-2

I have a stripe bank account verification form that requires integers in a certain format. No decimals, no letters etc. When the user inputs something incorrectly and submits, the page turns into something like this:

Fatal error: Uncaught Stripe\Error\InvalidRequest: Expecting integers...then a bunch of useful but garbage-looking information

Or if the bank account has already been verified then something like this:

Fatal error: Uncaught Stripe\Error\InvalidRequest: This bank account has already been verified.....then a bunch of useful but garbage-looking information

It replaces my page and my logos etc with just this error so the user would have to click the back button to try again.

I realize that I can add my own error checking for these things, like integers would be easy, the already verified would be a little bit more challenging. However, since stripe has already gone through the effort of detecting errors and returning them in this format, i dont want to do my own and re invent the wheel.

So, with all of that being said, how can I keep the user on the same page with the form still visible and just display the error at the top so they know what to fix?

Here is the code that would throw an error if the input is not in the correct format or if there is some other problem:

if ( !empty($_POST["valueOne"]) and !empty( $_POST["valueTwo"]))
        {

            https://dashboard.stripe.com/account/apikeys
            \Stripe\Stripe::setApiKey("secret key");

            // get the existing bank account
            $customer = \Stripe\Customer::retrieve($customerHash);
            $bank_account = $customer->sources->retrieve($bankHash);

            // verify the account
            $bank_account->verify(array('amounts' => array($_POST['valueOne'], $_POST['valueTwo'])));
        }
Martin
  • 22,212
  • 11
  • 70
  • 132
Daniel Taylor
  • 17
  • 7
  • Have you considered using client side validation? This would catch possible errors before the form is submitted. You would still want to keep the server side validation. But client side validation is often used in the scenario you're describing. – devlin carnate Nov 07 '17 at 18:33
  • Add error handling in your PHP code to handle any error (`try ... catch`) and make sure it always produces output in a desirable way. You could also consider calling the server validation with an Ajax call. – trincot Nov 07 '17 at 18:39
  • `.....then a bunch of useful but garbage-looking information` it probably is useful information if you can understand it. – Martin Nov 07 '17 at 18:58
  • 1
    @Martin oh and the other being this right? https://stackoverflow.com/questions/162159/javascript-client-side-vs-server-side-validation lol! – Funk Forty Niner Nov 07 '17 at 19:00
  • @Martin coming right up................. wait for it. – Funk Forty Niner Nov 07 '17 at 19:02
  • @Martin ♫...........♪ .................. ♫. tada!! – Funk Forty Niner Nov 07 '17 at 19:03

1 Answers1

-1

This is a classic case for client side validation using JavaScript / jQuery. The intent of client side validation is to prevent the form from being submitted when a value does not meet the requirements (or is missing).

You'll still want to keep the server side validation because client side validation can be subverted.

But client side validation is the first step in making sure the values that are submitted are "correct".

For further reading: JavaScript: client-side vs. server-side validation

devlin carnate
  • 8,309
  • 7
  • 48
  • 82
  • you're plagiarizing on a possible duplicate – Funk Forty Niner Nov 07 '17 at 18:55
  • @Fred-ii- : WHAT? These are my own thoughts, in my own words. The question is asking about PHP validation and MY answer is that this is a case for client side validation. I didn't even go looking for the "further reading" until after I'd written MY answer. – devlin carnate Nov 07 '17 at 18:59
  • you're kidding, right? – Funk Forty Niner Nov 07 '17 at 18:59
  • @Fred-ii- : absolutely not kidding. Look at my profile. I don't answer duplicate questions. I flag them as duplicates. I would have flagged this one if the OP was asking about client side validation. – devlin carnate Nov 07 '17 at 19:00
  • *"in my own words"* - Oh? I take it that you used your words here too right? https://stackoverflow.com/questions/162159/javascript-client-side-vs-server-side-validation come on... what you wrote was too long for a comment and should have been a community wiki if anything. – Funk Forty Niner Nov 07 '17 at 19:01
  • @Fred-ii- - I have no idea what you're getting at. But whatever. – devlin carnate Nov 07 '17 at 19:04
  • Read your answer again, and place yourself "outside" that box and "think outside the box" and hopefully you'll see what I mean. Your entire answer without the embedded link, is exactly that............ about the embedded link. – Funk Forty Niner Nov 07 '17 at 19:05