Member Avatar for johnef_sh

I am trying to validate my form fields and redirect the user to success page

so this is the PHP code

if (empty($_POST['experiences'])) {
        $error['experiencesErr'] = "Experiences Required";
    } else {
        $experiences = check_input($_POST['experiences']);
        if (!preg_match("/^[0-9_a-zA-Z ]*$/", $experiences)) {
            $error['experiencesErr'] = "Only letters, numbers and '_' allowed";
        }
    }

    $courses = check_input($_POST['courses']);
    if (!preg_match("/^[0-9_a-zA-Z ]*$/", $courses)) {
        $error['coursesErr'] = "Only letters, numbers and '_' allowed";
    }

    $careerObjective = check_input($_POST['careerObjective']);
    if (!preg_match("/^[0-9_a-zA-Z ]*$/", $careerObjective)) {
        $error['careerObjectiveErr'] = "Only letters, numbers and '_' allowed";
    }

    if (empty($_POST['availability'])) {
        $error['availabilityErr'] = "Availability Required";
    } else {
        $availability = check_input($_POST['availability']);
    }

    if (empty($_POST['typeOfJob'])) {
        $error['typeOfJobErr'] = "Full/Part Time Required";
    } else {
        $typeOfJob = check_input($_POST['typeOfJob']);
    }

    if (empty($_POST['typeOfJob'])) {
        $error['typeOfJobErr'] = "Full/Part Time Required";
    } else {
        $typeOfJob = check_input($_POST['typeOfJob']);
    }

    if (empty($_POST['rank'])) {
        $error['rankErr'] = "Self-assessment Required";
    } else {
        $rank = check_input($_POST['rank']);
    }

    if (empty($_POST['jTitle'])) {
        $error['jTitleErr'] = "Job Field Required";
    } else {
        $jTitle = check_input($_POST['jTitle']);
    }

    $otherJobTitle = check_input($_POST['otherJobTitle']);
    if (!preg_match("/^[0-9_a-zA-Z ]*$/", $otherJobTitle)) {
        $error['otherJobTitleErr'] = "Only letters, numbers and '_' allowed";
    }

    if (empty($_POST['salaryRange'])) {
        $error['salaryRangeErr'] = "Salary Range Required";
    } else {
        $salaryRange = check_input($_POST['salaryRange']);
    }

    if (empty($_POST['currency'])) {
        $error['currencyErr'] = "Currency Required";
    } else {
        $currency = check_input($_POST['currency']);
    }

    $workIn = check_input($_POST['workIn']);

    if(!$error){
        $putData = $db->prepare("INSERT INTO hired_ts_info (id, uid, experiences, courses, career_objective,
        availability, type_of_job, rank, job_title, other_job_title, salary_range, currency, workIn)
        VALUES(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");

        $putData->bind_param('iisssssssssss', $id, $uid, $experiences, $courses, $careerObjective, $availability,
        $typeOfJob, $rank, $jTitle, $otherJobTitle, $salaryRange, $currency, $workIn);

        if($putData->execute()){
            header("Location:?pid=4&pp=2&pps=technicalSummary&m=g");
        }else{
            echo "Error on executing";
        }
    }
}
?>

and this is the first lines of the HTML code

<form action="<?php $_SERVER['PHP_SELF']; ?>" method="post" id="personRegestrationPage4">


<div class="f_left width100percent">
    <div class="TwoLine">
        <label for="experiences" class="requiredFields">experiences and qualifications</label>
        <textarea name="experiences" id="experiences"></textarea>
        <span class="notAllowed"><?php if (isset($error)) {
                echo $error['experiencesErr'];
            }?></span>
    </div>

    <div class="TwoLine">
        <label for="courses">Previous Courses</label>
        <textarea name="courses" id="courses"></textarea>
        <span class="notAllowed"><?php if (isset($error)) {
                echo $error['coursesErr'];
            } ?></span>
    </div>
</div>

and this is the submit button code

<input type="submit" name="subTs" id="subTs" value="Save Changes" class="submitBtn4">

Problem now when I submit the form it come back without inserting anything to the db and no error message received

Update

<?php

error_reporting(E_ALL);
ini_set('display_errors', 1);


$experiences = $courses = $careerObjective = $availability = $typeOfJob = $rank = $jTitle = $otherJobTitle
    = $salaryRange = $currency = $workIn = "";

$experiencesErr = $coursesErr = $careerObjectiveErr = $availabilityErr = $typeOfJobErr = $rankErr = $jTitleErr
    = $otherJobTitleErr = $salaryRangeErr = $currencyErr = $workInErr = "";


$id = "";
$uid = "";

if ($_SERVER['REQUEST_METHOD'] == "POST") {
    $error = array();

    if (empty($_POST['experiences'])) {
        $error['experiencesErr'] = "Experiences Required";
    } else {
        $experiences = check_input($_POST['experiences']);
        if (!preg_match("/^[0-9_a-zA-Z ]*$/", $experiences)) {
            $error['experiencesErr'] = "Only letters, numbers and '_' allowed";
        }
    }

