PHP - Form error handling issue

Question

I am trying to create error messages if certain conditions aren't met. So the user fills out a form and if a field is empty or doesn't pass my validation it returns the error message.

This is the form:

if (isset($_POST)) {
    if (checkEmail($email) == TRUE && $name != NULL && $surName != NULL) {    
        mysql_query(    "INSERT INTO USR_INFO (NAME, MAIL, SURNAME) 
                         VALUES ('$name', '$email','$surName') ") or die(mysql_error());
        header('Location: thanks.php');
    } 

    else {
        echo'<form action="<?php echo $_SERVER[\'PHP_SELF\']; ?>" method="POST">            
                <label for="name">First Name</label>
                <input type="text" name="name" id="name" value="' .$_POST['name'].'" />
                <span class="required">&#42;</span>

                <label for="surName">Last Name</label>
                <input type="text" name="surName" id="surName" value="' .$_POST['surName']. '" />
                <span class="required">&#42;</span>

                <label for="email">E-mail</label>
                <input type="email" id="email" name="email" placeholder="example@domain.com" value="' .$_POST['email']. '" />
                <span class="required">&#42;</span>

                <input type="submit" name="submit" id="submit">
            </form>';
    }
} else {
        echo'<form action="<?php echo $_SERVER[\'PHP_SELF\']; ?>" method="POST">            
                <label for="name">First Name</label>
                <input type="text" name="name" id="name" value="" />
                <span class="required">&#42;</span>

                <label for="surName">Last Name</label>
                <input type="text" name="surName" id="surName" value="" />
                <span class="required">&#42;</span>

                <label for="email">E-mail</label>
                <input type="email" id="email" name="email" placeholder="example@domain.com" value="" />
                <span class="required">&#42;</span>


                <input type="submit" name="submit" id="submit">
            </form>';
}

So what I tried is adding an array to display the error messages like so:

$errorMessage = array();

And add this to the html form field with the proper message:

$error[] = "Error Message";

Now what I am stuck with is that I want to have the error show only if a user doesn't meet the conditions

if ($name == NULL) {$error[] = "Error Message";}
if ($surName == NULL) {$error[] = "Error Message 2";}
if (checkEmail($email) == FALSE || NULL) {$error[] = "Error Message 3";}

But I can't make it work. When I tried to implement this logic it will parse the page fine and the validation works as well but the error messages wont show up if I leave a required field blank. My guess is that I didn't loop through it properly.

Help is much appreciated!

EDIT:

I tried the answer that was posted by Frosty Z and this is what I have at the moment:

    if (isset($_POST)) {
    $errorMessage = array();
        if ($name == '') { $errors[] = "Input name please." }
        if ($surName == '') { $errors[] = "Input last name please." }
        if (!checkEmail($email)) { $errors[] = "Email address not valid." }

    if (count($error) == 0) { 
            mysql_query(    "INSERT INTO USR_INFO (NAME, MAIL, SURNAME) 
                             VALUES ('$name', '$email', '$surName') ") or die(mysql_error());
            header('Location: thanks.php');
            exit;
    else {

        if (count($errors) > 0)
            echo "<p>Sorry, there are problems with the information you have provided:</p>";

        foreach($errors as $error)
            echo '<p class="error">'.$error.'</p>';

        echo'<form action="<?php echo $_SERVER[\'PHP_SELF\']; ?>" method="POST">            
                <label for="name">Name</label>
                <input type="text" name="name" id="name" value="' .$_POST['name'].'" />
                <span class="required">&#42;</span>

                <label for="surName">Last name</label>
                <input type="text" name="surName" id="surName" value="' .$_POST['surName']. '" />
                <span class="required">&#42;</span>

                <label for="email">E-mail</label>
                <input type="email" id="email" name="email" placeholder="example@domain.com" value="' .$_POST['email']. '" />
                <span class="required">&#42;</span>

                <input type="submit" name="submit" id="submit">
            </form>';
    }
} else {
        echo'<form action="<?php echo $_SERVER[\'PHP_SELF\']; ?>" method="POST">            
                <label for="name">Name</label>
                <input type="text" name="name" id="name" value="" />
                <span class="required">&#42;</span>

