CODEWITHSUNDEEP
phperror-handling
lobstrosity
lobstrosity

Reputation: 37

PHP error handling, form is submitting anyway?

I have the following code, below. I would like it to stop the script and display errors next to the three selected input fields. However, when you leave one of the required fields blank and hit submit, the form processes anyway. If I replace the $error[]'s in the beginning with die() it stops properly, but when I try to display them on the form page it just doesn't work and submits/runs the query. Any help is greatly appreciated! 

<?php 



if(!empty($_POST)) 
{
    // If there was an $error, keep submitted values

    $submitted_firstname = htmlentities($_POST['firstname'], ENT_QUOTES, 'UTF-8'); 
    $submitted_lastname = htmlentities($_POST['lastname'], ENT_QUOTES, 'UTF-8');
    $submitted_phone1 = htmlentities($_POST['phone1'], ENT_QUOTES, 'UTF-8'); 
    $submitted_phone2 = htmlentities($_POST['phone2'], ENT_QUOTES, 'UTF-8'); 
    $submitted_ext1 = htmlentities($_POST['ext1'], ENT_QUOTES, 'UTF-8'); 
    $submitted_ext2 = htmlentities($_POST['ext2'], ENT_QUOTES, 'UTF-8'); 
    $submitted_email = htmlentities($_POST['email'], ENT_QUOTES, 'UTF-8'); 
    $submitted_street = htmlentities($_POST['street'], ENT_QUOTES, 'UTF-8'); 
    $submitted_city = htmlentities($_POST['city'], ENT_QUOTES, 'UTF-8'); 
    $submitted_zip = htmlentities($_POST['zip'], ENT_QUOTES, 'UTF-8'); 


// Ensure that the user has entered a non-empty firstname, lastname, and one phone
if(empty($_POST['firstname'])) 
{ 
    $errors['addcust_fname'] = '* First name required';
} 
if(empty($_POST['lastname'])) 
{ 
    $errors['addcust_lname'] = '* Last name required';
} 
if(empty($_POST['phone1'])) 
{ 
    $errors['addcust_phone'] = '* One phone required';
} 



    $state = $_POST['state'];

    $query = " 
        INSERT INTO customers ( 
            firstname, 
            lastname,
            phone1,
            phone2,
            ext1,
            ext2,
            email,
            street,
            city,
            state,
            zip,
            joindate 
        ) VALUES ( 
            :firstname, 
            :lastname, 
            :phone1, 
            :phone2, 
            :ext1, 
            :ext2, 
            :email, 
            :street, 
            :city, 
            :state, 
            :zip, 
            NOW() 
        ) 
    "; 

    $query_params = array( 
        ':firstname' => $_POST['firstname'], 
        ':lastname' => $_POST['lastname'], 
        ':phone1' => $_POST['phone1'], 
        ':phone2' => $_POST['phone2'], 
        ':ext1' => $_POST['ext1'], 
        ':ext2' => $_POST['ext2'], 
        ':email' => $_POST['email'], 
        ':street' => $_POST['street'], 
        ':city' => $_POST['city'], 
        ':state' => $_POST['state'], 
        ':zip' => $_POST['zip'] 
    ); 

    try 
    { 
        // Execute the query to create the user 
        $stmt = $db->prepare($query); 
        $result = $stmt->execute($query_params); 
    } 
    catch(PDOException $ex) 
    { 
        die("Failed to run query: " . $ex->getMessage()); 
    } 

    // This redirects the user back to the login page after they register 
    header("Location: main.php"); 
    die("Redirecting to main.php"); 

