Just a quick one, i can't seem to spot and was hoping some one else could spot my mistake, i have a some string validation code written in PHP and the problem i am having is that the form seems to validate the "customerfname" field as soon as it is opened not when the submit button is hit, as soon as the form is opened the error "Please enter your first name" is displayed even before the submit button is pressed. Could anyone spot my mistake?
<?php
$flag = false;
$badchar = "";
$string = $_POST["customerfname"];
$string = trim($string);
$length = strlen($string);
$strmsg = "";
if (isset($_POST["submit"])) {
if ($length == 0) {
$strmsg = '<span class="error"> Please enter your first name</span>';
$flag = true;
$valid = false;}
else if ($length > 30) {
$strmsg = '<span class="error"> Can not enter more than 30 characters</span>';
$flag = true;
$valid = false;
}
else{
for ($i=0; $i<$length;$i++){
$c = strtolower(substr($string, $i, 1));
if (strpos("abcdefghijklmnopqrstuvwxyz-", $c) === false){
$badchar .=$c;
$flag = true;
$valid = false;
}
}
if ($flag) {
$strmsg = '<span class="error"> The field contained the following invalid characters: '.$badchar.'</span>';}
}
if (!$flag) {
$valid = true;
}
}
?>
<form method="POST" action="<?php echo $_SERVER["PHP_SELF"];?>" id="custinfo">
<td><label for="customerfname">Customer First Name: </label></td>
<td><input type="text" id="customerfname" name="customerfname" size=50/><?php echo $strmsg; ?></td>
<p><input type="submit" name="submit" value="Save Data"/> <input type="reset" value="Clear Form" />
</form>
<?php
$flag = false;
$badchar = "";
$strmsg = "";
if(isset($_POST['customerfname']))
{
$string = $_POST["customerfname"];
$string = trim($string);
$length = strlen($string);
}
if (isset($_POST["submit"])) {
if ($length == 0) {
$strmsg = '<span class="error"> Please enter your first name</span>';
$flag = true;
$valid = false;}
else if ($length > 30) {
$strmsg = '<span class="error"> Can not enter more than 30 characters</span>';
$flag = true;
$valid = false;}
else {
for ($i=0; $i<$length;$i++){
$c = strtolower(substr($string, $i, 1));
if (strpos("abcdefghijklmnopqrstuvwxyz-", $c) === false){
$badchar .=$c;
$flag = true;
$valid = false;
}
}
if ($flag) {
$strmsg = '<span class="error"> The field contained the following invalid characters: '.$badchar.'</span>';}
}
if (!$flag) {
$valid = true;}
var_dump($valid);
}
?>
<form method="POST" action="" id="custinfo">
<td><label for="customerfname">Customer First Name: </label></td>
<td><input type="text" id="customerfname" name="customerfname" size=50/><?php echo $strmsg; ?></td>
<td><input type="submit" name="submit" /></td>
</form>
You should add a submit button with "submit" as name, and move all the lines regarding the POST request under your if (isset($_POST["submit"]))
Here is a working (there is a lot more to improve, but that's a beginning) version of your code:
<?php
$flag = false;
$badchar = "";
$strmsg = "";
if (isset($_POST["submit"])) {
$string = (isset($_POST["customerfname"])) ? $_POST["customerfname"] : ''; // if customerfname wasn't sent, $string will be empty
$string = trim($string);
$length = strlen($string);
if ($length == 0) {
$strmsg = '<span class="error"> Please enter your first name</span>';
$flag = true;
$valid = false;
}
else if ($length > 30) {
$strmsg = '<span class="error"> Can not enter more than 30 characters</span>';
$flag = true;
$valid = false;
}
else {
for ($i=0; $i<$length;$i++) {
$c = strtolower(substr($string, $i, 1));
if (strpos("abcdefghijklmnopqrstuvwxyz-", $c) === false) {
$badchar .=$c;
$flag = true;
$valid = false;
}
}
if ($flag) {
$strmsg = '<span class="error"> The field contained the following invalid characters: '.$badchar.'</span>';
}
}
if (!$flag) {
$valid = true;
}
}
?>
<form method="POST" action="<?php echo $_SERVER["PHP_SELF"];?>" id="custinfo">
<td><label for="customerfname">Customer First Name: </label></td>
<td><input type="text" id="customerfname" name="customerfname" size=50/><?php echo $strmsg; ?></td>
<td><input type="submit" name="submit"></td>
</form>