ansaurus

Question

validation in php

Answer 1

+1 A:

At the very top of your php page, (the page you linked to in the action attribute of the form) put:

if (isset($_POST['submit_check']) && strlen($_POST['whatever'])) { // submit_check is a hidden form field
    insert_to_db();
    header('Location: success.php'); // redirect to another page to prevent double-submits
    exit;
}

So your html might look like:

<form action="" method="post"> 
    <input type="text" name="whatever"/>
    <input type="hidden" name="submit_check" value="1"/> 
</form>

the blank action value means to post to the same page, but you can post to another page if you want.

rkulla 2010-04-05 20:47:44

You're still free to do some validation of your data with javascript and php. And you should definitely validate with php. Since you'll be inserting user input into a database use prepared statements (aka parameterized queries, to prevent sql injection attacks)

rkulla 2010-04-05 20:55:02

Answer 2

A:

If what you are asking is, 'can I ensure that the data is valid on the client side without javascript' then the answer is no.

But if all you want to do is make sure to validate the data before you insert it into your database, then certainly.

foreach ($_POST as $key=> $value) {

  switch ($key) {
   case 'my_value_name':
      //test $value is not null and other validation;
      //insert into database function
      break;

   ...

  }

}

DKinzer 2010-04-05 20:54:04

Answer 3

+1 A:

Simply use control structures as usual:

$non_empties = array('name', 'email', 'address');

foreach ($non_empties as $field) {
    if (! isset($_POST[$field]) || $_POST[$field] == '') {
        show_error("Please fill your $field, thank you.");
    }
}

$db->insert();

More advanced example:

// Defined in your library
function validate_as_non_empty(Array $non_empties) {
    foreach ($non_empties as $field) {
        if (! isset($_POST[$field]) || $_POST[$field] == '') {
            throw new Exception("Please fill your $field, thank you.");
        }
    }
}

// Defined in your library
function validate_as_foo(Array $arr) { ... }

// Your request handler
try {
    validate_as_non_empty(array('name', 'address'));
    validate_as_foo(array('email'));
    $db->insert();
} catch (Exception $e) {
    show_error($e->getMessage());
}

There are at least million ways to do validation. Usually you have some kind of framework to rely on. The above examples are merely given for inspiration.

jholster 2010-04-05 20:54:38

thank you. this worked!

fuz3d 2010-04-05 21:14:22

Answer 4

A:

Retrieve the submitted data using the $_POST super-global in your PHP file like this:

$_POST['firstname'] for each HTML element that is being POST-ed. For eaxmple, in your HTML:

<input type="text" name="firstname" />

Then validate the data using PHP, with regex, isset, etc and redirect accordingly either to a success page, or back to the HTML form.

You can also do the same using Ajax (the same PHP validation will apply, just the data transfer model is slightly different)

Sev 2010-04-05 20:55:19

ansaurus

tags:

views:

answers:

validation in php

related questions