week9.php

1. //registration.php
2. <!DOCTYPE html>
3. <html>
4.     <head>
5.         <title>Server Side Validation</title>
6.         <link rel="stylesheet" type="text/css" href="main.css">
7.     </head>
8. <body>
9.     <?php
10.     //1. initialize php variables to hold form data
11.     $fn = $ln = $email = $birth_yr = "";
12.     $fnErr = $lnErr = $email_err = $birth_err = $secret_message = ""; //initialize variables to hold error messages
13.    
14.     $valid = true; //assume data is valid until proven otherwise
15.    
16.     //2. Test if the page is being loaded in response to a form submission
17.     if ($_SERVER["REQUEST_METHOD"] == "POST" && !empty($_POST["submit"])) {
18.  
19.         //****ERROR TESTING - just to show difference in page loading - REMOVE AFTER TESTING!!!!****
20.         $secret_message = "The form was submitted!";
21.  
22.         // 3. Test individual form fields to validate data
23.  
24.         //testing first name
25.         if (empty($_POST["fname"])) { // 3.1 test if fname field was empty
26.             //set an error message for the element and change valid to false
27.             $fnErr = "First name is required";
28.             $valid = false;
29.         }
30.         // 3.2 Once field is NOT empty,retrieve data and assess further
31.         else {
32.             $fn = $_POST["fname"]; //retrieve fname data
33.             $fn = test_input($fn); //clean up the fname data - see function below (lines 51 - 56)
34.    
35.             //  3.3 test data type and format using regular expression - use same regex as in your client side validation
36.             if (!preg_match("/^[a-zA-Z'!-]{2,35}$/", $fn)) {
37.                 $fnErr = "First Name may only contain letters or ' ! and -";
38.                 $valid = false;
39.             }
40.         }
41.  
42.         //testing last name
43.         // 3. Test individual form fields to validate data
44.         if (empty($_POST["lname"])) { // 3.1 test if fname field was empty
45.             //set an error message for the element and change valid to false
46.             $lnErr = "Last name is required";
47.             $valid = false;
48.         }
49.         // 3.2 Once field is NOT empty,retrieve data and assess further
50.         else {
51.             $ln = $_POST["lname"]; //retrieve fname data
52.             $ln = test_input($ln); //clean up the fname data - see function below (lines 51 - 56)
53.    
54.             //  3.3 test data type and format using regular expression - use same regex as in your client side validation
55.             if (!preg_match("/^[a-zA-Z'!-]{2,40}$/", $ln)) {
56.                 $lnErr = "Last Name may only contain letters or ' ! and -";
57.                 $valid = false;
58.             }
59.         }
60.  
61.         //testing email
62.         // 3. Test individual form fields to validate data
63.         if (empty($_POST["email"])) { // 3.1 test if fname field was empty
64.             //set an error message for the element and change valid to false
65.             $email_err = "Email is required";
66.             $valid = false;
67.         }
68.         // 3.2 Once field is NOT empty,retrieve data and assess further
69.         else {
70.             $email = $_POST["email"]; //retrieve fname data
71.             $email = test_input($email); //clean up the fname data - see function below (lines 51 - 56)
72.    
73.             //  3.3 test data type and format using regular expression - use same regex as in your client side validation
74.             if (!preg_match("/^[a-zA-Z0-9.]{2,30}@[a-zA-Z0-9.]{2,20}.[a-zA-Z]{2,4}$/", $email)) {
75.                 $email_err = "Not a valid email.";
76.                 $valid = false;
77.             }
78.         }
79.  
80.         //testing birth year
81.         // 3. Test individual form fields to validate data
82.         if (empty($_POST["birth_yr"])) { // 3.1 test if fname field was empty
83.             //set an error message for the element and change valid to false
84.             $birth_err = "Birth year is required.";
85.             $valid = false;
86.         }
87.         // 3.2 Once field is NOT empty,retrieve data and assess further
88.         else {
89.             $birth_yr = $_POST["birth_yr"]; //retrieve fname data
90.             $birth_yr = test_input($birth_yr); //clean up the fname data - see function below (lines 51 - 56)
91.    
92.             //  3.3 test data type and format using regular expression - use same regex as in your client side validation
93.             if (!preg_match("/^[0-9]{4}$/", $birth_yr)) {
94.                 $birth_err = "Birth year must not contain any letters or special characters.";
95.                 $valid = false;
96.             }
97.         }
98.  
99.         // 4.0 WE HAVE VALID DATA
100.         if ($valid) {
101.             // if we are successful in reaching here it means that all the form data has validated.
102.             //We can now choose to proceed to storing data in the database or sending an email etc.
103.             // today we will simply go to the thank you page
104.             header("Location: thankyou.php?fn=$fn");
105.         }
106.  
107.     } //end form validation block.
108.    
109.     /* This function uses three predefined PHP functions to clean up the data that has been retrieved from our form.
110.      trim() - Returns a string with leading and trailing spaces removed
111.      stripslashes() - Returns a string with backslashes stripped off
112.      htmlspecialchars() - converts some predefined characters to HTML entities
113.      */
114.     function test_input($data)
115.     {
116.         $data = trim($data);
117.         $data = stripslashes($data);
118.         $data = htmlspecialchars($data);
119.         return $data;
120.     }
121.     ?>
122.     <div class="container">
123.         <h3 >I am trying to validate this form on the client AND the server!</h3>
124.         <?php echo "<p>$secret_message</p>"; ?>
125.  
126.         <form
127.         id="reg_form"
128.         name="reg_form"
129.         method="post"
130.         action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>"
131.         onsubmit="return validate();"
132.       >
133.         <fieldset>
134.           <legend>Registration</legend>
135.  
136.           First Name: <input type="text" name="fname" id="fname" value="<?php echo $fn; ?>">
137.  
138.           <span id="fname_err" class="error"><?php echo $fnErr; ?></span>
139.  
140.             <br>
141.  
142.           Last Name: <input type="text" name="lname" id="lname" value="<?php  echo $ln; ?>">
143.            
144.             <br>
145.  
146.           <span id="lname_err" class="error"><?php echo $lnErr; ?></span>
147.  
148.             <br>
149.  
150.           Email: <input type="text" name="email" id="email" value="<?php echo $email; ?>">
151.  
152.             <span id="email_err" class="error"><?php echo $email_err; ?></span>
153.  
154.             <br>
155.  
156.           Birth Year:
157.           <input type="text" name="birth_yr" id="birth_yr" value="<?php echo $birth_yr; ?>">
158.  
159.             <span id="birth_err" class="error"><?php echo $birth_err; ?></span>
160.  
161.             <br><br>
162.  
163.           Gender: <input type="radio" name="gender" id="male" value="male"> Male
164.           <input type="radio" name="gender" id="female" value="female"> Female
165.            
166.           <br><br>
167.  
168.           <input type="submit" name="submit" value="Register">
169.         </fieldset>
170.       </form>
171.        
172.     </div> 
173. </body>
174. </html>
175.  
176. //thankyou.php
177. <!DOCTYPE html>
178. <html>
179.     <head>
180.         <title>Learning PHP</title>
181.         <link rel="stylesheet" type="text/css" href="main.css" />
182.     </head>
183. <body>
184.  
185.     <h2 >Welcome</h2>  
186.    
187.     <!-- Pull the user's first and last names from the super global array   and insert it into the welcome statement-->
188.     <p> <?php echo "$_GET[fn],"; ?> Thank you for registering with us</p>  
189. </body>
190. </html>
191.