New Topic/Question
Reply
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link type="text/css" href="style.css" rel="stylesheet" />
<title>Twickenham-Milford Chapter :: Contact Us</title>
</head>
<body>
<div id="container">
<div id="banner">
<img src="banner.png" alt="Banner" />
</div>
<div id="NavContentContainer">
<div id="LeftNav">
<ul>
<li> </li>
<li> </li>
<li>
<a href="http://demolay.asissweb.com">Home</a>
</li>
<li>
<a href="about.html">About</a>
</li>
<li>
<a href="officers.html">Leaders</a>
</li>
<li>
<a href="resources.html">Resources</a>
</li>
<li>
<a href="contact.html">Contact Us</a>
</li>
<li>
<a href="login.html">Log In</a>
</li>
<li> </li>
<li> </li>
<li> </li>
<li> </li>
<li> </li>
<li> </li>
</ul>
</div>
<div id="ContentContainer">
<div id="mainContent">
<br /> <br /> <br /> <br />
<?php
$name = $_POST['name'];
$subject = $_POST['subject'];
$email = $_POST['email'];
$message = $_POST['message'];
$to = "webmaster@asissweb.com";
$header = "From: " . $name . " < " . $email . ">";
if (empty($name) || empty($subject) || empty($email) || empty($message))
{
if (empty($name))
{
echo 'Please enter your name into the space provided. <br />';
}
if (empty($subject))
{
echo 'Please enter a subject into the space provided. <br />';
}
if (empty($email))
{
echo 'Please enter your email address into the space provided. <br />';
}
if (empty($message))
{
echo 'Please enter your message into the space provided. <br />';
}
echo '<form method="post" action="contact.php" style="margin-left:20px;">';
echo '<label for="name">Name:</label>';
echo '<input type="text" id="name" name="name" size="50">';
echo '<br />';
echo '<br />';
echo '<label for="email">E-mail:</label>';
echo '<input type="text" id="email" name="email" size="50" >';
echo '<br />';
echo '<br />';
echo '<label for="subject">Subject:</label>';
echo '<input type="text" id="subject" name="subject" size="50">';
echo '<br />';
echo '<br />';
echo '<label for="message">Message:</label>';
echo '<br />';
echo '<br />';
echo '<textarea rows="5" cols="50" name="message">';
echo '</textarea>';
echo '<br />';
echo '<br />';
echo '<input value="Submit" type="submit">';
echo '</form>';
}
else
{
mail($to, $subject, $message, $header);
header("Location: success.html");
}
?>
</div>
<div id="footer">
<p>
Copyright © 2011 - All Rights Reserved
</p>
</div>
</div>
</div>
</div>
</body>
</html>
43 Replies - 810 Views - Last Post: 25 July 2011 - 03:44 PM
Rate Topic:
#1
RandomlyKnighted
- Microsoft Senior Student Partner
-
Reputation: 113
- Posts: 1,318
- Joined: 14-January 10
Validation Doesn't Work
Posted 21 July 2011 - 08:42 PM
Hello again, I was working on my contact form validation and was trying to set the page up so that if there is missing data then it would load an identical page with a message that says what is missing above the contact form. The code below is the identical page with the validation. Right now it takes you to the success page even if there is missing information. Could you please look it over and tell me what I'm doing wrong?
Is This A Good Question/Topic?
0
MultiQuoteReplies To: Validation Doesn't Work
#3
RandomlyKnighted
- Microsoft Senior Student Partner
-
Reputation: 113
- Posts: 1,318
- Joined: 14-January 10
Re: Validation Doesn't Work
Posted 21 July 2011 - 10:24 PM
It's messed up at the moment and contains no PHP which is why I didn't include it. What I was trying to do was show the contact form and tell the user what information they still need to fill in while still keeping their responses so they don't have to fill it out again.
Was This Post Helpful?
