add a mandatory field to a php form

Forum Moderators: coopster

Message Too Old, No Replies

add a mandatory field to a php form

laurasamps

3:29 pm on Jun 10, 2011 (gmt 0)

I apologise if this is a very simple question, but I have searched the forum, and also Google and cannot find an answer that works/I understand.

I'm going to post a tiny bit of code, hope no-one minds:

<?php
 $to = "x@x.com";
 $subject = "New Candidate For Work From Facebook";
 
 $name = $_GET['name'] ;
 $dob = $_GET['dob'] ;
 $nationality = $_GET['nationality'] ;
 $phone = $GET['phone'] ;

$message = '
Name: '.$name.'
DOB: '.$dob.'
Nationality: '.$nationality.'
Phone Number: '.$phone.'
';

mail($to, $subject, $message, "From:$email");

 header( "Location: thankyou.php" );
?>

Basically I just want the fields to be compulsory, and if they do not enter a field an error message appears next to each field, with a prompt to try again.

Simple thing I think, yet I can't solve it. Any help much appreciated!

rocknbil

4:56 pm on Jun 10, 2011 (gmt 0)

The problem is you have no logic to re-output the form. The "common" way of handling that is to set session variables for input values and redirect back to the form on error so you can re-populate any input the user has entered, which of course all falls down (more importantly, can be circumnavigated by the nefarious) if cookies are disabled.

You'd do something like this.

define ('FORMTITLE','Contact Us');
define ('ERRORTITLE','Error Submitting Form');


if (isset($_POST['some-form-value'])) { 
 $errors = check_data(); 
 if ($errors) {  
 $form = output_form(ERRORTITLE,$errors);  
 } 
 else { process_form(); } 
} 
else {  
 $form = output_form(FORMTITLE); 
} 
// open template, insert form, store in $out 
echo $out; 
exit; 
// 
function check_data() { 
 $err = null; 
 if (! isset($_POST['some-value']) or (isset($_POST['some-value'] and empty($_POST['some-value']))) { 
 $err .= "<li>The Some Value Field is Required.</li>"; 
 } 
 return $err; 
} 
// 
 function output_form($title,$errors=null) { 
 // On first load these won'd be set. 
 // This will squelch undefined index warnings. 
 if (! isset($_POST['some-value'])) { $_POST['some-value']=null; } 
 $form =" 
 <h1>$title</h1> 
 <form method=\"post\" action=\"yourscript.php\"> 
 "; 
 if ($errors) { $form .= "<p>Errors:</p><ul>$errors</ul>"; } 
 // continue form here, adding $_POST['some-value'] 
 // to the form fields. 
 $form .= '</form>'; 
 return $form; 
} 
// 
function process_form() { 
 $to = "x@x.com"; 
 $subject = "New Candidate For Work From Facebook"; 
 $name = $_POST['name'] ; 
 $dob = $_POST['dob'] ; 
 $nationality = $_POST['nationality'] ; 
 $phone = $POST['phone'] ;  
 $message = " 
 Name: $name 
 DOB: $dob 
 Nationality: $nationality  
 Phone Number: $phone 
 "; 
 mail($to, $subject, $message, "From:$email"); 
 header( "Location: thankyou.php" ); 
 exit; 
}

... This would be "one way to do it." Note this doesn't cleanse any input, which you should . . . also I used post and not get, and note the change in $message. When you double-quote strings, variables will interpolate, so no concatenation is needed.

Pazuzu156

3:59 am on Jun 11, 2011 (gmt 0)

emails will get filled fast with spam, fix it by requiring hidden fields to be set to certain values:

<form action="foo.php" method="post">
<input type="text" name="name"><br>
<input type="text" name="email"><br>
<input type="hidden" name="honeypot" value="http://">
<input type="hidden" name="human" value="">
<input type="submit" value="Submit">
</form>

PHP:

$name = $_POST['name'];
$email = $_POST['email'];
$honey = $_POST['honeypot'];
$human = $_POST['human'];

if($honey!='http://'&&!empty($human)) {
// run code
} else {
echo 'Bots not allowed!';
}

laurasamps

12:47 pm on Jun 13, 2011 (gmt 0)

thanks :)