Required Fields Check Problem

[elantrip]

OK,

I know that plenty has been posted regarding this subject, but I'm completely lost and confused and I apologize for this...

I'm talking about the standard: enter data, check for required fields, if required fields are empty return to page with data entered still there.

1. I have register_globals set to OFF (would like to keep it this way).
2. Within an HTML form I have <form method="post" action="/test/sendmail.php">. Sendmail.php gets the data from the initial form and creates a message that's e-mailed to our office. Here's a bit of that code:

<?

$message = $_REQUEST['message'] ;
$ProdName = $_REQUEST['ProdName'] ;
$ProdTel = $_REQUEST['ProdTel'] ;
$ProdFax = $_REQUEST['ProdFax'] ;
$ProdEmail = $_REQUEST['ProdEmail'] ;
$contact = $_REQUEST['contact'] ;


$message = "UNDERWRITER \n";
$message .= "$underwriter \n\n";

$message .= "PRODUCER \n";
$message .= "Name: $ProdName \n";
$message .= "Telephone: $ProdTel \n";
$message .= "Fax: $ProdFax \n";
$message .= "Email: $ProdEmail \n";
$message .= "Contact Name: $contact \n\n";

if (empty($_REQUEST['ProdEmail'])) {
header( "Location:

http://www.abc.org/test/quote.html"

);
}
else {
mail( "el@abc.org", "Transportation Quickquote",
$message, "From: $ProdEmail");

header( "Location:

http://www.abc.org/test/thankyou.html"

);
}

?>

So it goes back, but of course the initial form is blank.

I've seen that I should use:

<? echo "$_GET['ProdName']";?>

But, where would I put it? Would it be in the <input name="ProdName" type="text"> tag(s)? I tried to do this, but maybe my syntax was not right, it didn't work.

Can anyone please shed some light on why it's not working?

 

[sleipnir214]

The only way you can dynamically pre-populate the values of form fields is by having the HTML produced by a PHP script.

Here's what I generally do...

I create a single script which, when there is no input, creates a blank form. Generally, the form will have one hidden field, and the script checks for the presence of that field. The form produced submits data back to this script.

If the script gets input, it checks it. If the data all checks out, it uses a "Location" header to send the browser to another part of the site.

If the script gets input and the data does not check out, it produces the form again, but this time with error messages and pre-populated field values.

Something like:

<?php
if (isset ($_POST['hiddenfieldname'])
{
//Input was given. Validate the fields.

if (/*fields all validate*/)
{
header('Location: next page in series')
}
else
{
//produce form with pre-populated values and appropriate error messages
}
}
else
{
//display empty form
}


As an aside, don't use $_REQUEST for your values. Use $_POST or $_GET for POST- and GET-method form input, respectively. $_REQUEST is vulnerable to the same variable-poisoning problem warned about in the "Using register globals section of the online manual


Want the best answers? Ask the best questions!

TANSTAAFL!!

 

[Vragabond]

And since you were wondering how the fields are prepopulated. Every input has a field called value, where you can put your value. So (presuming you are using method post) you would create your inputs like this:

echo '<input type="text" name="ProdName" [b][COLOR=blue]value="' . $_POST['ProdName'] . '"[/color][/b] />';

 

[elantrip]

Thank you for your help.

I created the script to create the HTML page and is working wonderfully when I redisplay the data.

I am, however, having a hard time figuring out how to redisplay checkboxes and drop down boxes.

Can anyone shed some light?

 

[kenrbnsn]

When you redisply checkbox values, you have to put the keyword "checked" in the <input> line if the box was checked. For radio selection and option lists, use the keyword "selected".

For example if your original form had the following defined for checkboxes:

<input name=cb[] type="checkbox" value="one">&nbsp;Box 1<br>
<input name=cb[] type="checkbox" value="two">&nbsp;Box 2<br>
<input name=cb[] type="checkbox" value="thr">&nbsp;Box 3<br>
<input name=cb[] type="checkbox" value="fou">&nbsp;Box 4<br>

Then your repopulate should look something like:

<?
 $cb = $_POST['cb'];
?>
<input name=cb[] type="checkbox" value="one" <? if(in_array("one",$cb)) echo "checked";?>>
/* etc... */

Similar code can be used for radio and option lists.

