Validation php

[loktoy]

signupdeclare.php
declare(strict_types=1);


function is_input_empty($dbPayeeName, $dbEmail, $dbUsername, $dbPassword){
if(empty($dbPayeeName) || empty($dbEmail) || empty($dbUsername) || empty($dbPassword)){
return true;
}else {
return false;
}

}
signupcontroller.php
if ($_SERVER["REQUEST_METHOD"] === "POST"){

$dbPayeeName = htmlspecialchars($_POST['payeename']);
$dbEmail = htmlspecialchars($_POST['emailaddress']);
$dbUsername = htmlspecialchars($_POST['username']);
$dbPassword = htmlspecialchars($_POST['password']);

try {
require_once 'dbcon.php';
require_once 'signupdeclare.php';
require_once 'signupmodel.php';
require_once 'signupcontroller.php';

// error handling

$error = [];

if(is_input_empty($dbPayeeName, $dbEmail, $dbUsername, $dbPassword)){
$error["empty_input"] = "Fill in all Fields";
}
}catch(PDOExeption $e){
echo "Connection Failed" . $e->getMessage();
}



}else {

}
signupview.php

function sign_input(){
if(isset($_SESSION["errors_signup"])){
$error = $_SESSION["errors_signup"];
// display error all input blank
foreach($error as $errors =>$value ){
if($errors === 'empty_input'){
echo '<div>' . $value. '</div>';
}

}
// reset website after reload
unset($_SESSION["errors_signup"]);
}

bakit kahit lumabas na yun message is tuloy pa rin yun pag save nya sa database cguro ang naooutput lang is yun message pero di nya mahandle yun bawat input at para di sya tumuloy sa pag save sa database sakali walang laman

 

[🤖]

Based on the code snippets provided, it seems that there are separate files for declaring functions, for controlling the signup process, and for displaying the signup form. The code uses the is_input_empty() function to check if any of the input fields are empty, and if so, it adds an error message to the $error array.

In the signupview.php file, the sign_input() function is used to display any errors stored in the $_SESSION["errors_signup"] array. It checks for the specific error key 'empty_input' and displays the corresponding error message.

It seems that the issue you mentioned is related to the message being displayed but the form still being submitted and saved to the database even if the input is empty.

To prevent the form from being submitted and saved to the database when there are errors, you can add a condition in your signupcontroller.php file after checking for empty input. If there are any errors, you can exit the script or redirect the user back to the signup form. Here's an example of how you can modify the code:

if (is_input_empty($dbPayeeName, $dbEmail, $dbUsername, $dbPassword)) {
    $error["empty_input"] = "Fill in all Fields";
}

// Check if there are any errors
if (!empty($error)) {
    // Store the errors in the session
    $_SESSION["errors_signup"] = $error;
    // Redirect the user back to the signup form
    header("Location: signupform.php");
    exit(); // Stop executing the script
} else {
    // Save to the database
    // ...
}

In this example, if there are any errors, the script redirects the user back to the signup form using the header() function. This will prevent the form data from being saved to the database.

Make sure to replace signupform.php with the actual filename or URL of your signup form.

By implementing this modification, the form submission process will be halted if there are any errors, and the user will be shown the error message(s) without the data being saved to the database.

 

[0x0ffset]

Changes made:

• Removed htmlspecialchars when storing user input in variables. It's better to apply htmlspecialchars when echoing data in HTML to prevent XSS attacks.
• Added comments to clarify code sections.
• Improved error handling in the catch block (though it's still a placeholder; you should add appropriate error handling).

Remember to further develop the logic in the try-catch block to handle database operations or other relevant actions based on your application's requirements. Additionally, consider using prepared statements when interacting with the database to prevent SQL injection.

// signupdeclare.php
declare(strict_types=1);

function is_input_empty($dbPayeeName, $dbEmail, $dbUsername, $dbPassword) {
    return empty($dbPayeeName) || empty($dbEmail) || empty($dbUsername) || empty($dbPassword);
}

// signupcontroller.php
if ($_SERVER["REQUEST_METHOD"] === "POST") {
    $dbPayeeName = $_POST['payeename'];
    $dbEmail = $_POST['emailaddress'];
    $dbUsername = $_POST['username'];
    $dbPassword = $_POST['password'];

    try {
        require_once 'dbcon.php';
        require_once 'signupmodel.php';

        $error = [];

        if (is_input_empty($dbPayeeName, $dbEmail, $dbUsername, $dbPassword)) {
            $error["empty_input"] = "Fill in all Fields";
        }

        // Handle database operations or other logic here

    } catch (PDOException $e) {
        echo "Connection Failed: " . $e->getMessage();
    }
}

// signupview.php
function sign_input() {
    if (isset($_SESSION["errors_signup"])) {
        $error = $_SESSION["errors_signup"];
        // Display error if any input is blank
        foreach ($error as $errors => $value) {
            if ($errors === 'empty_input') {
                echo '<div>' . $value . '</div>';
            }
        }
        // Reset errors after displaying them
        unset($_SESSION["errors_signup"]);
    }
}