    }  

?> 
<?php include('common/header2.php'); ?>
<body align="center">
<div align="center">
<div id="header">
<div id="logo"><h1><span><?php echo($company); ?></span><em>/</em><strong>Portal</strong></h1></div>
<div><span id="tick2"></span></div>
<div><?php echo date("Y/m/d"); ?></div>
</div>
<?php 
// Get top menu
require("common/top_menu.php");
?>
<div style="height: auto" id="main-content-section">
<h2>Add New Customer</h2> 
<div align="center" id="addcustdiv">
<form action="add_customer.php" method="post"> 
First Name: <input class="search-input" type="text" name="firstname" value="    <?php echo $submitted_firstname; ?>" /> <?php if($_POST &&     isset($errors['addcust_firstname'])) { echo $errors['addcust_firstname'] ; } ?>
<br><br>Last Name: <input class="search-input" type="text" name="lastname"     value="<?php echo $submitted_lastname; ?>" /> <?php if($_POST &&     isset($errors['addcust_lastname'])) { echo $errors['addcust_lastname'] ; } ?>
<br><br>Phone 1: <input class="search-input" size="10" type="text"     name="phone1" value="<?php echo $submitted_phone1; ?>" /> Ext: <input     class="search-input" size="3" type="text" name="ext1" value="<?php echo     $submitted_ext1; ?>" /> <?php if($_POST && isset($errors['addcust_phone'])) {     echo $errors['addcust_phone'] ; } ?>
<br><br>Phone 2: <input class="search-input" size="10" type="text"     name="phone2" value="<?php echo $submitted_phone2; ?>" /> Ext: <input     class="search-input" size="3" type="text" name="ext2" value="<?php echo     $submitted_ext2; ?>" /> 
<br><br>E-Mail: <input class="search-input" type="text" name="email" value="    <?php echo $submitted_email; ?>" /> 
<br><br>Street: <input class="search-input" type="text" name="street"     value="<?php echo $submitted_street; ?>" /> 
<br><br>City: <input class="search-input" type="text" name="city" value="<?    php echo $submitted_city; ?>" /> State: <select class="search-input"     name="state">
  <option value="CT">CT</option>
  <option value="AL">AL</option>
  <option value="AK">AK</option>
  <option value="AZ">AZ</option>
  <option value="AR">AR</option>
  <option value="CA">CA</option>
  <option value="CO">CO</option>
  <option value="CT">CT</option>
  <option value="DE">DE</option>
  <option value="FL">FL</option>
  <option value="GA">GA</option>
  <option value="HI">HI</option>
  <option value="ID">ID</option>
  <option value="IL">IL</option>
  <option value="IN">IN</option>
  <option value="IA">IA</option>
  <option value="KS">KS</option>
  <option value="KY">KY</option>
  <option value="LA">LA</option>
  <option value="ME">ME</option>
  <option value="MD">MD</option>
  <option value="MA">MA</option>
  <option value="MI">MI</option>
  <option value="MN">MN</option>
  <option value="MS">MS</option>
  <option value="MO">MO</option>
  <option value="MT">MT</option>
  <option value="NE">NE</option>
  <option value="NV">NV</option>
  <option value="NH">NH</option>
  <option value="NJ">NJ</option>
  <option value="NM">NM</option>
  <option value="NY">NY</option>
  <option value="NC">NC</option>
  <option value="ND">ND</option>
  <option value="OH">OH</option>
  <option value="OK">OK</option>
  <option value="OR">OR</option>
  <option value="PA">PA</option>
  <option value="RI">RI</option>
  <option value="SC">SC</option>
  <option value="SD">SD</option>
  <option value="TN">TN</option>
  <option value="TX">TX</option>
  <option value="UT">UT</option>
  <option value="VT">VT</option>
  <option value="VA">VA</option>
  <option value="WA">WA</option>
  <option value="WV">WV</option>
  <option value="WI">WI</option>
  <option value="WY">WY</option>
  <option value="DC">DC</option>
</select>
<br><br>Zip: <input class="search-input" type="text" name="zip" value="<?php      echo $submitted_zip; ?>" /> 
<br><br><input type="submit" width="20" class="login-submit" value="Add         Customer" /> 
</form>
</div>
</div>
<?php include('common/footer.php') ?>

Upvotes: 0

Views: 117

Answers (2)

D4V1D
D4V1D

Reputation: 5849

Put all your form processing in a if condition that'll check for the errors array length:

if(!count($errors)) {
    // do your form processing

    // This redirects the user back to the login page after they register 
    header("Location: main.php"); 
    die("Redirecting to main.php");
}

Be sure to initialize your $errors variable by setting it as an array before all that, you'll get an error in case there isn't any otherwise ($errors = array()).

Upvotes: 1

Jafar Akhondali
Jafar Akhondali

Reputation: 1537

You can check $errors size and if it was empty run sql commands:

if(sizeof($errors)<1){
    $state = $_POST['state'];
    //run SQL commands ...
    die("Redirecting to main.php"); 
}

//rest of the code

Upvotes: 0

Related Questions