Error messages should be displayed within the html if certain fields on my member register form are left empty, if they are invalid types or if the username entered already exists. I've tried adding a record with an already existing username and it does direct to the member registration failed webpage however the error messages aren't displayed.
I have shown the code for the member_registration file, validation file and the member_registration_failed file below:
member_registration.php:
<?php
require_once('InitDB.php');
echo <<< HTML
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Member Login</title>
<link rel="stylesheet" type="text/css" media="screen" href="registration.css" />
</head>
<body>
<div id = "whole">
<div id = "mainHeading">
<h1>Taxi Service</h1>
</div>
<div id = "mainLinks">
<a class="BookTaxiLink" href="">Book a Taxi Journey</a>
</div>
<div id = "contentLinks">
<a class="indContentLinks" href="">Link 1</a>
<a class="indContentLinks" href="">Link 2</a>
<a class="indContentLinks" href="">Link 3</a>
</div>
<div id = "content">
<p class = "instructions">
Please enter your details in the fields below to register...
</p>
<form method="post" action="validate_member_registration.php">
<table>
<tr>
<td class = "labels">
First Name:
</td>
<td class = "fields">
<input type="text" name="forename" size="30" maxlength="70" />
</td>
</tr>
<tr>
<td class = "labels">
Surname:
</td>
<td class = "fields">
<input type="text" name="surname" size="30" maxlength="70" />
</td>
</tr>
<tr>
<td class = "labels">
Title:
</td>
<td class = "fields">
<select name="title" width="30">
<option value="" selected="selected">Please choose...</option>
<option value="Mr">Mr</option>
<option value="Master">Master</option>
<option value="Mrs">Mrs</option>
<option value="Miss">Miss</option>
<option value="Ms">Ms</option>
<option value="Dr">Dr</option>
</select>
</td>
</tr>
<tr>
<td class = "labels">
Date of Birth:
</td>
<td class = "fields">
<input type="text" name="dob" size="30" maxlength="10" />
</td>
<td class = "rules">
Format: YYYY-MM-DD
</td>
</tr>
<tr>
<td class = "labels">
Username:
</td>
<td class = "fields">
<input type="text" name="username" size="30" maxlength="30" />
</td>
<td class = "rules">
Alphanumeric characters only
</td>
</tr>
<tr>
<td class = "labels">
Password:
</td>
<td class = "fields">
<input type="password" name="password" value="" size="30" maxlength="30"/>
</td>
<td class = "rules">
Alphanumeric characters only
</td>
</tr>
<tr>
<td class = "labels">
House Number:
</td>
<td class = "fields">
<input type="text" name="houseNo" size="30" maxlength="30" />
</td>
</tr>
<tr>
<td class = "labels">
Street:
</td>
<td class = "fields">
<input type="text" name="street" size="30" maxlength="100" />
</td>
</tr>
<tr>
<td class = "labels">
Area:
</td>
<td class = "fields">
<input type="text" name="area" size="30" maxlength="100" />
</td>
</tr>
<tr>
<td class = "labels">
Town/City:
</td>
<td class = "fields">
<input type="text" name="town" size="30" maxlength="100" />
</td>
</tr>
<tr>
<td class = "labels">
Postcode:
</td>
<td class = "fields">
<input type="text" name="postcode" size="30" maxlength="15" />
</td>
</tr>
<tr>
<td class = "labels">
Telephone Number:
</td>
<td class = "fields">
<input type="text" name="telNo" size="30" maxlength="15" />
</td>
</tr>
<tr>
<td class = "labels">
Email Address:
</td>
<td class = "fields">
<input type="text" name="email" size="30" maxlength="150" />
</td>
</tr>
</table>
<p class = "buttons">
<input type="submit" value="Submit" />
<input type="reset" value="Clear" />
</p>
</form>
<p class = "instructions">
If you already have an account, click
<a class="loginLink" href="login.php">here</a>.
