Correct form validation for PHP and JavaScript

Question

davidjennings 0 Junior Poster in Training

11 Years Ago

Hi All - I am trying to correctly valididate forms on serverside using PHP and on client side with JavaScript I seem to have got lost in the processes here.

Thanks

DJ

<?php
// define variables and initialize with empty values
$fname = "";
$fnameErr ="";
$lname = "";
$lnameErr ="";
$pass ="";
$passErr="";

if ($_SERVER["REQUEST_METHOD"] == "POST") {

    if (empty($_POST["fname"])) {

        $fnameErr = "Missing";
    }
    else {
        $firstname = $_POST["fname"];
    }

    if (empty($_POST["lname"])) {

        $lnameErr = "Missing";
    }
    else {
        $lastname = $_POST["lname"];
    }
    if (empty($_POST["pass"])) {

        $passErr = "Missing";
    }
    else {
        $password = $_POST["pass"];
    }
}

?>

<!DOCTYPE html>
<html>
<head>

</head>

<body>
<form name="myForm" action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>" method="post">
    <label for="fname">First name: </label>
    <input type="text" name="fname" value="<?php echo htmlspecialchars($fname);?>" onblur=" if (this.value.length <2) { alert('Please enter a value that is at least 2         characters long.'); this.focus(); }" >
    <br />

    <label for="lname"> last name: </label>
    <input type="text" name="lname" value="<?php echo htmlspecialchars($lname);?>" onblur=" if (this.value.length <2) { alert('Please enter a value that is at least 2 characters long.'); this.focus(); }" >
    <br />

    <label for="password">Password: </label>
    <input name="pass" type="password" onblur=" if (this.value.length < 5) { alert('Please enter a value that is at least 5 characters long.'); this.focus(); }">
    <br />

    <input type="submit" value="Submit">
</form>
</body>

</html>

javascript php

3 Contributors
5 Replies
304 Views
5 Days Discussion Span
Latest Post 11 Years Ago Latest Post by rotten69

rotten69 20 Posting Whiz

11 Years Ago

Hmmm, the question is why do you want to initialize your variables with empty values?

How about trying this?

1- Separate your PHP file just for the sake of understanding what's going on in your scripts and different pages.
2- Putting the name of PHP file in the action attribute in the form. E.g <form action="validation.php" method="POST">

3- Try this:

<?php
    // define variables and initialize with empty values
    $fname = $_POST["fname"];

    $lname = $_POST["lname"];

    $pass = $_POST["pass"];

    $errorMsg= "Missing ";


    if (empty($fname) ) {
       echo $errorMsg + "First name";

    }else if (empty($lname) ){
        echo $errorMsg + "Last name";

    }else if (empty($pass) ) {
        echo $errorMsg + "Password";

    }else{
        echo "Success";
    }
 ?>

Save the above code in a new file called validation.php

Edited 11 Years Ago by rotten69

rotten69 20 Posting Whiz

11 Years Ago

if this solves the problem, please mark it as solved.

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

diafol · Answer 1 · 2013-03-19T18:38:52+00:00

I'd advise using a library plugin for client-side validation as it gives you greater scope for dependencies, e.g. only make an input box available if a certain checkbox is clicked. In some plugins, this can be as simple as something like "requires = 'myCheck'".

PHP has its own validations and sanitizing filters:

http://php.net/manual/en/filter.filters.validate.php

davidjennings 0 Junior Poster in Training · Answer 2 · 2013-03-21T23:42:44+00:00

Sorry for the late response and Thank you both for your feedback.
So on the form page should I check if the form has been submitted by using:

<?php if(isset($_POST['submit'])) {

and on the process page I should inplace of the echo success it should be redirected to the valid page and us an else to redirect back to the form page

Thanks again for your help

rotten69 20 Posting Whiz · Answer 3 · 2013-03-24T21:16:09+00:00

Hmmmm, I don't think I've understood your question right. Are you saying once users have entered valid data then they should receive a success message?

I've given you an example up there and feel free to redirect your users to a particular page within the ELSE statement after the line that has echo "success".