0

I have following login form pointing to the file '../exe/form-exec.php'.

<form id="loginForm" name="loginForm" method="post" action="../exe/login-exec.php">
  <table width="300" border="0" align="center" cellpadding="2" cellspacing="0">
    <tr>
      <td width="112"><b>Login</b></td>
      <td width="188"><input name="login" type="text" class="textfield" id="login" /></td>
    </tr>
    <tr>
      <td><b>Password</b></td>
      <td><input name="password" type="password" class="textfield" id="password" /></td>
    </tr>
    <tr>
      <td>&nbsp;</td>
      <td><input type="submit" name="Submit" value="Login" /></td>
    </tr>
  </table>
</form>

Where login-exec.php should validate where inputs login & password has been field and if NOT return to the form file with $errflag.

File login-exec.php:

//Start session
    session_start();

    //Include database connection details
    require_once('../inc/config.php');

    //Array to store validation errors
    $errmsg_arr = array();

    //Validation error flag
    $errflag = false;



..... 



//Input Validations
    if($login == '') {
        $errmsg_arr[] = 'Login ID missing';
        $errflag = true;
    }
    if($password == '') {
        $errmsg_arr[] = 'Password missing';
        $errflag = true;
    }

    //If there are input validations, redirect back to the login form
    if($errflag) {
        $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
        session_write_close();
        header("location: ../form/login-form.php");
            exit();
}

And partly is working correctly - it is returning to the form - but no error is displayed. Any suggestion much appreciated.

Improve this question
2
  • Where are your PHP code that displays the error messages? Commented Aug 5, 2011 at 10:28
  • There isn't any. Sorry. I doing some exercises with PHP - it's new to me. PHP checking the array of $errmsg_arr should be places in login-form.php, should it not? Commented Aug 5, 2011 at 10:32

3 Answers 3

Reset to default
1

On the same page as your html form, do something similar to this:

session_start();
foreach ($_SESSION['ERRMSG_ARR'] as $msg) {
  echo $msg . "<br />";
}
etc...

To actually display the messages.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

This is working. But, straight away on login page there is an error displayed - even without entering any data. Just a guess that array is saved from previous login failure. How to change that?
If session is dead: Notice: Undefined index: ERRMSG_ARR in C:\wamp\www\form\login-form.php on line 3 and Warning: Invalid argument supplied for foreach() in C:\wamp\www\form\login-form.php on line 3 If session is live but loggout - error msg straight away. If ignore the error when the session is dead and press 'submit' correct error msg is displayed without errors.
Try to surround the code with this: if(isset($_SESSION['ERRMSG_ARR'])) { // Code here }
Yep. This is working now. Now need to handle incorrect data entry :) Thanks!
1

You are valorizing the $_SESSION['ERRMSG_ARR'] but then when you return to the form you're not checking/using it... try to add this to the form code

<?php 
session_start();
if(!is_null($_SESSION['ERRMSG_ARR'])) {
    echo '<div class="errmsg">Error...</div>';
}
?>
<form id="loginForm" name="loginForm" method="post" action="../exe/login-exec.php">
  <table width="300" border="0" align="center" cellpadding="2" cellspacing="0">
    <tr>
...

Anyway this type of validation handling (using session parameters) is heavily discouraged...

Try to follow some design patterns instead ;)

Improve this answer

2 Comments

This will return Notice: Undefined variable: _SESSION in C:\wamp\www\form\login-form.php on line 2. Sorry, I'm new to PHP - first login system of my
I would suggest to use any PHP framework in the first place ;) or use an ajax validation. Anyway, if this is for "practice" purpose, you can simply put the validation & the form code in the same file and make the form put to itself. So you will have to check the $_POST parameters and if they are correct forward the page to the desired page (or directly show the error)
0

When getting data submitted from a form with POST method, it is better to use $_POST['login'] instead of $login since if register_globals is off it won't work. This might be your problem.

Improve this answer

2 Comments

Yep. register_globals = off, I will try to change it.
@Pete: No, let register_globals off. This feature has been DEPRECATED as of PHP 5.3.0. Relying on this feature is highly discouraged.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.