</p>
</div>
<div id = "footer">
<p> This is the footer </p>
</div>
</div>
</body>
</html>
HTML;
?>validate_member_registration.php:
<?php
session_start();
include'db_config.inc';
$error_flag = false;
$_SESSION['ERR_MSG1'] = '';
$_SESSION['ERR_MSG2'] = '';
$_SESSION['ERR_MSG3'] = '';
$_SESSION['ERR_MSG4'] = '';
$_SESSION['ERR_MSG5'] = '';
$_SESSION['OVR_ERR_MSG'] = '';
try {
$dbh = new PDO("mysql:host=127.0.0.1;dbname=$db", $user, $password);
}
catch (PDOException $e) {
die($e->getMessage());
}
if(!isset($_POST['username'])) {
$error_flag = true;
$_SESSION['ERR_MSG1'] = 'Username field empty!';
}
if(!isset($_POST['password'])) {
$error_flag = true;
$_SESSION['ERR_MSG2'] = 'Password field empty!';
}
if(!isset($_POST['houseNo'])) {
$error_flag = true;
$_SESSION['ERR_MSG3'] = 'House Number field empty!';
}
if(!isset($_POST['postcode'])) {
$error_flag = true;
$_SESSION['ERR_MSG4'] = 'Postcode field empty!';
}
if(!isset($_POST['email'])) {
$error_flag = true;
$_SESSION['ERR_MSG5'] = 'Email field empty!';
}
$username = $_POST['username'];
$membermatches = $dbh->query("SELECT username FROM Member WHERE username = '$username'");
if($error_flag){
$_SESSION['OVR_ERR_MSG'] = 'Please enter your details again making sure to fill in the empty fields!';
header("location: member_registration_failed.php");
}
else if($membermatches->rowCount() == 1) {
$_SESSION['OVR_ERR_MSG'] = 'Username already exists. Please enter a different username.';
header("location: member_registration_failed.php");
}
else {
try{
$forename = filter_var($_POST['forename'], FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES);
$surname = filter_var($_POST['surname'], FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES);
$title = $_POST['title'];
$dob = $_POST['dob'];
$username = filter_var($_POST['username'], FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES);
$password = filter_var($_POST['password'], FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES);
$houseno = filter_var($_POST['houseNo'], FILTER_SANITIZE_NUMBER_INT);
$street = filter_var($_POST['street'], FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES);
$area = filter_var($_POST['area'], FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES);
$town_or_city = filter_var($_POST['town'], FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES);
$postcode = filter_var($_POST['postcode'], FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES);
$telno = filter_var($_POST['telNo'], FILTER_SANITIZE_NUMBER_INT);
$email = filter_var($_POST['email'], FILTER_SANITIZE_EMAIL);
$dbh->exec("INSERT INTO `Member`
(`username`,`createDate`,`password`,`siteRole`,`surname`,`forename`,`title`,`dob`,
`houseNo`,`street`,`area`,`town_or_city`,`postcode`,`telNo`,`email`)
VALUES ('$username', CURDATE(), '$password', 'MEMBER', '$surname', '$forename', '$title', '$dob',
'$houseno', '$street', '$area', '$town_or_city', '$postcode', '$telno',
'$email'
)");
$_SESSION['SESS_USER'] = $username;
header("location: member_profile.php");
}
catch(Exception $e){
$_SESSION['OVR_ERR_MSG'] = $e;
header("location: member_registration_failed.php");
}
}
?>member_registration_failed.php:
<?php
require_once('InitDB.php');
session_start();
$errmsg1 = $_SESSION['ERR_MSG1'];
$errmsg2 = $_SESSION['ERR_MSG2'];
$errmsg3 = $_SESSION['ERR_MSG3'];
$errmsg4 = $_SESSION['ERR_MSG4'];
$errmsg5 = $_SESSION['ERR_MSG5'];
$ovrerrmsg = $_SESSION['OVR_ERR_MSG'];
echo <<< HTML
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Member Login</title>
<link rel="stylesheet" type="text/css" media="screen" href="registration.css" />
</head>
<body>
<div id = "whole">
<div id = "mainHeading">
<h1>Taxi Service</h1>
</div>
<div id = "mainLinks">
<a class="BookTaxiLink" href="">Book a Taxi Journey</a>
</div>
<div id = "contentLinks">
<a class="indContentLinks" href="">Link 1</a>
<a class="indContentLinks" href="">Link 2</a>
<a class="indContentLinks" href="">Link 3</a>
</div>
<div id = "content">
<p class = "instructions">
Please enter your details in the fields below to register...
