I'm still green with PHP and am still learning the syntax. Is it a bad idea to consolidate validation? Currently I'm validating each individual field as it is being fetched. Like so;
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["fname"])) {
$fnameErr = "First name is required";
++$inc;
} else {
$fnameField = test_input($_POST["fname"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$fnameField)) {
$fnameErr = "First Name: error - (Text & spaces only.)";
++$inc;
}
}
if (empty($_POST["lname"])) {
$lnameErr = "Last name is required";
++$inc;
} else {
$lnameField = test_input($_POST["lname"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$lnameField)) {
$lnameErr = "Last Name: error - (Text & spaces only.)";
++$inc;
}
}
if (empty($_POST["company"])) {
$companyErr = "Company name is required";
++$inc;
} else {
$companyField = test_input($_POST["company"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$companyField)) {
$companyErr = "Company: error - (Text & spaces only.)";
++$inc;
}
}
Basically, is it worth consolidating these three arguments into one? If so how would I go about it?
Edit: Updated question to give full code and it's variables.
Would something like this be plausible? I know the basic concept I am after I'm just not sure the best way to get there.
PHP - With changes made as suggest by @nerdlyist.
<?php
// session start.
session_start();
// set post data as array.
$_SESSION['post-data'] = $_POST;
// post data array. (for note purposes to give an idea of what is in the array.)
// $_SESSION['post-data']['fname'];
// $_SESSION['post-data']['lname'];
// $_SESSION['post-data']['com'];
// $_SESSION['post-data']['ttl'];
// $_SESSION['post-data']['ema'];
// $_SESSION['post-data']['add1'];
// $_SESSION['post-data']['add2'];
// $_SESSION['post-data']['cou'];
// $_SESSION['post-data']['tel'];
// $_SESSION['post-data']['day'];
// $_SESSION['post-data']['act'];
// $_SESSION['post-data']['chk']; // << these are checkboxes.
// $_SESSION['post-data']['rdo']; // << these are radios.
// subject & account.
$emailSub = 'Drupa 2016 - Booking Form Actioned';
$emailAcc = 'test@test.co.uk';
// data validation.
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$names = array(
"fname" => $_POST['fname'], // first name field.
"lname" => $_POST['lname'], // last name field.
"com" => $_POST['com'], // company name field.
"ttl" => $_POST['ttl'], // title field.
"ema" => $_POST['ema'], // email field.
"add1" => $_POST['add1'], // address line 1 field.
"add2" => $_POST['add2'], // address line 2 field.
"cou" => $_POST['cou'], // country field.
"tel" => $_POST['tel'] // tel field.
);
$errors = array();
foreach($names as $name => $value){
if (empty($value)) {
$errors[] = $name."_blank";
} else {
// fetch data from cleaner.
$fnameField = test_input($_POST["fname"]);
$lnameField = test_input($_POST["lname"]);
$comField = test_input($_POST["com"]);
$ttlField = test_input($_POST["ttl"]);
$couField = test_input($_POST["cou"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$value)) {
//you can only have one or the other.
$errors[] = $name."_clean";
}
}
}
// determining what submit or re-display.
if(empty($errors)){
echo "Clean form to submit";
} else {
echo "Rebuild the form and parse errors: ";
print_r($errors);
}
}
// for cleaning the data.
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
// checkbox array.
$selectedProjects = 'None';
if(isset($_POST['chk']) && is_array($_POST['chk']) && count($_POST['chk']) > 0){
$selectedProjects = implode(', ', $_POST['chk']);
}
// radio array.
$selectedTime = 'Afternoon';
if(isset($_POST['rdo']) && is_array($_POST['rdo']) && count($_POST['rdo']) > 0){
$selectedTime = implode(', ', $_POST['rdo']);
}
// mail body.
$body = <<<EOD
<h3>Booking Request / $date</h3>
<hr><br>
Last Name: $lnameField <br>
First Name: $fnameField <br>
Company: $companyField <br>
Title: $titleField <br>
Email: $emailField <br>
Acitivity: $actField <br>
<br>
<h3>Contact Info</h3>
<hr><br>
Add Line 1: $add1Field <br>
Add Line 2: $add2Field <br>
Country: $countryField <br>
Telephone: $telField <br>
<br>
Requested Booking day: $daySelect <br>
Requested Booking Time: $selectedTime <br>
<br>
Interested in: $selectedProjects <br>
submitted: <b>$date</b> at <b>$time</b>.
EOD;
// form submission check.
if isset($_POST['btn-sub'])) {
// code executed on submit
$headers = "MIME-Version: 1.0
" ;
$headers .= "Content-Type: text/html; charset=\"iso-8859-1\"
";
$headers .= "X-Priority: 1 (Highest)
";
$headers .= "X-MSMail-Priority: High
";
$headers .= "Importance: High
";
$headers = "From: $emailField
";
$success = mail($emailAcc, $emailSub, $body, $headers);
} else {
// code executed on first request
// set date & time.
$date = date ("l, F jS, Y");
$time = date ("h:i A");
// define variables and set to empty values.
$err = "";
$fnameField = $lnameField = $companyField = $titleField = $emailField = $add1Field = $add2Field = $countryField = $telField = $daySelect = $actSelect = $chk = $rdo= "";
}
// redirect & exit.
header('Location: prox.php');
exit();
?>
Here is something to get you started. It will add an error to errors. Not sure how you are building the form but loop the errors and if the error is _blank the field is required if it is _clean there are characters you do not like.
$names = array(
"fname" => $_POST['fname'],
"lname" => $_POST['lname'],
"company" => $_POST['company']
);
$errors = array();
$inc = 0; //Not sure what this was for.
foreach($names as $name => $value){
if (empty($value)) {
$errors[] = $name."_blank";
++$inc;
} else {
//Not sure what this does
//$fnameField = test_input($_POST["fname"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$value)) {
//you can only have one or the other.
$errors[] = $name."_clean";
++$inc;
}
}
}
//This is where you can determine to submit or re-display.
if(empty($errors)){
echo "Clean form to submit";
} else {
echo "Rebuild the form and parse errors: ";
print_r($errors);
}