                <label for="surName">Achternaam</label>
                <input type="text" name="surName" id="surName" value="" />
                <span class="required">&#42;</span>

                <label for="email">E-mail</label>
                <input type="email" id="email" name="email" placeholder="example@domain.com" value="" />
                <span class="required">&#42;</span>

                <input type="submit" name="submit" id="submit">
            </form>';
}

With this my page won't be parsed. I have error reporting on but it doesn't show anything besides a

Internal server error 500

in my console log(Firebug)

And where are you printing your array of errors? At the end you could debug with `var_dump($error)` — Bjørne Malmanger, Dec 30 '12 at 11:48
can you try if(isset($_POST['name'])) instead of if(isset($_POST)) which might be making logical error. — mamdouh alramadan, Dec 30 '12 at 11:55
[here](http://stackoverflow.com/questions/13963180/trying-to-set-default-ringtone-get-a-securityexception) is an example can you take a look at it. — mamdouh alramadan, Dec 30 '12 at 12:00
`if (checkEmail($email) == FALSE || NULL)` will not work the way you think. It is equivalent to `if ((checkEmail($email) == FALSE) || NULL)`, and the entire `|| NULL` part is unnecessary. — DCoder, Dec 30 '12 at 12:03

Maxime Pacary · Accepted Answer · 2012-12-30T12:04:57.837

Here is some rewriting of your work with a minimal handling of error messages.

BTW, you should consider adopting a decent PHP framework which will help you to handle a lot of common development tasks.

$name = '';
$surName = '';
$email = '';

if ($_SERVER['REQUEST_METHOD'] === 'POST') {

    $name = $_POST['name'];
    $surName = $_POST['surName'];
    $email = $_POST['email'];

    $errors = array();

    if ($name == '') { $errors[] = "Please type your name."; }
    if ($surName == '') { $errors[] = "Please type your surname."; }
    if (!checkEmail($email)) { $errors[] = "Wrong email format."; }

    if (count($errors) == 0) {
        // tip: use PDO or mysqli functions instead of mysql ones to bind variables.
        // currently there is a risk of SQL injection here
        mysql_query("INSERT INTO USR_INFO (NAME, MAIL, SURNAME) 
                     VALUES ('$name', '$email','$surName') ") or die(mysql_error());
        header('Location: thanks.php');
        exit;
    }
}

if (count($errors) > 0)
    echo '<p>Sorry, there are problems with the information you have provided:</p>';

foreach($errors as $error)
    echo '<p class="error">'.$error.'</p>';

echo '<form action="'.$_SERVER['PHP_SELF'].'" method="POST">            
            <label for="name">First Name</label>
            <input type="text" name="name" id="name" value="'.htmlspecialchars($name).'" />
            <span class="required">&#42;</span>

            <label for="surName">Last Name</label>
            <input type="text" name="surName" id="surName" value="'.htmlspecialchars($surName).'" />
            <span class="required">&#42;</span>

            <label for="email">E-mail</label>
            <input type="email" id="email" name="email" placeholder="example@domain.com" value="'.htmlspecialchars($email).'" />
            <span class="required">&#42;</span>

            <input type="submit" name="submit" id="submit">
        </form>';

I tried to implement what you gave me, but the page doesn't parse. My page doesn't parse with `$_SERVER['REQUEST_METHOD'] === 'POST'` either. I also checked if I correctly nested the if's and else's and that seems correct to me. — Mario S, Dec 30 '12 at 12:41
@Perry: see http://stackoverflow.com/questions/1372147/check-whether-a-request-is-get-or-post — Maxime Pacary, Dec 30 '12 at 13:13
@MarioS: which error message do you get? I have tested and don't have any parsing issue. — Maxime Pacary, Dec 30 '12 at 13:15
@FrostyZ _"NetworkError: 500 Internal Server Error - http://domain/file/path/to/send.php"_ Thats what I get when I try to load the page. — Mario S, Dec 30 '12 at 13:20
@FrostyZ After some fiddling with the structure of my if statements, it finally works :). Thank you for your time! — Mario S, Dec 30 '12 at 14:11

PHP - Form error handling issue

1 Answers1