Validate form with PHP

Question

Validate form with PHP

Navigation

#1 by (1 votes)

0

I already have my form and my validations done, what I really want is that when you enter information in the (input) text boxes of the form and when you leave a text box ( input) empty or incorrectly validated, do not delete the fields that are correct at the time the form is updated to display the error message

Veran I have my formulario.php

<div class="form-group">
  <label>Nombre(s) del socio</label>
     <input type="text" name="nom" class="form-control" placeholder="Ingrese nombre...">
 </div>
 <?php     
   if(isset($_SESSION['error1'])){
      echo "<div class='alert alert-danger'>".$_SESSION['error1']."</div>";
         }else{
          echo "";
         }
          unset($_SESSION['error1']);
    ?>
  <!-- /.form-group -->

  <div class="form-group">
    <label>Apellido Paterno</label>
      <input type="text" name="paterno" class="form-control" placeholder="Ingrese apellido...">
     </div>
      <?php     
       if(isset($_SESSION['error2'])){
         echo "<div class='alert alert-danger'>".$_SESSION['error2']."</div>";
                }else{
                    echo "";
                }
                unset($_SESSION['error2']);
              ?>
              <!-- /.form-group -->

              <div class="form-group">
                <label>Apellido Materno</label>
                <input type="text" name="materno" class="form-control" placeholder="Ingrese apellido...">
              </div>
              <?php     
                if(isset($_SESSION['error3'])){
                    echo "<div class='alert alert-danger'>".$_SESSION['error3']."</div>";
                }else{
                    echo "";
                }
                unset($_SESSION['error3']);
              ?>
              <!-- /.form-group -->

and I have the file of my validaciones.php

<?php
 session_start();
    $nombre = $_POST["nom"];
    $paterno = $_POST["paterno"];
    $materno = $_POST["materno"];
$errores = array();

    if($nombre == ""){
        $errores[] = true;
        $_SESSION["error1"] = "¡Campo vacío! Ingrese el dato solicitado.";
    }
    if($paterno == ""){
        $errores[] = true;
        $_SESSION["error2"] = "¡Campo vacío! Ingrese el dato solicitado.";
    }
    if($materno == ""){
        $errores[] = true;
        $_SESSION["error3"] = "¡Campo vacío! Ingrese el dato solicitado.";
    }
   if(count($errores)>0){
        header("Location: form_add.php");
    }else{
    //aqui hago la consulta para agrgar los datos a la BD


       $_SESSION['exito']="¡Registro éxitoso!";
                header("Location: lista_socios.php");
}
?>

mysql php array session

asked by Anthony 27.11.2016 в 03:04

source

1 answer

Validate in two different groups of radio buttons obtain value of a td by means of an onchange select in another td within the same tr in a foreach

score 1 · Accepted Answer

In each of the inputs that you have in your form, you must add the attribute value and give it the value entered by the user.

<input value="<?=$nombre?>" type="text" name="materno" class="form-control" placeholder="Ingrese apellido...">

To adapt it to your code you can do it in the following way:

In validaciones.php when you verify that there is an error and you must return to the form, you must pass the values that the user had entered, you can do it by sessions or by GET .

Example GET (The user would see the parameters in the URL)

if(count($errores)>0){
     header('Location: form_add.php?nombre='.$nombre.'&paterno='.$paterno);
}

Example SESSIONS (Hide it in front of the user)

 if(count($errores)>0){
     $_SESSION['nombre'] = $nombre;
     $_SESSION['paterno'] = $paterno;
     header('Location: form_add.php');
 }

Now in form.php, you must show the values you send in validaciones.php The functionality of the following codes is to check if $_SESSION[] or $_GET[] have something defined if it is so pass the value to a variable and if not start that variable in an empty value.

Example with sessions:

if(isset($_SESSION['nombre'])){ $nombre = $_SESSION['nombre']; }else{ $nombre = ''; } 
if(isset($_SESSION['paterno'])){ $paterno = $_SESSION['paterno']; }else{ $paterno = ''; }

Example with GET:

if(isset($_GET['nombre'])){ $nombre = $_GET['nombre']; }else{ $nombre = ''; } 
if(isset($_GET['paterno'])){ $paterno = $_GET['paterno']; }else{ $paterno = ''; }

Both are very similar, this is the common part of both examples, you should follow the examples for each of the inputs :

<input value="<?=$paterno?>" type="text" name="paterno" class="form-control" placeholder="Ingrese apellido...">

PS: You should read how to avoid an sql injection and also How to avoid SQL injection in PHP? , I mention it to you because I have seen the following code and do not use real_escape_string :

$nombre = $_POST["nom"];
$paterno = $_POST["paterno"];
$materno = $_POST["materno"];

If you make a query to the database with any of the above variables as they are your code is vulnerable to sql injections.