</p>
<form method="post" action="validate_member_registration.php">
<table>
<tr>
<td class = "labels">
First Name:
</td>
<td class = "fields">
<input type="text" name="forename" size="30" maxlength="70" />
</td>
</tr>
<tr>
<td class = "labels">
Surname:
</td>
<td class = "fields">
<input type="text" name="surname" size="30" maxlength="70" />
</td>
</tr>
<tr>
<td class = "labels">
Title:
</td>
<td class = "fields">
<select name="title" width="30">
<option value="" selected="selected">Please choose...</option>
<option value="Mr">Mr</option>
<option value="Master">Master</option>
<option value="Mrs">Mrs</option>
<option value="Miss">Miss</option>
<option value="Ms">Ms</option>
<option value="Dr">Dr</option>
</select>
</td>
</tr>
<tr>
<td class = "labels">
Date of Birth:
</td>
<td class = "fields">
<input type="text" name="dob" size="30" maxlength="10" />
</td>
<td class = "rules">
Format: YYYY-MM-DD
</td>
</tr>
<tr>
<td class = "labels">
Username:
</td>
<td class = "fields">
<input type="text" name="username" size="30" maxlength="30" />
</td>
<td class = "rules">
<?php echo $errmsg1; ?>
</td>
</tr>
<tr>
<td class = "labels">
Password:
</td>
<td class = "fields">
<input type="password" name="password" value="" size="30" maxlength="30"/>
</td>
<td class = "rules">
<?php echo $errmsg2; ?>
</td>
</tr>
<tr>
<td class = "labels">
House Number:
</td>
<td class = "fields">
<input type="text" name="houseNo" size="30" maxlength="30" />
</td>
<td class = "rules">
<?php echo $errmsg3; ?>
</td>
</tr>
<tr>
<td class = "labels">
Street:
</td>
<td class = "fields">
<input type="text" name="street" size="30" maxlength="100" />
</td>
</tr>
<tr>
<td class = "labels">
Area:
</td>
<td class = "fields">
<input type="text" name="area" size="30" maxlength="100" />
</td>
</tr>
<tr>
<td class = "labels">
Town/City:
</td>
<td class = "fields">
<input type="text" name="town" size="30" maxlength="100" />
</td>
</tr>
<tr>
<td class = "labels">
Postcode:
</td>
<td class = "fields">
<input type="text" name="postcode" size="30" maxlength="15" />
</td>
<td class = "rules">
<?php echo $errmsg4; ?>
</td>
</tr>
<tr>
<td class = "labels">
Telephone Number:
</td>
<td class = "fields">
<input type="text" name="telNo" size="30" maxlength="15" />
</td>
</tr>
<tr>
<td class = "labels">
Email Address:
</td>
<td class = "fields">
<input type="text" name="email" size="30" maxlength="150" />
</td>
<td class = "rules">
<?php echo $errmsg5; ?>
</td>
</tr>
</table>
<p class = "buttons">
<input type="submit" value="Submit" />
<input type="reset" value="Clear" />
</p>
</form>
<p class = "instructions">
<?php echo $ovrerrmsg; ?>
If you already have an account, click
<a class="loginLink" href="login.php">here</a>.
</p>
</div>
<div id = "footer">
<p> This is the footer </p>
</div>
</div>
</body>
</html>
HTML;
?>I receive no errors for the code however there are no error messages from the sessions outputted on failure.
Any help is appreciated, thanks.
