Aus2Srq
asked on
PHP: Form validation, COOKIES and RegEx
I have a form in my shopping cart and once submitted goes through regex check to prevent sql injection. My question begins when any portion of form validation returns false it wipes out all the data and the form returns with blank fields (very frustrating for end user).
Additional information about validation; if it the validation through fine it stores the data in a cookie. When the person gets to the end of checkout and if they entered wrong info in their address I have set an Edit link to take them back to either Billing or Shipping page to correct. This data is read back in via the cookie and loads the cookie data into form make easier to correct.
My question is this, how can I keep the functionality of reading in cookie data if the customer is Editing previously entered information but also prevent the new data (not stored in cookie yet as it fails in regex) from being wiped when returned false in the validation?
~Aus2Srq
Additional information about validation; if it the validation through fine it stores the data in a cookie. When the person gets to the end of checkout and if they entered wrong info in their address I have set an Edit link to take them back to either Billing or Shipping page to correct. This data is read back in via the cookie and loads the cookie data into form make easier to correct.
My question is this, how can I keep the functionality of reading in cookie data if the customer is Editing previously entered information but also prevent the new data (not stored in cookie yet as it fails in regex) from being wiped when returned false in the validation?
~Aus2Srq
If the validation is on the same page as the form just do
for textbox
<input type="text" name"fieldname" value="<?=$_POST["fieldnam e"]?>">
for textarea
<textarea name="textarea">$_POST["te xtareaname "]</textar ea>
for select
<select name="list">
<option value="option1" <?=($_POST["list"]=="optio n1"?"selec ted":"")?> >option1</ select>
<option value="option2" <?=($_POST["list"]=="optio n2"?"selec ted":"")?> >option2</ select>
</select>
for checkbox
<input type="checkbox" name="checkboxname" value="1" <?=($_POST["checkboxname"] ==1?"check ed":"")?>>
Now if the validation is done on a different page and then returned to the form follow glcummins method.
Also if you use get instead of post replace $_POST with $_GET
for textbox
<input type="text" name"fieldname" value="<?=$_POST["fieldnam
for textarea
<textarea name="textarea">$_POST["te
for select
<select name="list">
<option value="option1" <?=($_POST["list"]=="optio
<option value="option2" <?=($_POST["list"]=="optio
</select>
for checkbox
<input type="checkbox" name="checkboxname" value="1" <?=($_POST["checkboxname"]
Now if the validation is done on a different page and then returned to the form follow glcummins method.
Also if you use get instead of post replace $_POST with $_GET
ASKER
Here comes the hard part steelseth, Your solution works except for the fact that I am already using the value field for if the cookie is set.
<input type="text" name="email_customer" value="<?php if(isset($rsBill[email])) {echo $rsBill[email];} ?>" />
Any ideas on how to do both?
~A2S
<input type="text" name="email_customer" value="<?php if(isset($rsBill[email])) {echo $rsBill[email];} ?>" />
Any ideas on how to do both?
~A2S
<input type="text" name="email_customer" value="<?=(isset($rsBill[e mail])?$rs Bill[email ]:$_POST[" fieldname" ])?>" />
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Im going to shot myself in the head
ASKER
sorry steelseth, I meant to click on yours too as the assisted solution, but clicked things too quickly. I do have a continuation of this question that I will be reposting that's even more complicated.
~A2S
~A2S
if (<validation of name supplied in the form>)
{
$_SESSION['suppliedName'] = $name;
}
Then, in the form itself, set each input field to check if the value exists in the $_SESSION variable:
<input type="text" name="name" value="<?php
if ($_SESSION['suppliedName']
{
echo $_SESSION['suppliedName'];
}
?>" />
This will populate the input field with the previously supplied value, if it exists.