adding PHP field check with output

[sphinx]

Hello there,

 

My current song request form process looks like:

 

<?php
                if(isset($_POST['submit'])) {
                $to = 'address@website.com' ;  
	$name = trim($_POST['name']);
                $message = trim($_POST['message']);
                $artist = trim($_POST['artist']);
                $song = trim($_POST['song']);
	$subject="Name:$name - Message:$message - Artist:$artist - Song:$song";
                $headers  = 'MIME-Version: 1.0' . "\r\n";
                $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
                $message = "<table>
                <tr><td>Name</td><td>".$_POST['name']."</td></tr>
                <tr><td>Message</td><td>".$_POST['message']."</td></tr>
                <tr><td>Artist</td><td>".$_POST['artist']."</td></tr>
                <tr><td>Song</td><td>".$_POST['song']."</td></tr>
                </tr></table>" ;
                mail($to, $subject, $message, $headers);
                header('Location: song-requests-success.php');
               }
?>

 

I'm currently using Javascript for blank validation, however, people seem to be getting through it somehow.

 

I'm looking to implement PHP checkers that will output back to the request form with something like: Name field blank.

 

Would this method work?

 

$name = trim($_POST['name']);
$artist = trim($_POST['artist']);
$song = trim($_POST['song']);
if(empty($name)){
$name1 .= "<br>Name is empty.";
}
if(empty($artist)){
$artist1 .= "<br>Artist is empty.";
}
if(empty($song)){
$song1 .= "<br>Song is empty.";
}

 

On form:

 

<?php if(!empty($name)){ echo "".($name1).""; } ?>
<?php if(!empty($artist)){ echo "".($artist1).""; } ?>
<?php if(!empty($song)){ echo "".($song1).""; } ?>

 

Would recalling the trim's be nessessary as they have already been specified for the email title. Would this need to be implemented into 'isset'.

 

Many thanks.

[xyph]

Looks good. I'm not sure what your last statement means though.

[sphinx]

This bit?

 

<?php if(!empty($name)){ echo "".($name1).""; } ?>
<?php if(!empty($artist)){ echo "".($artist1).""; } ?>
<?php if(!empty($song)){ echo "".($song1).""; } ?>

 

If so, to display the errors corresponding to each field?

[xyph]

Either that or

 

<?php if(isset($name1)){ echo "".($name1).""; } ?>
<?php if(isset($artist1)){ echo "".($artist1).""; } ?>
<?php if(isset($song1)){ echo "".($song1).""; } ?>

[sphinx]

thanks,

 

One more thing,

 

Would I use:

 

if(isset($_POST['submit']))
{
  if(empty

 

?

 

Thanks

[xyph]

From what I understand, some browsers won't send the submit button value if the enter key is used to submit the form. I'm not sure about this behavior myself.

 

You can check if $_SERVER['REQUEST_METHOD'] == 'POST'

http://php.net/manual/en/reserved.variables.server.php

 

Here's how I could accomplish what you're trying to do. This makes form creation/validation very easy, and is the building blocks to a bigger, form-handling class.

 

<?php 

define( 'styleError', 'color:red;' );
define( 'styleRadioLabel', 'padding:0;margin:0;' );
define( 'styleRadioList', 'list-style-type:none;padding:0;margin:0;' );

$link = mysql_connect( 'localhost', 'root', '' );
mysql_select_db( 'db', $link );

// Set up our form elements
$elements = array(
'uname' => array( 'type'=>'text',
                  'label'=>'Select a Username',
                  'required'=>TRUE ),
'email'=>  array( 'type'=>'text',
                  'label'=>'Valid E-Mail',
                  'required'=>TRUE,
                  'validate'=>'instring:@',
                  'errorMessage'=>'Must contain @ symbol' ),
'rname' => array( 'type'=>'text',
                  'label'=>'Real Name',
                  'validate'=>'regex:/^[a-z ]++$/i',
                  'errorMessage'=>'Must be letters or spaces only' ),
'sex' =>   array( 'type'=>'radio',
                  'label'=>'Your Gender',
                  'values'=>array('m'=>'Male','f'=>'Female') ),
'year' =>  array( 'type'=>'text',
                  'label'=>'Birth Year',
                  'validate'=>'digits',
                  'errorMessage'=>'Must be numbers only' )
);