Ken

 

[elantrip]

I'm so sorry I'm so dense...

But, here's how I'm displaying the checkboxes:

<INPUT TYPE=CHECKBOX NAME=\"Chicago\" >Chicago <br>

Trying to translate your example to how I'm doing the checkboxes I used:

<input type=checkbox name=\"Chicago\" <? if($_POST[Chicago]==\"on\") echo \"checked\";?>Chicago<br>

If I check it and then redisplay the form, the checkbox is not checked.

 

[cLFlaVA]

whoa.

let's try this again!

<input type="checkbox" name="Chicago"
<?
if (!empty($_POST['Chicago']))
    echo " checked";
?>
>
Chicago<br>

This should work if you copy it as-is.

*cLFlaVA
----------------------------
A polar bear walks into a bar and says, "Can I have a ... beer?"
The bartender asks, "What's with the big pause?

 

[skiflyer]

Personally I like to simplify Sleipnir's above example by combining the display empty form and display populated form.

The result is usually alot of value="" in my HTML, but that's certainlly valid.

 

[elantrip]

Sorry, still not working.

I think I may not be giving you the full picture.

I'm taking sleipnir214 (above) advice and here's how I did it:

<html>
<head>
<title>Input Form</title>
</head>
<body>
<? //Create form
$lsrform = "<form method=\"post\" action=\"$_SERVER[PHP_SELF]\">
<p><strong>Your Name:</strong>
<input type=\"text\" name=\"sender_name\" value=\"$_POST[sender_name]\" size=30></P>
<P><strong>Your E-Mail Address:</strong>
<input type=\"text\" name=\"sender_email\" value=\"$_POST[sender_email]\" size=30></P>
<P><strong>Message:</strong></br>
<textarea name=\"message\" cols=30 rows=5 wrap=virtual>$_POST[message]</textarea></p>
<input type=\"hidden\" name=\"op\" value=\"ds\">
<P><input type=\"submit\" name=\"submit\" value=\"Send This Form\">
<input type=\"reset\" name=\"reset\" value=\"Reset This Form\"></p>
</form>";
if ($_POST[op] != "ds")
{
// they need to see the form
echo "$lsrform";
}
else if ($_POST[op] == "ds")
{
// check value of $_POST[sender_name]
if ($_POST[sender_name] == "")
{
$name_err = "<font color=red>Please enter your name!</font>";
$send = "no";
}
// check value of $_POST[sender_email]
if ($_POST[sender_email] == "")
{
$email_err = "<font color=red>Please enter your e-mail address!</font>";

$send = "no";
}
//check value of $_POST[message]
if ($_POST[message] == "")
{
$message_err = "<font color=red>Please enter a message!</font>";
$send = "no";
}
if ($send != "no")
{
// it's ok to send, build mail

$to = "abc@abc.com";
$subject = "All-in-One Web Site Feedback\r\n";
$mailheaders = "From: My Web Site <> \r\n";
$mailheaders .= "Reply-To: $_POST[sender_email]\r\n\r\n";

$msg = "E-MAIL SENT FROM

http://WWW SITE\r\n";

$msg .= "Sender's Name: $_POST[sender_name]\r\n";
$msg .= "Sender's E-Mail: $_POST[sender_email]\r\n";
$msg .= "Message: $_POST[message]\r\n\r\n";
// send the mail
mail($to, $subject, $msg, $mailheaders);
//display confirmation to user
echo "<P>Mail has been sent!</p>";
}
else if ($send == "no")
{
echo "$name_err";
echo "$email_err";
echo "$message_err";
echo "$lsrform";
}
}
?>

</body>
</html>

If I just cut and paste:

<input type="checkbox" name="Chicago"
<?
if (!empty($_POST['Chicago']))
echo " checked";
?>
>
Chicago<br>

I get a parse error.

If I put a "\" in front of all the double quotes and single quotes, I don't get the parse error, but I also don't get the check on the redisplaying of the data.

Thank you all for your help and quick responses.

 

[sleipnir214]

A few comments.

Your code switches between HTML output mode and PHP interpreted mode. This eats performance. You're better off staying in PHP interpreted mode and using print() or echo() statements to output blocks of HTML.

