Question:
Need help with PHP form validation?
Wilko
2010-11-30 05:47:54 UTC
I am creating a website using Dreamweaver, with a MYSQL form input I have the input form working but need help on how to validate it. I need to validate a name field, email field and comment field. All the fields need to be checked to see if there is a value in the field and the email need to be checked if it is in the correct format. Help would be greatly appreciated
Four answers:
Stunami
2010-11-30 07:08:06 UTC
Firstly you should always validate any input into any programme. Do not trust any data! Validate your form in javascript is nice for the user as it gives immediate feedback but it should not ever replace server side validation!



use php filters to validate and filter the inputs

http://w3schools.com/PHP/php_filter.asp



For emails its recommended you use PHP filters to check the format

http://www.php.net/manual/en/function.filter-input.php



Also remember to make sure your sql is not open to sql injection. You should probably be using PDO or mysql_real_escape_string http://us3.php.net/manual/en/function.mysql-real-escape-string.php
Jane E
2010-11-30 14:50:09 UTC
By all means you can use javascript to validate your form, but you must also use php validation, or else your site will get hacked very, very easily.
Nik
2010-11-30 16:55:05 UTC
all you have to do is this.



pull the data.

$name = $_POST['name'];



to check the variable to see if it is blank do this.



if ($name = "")

{

echo "You need to enter a name";

}



You need to check for illegal characters to prevent hacking use the code below.



if(!preg_match('/^[a-zA-Z0-9 ._+\-?,():?!$]{0,1000}$/', $name))

{

echo "

Your name contains illegal characters";

header('Refresh: 4; url=register.php'); // 4 second redirect

exit(); // stops the script going any further

}



the above will check for />< etc.



if you need any more help just ask me I don't mind helping you.



Have fun

?
2010-11-30 13:55:38 UTC
Ideally, you do NOT check a form in php: you check it in javascript BEFORE submitting to php!



The way to do it is NOT to send the form with "submit" button, but to use a button that calls a javascript function:



the form here







function js_validate(theForm)

{

var em = theForm.element['email'];

var email = em.value;

if (echeck(email))

{

alert ("Invalid email address");

em.focus();

return(true);

}

etc...: your other checks.



all checks pass:

theForm.submit(); => you submit the form!

}

// === EMAIL VALIDATION ====

function echeck(str)

// (the variable "str" is the full email address)

// returns true if not valid, false if valid

{

var at="@"

var dot="."

var lat=str.indexOf(at);

var lstr=str.length;

var ldot=str.indexOf(dot);

if (str.indexOf(at)==-1)

return(true);

if (str.indexOf(at)==-1 || str.indexOf(at)==0 || str.indexOf(at)==lstr)

return(true);

if (str.indexOf(dot)==-1 || str.indexOf(dot)==0 || str.indexOf(dot)==lstr)

return(true);

if (str.indexOf(at,(lat+1))!=-1)

return(true);

if (str.substring(lat-1,lat)==dot || str.substring(lat+1,lat+2)==dot)

return(true);

if (str.indexOf(dot,(lat+2))==-1)

return(true);

if (str.indexOf(" ")!=-1)

return(true);

return (false);

}



For the other checks, just get the element and check against "" (blank)

Return to the field if it is blank (fieldname.focus() )


This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.
Loading...