// Check if form was posted.
if( $_SERVER['REQUEST_METHOD'] == 'POST' ) {

// Will hold the data to insert into the database
$d = array();
// Assume no errors
$error = FALSE;
// Loop through elements in the form to check
foreach( $elements as $name => $e ) {
	// Check to see if element was required and empty
	if( !empty($e['required']) && trim($_POST[$name]) == '' ) {
		$error = TRUE;
		$elements[$name]['error'] = 'Required field left empty';
	// Otherwise, check to see if a validation is necessary
	} elseif( !empty($e['validate']) && !validate($name,$_POST[$name],$e['validate']) ) {
		$error = TRUE;
		$elements[$name]['error'] = ( !empty($e['errorMessage']) ? $e['errorMessage'] : 'Field validation failed' );
	// Otherwise, prep the data for the database
	} elseif( isset($_POST[$name]) ) {
		$d[] = '`'.$name.'`="'.clean( $_POST[$name], 'mysql' ).'"';
	}
}
// Check if no errors occurred
if( $error == FALSE ) {
	// Insert data
	$q = 'INSERT INTO USERS SET ' . implode( ',',$d );
	// Check if query worked
	if( mysql_query($q) === FALSE )
		$bigError = 'MySQL Query Failed! ' . mysql_error();
	else {
		// Redirect to success page
		header( 'Location: http://yoursite.com/success.php' );
		// End execution of the script
		die();
	}
}

}

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>form</title>
</head>
<body>
<?php 
	if( isset($bigError) )
		echo '<h3 style="color:red;">'.$bigError.'</h3>';
?>
<form method="post" action="<?php echo $_SERVER['SCRIPT_NAME']; ?>">
<?php 
	// Time to build the form. We loop through elements
	foreach( $elements as $name => $e ) {
		if( $e['type'] == 'text' )
			echo makeText( $name, getKey($e,'label'), clean(getKey($_POST,$name),'html'), getKey($e,'error') );
		elseif( $e['type'] == 'radio' )
			echo makeRadio( $name, $e['values'], getKey($e,'label'), getKey($_POST,$name), getKey($e,'error') );
		echo '<br>';
	}
?>
	<input type="submit">
</form>
</body>
</html>
<?php 

// Helper functions
function makeText( $name = FALSE, $label = FALSE, $value = FALSE, $error = FALSE ) {
return 
	( $label ? '<label>'.$label.' ' : NULL ) .
	'<input type="text"'.
	( $name ? ' name="'.$name.'"' : NULL ) .
	( $value ? ' value="'.$value.'"' : NULL ) . '>' .
	( $label ? '</label>' : NULL ) .
	( $error ? '<span style="'.styleError.'">'.$error.'</span>' : NULL );
}

function makeRadio( $name, $values, $label = FALSE, $selected = FALSE, $error = FALSE ) {

if( !is_array($values) ) return FALSE;
$return = ( $label ? '<span style="'.styleRadioLabel.'">'.$label.'</span>' : NULL ) .
	( $error ? '<span style="'.styleError.'">'.$error.'</span>' : NULL ) .
	'<ul style="'.styleRadioList.'">';
foreach( $values as $value => $vLabel )
	$return .= '<li><label><input type="radio" name="'.$name.'" value="'.$value.'"' .
		( $selected == $value ? ' checked="checked"' : '' ) . '> ' .
		$vLabel . '</label></li>';

return $return . '</ul>';

}

function clean( $var, $for = FALSE ) {
if( $for == FALSE || $for = 'mysql' )
	$var = mysql_real_escape_string($var);
if( $for == FALSE || $for = 'html' )
	$var = htmlspecialchars($var);
return $var;
}

function validate( $name, $string, $v ) {
if( $v == 'digits' )
	return ctype_digit( (string)$string );
elseif( substr($v,0,9) == 'instring:' )
	return strpos( $string,substr($v,9) ) !== FALSE;
elseif( substr($v,0,6) == 'regex:' )
	return preg_match( substr($v,6), $string );
else
	return TRUE;
}

function getKey( &$array, $key ) {
return ( isset($array[$key]) ? $array[$key] : FALSE );
}

?>

 

Apologies for the wall of code