PHP Form Validation

andygout · September 11, 2012, 9:10pm

Hello,

I’m trying to write some PHP code to perform a simple form validation. I’ve been using Kevin Yank’s book which suggests redirecting to a separate error page if the data does not match a field’s criteria. However, I would like error messages to appear for specified fields directly on the form where required (whilst retaining all data client has already entered) and only proceed to validation once all criteria are satisfied.

It is just the ‘prod_name’ and ‘theatre_name’ fields that the client needs to enter, and at the moment I just want it to prevent empty fields being entered.

I’ve been trying to find an easy-to-follow tutorial, but they all seem a bit advanced for what I am capable of (still a beginner…).

Below are excerpts from my main php index, and the html.php form (let me know if you need any more):-

Any advice or directions to a good tutorial much appreciated!

Cheers!

Andy

index.php

<?php
include_once $_SERVER['DOCUMENT_ROOT'] . '/includes/magicquotes.inc.php';

if (isset($_GET['add'])) //CODE ACTIVATED IF 'Add new production' LINK IS USED
{
	$pagetitle = 'New Production';
	$pagedescription = 'Add a new production to the database';
	$action = 'addform';
	$prod_id = '';
	$prod_name = '';
	$prod_created = 'TBC';
	$prod_updated = 'TBC';
	$theatre_id = '';
	$theatre_name = '';
	$button = 'Submit';
	$error = '';

	include 'form.html.php';
	exit();
}

if (isset($_GET['addform'])) //CODE ACTIVATED WHEN FORM IS SUBMITTED
{
	include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';

	$prod_name = mysqli_real_escape_string($link, $_POST['prod_name']);
	$theatre_name = mysqli_real_escape_string($link, $_POST['theatre_name']);

	if ($prod_name == '' || $theatre_name == '')
	{
	$pagetitle = 'Error';
	$error = 'You must enter all the fields.';
	include 'error.html.php';
	exit();
	}

It then goes on to use SQL commands to enter data into the database.

form.html.php

<form action="?<?php htmlout($action); ?>" method="post">
		<fieldset>		
			<div class="labelcontainer">
				<div id="box2">	

					<p>
					<label for="prod_name" class="fixedwidth">Production Name: <input type="text" name="prod_name" id="prod_name" value="<?php htmlout($prod_name); ?>" class="entryfield"/></label>
					</p>
					<h4>i.e. Hamlet</h4>
					
					<p>
					<label for="theatre_name" class="fixedwidth">Theatre: <input type="text" name="theatre_name" id="theatre_name" value="<?php htmlout($theatre_name); ?>" class="entryfield"/></label>
					</p>
					<h4>i.e. Donmar Warehouse (Covent Garden, London)</h4>
								
				</div> <!-- end of box div --!>		
			</div> <!-- end of labelcontainer div --!>
		</fieldset>
			<p>
			<input type="hidden" name="prod_id" value="<?php htmlout($prod_id); ?>"/>
			<input type="hidden" name="theatre_id" value="<?php htmlout($theatre_id); ?>"/>
			<input type="submit" value="<?php htmlout($button); ?>" class="button"/>
			</p>
		</form>

James_Hibbard · September 12, 2012, 11:43am

Hi,

A while back I wrote a blog post about simple form validation in PHP.
I tried to make it easy to follow with viewable examples.
Maybe you will find this useful: http://hibbard.eu/simple-form-validation-in-php/
If there’s anything you don’t understand, please feel free to ask for clarification.

andygout · September 13, 2012, 5:53pm

Thanks for this - will have a read through and will shout if I get stuck.

matrix_ · September 14, 2012, 3:35am

Here is a option…



	if(isset($_POST['submit'])){
		if((!$field1) || (!$field2)) {
			$error_msg = '<b>Error!</b> Fields marked * are required';
	 }
	}
	
	if (($error_msg == '') && (isset($_POST['submit']))){

	// Enter details into database
	
	}else{
	
	// Show form again

	}

andygout · September 14, 2012, 12:48pm

Thanks very much for this. I seem to have solved it now. Cheers!