I strongly recommend that you use singlequotes to delimit strings if the strings contain lots of doublequotes -- such as HTML. You will have to explicitly concatenate variables (versus implicit concatenation by including variable references inside doublequotes), but it makes for more readable code. For information on the differences between singlequotes and doublequotes to limit strings, read here

"elseif" is evil. It is a completely useless construct that is more readably implemented using nested if-statements or a switch statement. In any regard, your use of it in this script is unnecessary, as two values are either equal to each other or are not.

Get in the habit of using quotes around associative array keys. Different versions and configurations of PHP can make code without them generate errors. Using the quotes makes your code more portable.

It's not necessary to put quotes around every variable you output.

Indent your code, particularly if you're going to use that execrable construct, elseif. When posting code use the [ignore]

[/ignore] TGML tags.

Are you planning on outputting the form every time the script runs?

What does this version of your code do?

<?php
print '
<html> 
	<head>
		<title>Input Form</title>
	</head> 
<body>';

$lsrform = '<form method="post" action="' . $_SERVER['PHP_SELF']. '"> 
<p><strong>Your Name:</strong> 
<input type="text" name="sender_name" value="' . $_POST['sender_name'] . '" size="30"></P> 
<P><strong>Your E-Mail Address:</strong> 
<input type="text" name="sender_email" value="' . $_POST['sender_email'] . '" size="30"></P> 
<P><strong>Message:</strong></br> 
<textarea name="message" cols="30" rows="5" wrap="virtual">' . $_POST['message'] . '</textarea></p> 
<input type="hidden" name="op" value="ds"> 
<P><input type="submit" name="submit" value="Send This Form"> 
<input type="reset" name="reset" value="Reset This Form"></p> 
</form>'; 

if ($_POST['op'] != 'ds') 
{ 
	// they need to see the form 
	echo $lsrform; 
} 
else
{ 
	// check value of $_POST[sender_name] 
	if ($_POST['sender_name'] == '') 
	{ 
		$name_err = '<font color="red">Please enter your name!</font>'; 
		$send = 'no'; 
	} 
	// check value of $_POST['sender_email'] 

	if ($_POST['sender_email'] == '') 
	{ 
		$email_err = '<font color="red">Please enter your e-mail address!</font>'; 

		$send = 'no'; 
	} 

//check value of $_POST['message'] 
	if ($_POST[message] == '') 
	{ 
		$message_err = '<font color="red">Please enter a message!</font>'; 
		$send = 'no'; 
	} 

	if ($send != 'no') 
	{ 
		// it's ok to send, build mail 
		$to = 'abc@abc.com'; 
		$subject = 'All-in-One Web Site Feedback' . "\r\n"; 
		$mailheaders = 'From: My Web Site <>' . "\r\n"; 
		$mailheaders .= 'Reply-To: ' . $_POST['sender_email'] . "\r\n\r\n"; 

		$msg = 'E-MAIL SENT FROM [URL unfurl="true"]WWW SITE[/URL] . "\r\n"; 
		$msg .= 'Sender's Name:    ' . $_POST['sender_name'] . "\r\n"; 
		$msg .= 'Sender's E-Mail:  ' . $_POST['sender_email'] . "\r\n"; 
		$msg .= 'Message:          ' . $_POST['message'] . "\r\n\r\n"; 
		// send the mail 
		mail($to, $subject, $msg, $mailheaders); 
		//display confirmation to user 
		echo '<P>Mail has been sent!</p>'; 
	} 
	else
	{ 
		echo $name_err; 
		echo $email_err; 
		echo $message_err; 
		echo $lsrform; 
	} 
} 

print '
</body> 
</html>'; 
?>

Want the best answers? Ask the best questions!

TANSTAAFL!!

 

[elantrip]

Thanks for your comments. Obviously I'm new to PHP/HTML so anything to stear me in the right direction is appreciated.

>Are you planning on outputting the form every time the script runs?

I am planning on outputting the form when the script runs (to redisplay the data that has been entered).

>What does this version of your code do?

What I'm hoping this code does is to:
1. display a blank form
2. check for required fields when submitted
3. if any required fields are empty, display a message letting them know what they have missed and redisplay the form with data entered still there