PHP
By Web Monkey
Page 2 Simple Validation
--------------------------------------------------------------------------------
Imagine for a moment that we've got our database nicely laid
out and we're now requesting information from users that will
be inserted into the database. Further, let's imagine that
you have a field in your database waiting for some numeric
input, such as a price. Finally, imagine your application
falling over in a screaming heap because some smart aleck
put text in that field. MySQL doesn't want to see text in
that portion of your SQL statement - and it complains bitterly.
What to do? Time to validate.
Validation simply means that we'll examine a piece of data,
usually from an HTML form, and check to make sure that it
fits a certain model. This can range from ensuring that a
element is not blank to validating that an element meets certain
criteria (for example, that a numeric value is stipulated
or that an email address contains an @ for an email address).
Validation can be done on the server side or on the client
side. PHP is used for server-side validation, while JavaScript
or another client-based scripting language can provide client-side
validation. This article is about PHP, so we're going to concentrate
on the server end of things. But if you're looking for some
ready-made, client-side validation scripts, check out the
Webmonkey code library.
Let's ignore our database for the moment and concentrate
on PHP validation. If you wish, you can add additional fields
to our employee database quite simply by using the MySQL ALTER
statement - that is, if you want to commit to the values that
we'll validate.
There are several useful PHP functions we can use to validate
our data, and they range from simple to highly complex. A
simple function we could use might be strlen(), which tells
us the length of the variable.
A more complex function would be ereg(), which uses full
regular expression handling for complex queries. I won't delve
into the complexities of regex here, as entire books have
been written on the subject, but I will provide some examples
on the next page.
Let's start with a simple example. We'll check to see whether
a variable does or does not exist.
<html>
<body>
<?php
if
($submit) {
if
(!$first || !$last) {
$error
= "Sorry! You didn't fill in all the fields!";
}
else {
//
process form
echo
"Thank You!";
}
}
if
(!$submit || $error) {
echo
$error;
?>
<P>
<form
method="post" action="<?php echo $PHP_SELF
?>">
FIELD
1: <input type="text" name="first"
value="<?php echo $first ?>">
<br>
FIELD
2: <input type="text" name="last" value="<?php
echo $last ?>">
<br>
<input
type="Submit" name="submit" value="Enter
Information">
</form>
<?php
} //
end if
?>
</body>
</html>
The keys to this script are the nested conditional statements.
The first checks to see whether the Submit button has been
pressed. If it has, it goes on to check that both the variables
$first and $last exist. The || symbol means "or"
and the ! symbol means "not." We could also rewrite
the statement to say, "If $first does not exist or $last
does not exist, then set $error to the following."
Next, let's extend things a little by checking to see whether
a string is a certain length. This would be ideal for passwords,
since you don't want some lazy user entering a password of
only one or two letters. You'd rather it be, say, six or more
characters.
The function for this is, as you already know, strlen().
It simply returns a number equal to the number of characters
in the variable being tested. Here, I modified the script
above to check the length of $first and $last.
<html>
<body>
<?php
if
($submit) {
if
(strlen($first) < 6 || strlen($last) < 6) {
$error
= "Sorry! You didn't fill in all the fields!";
}
else {
//
process form
echo
"Thank You!";
}
}
if
(!$submit || $error) {
echo
$error;
?>
<P>
<form
method="post" action="<?php echo $PHP_SELF
?>">
FIELD
1: <input type="text" name="first"
value="<?php echo $first ?>">
<br>
FIELD
2: <input type="text" name="last" value="<?php
echo $last ?>">
<br>
<input
type="Submit" name="submit" value="Enter
Information">
</form>
<?php
} //
end if
?>
</body>
</html>
Run this script and try entering six or fewer letters to see
what happens. It's simple yet quite effective.
next page»
|