib']) && !isset($_REQUEST['fname']) 
  { 
   header('Location: index.php'); 
   } 
?>
I have changed my form action now to refer to adv_search page which will have the all SQL codes as above to process the results.

<div class="gvtStaff">

<form method="get" name="lib" action="adv_search.php">

Any Idea why this is happening now? why it is not referring to the adv_search.php page...

Oh yeah if I remove the code:-

Code: Select all

<?
if (!isset($_REQUEST['lib']) && !isset($_REQUEST['fname']) 
  { 
   header('Location: index.php'); 
   } 
?>
the search works... damm I hate this ... pls bare with .. I am so annoyed...
sree78
Forum Commoner
Posts: 39
Joined: Tue May 20, 2003 11:38 am

Post by sree78 »

I am off from work now.. but I'll be checking the replies and responding to replies from home.. Once again Thanks a lot for all your help
Gen-ik
DevNet Resident
Posts: 1059
Joined: Mon Aug 12, 2002 7:08 pm
Location: London. UK.

Re: Form Validation Problem

Post by Gen-ik »

sree78 wrote:Hi..

I have a advance search form where users can put in either fname, lname, department or email address to look up for an employee. I want to make sure they at least choose one option before they submit the form.

Why don't you just use a small bit of JavaScript before the form is submitted to make sure the form has some info?
User avatar
JAM
DevNet Resident
Posts: 2101
Joined: Fri Aug 08, 2003 6:53 pm
Location: Sweden
Contact:

Post by JAM »

More clues;

Gen-ik, good point but have in mind that JS can be turned of. If that is to be used, I'd recommend a php version along with it also...

sree78,

Code: Select all

if(isset($_GET['fname']) && $_GET['fname'] !== "")
...I see that in your code. However, there is a difference between empty() and isset().
Example: http://www.example.com/index.php?id=
Here, isset($_GET['id']) evaluates to TRUE but empty($_GET['id']) evaluates to FALSE.

Did you lookup empty and isset in the manual?
Gen-ik
DevNet Resident
Posts: 1059
Joined: Mon Aug 12, 2002 7:08 pm
Location: London. UK.

Post by Gen-ik »

...also empty() will return TRUE if the value is 0 (zero) so be careful how you use it. isset() will return TRUE if the variable exists regardless of it's contents.

I normally combine isset() and strlen() to check if a variable has any contents...

Code: Select all

<?php

if(isset($var) && strlen($var) > 0)
{
    // do something
}

?>
Post Reply