0
#5
RandomlyKnighted
- Microsoft Senior Student Partner
-
Reputation: 113
- Posts: 1,318
- Joined: 14-January 10
Re: Validation Doesn't Work
Posted 22 July 2011 - 03:56 AM
Why would I do that? With empty() it let's me check to see if they left it blank and isset only checks to see if it exists.
Was This Post Helpful?
0
#6
codeprada
- Changed Man With Different Priorities
-
Reputation: 934
- Posts: 2,332
- Joined: 15-February 11
Re: Validation Doesn't Work
Posted 22 July 2011 - 04:35 AM
Dump your POST variables using var_dump(). Also after the dump kill the script so you could see the results. Placing exit; after the dump would achieve this. Post your results here when you're done.
Was This Post Helpful?
0
#7
satis
- D.I.C Head
Reputation: 82
- Posts: 231
- Joined: 26-May 11
Re: Validation Doesn't Work
Posted 22 July 2011 - 06:01 AM
I'm not sure I see a problem, but a few notes if I may
1. Having two copies of your form is a bad idea. You will inevitably make changes to one that you forget to reflect in the other. You could take the above code and, with a few changes, make it the only place that has the actual form. Your choice, ultimately, but code duplication is bad bad bad.
2. When you pull out your post vars, you should probably trim the inputs. Otherwise, if the person hits space or something, it'll register as a valid input.
That may fix your problem, or maybe not.
3. Instead of empty, you could use strlen.
I'm not saying that empty is wrong... it should work. But this is a different path just in case variables coming out of the $_POST superglobal are created funny.
1. Having two copies of your form is a bad idea. You will inevitably make changes to one that you forget to reflect in the other. You could take the above code and, with a few changes, make it the only place that has the actual form. Your choice, ultimately, but code duplication is bad bad bad.
2. When you pull out your post vars, you should probably trim the inputs. Otherwise, if the person hits space or something, it'll register as a valid input.
$name = trim($_POST['name']);
That may fix your problem, or maybe not.
3. Instead of empty, you could use strlen.
if (strlen($name) == 0
I'm not saying that empty is wrong... it should work. But this is a different path just in case variables coming out of the $_POST superglobal are created funny.
Was This Post Helpful?
0
#8
RudiVisser
- .. does not guess solutions
-
Reputation: 994
- Posts: 3,547
- Joined: 05-June 09
Re: Validation Doesn't Work
Posted 22 July 2011 - 08:27 AM
Your code does look fine, apart from the excessive echo's.
You should refactor your code into something more concise and understandable such as the following. It will consolidate your code and make it much easier to understand.
This page can be used as your default contact form in all instances, so just link straight to this page and it will show the form with no errors (unlike your old one..) on first pageload, then do error checking only on subsequent requests. There is no way that this could redirect without the form being correct, oh and I added checking for a valid email.
Just a mini disclaimer, this isn't properly tested per se (there's no errors but still untested!), but it should be easy enough to figure out if anything's wrong.
EDIT: Also on another note, you shouldn't be doing things like <li> </li> or even [li]<br/> <br/> <br/> <br/>[/li], there's no sense in that. Instead try to work your page's layout out completely in HTML.
As another aside, your errors should just be text, and then proceed to output them in the foreach loop as individual <li> elements in a <ul>. It all helps to producing more semantic, readable code that makes sense.
You should refactor your code into something more concise and understandable such as the following. It will consolidate your code and make it much easier to understand.
This page can be used as your default contact form in all instances, so just link straight to this page and it will show the form with no errors (unlike your old one..) on first pageload, then do error checking only on subsequent requests. There is no way that this could redirect without the form being correct, oh and I added checking for a valid email.
<?php
// Define empty error array for when we haven't submitted the form
$errors = array();
if (isset($_POST['submit'])) {
// If the form is posted, check for errors
if (empty($_POST['name']))
$errors[] = 'Please enter your name into the space provided.<br />';
if (empty($_POST['subject']))
$errors[] = 'Please enter a subject into the space provided.<br />';
if (empty($_POST['email']) || !filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
$errors[] = 'Please enter a valid email address into the space provided.<br />';
if (empty($_POST['message']))
$errors[] = 'Please enter a message into the space provided.<br />';
if (empty($errors)) {
// If we have no errors, email and redirect as appropriate..
