CODEWITHSUNDEEP
php
David Biga
David Biga

Reputation: 2801

isset() not working properly on form

I have a registration form that user submits, data is sent using isset($_POST) to see if there is anything that was put into form input boxes. If not it is sent to an else which then sends it to a function that returns the user back to registration form to complete some missing forms. For some reason it is not working properly.

Here is my checking code -------

function returnBack(){

    header("Location:register.php");
    exit;

}

if(isset($_POST['myusername']))
{
    $myusername = $_POST['myusername'];
}
else
{
    returnBack();   
}
if(isset($_POST['mypassword']))  {
    $mypassword=$_POST['mypassword'];

}
else{   

    returnBack();
}
if(isset($_POST['myemail']))  {

    $myemail=$_POST['myemail'];
}
else{

    returnBack();
}
if(isset($_POST['myname']))  {

    $myname=$_POST['myname'];
}
else{

    returnBack();
}
if(isset($_POST['mylastname'])){

    $mylastname=$_POST['mylastname'];

}
else{

    returnBack();
}
/////////////////////////////////////////////////////////////*******CONNECT TO SERVER ******************************************************************/
try {  
  # MySQL with PDO_MYSQL  
  $DBH = new PDO("mysql:host=$hostname;dbname=$database", $username, $password);  
  $DBH->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );

}  
catch(PDOException $e) { 
    echo "I'm sorry, I'm afraid I can't do that.";  
    file_put_contents('PDOErrors.txt', $e->getMessage(), FILE_APPEND);   
}
////////////////////////////////////////////////////////////***********INSERT REGISTER DATA INTO DB ***************************************************************/
//$encrypt_password = md5($mypassword);

$insertdata = $DBH->prepare("INSERT INTO members (username, password, email, firstname, lastname ) VALUES ('$myusername','$mypassword','$myemail','$myname','$mylastname')");
$insertdata->execute();
echo "success";

$DBH = null;

Here is the form section ------------------------------

<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="register" method="post" action="insertnewmem.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Registration Form </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="myusername" type="text" id="myusername" ></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="text" id="mypassword"></td>
</tr>
<tr>
<td>Email</td>
<td>:</td>
<td><input name="myemail" type="text" id="myemail"></td>
</tr>
<tr>
<td>First Name</td>
<td>:</td>
<td><input name="myname" type="text" id="myname"></td>
</tr>
<tr>
<td>Last Name</td>
<td>:</td>
<td><input name="mylastname" type="text" id="mylastname"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Register"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>

UPDATED ----------------------------------------------

Sorry it skips the function returnBack() and just inserts it into db even if form not properly filled.

Upvotes: 4

Views: 33402

Answers (2)

trevorkavanaugh
trevorkavanaugh

Reputation: 340

Others have posted answer, but let me explain why.

isset() checks to see if the value was set, not what the value is, but simply if it has a value. When you submit your form, you are passing an empty string as the value for each of the inputs.

Normally I check this using:

if(isset($_POST['variable']) && $_POST['variable'] !== "")

The first part makes sure the variable exists ( so that the second condition will not throw an error ) and the second condition makes sure that the string is not empty.

Upvotes: 7

Ray
Ray

Reputation: 41428

Try !empty() instead of isset(). This will evaluate to true only if there is something other than null, false, 0, or empty string ''. You probably have empty strings being submitted.

Upvotes: 15

Related Questions