0

So I have an index.php and a r.php. R.php is the registration part. And index.php is the actual form. My question is how can I have errors from r.php be send back to index.php if they exist. So instead of displaying errors on r.php I want them on index.php and prevent the form from advancing.

Here's the index.php

<!DOCTYPE html>
<html>
    <body>
    <form method="post" action="r.php">
        <input type="text" name="name" placeholder="Name">
        <input type="submit">
    </form>
</body>

Its all very simple. Now here's r.php

<?php
$name = $_POST['name'];

if ($name < 3){
    //display error
}
else {
    //proceed
}
?>

Should I do this with JS? Or this there a better way.

Improve this question
2
  • 1
    The normal way is to have r.php and index.php be in the same file. This could simplify things Commented Jun 24, 2014 at 19:34
  • I'm not really familiar with Pear.... @pce Commented Jun 24, 2014 at 19:42

4 Answers 4

Reset to default
1

One way is to use sessions:

<?php session_start(); ?>
<!DOCTYPE html>
<html>
    <body>
    <?php echo isset($_SESSION['message']) ? $_SESSION['message'] : ''; ?>
    <form method="post" action="r.php">
        <input type="text" name="name" placeholder="Name">
        <input type="submit">
    </form>
</body>

<?php
session_start();
unset($_SESSION['message']);
$name = $_POST['name'];

if ($name < 3){  // you probably want strlen($name) < 3
    $_SESSION['message'] = 'error';
    header('Location: index.php');
    exit;
}
else {
    //proceed
}
?>

Other than sessions you could redirect back with a query string and use that:

header('Location: index.php?message=' . urlencode('some kind of error');

Then:

<?php echo isset($_GET['message']) ? $_GET['message'] : ''; ?>
Improve this answer
Sign up to request clarification or add additional context in comments.

11 Comments

It all seems to be good. But when I go back after the error is still there. I've tried using unset($_SESSION['message']); after exit; but it isn't working. Any ideas where I should stick it?
One shouldn't echo $_GET Variables without filtering, at least use htmlspecialchars or htmlentities, because this is vulnerable to XSS.
I am aware of SQL injections and XSS. I'll make sure to clean that up after I get an understanding of this. @pce
Just an example. I edited with a unset($_SESSION['message']);
Still not unsetting. I only want them to show once. Like after the user refreshes the page after getting the messages I don't want them there. Otherwise nice answer.
|
0

Using a single script for this would be easier, just put this all in one file, and check to see if the form has been submitted. If the form has been submitted, you an just include the variables you want straight away.

This is pretty crude, but it gives you an idea of where you can go with this:

<?php

if (isset($_POST['name'])) {
    // Begin processing form stuff
    $name = $_POST['name'];

    // Initialise error variable
    $error = null;    

    if ($name < 3) {
        // Display error, for example:
        $error = 'Name is less than 3';
    } else {
        // Proceed
    }
}

?>
<!DOCTYPE html>
<html>
<body>
    <?php if ( ! empty($error)) { ?>
        <p><?php echo $error; ?></p>
    <?php } ?>
    <form method="post" action="r.php">
        <input type="text" name="name" placeholder="Name">
        <input type="submit">
    </form>
</body>
</html>
Improve this answer

2 Comments

I am aware of this. But I'm trying to do it with 2 files.
Okay, then you could use a redirect from r.php and set some GET variables. The only truly reliable way of doing this is having a front controller really.
0 
<!DOCTYPE html>
<html>
<?php

  $msg = '';

  if(isset($_GET['e'])
  {
    $msg = "Error! Input not valid.";
  }
?>
    <body>
    <?php
        if($msg!='')
        {
          echo "<font color='red'>".$msg."</font>";
        }
    ?>
     <form method="post" action="r.php">
      <input type="text" name="name" placeholder="Name">
      <input type="submit">
    </form>
</body>

Just pass a variable e using GET request to the index page if an error is found.

<?php
$name = $_POST['name'];

if ($name < 3){
    header("Location: index.php?e=error");
}
else {
    //proceed
}
?>

GET request will send the variable e using the URL, and if e is found to be having a value, it means there was an error in r.php

Improve this answer

Comments

0

Use javascript for simple form validation. In case you require some security stuff or db stuff, you can use session/cookie or use header function to go back.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.