How to Display Error Message While Downloading Report

Opeyemi AbdulRasheed
Opeyemi AbdulRasheed used Ask the Experts™
Hello Experts!

I have a php page where students enter information to check their results.
See here

I want to display relevant error message on the same page when wrong info is entered. Currently, I'm using error_reporting(0);.
The result is in PDF format.

Please use following to get accurate result:
Class:                       SS 1A
Session:                  2018/2019
Term:                      1st Term
Adminssion No:    GSS/0001
Password:              abc (could be any string)

And use random data to get what I'm taking about.

Bellow is part of the codes:

<form id="resultForm" action="terminal_result.php" method="POST">
                        <!--Form with header-->
                        <div class="card wow fadeIn white" data-wow-delay="0.3s">
                            <div class="card-body">
                                <div class="form-header blue-gradient">
                                    <h3><i class="fa fa-download mt-2 mb-2"></i> Check Result</h3>
                                <div id="error"></div>
                                    <select name="class_name" id="class_name" class="mdb-select colorful-select dropdown-info" required="required">
                                        <option value="" disabled selected>Choose Class</option>
                                        <?php echo fill_class_box($conn); ?>
                                    <select name="session" id="session" class="mdb-select colorful-select dropdown-info" required="required">
                                        <option value="" disabled selected>Choose Year of Result</option>
                                        <?php echo fill_session_box($conn); ?>
                                    <select name="term" id="term" class="mdb-select colorful-select dropdown-info" required="required">
                                        <option value="" disabled selected>Choose Term</option>
                                        <?php echo fill_term_box($conn); ?>
                                <div class="md-form">
                                    <i class="fa fa-user prefix grey-text"></i>
                                    <input type="text" name="student_id" id="student_id" class="form-control" autocomplete="off" required="required">
                                    <label for="student_id">Admission No</label>

                                <div class="md-form">
                                    <i class="fa fa-lock prefix grey-text"></i>
                                    <input type="password" name="password" id="password" class="form-control" required="required">
                                    <label for="password">Password</label>
                                <div class="text-center">
                                    <button type="submit" name="download_result" id="download_result" class="btn blue-gradient btn-lg">Submit</button>

Open in new window

The script:

function clean($data) {
    $data = trim($data);
    $data = stripslashes($data);
    $data = htmlspecialchars($data);
    return $data;

$stu_id = clean($_POST['student_id']);
$class = clean($_POST['class_name']);
$session = clean($_POST['session']);
$term = clean($_POST['term']);

$biodata = $conn->prepare("SELECT * FROM ... WHERE Student_ID = ? ");
$biodata->bind_param("s", $stu_id);
$report = $biodata->get_result();
$student = $report->fetch_object();

//date in yyyy-mm-dd format; or it can be in other formats as well
  $birthDate = $student->Date_Of_Birth;
  //explode the date to get month, day and year
  $birthDate = explode("-", $birthDate);
  //get age from date or birthdate
  $age = (date("md", date("U", mktime(0, 0, 0, $birthDate[2], $birthDate[1], $birthDate[0]))) > date("md") ? ((date("Y") - $birthDate[0]) - 1) : (date("Y") - $birthDate[0]));
  $age_year = "".$age." years";

//attendance and comment
$attendance_comment = $conn->prepare("SELECT ... FROM ... LEFT JOIN ... ON ... WHERE Student_ID = ? AND Class_Name = ? AND Session = ? AND Term = ?");

//and so on

Open in new window

Please help.
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Personally, I would use an AJAX page/controller to validate login. The flow would be:

1. HTML form posts data to the AJAX controller.

2. AJAX controller checks the login.
- If the login is valid, then it sets up the session with the student ID and returns a JSON result to indicate success and the new URL to go to
- If the login is invalid, then it returns a JSON result indicating the error message

3. The HTML form gets the JSON response back from the AJAX controller.
- If the JSON result indicates success, it redirects the browser to the new URL (and now you have the appropriate info in your session)
- If the JSON result indicates failure, show the error message

The AJAX controller would look something like this:
// Sleep 1 second to deter brute-force attacks

// Start/resume session

// Connect to the database
$conn = ...

// Sanitize the input
$stu_id = clean($_POST['student_id']);

// Validate the student ID and password by querying the database
$login_check = $conn->prepare("SELECT ... FROM Students WHERE Student_ID = ? AND Password = ?");

// Now determine success or failure
$return_data = array();
if(successful criteria)
  // Success, record the student ID in our session variable
  $_SESSION["student_id"] = $student_id;
  $return_data["result"] = 1; // 1 = Success
  $return_data["url"] = "/url/of/next_page.php";
  echo json_encode($return_data);
  // Failure
  $return_data["result"] = 0; // 0 = Failure
  $return_data["error"] = "The error message here, like Invalid Login or something";
  echo json_encode($return_data);

Open in new window

Finally, in the /url/of/next_page.php, just check the session to make sure the user is logged in, and if they are, then go ahead and show them their data. Otherwise, give an error message:
// Start/resume the session

// Make sure the student has logged in successfully before
  // They haven't logged in yet - redirect to the login page.
  header("Location: loginform.php");

// If the code reaches this point, then the user is logged in, so we can go ahead and generate the data and show it to them.

Open in new window

Also, unless you're intentionally requiring the student to type in all the class details, it seems like you could present them with an intermediate page after logging in. That page could pull their available classes, years, terms, etc... and present them with dropdowns for selection. That way you eliminate any accidental typos (which also means less students complaining about not being able to log in), and you're in much better control of the data overall (you can pass IDs around instead of full names).
Superb! I'll check it out now.
Thank you so much. I implemented your suggestion and it really makes sense.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial