php check if values in form have been filled

Question

I have a form and php that submits the values, how do I make the php to check if the values are not empty?

Server code

$XX = mysqli_real_escape_string($link, $_REQUEST['XX']);
$YY = mysqli_real_escape_string($link, $_REQUEST['YY']);

if(empty($XX) || empty($YY))
{
    echo "You need to fill in XX or YY";
}

Form markup:

<form method="POST" action=""> 
    <label for="XX">XX</label><br>
    <label for="YY">YY</label><br>
    <input type="text" name="XX" id="XX"><br>
    <input type="text" name="YY" id="YY"><br>
    <input class="button" type="submit" value="submit"><br>
 </form>

why don't you have a look at [this](https://stackoverflow.com/questions/18343822/display-php-form-validation-results-on-same-page) — jasinth premkumar, Feb 17 '18 at 19:21
Your script is wide open to [SQL Injection Attack](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) Even [if you are escaping inputs, its not safe!](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) Use [prepared parameterized statements](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) — RiggsFolly, Feb 17 '18 at 19:50
THAT IS RATHER A MAJOR CHANGE TO YOUR QUESTION. In fact it now looks nothing like the original question which makes all the original answer look like nonsense. Not cool — RiggsFolly, Feb 17 '18 at 19:52
I would like to suggest that you ask another question rather than changing your question completely. Its only fair on those that attempted to answer your first question — RiggsFolly, Feb 17 '18 at 19:56

score 1 · Answer 1 · answered Feb 17 '18 at 18:06

1

Assuming you are trying to check that at least one of these inputs has been set as your echoed message suggests then you need to use an and && and not an or || like this

if(empty($XX) && empty($YY))
{
    echo "You need to fill in XX or YY";
}

answered Feb 17 '18 at 18:06

RiggsFolly

93,638
21
103
149

Claudiu D. · Answer 2 · 2018-02-17T18:16:08.540

1

PHP has three useful functions to test the value of a variable, you need to understand how these functions work in order to use them properly, below is a short description for each, hope it helps

isset()

Determines if a variable is set and is NOT NULL So if the value assigned is "" or 0 or “0” or false the return will be true, if is NULL it will return false.

$var = '';
if(isset($var)) {
    echo 'The variable $var is set.';
}
unset($var);
if(!sset($var)) {
    echo 'The variable $var is not set';
}

Empty()

Determines if a variable is empty So if the value is "" or 0 or 0.0 or "0" or NULL or False or [] it will return true

$var = '';
if(empty($var)) {
    echo 'The variable $var is empty or not set';
}

is_null()

It returns true only if a variable is NULL.

$var = NULL;
if(is_null($var)) {
    echo 'The variable $var is NULL';
}
if(is_null($foo)) {
    echo 'The variable $foo is inexistent so the value is NULL and will evaluate to true';
}

edited Feb 17 '18 at 18:16

answered Feb 17 '18 at 18:08

Claudiu D.

446
3
11

I would like to use the Empty(), seems to be the easiest way. how do I implement that on my example? I tried to do it on my own but failed – Martin Švejda Feb 17 '18 at 18:15
Yes, $link = mysqli_connect("mydatabase.example.com","AAA","AAA","AAA"); – Martin Švejda Feb 17 '18 at 18:21
your code should work fine, nothing seems wrong there, do you get an error message on page load or after submit? – Claudiu D. Feb 17 '18 at 18:26
No, I do not get any error message, the data is being uploaded empty to a database – Martin Švejda Feb 17 '18 at 18:27
but you haven't post any code about the DB, just the validation part and the validation works fine – Claudiu D. Feb 17 '18 at 18:28
My DB works fine. Check my code above now, I have put new info what I updated, is that correct? – Martin Švejda Feb 17 '18 at 18:33
your code it's kind of the same you just removed one comparison, i've copied your code and test it on my local dev, and works fine, if one of the variables $XX or $YY is empty it will show you the empty message, so my best bet is that your problem is when you insert in DB, so if u could share that bit i'll try to help you – Claudiu D. Feb 17 '18 at 18:43
My Insert into DB code is here (full version) // attempt insert query execution $sql = "INSERT INTO golf (datum, odkud, odjezd, kam, prijezd, stravne, km, spolecnost, ridic, stav_km) VALUES ('$datum', '$odkud', '$odjezd', '$kam', '$prijezd', '$stravne', '$km', '$spolecnost', '$ridic', '$stav_km')"; if(mysqli_query($link, $sql)){ header('Location: http://is.envi-help.cz/golf'); exit; } else{ echo "ERROR: Záznam nebyl přidán. " . mysqli_error($link); } – Martin Švejda Feb 17 '18 at 18:49
it's really hard to say what's going wrong because I can't see all your code, but do u have some kind of validation before inserting to DB? and i don't mean about the one u put in the question because that one just shows something to the screen but won't prevent the DB insert to run – Claudiu D. Feb 17 '18 at 19:00
from what you shared i've test on my dev and works fine it inserts in DB if u have at least one variable set, but won't do anything if both are empty – Claudiu D. Feb 17 '18 at 19:01

php check if values in form have been filled

2 Answers2