I have the following statement for validating empty fields in PHP which works just fine:
if (isset($_SESSION['logged_in'])) {
if (isset($_POST['room'], $_POST['area'])) {
$room = $_POST['room'];
$area = $_POST['area'];
if (empty($room) or empty($area)) {
$error = 'Required!';
} else {
$query = $pdo->prepare('INSERT INTO apartments (apartments_room, apartments_area) VALUES (?, ?)');
$query->bindValue(1, $room);
$query->bindValue(2, $area);
$query->execute();
header('Location: index.php');
}
}
I have now opened up for more columns in the database and therefor also more insert fields in the html to validate. My question is only how I formulate the if statement for the validation when checking for multiple empty fields in this case.
So this code for example doesn't work anymore:
if (isset($_SESSION['logged_in'])) {
if (isset($_POST['room'], $_POST['area'], $_POST['rent'], $_POST['address'], $_POST['floor'], $_POST['city'], $_POST['freeFromDate'])) {
$room = $_POST['room'];
$area = $_POST['area'];
$rent = $_POST['rent'];
$address = $_POST['address'];
$floor = $_POST['floor'];
$city = $_POST['city'];
$freeFromDate = $_POST['freeFromDate'];
if (empty($room) || empty($area) || empty($rent) || empty($address) || empty($floor) || empty($city) || empty($freeFromDate)) {
$error = 'Required!';
} else {
$query = $pdo->prepare('INSERT INTO apartments (apartments_room, apartments_area, apartments_rent, apartments_address, apartments_floor, apartments_city, apartments_freeFromDate) VALUES (?, ?, ?, ?, ?, ?, ?)');
$query->bindValue(1, $room);
$query->bindValue(2, $area);
$query->bindValue(3, $rent);
$query->bindValue(4, $address);
$query->bindValue(5, $floor);
$query->bindValue(6, $city);
$query->bindValue(7, $freeFromDate);
$query->execute();
header('Location: index.php');
}
}
How to formulate the syntax here?
Thanks!
Change or to ||:
if (empty($room) || empty($area) || empty($rent) || empty($address) || empty($floor) || empty($city)) {
$error = 'Required!';
This is getting to the stage where poor maintainability and readability of your script will start creating human errors.
Create an easier to read array at the top of your script, that way you don't have to go hunting around down the script.
$expecteds = array('room'
, 'area'
, 'rent'
,'address'
);
Then Fail First:
foreach($expecteds as $expected){
if(!array_key_exists($expected, $_POST))
exit($expected . ' is required!');
}
// from hereon in you know the expected vars exist ....
OR means the same thing as | in PHP..
You should debug the vars to check if you pass these
"" (an empty string)
0 (0 as an integer)
0.0 (0 as a float)
"0" (0 as a string)
NULL
FALSE
if you do your if statement will fail because empty will return true.
What doesn't work? an error? not what you expect? Don't forget if ANY of those vars are empty it will return the error.
Also, if you will 100% only EVER need to check if empty then it's ok as is, however for future proof you'd be better writing a function to check them (imo) then you can add additional checks later.
ie
function fnc_room_validate($strRoomValidate)
{
if (strlen($strRoomValidate) < 1)
{
return false;
}
elseif (preg_match("/^[A-z]+$/", $strRoomValidate) != 1)
{
return false;
}
else
{
return true;
}
}
Then on the main code page
$strCheckRoom = fnc_room_validate($room);
if ($room == false)
{
//do something with $strCheckRoom, etc
}
At least with the above you're ensuring it's not empty AND you allow only accepted chars (ie they wont type "£$%JG567'@" for room etc)