I have an html form with multiple text fields that when submit is pressed, a php file processes the form, storing submitted info into mysql database, then sending email with same data. I would like to know how to:
1) make some fields required, check the form to make sure that the required fields are filled out and that any filled out field has "good" data,
2)if field checks are "good" then store into mysql database, if not, go back to form and let user know what problem is,
3)if field check is good, and data stored into database, then email the data.

Currently, the form gets filled out (or not) then when submit is pressed it automatically stores the data and sends an email. I would like to make it to where no storage happens unless the form is correctly filled out (and safely), and no email unless data is successfully stored.

I can re-post the form and php processing file if necessary, or you can look in
this thread.

The issue from that thread has been resolved, and now I would like to go a little further with the same form.

-> The current version of the php file is slightly different from the one posted there, as I have applied the suggested tips and re-saved, but for what I am now seeking help with it would be irrelevant.

Any help appreciated :)

Edited by lightningrod66: added line about difference in current file and previously posted file

8 Years
Discussion Span
Last Post by diafol

Without going into too much detail:

1) Have client-side validation, using regex to spot good data (e.g. e-mail addresses etc).
2) Have pretty much the same as a last line of defence in php.

There are loads of form validation scripts out there. If you want to roll your own and are new to php, you may want to write some procedural (simple) stuff as opposed to the Object Orientated stuff.

All you do is test the fields one by one and set an error integer for each. If you use something like the following, you can pass the error back to the form page, which will then display errors (either all in one message or in situ):

//have a list of error codes in an include file, e.g errors.php.

$email_wrong = array(1,"The e-mail you entered is wrong");
$email_missing = array(2,"You must enter a valid e-mail address");
$password_too_small = array(4,"The password must be at least 6 characters");
$password_no_match = array(8,"The passwords do not match");


//Then in your form handling page (after you include the above file)

$err_array['init'] = 0;
//in your failed test procedures, have these values 
$err_array['email_wrong'] = $email_wrong[0];
$err_array['email_missing'] = $email_missing[0];
$err_array['password_too_small'] = $password_too_small[0];
$err_array['passwords_no_match'] = $password_no_match[0];

//Get all errors:
$err_value = array_sum($err_array);

//You can then check the value of err_value - if it's > 0 - don't pass the data - send the user back to the form page with a simple get:

header("Location: http://www.example.com/form.php?err=$err_value"); 


//In your form page you include the errors.php file again and then test for each relevant case:

//at top of page
if(isset($_GET['err']) && $_GET['err'] > 0){
  $err_value = intval($_GET['err']);

It's up to you how you show the errors - all together - say at the top of the form, or in situ. Here's an in situ example:

if($err_value & $email_wrong[0])echo "<p>{$email_wrong[1]}</p>";
if($err_value & $email_missing[0])echo "<p>{$email_missing[1]}</p>";
<input type="text" id="email" name="email" />

There are quite a few ways to simplify this technique, but I've made it deliberately longer so that you can see what's going on.

The key bit is the if($err_value & $email_wrong[0]), where the & pretty much says, If the $email_wrong[0] value is in the $err_value then do this...

However - there ARE loads of free scripts out there.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.