Learning PHP and MySQL

Example 15-4 Displaying an error from PHP and redisplaying the form with submitted values

<html>
<head>
<title>Sample  Form</title>
<script  type="text/javascript"  src="source.js"></script>
<script  type="text/javascript">
function  check_valid(form)  {
var  error  =  "";
error  +=  verify_username(form.username.value); 
error  +=  verify_password(form.password.value); 
error  +=  verify_phone(form.phone.value);
error  +=  verify_email(form.email.value);
if  (error  !=  "")  { 
alert(error); 
return  false;
}
return  true;
}
</script>
</head>
<body>
<?php
//  Check for form post submit
 if  ($_POST["submit"])
require_once('db_login.php'); 
require_once('DB.php');
$connection  =  DB::connect("mysql://$db_username:$db_password@$db_host/$db_database");
if  (DB::isError($connection)){
die  ("Could not connect to the database:  <br  />".  DB::errorMessage($connection));
}
//  Remember to use htmlentities to prevent cross-site scripting vulerablities
$username  =  htmlentities($_POST["username"]);
$password  =  htmlentities($_POST["password"]);
$email  =  htmlentities($_POST["email"]);
$phone  =  htmlentities($_POST["phone"]);
$error  =  "";
if  ($username  ==  ""){
$error  .=  "Username must not be null.<br  />";
}
if  ($password  ==  ""){
$error  .=  "Password must not be null.<br  />";
}
if  ($email  ==  ""){
$error  .=  "Email must not be null.<br  />";
}
if  ($phone  ==  ""){
$error  .=  "Phone must not be null.<br  />";
}
//  Query the posts with catagories and user information
$query  =  "SELECT * FROM `users` WHERE `username`='$username'";
//  Execute the database query
$result  =  $connection->query($query);
if  (DB::isError($result)){
die("Could not query the database: <br  />".$query."  ".DB::errorMessage($result));
}
$user_count  =  $result->numRows();
if  ($user_count  >  0)  {
$error  .=  "Error: Username $username is taken already. Please select another.<br  />";
}
if  ($error){
echo  $error;
}
else  {
echo  "User created successfully.";
exit;
}
}
?>
<form  action="<?php  echo $_SERVER["PHP_SELF"];  ?>" method="POST"
onsubmit="return  check_valid(this);"  id="test1"  name="test1">
<table>
<tr>
<td  width="30%"  align="right">Username:</td>
<td><input  type="text"  name="username"  value="<?php  echo 
htmlspecialchars(stripslashes($username));  ?>"  /></td>
</tr>
<tr>
<td  align="right">Password:</td>
<td><input  type="password"  name="password"  value="<?php echo 
htmlspecialchars(stripslashes($password));  ?>"  /></td>
</tr>
<tr>
<td  align="right">Phone:</td>
<td><input  type="phone"  name="phone"  value="<?php echo 
htmlspecialchars(stripslashes($phone));  ?>"  /></td>
</tr>
<tr>
<td  align="right">Email:</td>
<td><input  type="email"  name="email"  value="<?php echo 
htmlspecialchars(stripslashes($email));  ?>"  /></td>
</tr>
<tr>
<td>&nbsp;</td>
<td><input  type="submit"  name="submit"  value="Submit"  /></td>
</tr>
</table>
</form>
</body>
</html>

Posted by on 09/27 at 11:13 AM

Next entry: Example 16-1 The config.php script defines settings that are used throughout the site

Previous entry: Example 15-3 Using preg_match to return an array of matches that start with ple

<< Back to main