$to = 'webmaster@asissweb.com';
$header = 'From: ' . $_POST['name'] . ' <' . $_POST['email'] . '>';
mail($to, $_POST['subject'], $_POST['message'], $header);
header("Location: success.html");
die();
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<link type="text/css" href="style.css" rel="stylesheet"/>
<title>Twickenham-Milford Chapter :: Contact Us</title>
</head>
<body>
<div id="container">
<div id="banner">
<img src="banner.png" alt="Banner"/>
</div>
<div id="NavContentContainer">
<div id="LeftNav">
<ul>
<li> </li>
<li> </li>
<li>
<a href="http://demolay.asissweb.com">Home</a>
</li>
<li>
<a href="about.html">About</a>
</li>
<li>
<a href="officers.html">Leaders</a>
</li>
<li>
<a href="resources.html">Resources</a>
</li>
<li>
<a href="contact.html">Contact Us</a>
</li>
<li>
<a href="login.html">Log In</a>
</li>
<li> </li>
<li> </li>
<li> </li>
<li> </li>
<li> </li>
<li> </li>
</ul>
</div>
<div id="ContentContainer">
<div id="mainContent">
<br/> <br/> <br/> <br/>
<?php
if (!empty($errors))
foreach ($errors as $error)
echo $error;
?>
<form method="post" action="contact.php" style="margin-left:20px;">
<label for="name">Name:</label>
<input type="text" id="name" name="name" size="50">
<br/>
<br/>
<label for="email">E-mail:</label>
<input type="text" id="email" name="email" size="50">
<br/>
<br/>
<label for="subject">Subject:</label>
<input type="text" id="subject" name="subject" size="50">
<br/>
<br/>
<label for="message">Message:</label>
<br/>
<br/>
<textarea rows="5" cols="50" name="message">
</textarea>
<br/>
<br/>
<input value="Submit" type="submit" name="submit">
</form>
</div>
<div id="footer">
<p>
Copyright © 2011 - All Rights Reserved
</p>
</div>
</div>
</div>
</div>
</body>
</html>
Just a mini disclaimer, this isn't properly tested per se (there's no errors but still untested!), but it should be easy enough to figure out if anything's wrong.
EDIT: Also on another note, you shouldn't be doing things like <li> </li> or even [li]<br/> <br/> <br/> <br/>[/li], there's no sense in that. Instead try to work your page's layout out completely in HTML.
As another aside, your errors should just be text, and then proceed to output them in the foreach loop as individual <li> elements in a <ul>. It all helps to producing more semantic, readable code that makes sense.
This post has been edited by RudiVisser: 22 July 2011 - 08:30 AM
Was This Post Helpful?
0
#9
RandomlyKnighted
- Microsoft Senior Student Partner
-
Reputation: 113
- Posts: 1,318
- Joined: 14-January 10
Re: Validation Doesn't Work
Posted 23 July 2011 - 09:35 AM
Sorry for my late reply, I've got a weird work schedule this week.
The reason I'm having 2 copies of my form is because I am following the Head First PHP & MySQL book as I work on this website. To me it seems like a good idea if I can just get it so that when it gives the error it also displays the user's old message so they don't have to type it again.
I don't know what was wrong the other day, but right now the validation works and it displays the error message it just doesn't keep the user's information that they entered.
Quote
Having two copies of your form is a bad idea.
The reason I'm having 2 copies of my form is because I am following the Head First PHP & MySQL book as I work on this website. To me it seems like a good idea if I can just get it so that when it gives the error it also displays the user's old message so they don't have to type it again.
I don't know what was wrong the other day, but right now the validation works and it displays the error message it just doesn't keep the user's information that they entered.
Was This Post Helpful?
0
#10
RudiVisser
- .. does not guess solutions
-
Reputation: 994
- Posts: 3,547
- Joined: 05-June 09
Re: Validation Doesn't Work
Posted 23 July 2011 - 09:54 AM
Did the book tell you to echo out error messages like that?
