38 thoughts on “PHP OOP Login/Register System: Form Validation (Part 11/23)

  1. Hi Thank You for your great tutorial
    i have question and that is how we can validate and enter other kind of data like i want to submit checkbox and also upload user photo but i get error of validation would you please please 🙂 answer me
    Thank you

  2. Here's a nice one for you.
    When defining the addError(); method, to format the output a bit you can do this.

    private function addError($error) {
    return $this->_errors[] = str_replace("_"," ",ucfirst($error));

    This will make the first letter of the string uppercase, and will replace _ with a space.
    So , if naming one field first_name, it's error will output like this "First name […]"

  3. Hey guys! What is the purpose of having <label for="">? What does this do? Previously, we have always done it like this:

    <form action="" method="post">
    Username:<input type="text" name="username"> etc……

    In line 5 and 8, I am assuming that post and get can also be written in capitals? At 10:14, why do you have to return something back even though you have an empty string? Is this due to security issues? At 14:23, what is the purpose of setting required to true?

    Also, with regard to $rule_value, where is this set in the registration.php file? I can't see it there… thanks!

  4. Notice: Undefined index: in C:xampphtdocstestclassesValidate.php on line 14
    Notice: Undefined variable: string in C:xampphtdocstestfunctionssanitize.php on line 4
    class Validate{
    private $_passed = false,
    $_errors = array(),
    $_db = null;

    public function __construct(){
    $this ->_db = DB::getInstance();

    public function check($source, $items = array()){
    foreach($items as $item => $rules){
    foreach($rules as $rule => $rule_value){
    $value = trim($source[$item]);
    $item = escape($item);

    if($rule == 'required' && empty($value)){
    $this->addError("{$item} mag niet leeg zijn!");
    } else if(!empty($value)){
    case 'min':
    if(strlen($value) < $rule_value){
    $this->addError("{$item} moet minimaal {$rule_value} karakters zijn");

    case 'max':
    if(strlen($value) > $rule_value){
    $this->addError("{$item} mag niet meer dan {$rule_value} karakters zijn");

    case 'matches':
    if($value != $source[$rule_value]){
    $this->addError("{$rule_value} moet overeenkomen met {$item}");

    case 'unique':
    $check = $this->_db->get($rule_value, array($item, "=", $value));
    $this->addError("{$item} bestaat al");
    $this->_passed = true;

    return $this;

    private function addError($error){
    $this->_errors[] = $error;

    public function errors(){
    return $this->_errors;
    public function passed(){
    return $this->_passed;

    I was searching for 2 days but I can't get out of this? How can I solve it?

  5. Getting this error can anyone help thanks.
    Parse error: syntax error, unexpected 'getInstance' (T_STRING), expecting variable (T_VARIABLE) or '$' in C:xampphtdocsPHPLRclassesvalidate.php on line 13

  6. Validation is not working as you showing here. I checked the code, everything is exact the same. But my form is always ,,Passed''. Even if the form was submitted without information in it.

  7. I was think, have no way to put a another field validation called 'fielName' for when we show the error does not display the input name but the title of description we write?
    Ex: <input type="text" name="fullName"> | fieldName = Full Name
    Instead of showing 'fullName is required' we can change to appear 'Full Name is required'.
    I thinking about that becase sometimes we use compound names, that names ins't the best way to showing information.

  8. @Alex,
    could you please explain me the diffrence between the use of static and non-static?
    for your Input class your using static methods and for your Validation class your using non-static methods.

    thanks in advance.

  9. Fatal error: Call to a member function count() on boolean in C:Program FilesEasyPHP-DevServer-14.1VC11datalocalwebprojectsLoginOopLrclassesValidate.php on line 40. The code there is if ($check->count()) {
    $this->addError("{$item} already exists.");

  10. Notice: Array to string conversion in C:xampphtdocsclassesValidate.php on line 14
    Array required must be 1

    Notice: Array to string conversion in C:xampphtdocsclassesValidate.php on line 14
    Array min must be 2

    Notice: Array to string conversion in C:xampphtdocsclassesValidate.php on line 14
    Array max must be 20

    HELP , and this with all the rest

  11. Hi can someone help me on this.

    When I used this code lines

    if($validate->passed) {
    echo "Passed";

    It says an error Notice: Undefined property: Validate::$_passed in… Validate.php

  12. I don't get the function "exists" of the Input class. I mean, its never going to work for GET. It doesn't make sense, can someone explain/help me understand why Alex is doing it that way?

  13. Guys if you want to show validation errors next to fields . just add this small code which i made it.
    **NOTE :- First word of Validation error must match name of text-box.

    (1) In Validation class add this function.
           public function fieldError($type)
            $fieldError = null;
            foreach ($this->_errors as $error)
                $word = explode(' ', $error ,-2);            
                if($word[0] === $type)
                {  $fieldError = $error;   }            
        return $fieldError;
    (2) Add this line next to each text-boxes and call function with fieldname.
    e.g for username
         <span><?php echo $validate->fieldError('username'); ?></span>

    And if u want to add something extra reply here. i will do it :)

  14. There is a problem, I don't know why am I getting this. The line $check->count() says to be "Call to a member function count() on a non-object". Can anyone throw light on this fact ?

  15. In the Input class you have an XSS vulnerability. A user can enter "><script>alert('foo');</script> and it will put the script in the source code. You need to filter the POST and GET with htmlspecialchars() or a regex to filter out scripts.

Leave A Comment

Your email address will not be published. Required fields are marked *