PHP need a fix to a small form submit validation bug-ThrowExceptions

Exception or error:

OK, when I submit my form, it will check for pregmatch (only letters and white space allowed) but, it will submit the form anyway (if all form fields have data)… I need to add something to my code that says, yes all your fields are filled out but you still have errors. So I will not submit. how can I reconfigure my submit validation to fix this small bug

<?php
  $e_first = ""; $e_last = ""; $e_email = ""; $success = "";
  if ($_SERVER["REQUEST_METHOD"] == "POST") {
    require_once("config.php");
    require_once("database.php");
    require_once("controller.php");

    $firstname = sanitize($_POST['firstname']);
    $lastname = sanitize($_POST['lastname']);
    $email = sanitize($_POST['email']);
    $submit = sanitize($_POST['submit']);

    if (empty($firstname)) {
      $e_first = "First Name is required";
    } else {
      $firstname;
      if (!preg_match("/^[a-zA-Z ]*$/", $firstname)) {
        $e_first = "Only letters and white space allowed";
      }
    }

    if (empty($lastname)) {
      $e_last = "Last Name is required";
    } else {
      $lastname;
      if (!preg_match("/^[a-zA-Z ]*$/", $lastname)) {
        $e_last = "Only letters and white space allowed";
      }
    }

    if (empty($email)) {
      $e_email = "Email Address is required";
    } else {
      $email;
      if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
        $e_email = "Invalid Email Address";
      }
    }

    $users = [
      'firstname' => $firstname,
      'lastname' => $lastname,
      'email' => $email
    ];

    if (isset($submit)) {
      switch (false) {
        case !empty($firstname) || $firstname == $e_first :
          $success = "";
        break;
        case !empty($lastname) || $lastname == $e_last :
          $success = "";
        break;
        case !empty($email) || $email == $e_email :
          $success = "";
          break;
        default :
          $control = new Controller();
          $control->addCustomer($users);
          header("Location: success.php");
          break;
      }
    } 

  }

  function sanitize($data) {
    $data = htmlspecialchars($data);
    $data = stripslashes($data);
    $data = strip_tags($data);
    $data = trim($data);
    return $data;
  }

?>

this is the form

    <section class="form_box">
      <form action="<?php echo $_SERVER['PHP_SELF'] ?>" method="POST">
        <label for="firstname">First Name:</label>
        <span class="error"><?php echo $e_first; ?></span>
        <input type="text" class="input" name="firstname" id="firstname"/>

        <label for="lastname">First Last:</label>
        <span class="error"><?php echo $e_last; ?></span>
        <input type="text" class="input" name="lastname" id="lastname"/>

        <label for="email">Email Address:</label>
        <span class="error"><?php echo $e_email; ?></span>
        <input type="email" class="input" name="email" id="email"/>

        <input type="submit" class="submit" name="submit" value="submit">
        <span class="success"><?php echo $success; ?></span>
      </form>
    </section>

any thoughts… thanks

How to solve:

Leave a Reply

Your email address will not be published. Required fields are marked *