Was This Post Helpful?
0
#11
RandomlyKnighted
- Microsoft Senior Student Partner
-
Reputation: 113
- Posts: 1,318
- Joined: 14-January 10
Re: Validation Doesn't Work
Posted 23 July 2011 - 09:59 AM
Yes, it has the error messages being echoed out. It just doesn't have the form echoed out. I'm going to clean it up later when I get a chance. I'm just unsure of the best way to clean it up.
This post has been edited by RandomlyKnighted: 23 July 2011 - 10:00 AM
Was This Post Helpful?
0
#12
RudiVisser
- .. does not guess solutions
-
Reputation: 994
- Posts: 3,547
- Joined: 05-June 09
Re: Validation Doesn't Work
Posted 23 July 2011 - 10:10 AM
Pleeeeease stop following that book.
If it's teaching you bad practice like this, especially in the early stages, it's a terrible terrible! book.
The way that I demonstrated to do it would be a perfectly understandable and much better way to structure your code, I also explained a few key reasons as to why it's better than your current code which should help you to understand why I did it like that.
To achieve your goal of having it store the form values you certainly do not need a second form, this is essentially duplicating code and is again, bad practice. You can easily use the code that I am demonstrating below to have everything contained within a single page, and with a slight bit of extension, you can even put the contents of success.phtml in there.
The code below will define default values for each of your form elements (ie. blank when it's not posted) and populate them if they exist.
EDIT: Another reason to do it this way rather than the initial way, what happens when a user visits the submission page without POSTing any data? It will show some nasty errors to the user which is never expected nor good.
If it's teaching you bad practice like this, especially in the early stages, it's a terrible terrible! book.
The way that I demonstrated to do it would be a perfectly understandable and much better way to structure your code, I also explained a few key reasons as to why it's better than your current code which should help you to understand why I did it like that.
To achieve your goal of having it store the form values you certainly do not need a second form, this is essentially duplicating code and is again, bad practice. You can easily use the code that I am demonstrating below to have everything contained within a single page, and with a slight bit of extension, you can even put the contents of success.phtml in there.
The code below will define default values for each of your form elements (ie. blank when it's not posted) and populate them if they exist.
<?php
// Define empty error array for when we haven't submitted the form
$errors = array();
// Define default values for each form field
$name = $subject = $email = $message = '';
if (isset($_POST['submit'])) {
// If the form is posted, check for errors
if (empty($_POST['name']))
$errors[] = 'Please enter your name into the space provided.<br />';
if (empty($_POST['subject']))
$errors[] = 'Please enter a subject into the space provided.<br />';
if (empty($_POST['email']) || !filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
$errors[] = 'Please enter a valid email address into the space provided.<br />';
if (empty($_POST['message']))
$errors[] = 'Please enter a message into the space provided.<br />';
$name = $_POST['name'];
$subject = $_POST['subject'];
$email = $_POST['email'];
$message = $_POST['message'];
if (empty($errors)) {
// If we have no errors, email and redirect as appropriate..
$to = 'webmaster@asissweb.com';
$header = 'From: ' . $_POST['name'] . ' <' . $_POST['email'] . '>';
mail($to, $_POST['subject'], $_POST['message'], $header);
header("Location: success.html");
die();
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<link type="text/css" href="style.css" rel="stylesheet"/>
<title>Twickenham-Milford Chapter :: Contact Us</title>
</head>
<body>
<div id="container">
<div id="banner">
<img src="banner.png" alt="Banner"/>
</div>
<div id="NavContentContainer">
<div id="LeftNav">
<ul>
<li> </li>
<li> </li>
<li>
<a href="http://demolay.asissweb.com">Home</a>
</li>
<li>
<a href="about.html">About</a>
</li>
<li>
<a href="officers.html">Leaders</a>
</li>
<li>
<a href="resources.html">Resources</a>
</li>
<li>
<a href="contact.html">Contact Us</a>
</li>
<li>
<a href="login.html">Log In</a>
</li>
<li> </li>
<li> </li>
<li> </li>
<li> </li>
<li> </li>
<li> </li>
</ul>
</div>
<div id="ContentContainer">
<div id="mainContent">
<br/> <br/> <br/> <br/>
<?php
if (!empty($errors))
foreach ($errors as $error)
echo $error;
?>
<form method="post" action="contact.php" style="margin-left:20px;">
<label for="name">Name:</label>
<input type="text" id="name" name="name" value="<?php echo $name ?>" size="50">
<br/>
<br/>
<label for="email">E-mail:</label>
<input type="text" id="email" name="email" name="<?php echo $email ?> size="50">
<br/>
<br/>
<label for="subject">Subject:</label>
<input type="text" id="subject" name="subject" value="<?php echo $subject ?> size="50">
<br/>
<br/>
<label for="message">Message:</label>
<br/>
<br/>
<textarea rows="5" cols="50" name="message"><?php echo $message ?></textarea>
<br/>
<br/>
<input value="Submit" type="submit" name="submit">
</form>
</div>
<div id="footer">
<p>
Copyright © 2011 - All Rights Reserved
</p>
</div>
</div>
</div>
</div>
</body>
</html>
EDIT: Another reason to do it this way rather than the initial way, what happens when a user visits the submission page without POSTing any data? It will show some nasty errors to the user which is never expected nor good.
This post has been edited by RudiVisser: 23 July 2011 - 10:16 AM
Was This Post Helpful?
0
#13
CTphpnwb
- D.I.C Lover
-
Reputation: 2486
- Posts: 8,533
- Joined: 08-August 08
Re: Validation Doesn't Work
Posted 23 July 2011 - 11:26 AM
Yes, that book is terrible. Here's how I would approach it:
contact.php
knighted.html
I'd probably spend more time separating the HTML from the PHP to make it easier to debug later, but this is a start.
contact.php
<?php
session_start();
$inputs = array('name'=>'','subject'=>'','email'=>'','message'=>'');
function check_input(&$data) {
$expected = array('name','subject','email','message');
$error = array('Please enter your name into the space provided. <br />', 'Please enter a subject into the space provided. <br />', 'Please enter your email address into the space provided. <br />', 'Please enter your message into the space provided. <br />');
$received = array();
$errors = "";
for($i = 0; $i < 4; $i++) {
if(empty($_POST[$expected[$i]])) {
$errors .= $error[$i];
} else {
$data[$expected[$i]] = $_POST[$expected[$i]];
}
}
return $errors;
}
if(isset($_SESSION['errorcheck'])) {
$out = check_input($inputs);
} else {
$out = '';
}
if($out != '' || !isset($_SESSION['errorcheck'])) {
$_SESSION['errorcheck'] = 1;
$out .='<form method="post" action="contact.php" style="margin-left:20px;">';
$out .='<label for="name">Name:</label>';
$out .='<input type="text" id="name" name="name" size="50" value="'.$inputs['name'].'">';
$out .='<br />';
$out .='<br />';
$out .='<label for="email">E-mail:</label>';
$out .='<input type="text" id="email" name="email" size="50" value="'.$inputs['email'].'">';
$out .='<br />';
$out .='<br />';
$out .='<label for="subject">Subject:</label>';
$out .='<input type="text" id="subject" name="subject" size="50" value="'.$inputs['subject'].'">';
$out .='<br />';
$out .='<br />';
$out .='<label for="message">Message:</label>';
$out .='<br />';
$out .='<br />';
$out .='<textarea rows="5" cols="50" name="message" >';
$out .= $inputs['message'].'</textarea>';
$out .='<br />';
$out .='<br />';
$out .='<input value="Submit" type="submit">';
$out .='</form>';
echo str_replace("PHPOUTPUT", $out, file_get_contents("knighted.html"));
} else {
session_destroy();
echo "mail to..."; // while debugging, no need to mail and redirect...
