How to integrate server-side validation with the Form Tools form?

rubycat · Jul 13th, 2009, 6:31 AM

There are three chunks of PHP--

1) The PHP to process the form through Form Tools API
2) The PHP to perform server-side validation with your PHP Validation - v2.3.1 code
3) Another chunk of PHP inserted in the form to display the errors (?)

I don't understand how to integrate these PHP snippets and have tried everything I can think of to get this to work and am having no success. And without server-side validation, everything fails miserably if the enduser does not have javascript enabled which means this was all for naught. :-(

Also, no success messages should be output if validation is successful--it should just carry on to the thank you page and do what it's supposed to do so I don't know how to extract that stuff from the third chunk.

I'd really like to be able to use Form Tools--you did such a fantastic job with this and I want to be able to use it!!

CHUNK #1: FORM TOOLS PHP API CODE AT TOP OF FORM

Code:
<?php

require_once("/path/to/form/global/api/api.php");

$fields = ft_api_init_form_page(3);

$params = array(

  "submit_button" => "send",

  "next_page" => "thanks.php",

  "form_data" => $_POST,

  "finalize" => true

    );

ft_api_process_form($params);

?>

__________________________________________________________________________
CHUNK #2: PHP FOR FORM VALIDATION

Code:
<?php

$errors = array(); // set the errors array to empty, by default

$fields = array(); // stores the field values

$success_message = "";

if (isset($_POST['submit']))

{

  // import the validation library

  require("validation.php");

  $rules = array(); // stores the validation rules

  // standard form fields

  $rules[] = "required,user_name,This field is required.";

  $rules[] = "required,email,Please enter your email address.";

  $rules[] = "valid_email,email,Please enter a valid email address.";

  $errors = validateFields($_POST, $rules);

  // if there were errors, re-populate the form fields

  if (!empty($errors))

  {  

    $fields = $_POST;

  }

  // no errors! redirect the user to the thankyou page (or whatever)

  else 

  {

    $message = "All fields have been validated successfully!";

    // here you would either email the form contents to someone or store it in a database. 

    // To redirect to a "thankyou" page, you'd just do this:

    // header("Location: thanks.php");

  }

}

?>

__________________________________________________________________________
CHUNK #3: MORE PHP FOR INCLUSION IN THE FORM AS A RESULT OF VALIDATION.PHP (?)

Code:
<?php

    // if $errors is not empty, the form must have failed one or more validation 

    // tests. Loop through each and display them on the page for the user

    if (!empty($errors))

    {

      echo "<div class='error' style='width:100%;'>Please fix the following errors:\n<ul>";

      foreach ($errors as $error)

        echo "<li>$error</li>\n";

      echo "</ul></div>"; 

    }

    if (!empty($message))

    {

      echo "<div class='notify'>$success_message</div>";

    }

    ?>

***Ben*** · (This post was last modified: Jul 18th, 2009, 10:14 AM by Ben.)

Hey Ruby!

Don't worry - we can get this sorted.

Basically it's just a matter of juggling the PHP logic to get it straight. Based on what you've posted, here's how the code would look. By the way, don't worry about the 3rd chunk: the error message display - that will remain where it is, unaffected.

PHP Code:
<?php
require_once("/path/to/form/global/api/api.php");
$fields = ft_api_init_form_page(3);

// validation time!
$errors = array();
if (isset($_POST['submit']))
{
  $rules = array(); // stores the validation rules
  $rules[] = "required,user_name,This field is required.";
  $rules[] = "required,email,Please enter your email address.";
  $rules[] = "valid_email,email,Please enter a valid email address.";

  $errors = validateFields($_POST, $rules);

  // no errors - great! Now we process the page. The ft_api_process_form does
  // the job of both updating the database and redirecting to the next page
  if (empty($errors))
  {
    $params = array(
      "submit_button" => "send",
      "next_page" => "thanks.php",
      "form_data" => $_POST,
      "finalize" => true
    );
    ft_api_process_form($params);
  }
}
?>

I trimmed a lot of the unnecessary logic, so hopefully this will make it a little clearer. Things like including the validation.php file is already taken care of for us when we included the api.php, and all the manual stuff of storing the data in the $fields var is already done by ft_api_init_form_page(). Nice!

Hmm... but I must say, this REALLY makes me realize that the server-side validation tutorial is needed... okay, another project for this weekend. :-)

Let me know if the above doesn't work for you, or if you run into any other problems!

- Ben

sergiozambrano · (This post was last modified: Aug 14th, 2009, 6:15 AM by sergiozambrano.)

Ben:

Using your code (I've deleted captcha to isolate the error) the invalid form retrieves no data.
print_r($fields) shows form and submission id ONLY after the form is reloaded with the error, as any new form.

Although, all the form data is printed when a valid form with wrong captcha is sent… but ONLY leaving the page and browsing back to it. (captcha not fixed)

Also, you should mention that you need the word "submit" inside the if isset($_POST… line
matching your submit button "name" attribute.

Is there any chance it's not working because the form is inside an iframe? (it loads the thank you page fine inside the same iframe)

sergiozambrano · Aug 18th, 2009, 6:41 AM

Here's the solution right from Ben Keen

http://forums.formtools.org/showthread.p...09#pid1009

FORUMS