0

I have created a function to register users in my application. which processes the form. validate inputs etc. but I'm having a problem displaying errors in the form. I'm not able to return $errors array to the form to display errors. can someone help with this? please!

Form

  <?php register_user(); ?>
  <form action="signup.php" method="post">
    <div class="form-group mb-3">
      <input type="email" name="email" value="<?php if (isset($email)) echo $email; ?>" placeholder="Enter your email" class="form-control form-control-lg <?php echo isset($errors['email']) ? 'is-invalid' : '' ?>" required>
      <div class="invalid-feedback"><?php echo $errors['email'] ?? ''; ?></div>
    </div>
    <div class="form-group mb-3">
      <input type="text" name="username" value="<?php if (isset($username)) echo $username; ?>" placeholder="Choose a Username" maxlength="15" class="form-control form-control-lg <?php echo isset($errors['username']) ? 'is-invalid' : '' ?>" required>
      <div class="invalid-feedback"><?php echo $errors['username'] ?? ''; ?></div>
    </div>              
    <div class="form-group mb-3">
      <input type="password" name="password" placeholder="Choose a Password" class="form-control form-control-lg <?php echo isset($errors['password']) ? 'is-invalid' : '' ?>" required>
      <div class="invalid-feedback"><?php echo $errors['password'] ?? ''; ?></div>
    </div>
    <div class="form-group mb-3">
      <?php $countries = find_all('countries'); ?>
      <select name="country" class="form-control" required>
        <option value="">Select a country...</option>
        <?php while($country = mysqli_fetch_assoc($countries)) { ?>                  
        <option value="<?php echo h($country['country_id']); ?>"><?php echo h($country['name']); ?></option>
        <?php } ?>
      </select>
      <div class="invalid-feedback"><?php echo $errors['country'] ?? ''; ?></div>
    </div>
    <p class="splash-description mt-3">By joining, you agree to Cointerr's Terms of Service.</p>
    <input type="submit" value="Join" name="signup-submit" class="btn btn-block btn-primary">
  </form>

Register Function

function register_user() {    
    if (is_post_request() && isset($_POST['signup-submit'])) {
        if(isset($_POST['email'])) $email = $_POST['email'];
        if(isset($_POST['username'])) $username = $_POST['username'];
        if(isset($_POST['password'])) $password = $_POST['password'];
        if(isset($_POST['country'])) $country = $_POST['country'];
        // validate
        if (is_blank($email) || !has_valid_email_format($email)) $errors['email'] = 'Looks like this email is incomplete.'; 
        if (is_blank($username)) $errors['username'] = 'Username must begin with a letter and can include numbers and underscores.';
        if (!has_length_exactly($username, 6)) $errors['username'] = 'Username must include at least 6 characters.';
        if (is_blank($password) || !has_length_exactly($password, 8)) $errors['password'] = 'Password must be min 8 characters.';
        if (is_blank($country)) $errors['country'] = 'Please select your country!';

        if (!empty($errors)) {
            return $errors;
        } else {
            // Register user
        }

    }
}
  • Note: `$email` is not defined if `$_POST['email']))` is not set. This is a potential error, because you access the var later. Better is to use e.g. `$email = $_POST['email'])) ?? "";` – Wiimm Feb 28 '20 at 12:42

2 Answers2

1

You are returning the errors:

return $errors;

However, the code on the page is ignoring that result:

<?php register_user(); ?>

Set the result to a variable that you can use:

<?php $errors = register_user(); ?>

Which you then already later attempt to use:

<?php echo $errors['email'] ?? ''; ?>
David
  • 208,112
  • 36
  • 198
  • 279
  • Thanks for the answer, David. one more question, please. any idea how to mirror inputs after for submission –  Feb 28 '20 at 12:21
  • @lachisolutions: You mean keeping the previously submitted values in the form when reloading the page? You can just output into the `value` attribute of each form element what was sent, the values in the `$_POST` array. A couple things to keep in mind are: (1) Never output passwords. Let the user fill that one in again. (2) It's a good idea to familiarize yourself with what XSS is and how to guard against it: https://stackoverflow.com/questions/1996122/how-to-prevent-xss-with-html-php – David Feb 28 '20 at 12:24
  • Yes, I know that but how to return them from function –  Feb 28 '20 at 12:25
  • @lachisolutions: You'd return them the same way you're returning the errors. Though it's probably worth defining an object structure instead of just an array of error messages, since some of your values are errors and some of them are form submission values. But to keep it simple, you don't really need to return them. The page code already has access to the `$_POST` array, just reference the values in that array. Overall you seem confused about variable scope, this is a good place to start: https://www.php.net/manual/en/language.variables.scope.php – David Feb 28 '20 at 12:28
0

Assign registerUser() to a variable:

<?php $errors = registerUser(); ?>

You should also check that the error key exists in the errors array.

CountKyle
  • 459
  • 3
  • 15