I am creating a website, and part of the website should be a Bookings section. I have created a form, and the data entered into this form is to be stored in a database. Up to this point everything works fine. However, I also need to validate the data input by the user. Such as checking that characters only are entered in the Name text field, etc..I have also managed to do this correctly.
The problem is, that the form is not allowing me to do both functions, as there can only be one "action" in the form tag. The form is allowing me to store data in the database whenever I write action="Database.php" and allowing me to validate the user input whenever I write action= . I need a function which can combine both as I need to do both for my website. Do you have any suggestions please?
This is the code:
<p><span class="error"></span></p>
<form class="MyForm" method="POST" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" >
* required field
<br>
<br>
Name and Surname: <br><input type="text" name="name">
<span class="error">* <?php echo $nameErr;?></span>
<br><br>
E-mail: <br><input type="text" name="email">
<span class="error"> <?php echo $emailErr;?></span>
<br><br>
Contact Number: <br><input type="text" name="contactnumber">
<span class="error">* <?php echo $contactnumberErr;?></span>
<br><br>
Number of people: <br><input type="text" name="numberofpeople">
<span class="error">* <?php echo $numberofpeopleErr;?></span>
<br><br>
Date: <br><input type="date" name="date">
<span class="error">* <?php echo $dateErr;?></span>
<br><br>
Time of Booking: <br><input type="time" name="timeofbooking">
<span class="error">* <?php echo $timeofbookingErr;?></span>
<br><br>
Comments: <br><textarea name="comment" rows="5" cols="40">Comments...</textarea>
<br><br>
<button class="button button1">Submit</button>
<br>
</form>
And this is the code for the validation in PHP:
<?php
// define variables and set to empty values
$nameErr = $emailErr = $contactnumberErr = $numberofpeopleErr = $dateErr = $timeofbookingErr = "";
$name = $email = $contactnumber = $numberofpeople = $date = $timeofbooking = $comment = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["name"])) {
$nameErr = "Name and Surname are required";
} else {
$name = test_input($_POST["name"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$name)) {
$nameErr = "Only letters and white space allowed";
}
}
if (!empty($_POST["email"])) {
$email = test_input($_POST["email"]);
// check if e-mail address is well-formed
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailErr = "Invalid email format";
}
}
if (empty($_POST["contactnumber"])) {
$contactnumberErr = "Contact number is required";
} else {
$contactnumber = test_input($_POST["contactnumber"]);
if (!preg_match("/^[0-9 ]*$/",$contactnumber)) {
$contactnumberErr = "Only numbers are allowed";
}
}
if (empty($_POST["numberofpeople"])) {
$numberofpeopleErr = "Number of people is required";
} else {
$numberofpeople = test_input($_POST["numberofpeople"]);
if (!preg_match("/^[0-9 ]*$/",$name)) {
$numberofpeopleErr = "Only 2 digit numbers are allowed";
}
}
if (empty($_POST["date"])) {
$dateErr = "Date is required";
} else {
$date = test_input($_POST["date"]);
}
if (empty($_POST["time"])) {
$timeErr = "Time is required";
} else {
$time = test_input($_POST["time"]);
}
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>