    $courses = check_input($_POST['courses']);
    if (!preg_match("/^[0-9_a-zA-Z ]*$/", $courses)) {
        $error['coursesErr'] = "Only letters, numbers and '_' allowed";
    }

    $careerObjective = check_input($_POST['careerObjective']);
    if (!preg_match("/^[0-9_a-zA-Z ]*$/", $careerObjective)) {
        $error['careerObjectiveErr'] = "Only letters, numbers and '_' allowed";
    }

    if (empty($_POST['availability'])) {
        $error['availabilityErr'] = "Availability Required";
    } else {
        $availability = check_input($_POST['availability']);
    }

    if (empty($_POST['typeOfJob'])) {
        $error['typeOfJobErr'] = "Full/Part Time Required";
    } else {
        $typeOfJob = check_input($_POST['typeOfJob']);
    }

    if (empty($_POST['typeOfJob'])) {
        $error['typeOfJobErr'] = "Full/Part Time Required";
    } else {
        $typeOfJob = check_input($_POST['typeOfJob']);
    }

    if (empty($_POST['rank'])) {
        $error['rankErr'] = "Self-assessment Required";
    } else {
        $rank = check_input($_POST['rank']);
    }

    if (empty($_POST['jTitle'])) {
        $error['jTitleErr'] = "Job Field Required";
    } else {
        $jTitle = check_input($_POST['jTitle']);
    }

    $otherJobTitle = check_input($_POST['otherJobTitle']);
    if (!preg_match("/^[0-9_a-zA-Z ]*$/", $otherJobTitle)) {
        $error['otherJobTitleErr'] = "Only letters, numbers and '_' allowed";
    }

    if (empty($_POST['salaryRange'])) {
        $error['salaryRangeErr'] = "Salary Range Required";
    } else {
        $salaryRange = check_input($_POST['salaryRange']);
    }

    if (empty($_POST['currency'])) {
        $error['currencyErr'] = "Currency Required";
    } else {
        $currency = check_input($_POST['currency']);
    }

    $workIn = check_input($_POST['workIn']);

    if (!$error) {
        $putData = $db->prepare("INSERT INTO hired_ts_info (id, uid, experiences, courses, career_objective,
        availability, type_of_job, rank, job_title, other_job_title, salary_range, currency, workIn)
        VALUE(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");

        $putData->bind_param('iisssssssssss', $id, $uid, $experiences, $courses, $careerObjective, $availability,
            $typeOfJob, $rank, $jTitle, $otherJobTitle, $salaryRange, $currency, $workIn);

        if ($putData->execute()) {
            header("Location:?pid=4&pp=2&pps=technicalSummary&m=g");
        } else {
            echo "Error on executing";
        }
    } else {
        $error = array(
            "coursesErr" => "",
            "careerObjectiveErr" => "",
            "otherJobTitleErr" => "",
            "experiencesErr" => "",
            "availabilityErr" => "",
            "typeOfJobErr" => "",
            "rankErr" => "",
            "jTitleErr" => "",
            "salaryRangeErr" => "",
            "currencyErr" => "",
        );
    }
}
?>

**still that didn't solve the issue **
1- now the code submit correctly and gos to my DB.
2- if the fields is empty or not allowed input the message don't appear any more under the fields
any Ideas please

Thanks

  • 2 Contributors
  • 5 Replies
  • 276 Views
  • 2 Days Discussion Span
  • Latest Post Latest Post by johnef_sh
Member Avatar for Taywin

Do you mean if the input contains non-allowed character or empty, it still saves to the DB? I don't know your check_input() implementation so can't comment further.

PS: Do you know that there is a short hand in regex for 0-9A-Za-z_ which is \w?

Member Avatar for johnef_sh

@Taywin thanks for responding to me... First about the function check_input it's the trim, stripslashes, htmlspecialchars about still saving to DB even if there is an empty fields or special character no it's not see near the end of my post the Updated post ... it's all about the array if I put the array at the head like the old code it never allow the inserting to the DB as the $error always true so I put it at the end of if(!$error) as an else condition in this case everything gos right but it also do not allow the error messages to display under every fields that has been empty on another hand I try to remove the array completely but this also didn't save the problem... every time I try to submit the form it come back with error like experiencesErr index undefined.

This is the problem I have and my goal is
to validated all the fields if any of then has been empty or has special character it should return with the message under every field(s)

thanks again @Taywin

Member Avatar for johnef_sh

yes About the short hand in regex for 0-9A-Za-z_ which is \w I'd like to understand more about this
thanks

Member Avatar for Taywin

OK, you need to leave your $error variable declaration outside. The problem is that your check use if(!$error) which will always be true because you initiate the array as an empty array (not null). What you need to do is to check whether it is empty -- if (!empty($error)).

If you want to learn more about regex, here is a good site. It may be a lot of reading, but it is actually explains a lot about how to use regex. :)

Edited by Taywin
Member Avatar for johnef_sh

thanks @Taywin I solved the problem by adding silent error so I removed the array from the end of the code and I changed this

<?php if (isset($error)) {
echo $error['experiencesErr'];
}?>

to

<?php if (isset($error)) {
echo @$error['experiencesErr'];
}?>

this helped solveing the problem I hope so

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.