3

I am new to PHP and trying to understand how form validation is done. I am able to validate form fields and display error message as per comments in this post.

However the header function redirects the page but not posting the form fields to next page. How can post validated form values to next page?

Here is my code:

<!DOCTYPE HTML>
<html>
<head>
<title>PHP Learning</title>
</head>
<body>
<?PHP
$nameError = $emailError = "";

if($_SERVER['REQUEST_METHOD'] == "POST"){

    $valid = true;

    if(empty($_POST['name'])){
        $valid=false;
        $nameError = "Name missing";
    }

    if(empty($_POST['email'])){
        $valid=false;
        $emailError = "Email missing";
    }

    if($valid){
        header('location:Processor.php');
        exit();
    }
}

?>

<form action="" method="post">
  <input type="text" name="name" size="30"/> <?PHP echo $nameError; ?> <br>
  <input type="text" name="email" size="30"/> <?PHP echo $emailError; ?> <br>
  <input type="submit" value="Submit"/>
</form>

</body>
</html>

Processor.php

<html>
<head>
<title>Online PHP Script Execution</title>
</head>
<body>
<?php

   echo "<br>", "Name: ", $_POST['name'];
   echo "<br>", "Email: ", $_POST['email'];
?>
</body>
</html>
Community
  • 1
  • 1
Naresh Babu
  • 702
  • 1
  • 7
  • 17
  • put the php processing on Processor the PHP not on the form page – Kevin Sep 13 '14 at 05:44
  • Why don't you do the other logic inside the `if($valid)` and afterwards redirect to a "thanks" page? If it's just that you could append the data to the URL (like a GET request) – ConcurrentHashMap Sep 13 '14 at 05:47
  • you can use **session** for you code, and to display that values in proccessor.php – coDe murDerer Sep 13 '14 at 05:49
  • 1
    @dHaRa uMaraniYa Yes using session worked. It was quite simple as I had only couple of fields, but in real time we may have more number of fields. In such scenario repopulating them in session after validation looks tedious. Any alternative? – Naresh Babu Sep 13 '14 at 06:04
  • Then, please process your code in same file instead of doing on another file. If you really want to process your code on another file then use javascript/jquery validations. – Khushboo Sep 13 '14 at 06:05
  • @NareshBabu : You can use javascript validation. after validate you can set action like
    and you will get all data in POST in processor.php file.. for validation check this link:http://webcodehelpers.com/demo/registration-form-validatio.html
     – coDe murDerer Sep 13 '14 at 06:12
  • your code is vulnerable to XSS – NullPoiиteя Sep 13 '14 at 06:45

5 Answers5

2

header function is used to redirect to a different page. It wont pass post variable. You can do it either by using session variables or by using cookies. For form front end validation I suggest the use of javascript (jQuery if you are comfortable). While use php only for backend validation.

If you have to use php for front end validation, use session

php
session_start();
/* ---- Your other validation code -- */
if($valid){
$_SESSION['email'] = $_POST['email'];
$_SESSION['name'] = $_POST['name'];
 header('location:Processor.php');
 exit();
}


processor page : 
 <html>
<head>
<title>Online PHP Script Execution</title>
</head>
<body>
<?php

   echo "<br>", "Name: ", $_SESSION['name'];
   echo "<br>", "Email: ", $_SESSION['email'];
?>
</body>
</html>

For frontend validation using js

 <form action="Processor.php" method="post">
  <input type="text" name="name" id="name" size="30"/> <?PHP echo $nameError; ?> <br>
  <input type="text" name="email" id="email" size="30"/> <?PHP echo $emailError; ?> <br>
  <input type="submit" value="Submit" id="submit"/>
</form>

JS:
$("#submit").click(function(){
   var name = $("#name").val();
   var email = $("#email").val();
   if(name="" || email=""){
     event.preventDefault();
     alert("Please fill all the feilds");
    }
});
Siddharth Patel
  • 193
  • 1
  • 2
  • 15
  • @siddharth I understand the client side validation and passing the values through session. Now if I want to do server side validation that is in PHP then how will I return to the input page(Page in which the form is submitted) in case of validation errors. – Naresh Babu Sep 13 '14 at 06:52
  • if you'll submit the form, the page will get reloaded. But you can use ajax to submit the form, and return validation results. – Siddharth Patel Sep 14 '14 at 05:44
2

This is a relatively old post but I use a solution rather frequently that is not listed here so I thought I would share in case others find this handy.

<?PHP

if($_SERVER['REQUEST_METHOD'] == "POST"){
    if(empty($_POST['name'])){
        header('Location: back_to_your_form.php?error=Name+missing');
        exit();
    }

    else if(empty($_POST['email'])){
        header('Location: back_to_your_form.php?error=Email+missing');
        exit();

    } else {
    // perform a function of some sort
    }
}    

?>

And then in the header of the html form simply add

<? if (isset($_GET['error'])) { ?>
    <script>alert('<? echo $_GET['error']; ?>');</script> 
<? } ?>
Bruce
  • 1,039
  • 1
  • 9
  • 31
1

header('location:Processor.php'); sends the browser to another page, but not the POST values. Either do the functions in the same page, or use Sessions to pass data to another page. First option is recommended.

Sunish Menon
  • 152
  • 11
  • Using Session worked. But am trying to compare how I used to do this in servlets, where once form field validation passes, I would make a call to model passing all the field values. How it happens in PHP? – Naresh Babu Sep 13 '14 at 06:08
  • As @ConcurrentHashMap pointed, better do all the processing in this page and do the redirect after that, so that the final page does not need the POST variables. Or better, use AJAX. – Sunish Menon Sep 13 '14 at 10:19
-1

include should do just fine.

if($valid){
    include('Processor.php');
    exit();
}
Vin J
  • 11
  • 5
-1

if you use the header('location:Processor.php'); the session varaiable don't pass to the page Processor.php, so you have to use include('Processor.php');

Michail Stamatulakis
  • 1