PHP form register validation help


#1

I need help with my PHP form validation as it isn’t showing they have been successful registering and also errors not showing if they don’t enter email etc. There it is. If there is a better solution you can tell me i will be very happy :slight_smile: Thanks

<?php //arrays $errors_M = array(); $cleans = array(); //checks submit if (isset($_POST['submit']) && $_POST['submit'] != 'Logout') { $_POST['First Name'] = (isset($_POST['First Name']) ? trim($_POST['First Name']) : ''); // only allowed alphanumeric characters $nospaces = str_replace(' ', '', $_POST['First Name']); if($_POST['First Name'] != '' && ctype_alpha) { $cleans['First Name'] = $_POST['First Name']; } else { $errors_M[] = 'First Name is required with alphanumeric characters.'; } // alphabet characters only $_POST['Last Name'] = (isset($_POST['Last Name']) ? trim($_POST['Last Name']) : ''); $nospaces = str_replace(' ', '', $_POST['Last Name']); if($_POST['Last Name'] != '' && ctype_alpha) { $cleans['Last Name'] = $_POST['Last Name']; } else { $errors_M[] = 'Last Name is required.'; } //making sure @ is inserted $_POST['Email address'] = (isset($_POST['Email address']) ? trim($_POST['Email address']) : ''); $email = explode('@', $_POST['Email address']); $add_email = count($email); if ($add_email == 2) { $email_domain = $email[1]; if (strpos($email_domain, '.') !== false) { $cleans['Email address'] = $_POST['Email address']; } else { $errors_M[] = 'Your email is not correct please try again.'; } } else { $errors_M[] = 'Incorrect email.'; } $_POST['Username'] = (isset($_POST['Username']) ? trim($_POST['Username']) : ''); if($_POST['Username'] != '' && ctype_alnum) { $cleans['Username'] = $_POST['Username']; } else { $errors_M[] = 'Please supply username with alphnumeric character.'; } //correctly formatted $_POST['password'] = (isset($_POST['password']) ? trim($_POST['password']) : ''); // allows the alphnumeric characters if($_POST['password'] != ' ' && ctype_alnum( $_POST['password'])) { $cleans['password'] = $_POST['password']; } else { $errors_M[] = 'Please use alphnumiric characters.'; } } $output = ''; // counts errors if (isset($_POST['submit']) && count($errors_M)==0) { if ($_POST['submit'] == 'Logout') { // Time line set $output .= ""; unset($_SESSION['Username']); $_SESSION = array(); setcookie('Username','',time()-42000); $_COOKIE = array(); session_destroy(); header("Location: logout.php"); } else { // writes into file and closes $handle = fopen('..user.txt','a'); if(!$handle){ echo " Please try later"; die(); } fwrite($handle, $info); fwrite($handle, "\n"); fclose($handle); setcookie('Username',$cleans['Username']); $_SESSION['Username'] = $cleans['Username'];?>
<?php
	 echo "Thank you for registering with us. Now please log in.";?>
	
	
	<meta http-equiv="Refresh" content="5;URL=logon.php"></h5>
	<?php
   
	
}

}
else
{

// counts errors and produces some security
if (count($errors_M)>0)
{
$output .= ‘

    ’;
    foreach ($errors_M as $data)
    {
    $output .= ‘
  • ’.htmlentities($data).’
  • ’;
    }
    $output .= ‘
’;
}
    $output .= '<form action="'.htmlentities($_SERVER['PHP_SELF']).'" method="post">

                <fieldset>';

if(!isset($_SESSION[‘Username’]))
{
?>

Registered Page

Welcome

Page 1 Page 2 Page 3 <?php //form included in the php page $output .= ' First Name:
Last Name:
Email address:
Username:<br Password: '; } if (isset($_SESSION['Username'])) { $output .= ''; } $output .= ' '; } echo $output; ?>

#2

Well, Sky, you shouldn’t use spaces in form field names. So, first, you should fix all of these.
“First Name” can be “FirstName” or “First_Name”, but, all the manuals stay away from spaces…

Next, your logic is a bit off. This section:
$_POST[‘First Name’] = (isset($_POST[‘First Name’]) ? trim($_POST[‘First Name’]) : ‘’);
You shouldn’t change the posted values directly. This is not correct.
You should just retrieve it into a variable and then do what you want to that variable. Like:
$FirstName = trim$($_POST[‘FirstName’]);
Next, this line:
$nospaces = str_replace(’ ‘, ‘’, $_POST[‘First Name’]);
Does nothing at all. You strip out the spaces and place the results into a variable $nospaces.
But, you never use this variable. So, get the posted variable as above and then:
$FirstName = str_replace(’ ', ‘’, $FirstName);
Lastly, the following will not work:
if($_POST[‘First Name’] != ‘’ && ctype_alpha)
$errors_M[] = ‘First Name is required with alphanumeric characters.’;
The ctype_alpha is a function and has to be used like this: ( if ctype_alpha($var)blahblahblah… )
if (ctype_alpha($FirstName))
$cleans[‘First Name’] = $FirstName;
else
$errors_M[] = ‘First Name is required with alphanumeric characters.’;

These same issues should be corrected in the other routines for Last Name, Email, etc…
Fix all of these and repost your new code. And, please place it inside the PHP tags above.
(Makes it much simpler for us to copy it to our own editors…)

Good luck…