tags:

views:

24

answers:

2

Here's my code:

<?php session_start();
require("validationLibrary.php");

$_SESSION['validForm'] = true;

if($_SESSION['validForm'] == true){
    header("Location: registerFormTwo.php");
}
?>

<html>
    <head>
        <title>Registration Form - 1 of 2</title>
    </head>

    <body>
        <h1>Registration - Part 1 of 2</h1>
        <p>Please fill in all the required information before submitting the information.</p>        
        <form action="registerFormOne.php" method="post">
            <dt>First Name:</dt>
                <dd><input type="text" name="firstName" value="<?php echo $_POST["firstName"]; ?>" /></dd><br />
                <dd>
                    <?php
                        if(isset($_POST['firstName'])){
                            if(!validateRequired($_POST['firstName'])){
                                $_SESSION['validForm'] = false;
                            }
                        }
                    ?>
                </dd><br />

            <dt>Last Name:</dt>
                <dd><input type="text" name="lastName" value="<?php echo $_POST["lastName"]; ?>" /></dd><br />
                <dd>
                    <?php
                        if(isset($_POST['lastName'])){
                            if(!validateRequired($_POST['lastName'])){
                                $_SESSION['validForm'] = false;
                            }
                        }                        
                    ?>
                </dd><br />

            <dt>EMail:</dt>
                <dd><input type="text" name="email" value="<?php echo $_POST["email"]; ?>"  /></dd><br />
                <dd>
                    <?php
                        if(isset($_POST['email'])){
                            if(!validateEmail($_POST['email'])){
                                $_SESSION['validForm'] = false;        
                            }
                        }                        
                    ?>
                </dd><br />

            <dt>Age:</dt>
                <dd><input type="text" name="age" value="<?php echo $_POST["age"]; ?>"  /></dd><br />
                <dd>
                    <?php
                        if(isset($_POST['age'])){
                            if(!validateNumber($_POST['age'])){
                                $_SESSION['validForm'] = false;
                            }
                        }                        
                    ?>
                </dd><br />

            <dt>Date of Birth:</dt>
                <dd><input type="text" name="dateOfBirth" value="<?php echo $_POST["dateOfBirth"]; ?>"  /></dd><br />
                <dd>
                    <?php
                        if(isset($_POST['dateOfBirth'])){
                            if(!validateRequired($_POST['dateOfBirth'])){
                                $_SESSION['validForm'] = false;
                            }
                        }                        
                    ?>
                </dd><br />

            <dt>Gender:</dt>
                <dd>Masculino <input type="radio" value="M" name="gender" checked/> &nbsp;&nbsp;
                Femenino <input type="radio" value="F" name="gender" />
                </dd>            

            <dt><input type="submit" /></dt>
        </form>
    </body>
</html>
A: 

You should omit the else $_SESSION['validForm'] = true. It overrides any previous attempts at setting the variable to false.

$_SESSION['validForm'] = false declaration should also be changed to true at the start of the file. This declaration is also immediately before the check for $_SESSION['validForm'] == true, so it will never be true.

All validation must occur before any output is sent to the browser, otherwsie you wont be able to redirect the user using header("Location: ..."), because headers will already be sent out.

Matt
Thanks for the help. :) The problem I think lies in that when the form reloads itself on the action, I set the variable to false. Thus, it can never go about it's way. Any help on how to handle this?
Serg
A: 

The short answer is that all of your validation logic should be up at the top of the form, too.

The long answer:

<?php session_start();
require("validationLibrary.php");
$_SESSION['validForm'] = true;

if(isset($_POST['firstName'])){
    if(!validateRequired($_POST['firstName'])){
        $_SESSION['validForm'] = false;
    }
}

if(isset($_POST['lastName'])){
    if(!validateRequired($_POST['lastName'])){
        $_SESSION['validForm'] = false;
    }    
}

if(isset($_POST['email'])){
    if(!validateEmail($_POST['email'])){
        $_SESSION['validForm'] = false;        
    }
}

if(isset($_POST['age'])){
    if(!validateNumber($_POST['age'])){
        $_SESSION['validForm'] = false;
    }
}

if(isset($_POST['dateOfBirth'])){
    if(!validateRequired($_POST['dateOfBirth'])){
        $_SESSION['validForm'] = false;
    }
}

if($_SESSION['validForm'] == true){
    header("Location: registerFormTwo.php");
    exit();
}
?>

<html>
    <head>
        <title>Registration Form - 1 of 2</title>
    </head>

    <body>
        <h1>Registration - Part 1 of 2</h1>
        <p>Please fill in all the required information before submitting the information.</p>        
        <form action="registerFormOne.php" method="post">
            <dt>First Name:</dt>
                <dd><input type="text" name="firstName" value="<?php echo $_POST["firstName"]; ?>" /></dd><br />

            <dt>Last Name:</dt>
                <dd><input type="text" name="lastName" value="<?php echo $_POST["lastName"]; ?>" /></dd><br />

            <dt>EMail:</dt>
                <dd><input type="text" name="email" value="<?php echo $_POST["email"]; ?>"  /></dd><br />

            <dt>Age:</dt>
                <dd><input type="text" name="age" value="<?php echo $_POST["age"]; ?>"  /></dd><br />

            <dt>Date of Birth:</dt>
                <dd><input type="text" name="dateOfBirth" value="<?php echo $_POST["dateOfBirth"]; ?>"  /></dd><br />

            <dt>Gender:</dt>
                <dd>Masculino <input type="radio" value="M" name="gender" checked/> &nbsp;&nbsp;
                Femenino <input type="radio" value="F" name="gender" />
                </dd>            

            <dt><input type="submit" /></dt>
        </form>
    </body>
</html>
R. Bemrose
An error in a firstName will be overwritten by the else{ $_SESSION['validForm'] = true;In any further validation checks, if there is no errors with the relevant field.
Matt
@Matt: Good point. OK, I edited it to assume the form is valid and set it to false if one of the fields fails.
R. Bemrose