//mail($to, $subject, $message, $header);
//header("Location: success.html");
}
?>
knighted.html
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link type="text/css" href="style.css" rel="stylesheet" /> <title>Twickenham-Milford Chapter :: Contact Us</title> </head> <body> <div id="container"> <div id="banner"> <img src="banner.png" alt="Banner" /> </div> <div id="NavContentContainer"> <div id="LeftNav"> <ul> <li> </li> <li> </li> <li> <a href="http://demolay.asissweb.com">Home</a> </li> <li> <a href="about.html">About</a> </li> <li> <a href="officers.html">Leaders</a> </li> <li> <a href="resources.html">Resources</a> </li> <li> <a href="contact.html">Contact Us</a> </li> <li> <a href="login.html">Log In</a> </li> <li> </li> <li> </li> <li> </li> <li> </li> <li> </li> <li> </li> </ul> </div> <div id="ContentContainer"> <div id="mainContent"> <br /> <br /> <br /> <br /> PHPOUTPUT </div> <div id="footer"> <p> Copyright © 2011 - All Rights Reserved </p> </div> </div> </div> </div> </body> </html>
I'd probably spend more time separating the HTML from the PHP to make it easier to debug later, but this is a start.
This post has been edited by CTphpnwb: 23 July 2011 - 11:42 AM
Was This Post Helpful?
0
#14
RandomlyKnighted
- Microsoft Senior Student Partner
-
Reputation: 113
- Posts: 1,318
- Joined: 14-January 10
Re: Validation Doesn't Work
Posted 23 July 2011 - 09:21 PM
RudiVisser, on 23 July 2011 - 12:10 PM, said:
Pleeeeease stop following that book.If it's teaching you bad practice like this, especially in the early stages, it's a terrible terrible! book.
CTphpnwb, on 23 July 2011 - 01:26 PM, said:
Yes, that book is terrible.
The next few pages teach a better way of doing this. Basically the book teaches a right way and a wrong way to go about doing all this. So please next time, don't tell someone to stop reading the book if you don't know how the book actually teaches. If I had followed your advice then I would have spent another $50 for a book when I really don't need to.
I'll work on revising my code when I get the chance and will post back if I need further help with this issue.
Was This Post Helpful?
0
#15
RudiVisser
- .. does not guess solutions
-
Reputation: 994
- Posts: 3,547
- Joined: 05-June 09
Re: Validation Doesn't Work
Posted 24 July 2011 - 04:16 AM
I've just got the book and read from pages 5 - 52 which is what it took to describe how to make that form above (in a bad way)... and I'm not seeing anything remotely better than that.
In fact, the book then moves straight onto PHP & MySQL toolbox, whatever that is. It's giving me a headache now.
Can you demonstrate what the "good" method is? I have seen no statement made saying that it's bad.
Nowhere does it suggest that you should check if the form is posted before using the $_POST variables, it just uses them. I find it quite funny that in the first few pages it says "Assume everyone is out to get you", and then they do this? Anyone can spam an email to you with this code. Actually I just read through the security section aswell (well, scanned through!) and all it really teaches you is how to use basic authentication and ignore values that aren't approved by an admin.
It does not teach parameterized queries or anything that you'll need for the real world
Anyway I'm giving up now.
In fact, the book then moves straight onto PHP & MySQL toolbox, whatever that is. It's giving me a headache now.
Can you demonstrate what the "good" method is? I have seen no statement made saying that it's bad.
Nowhere does it suggest that you should check if the form is posted before using the $_POST variables, it just uses them. I find it quite funny that in the first few pages it says "Assume everyone is out to get you", and then they do this? Anyone can spam an email to you with this code. Actually I just read through the security section aswell (well, scanned through!) and all it really teaches you is how to use basic authentication and ignore values that aren't approved by an admin.
It does not teach parameterized queries or anything that you'll need for the real world
Anyway I'm giving up now.
This post has been edited by RudiVisser: 24 July 2011 - 04:22 AM
Was This Post Helpful?
0
|
|
| 