RE: [PHP] form validation
-Original Message-
From: paras...@gmail.com [mailto:paras...@gmail.com] On Behalf Of
Daniel P. Brown
Sent: 12 August 2011 16:53
On Fri, Aug 12, 2011 at 11:42, Chris Stinemetz
chrisstinem...@gmail.com wrote:
I have a select menu created by a foreach loop. I am trying to
validate that there was a selection made before it is submitted to
the
database. But I am not doing something correctly.
Try using a combination of isset, empty, and is_null() instead:
?php
if (!isset($_POST['market']) || empty($_POST['market']) ||
is_null($_POST['market'])) {
// Wasn't set
}
?
The last part of that test is redundant, since if $_POST['market'] is
NULL isset($_POST['market'] will be FALSE.
Cheers!
Mike
--
Mike Ford,
Electronic Information Developer, Libraries and Learning Innovation,
Portland PD507, City Campus, Leeds Metropolitan University,
Portland Way, LEEDS, LS1 3HE, United Kingdom
E: m.f...@leedsmet.ac.uk T: +44 113 812 4730
To view the terms under which this email is distributed, please go to
http://disclaimer.leedsmet.ac.uk/email.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] form validation
On Sun, Aug 14, 2011 at 18:19, Ford, Mike m.f...@leedsmet.ac.uk wrote: The last part of that test is redundant, since if $_POST['market'] is NULL isset($_POST['market'] will be FALSE. Good catch. Didn't even notice I typed that. Not that it would've done any damage, but a good reminder why code here is not meant to be blindly copied-and-pasted. -- /Daniel P. Brown Dedicated Servers, Cloud and Cloud Hybrid Solutions, VPS, Hosting (866-) 725-4321 http://www.parasane.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] form validation
I have a select menu created by a foreach loop. I am trying to
validate that there was a selection made before it is submitted to the
database. But I am not doing something correctly.
select name=market class=ajax
onchange=javascript:get(this.parentNode);
option value=Choose.../option
?php
foreach($market_prefix as $key = $value)
{
$selected = '';
if($value == $market)
{
$selected = 'selected';
}
echo 'option value=', htmlspecialchars($value), ' ', $selected,
'', htmlspecialchars($market_name[$key]), '/option';
}
?
/select
I am using the folling on the posted page.
if (! array_key_exists($_POST['market'], $market_name))
{
echo You did not select a market.;
}
Thank you,
Chris
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] form validation
On Fri, Aug 12, 2011 at 11:42, Chris Stinemetz chrisstinem...@gmail.com wrote:
I have a select menu created by a foreach loop. I am trying to
validate that there was a selection made before it is submitted to the
database. But I am not doing something correctly.
Try using a combination of isset, empty, and is_null() instead:
?php
if (!isset($_POST['market']) || empty($_POST['market']) ||
is_null($_POST['market'])) {
// Wasn't set
}
?
--
/Daniel P. Brown
Dedicated Servers, Cloud and Cloud Hybrid Solutions, VPS, Hosting
(866-) 725-4321
http://www.parasane.net/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] form validation
On 12 August 2011 16:42, Chris Stinemetz chrisstinem...@gmail.com wrote:
I have a select menu created by a foreach loop. I am trying to
validate that there was a selection made before it is submitted to the
database. But I am not doing something correctly.
select name=market class=ajax
onchange=javascript:get(this.parentNode);
option value=Choose.../option
?php
foreach($market_prefix as $key = $value)
{
$selected = '';
if($value == $market)
{
$selected = 'selected';
}
echo 'option value=', htmlspecialchars($value), ' ', $selected,
'', htmlspecialchars($market_name[$key]), '/option';
}
?
/select
I am using the folling on the posted page.
if (! array_key_exists($_POST['market'], $market_name))
{
echo You did not select a market.;
}
Thank you,
Chris
$_POST['market'] won't exist if you haven't chosen one.
Turn on your error reporting and you should see something appropriate.
At a bare minimum, adding ...
isset($_POST['market'])
as the first thing to test (before seeing if the value is in
$market_name (though I would have thought $market_names would have
been a better name for the variable - implies more than 1 market).
--
Richard Quadling
Twitter : EE : Zend : PHPDoc
@RQuadling : e-e.com/M_248814.html : bit.ly/9O8vFY : bit.ly/lFnVea
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] form validation and error display
Hello Everyone,
Thanks for all the suggestions on my sticky form problem. I've changed
my action attribute to empty as per the article on PHP_SELF.
I'm still having an issue getting the form to redisplay. For example,
if i don't fill out the name field how would i get the form to
redisplay with all the rest of the entered values? I've got text
values working, but combo boxes are not. I've got three values i'll
take the type one here, one is zero and it's choice is to select an
option. That's a required field, so if it's skipped zero is given, I
want to indicate that's not valid and redisplay the form. Event is 1
and meeting is 2 or maybe i've got those reversed but it doesn't
matter. So, say I select 2 for meeting or event or whatever, but again
i don't fill in the name field. I want the form to redisplay, but to
have the combo box values filled in.
I'm certain this is conceptual and coding on my part, I'd appreciate
any assistance.
Thanks.
Dave.
On 7/4/10, Paul M Foster pa...@quillandmouse.com wrote:
On Sun, Jul 04, 2010 at 01:57:01PM -0400, David Mehler wrote:
Hello,
I've got a form with several required fields of different types. I
want to have the php script process it only when all the required
fields are present, and to redisplay the form with filled in values on
failure so the user won't have to fill out the whole thing again.
One of my required fields is a text input field called name. If it's
not filled out the form displayed will show this:
input type=text name=name id=name size=50 value=?php
echo($name); ? / br /
Note, I've got $_POST* variable processing before this so am assigning
that processing to short variables.
If that field is filled out, but another required one is not that form
field will fill in the value entered for the name field.
This is working for my text input fields, but not for either select
boxes or textareas. Here's the textarea also a required field:
textarea name=description id=description cols=50 rows=10
value=?php echo($description); ?/textarea
Textarea fields don't work this way. To display the prior value, you
have to do this:
textarea name=description?php echo $description; ?/textarea
What this does, if a user fills out this field, but misses another, it
should echo the value of what was originally submitted. It is not
doing this. Same for my select boxes, here's one:
select name=type id=type value=?php echo($type); ?
option value=0 selected=selected-- select type --/option
option value=meeting - Meeting - /option
option value=event - Event - /option
/select
The value attribute of a select field won't do this for you. You have
to actually set up each option with an either/or choice, like this:
option value=0 ?php if ($type == 'meeting') echo 'selected=selected';
? - Meeting - /option
Since doing this is pretty tedious, I use a function here instead:
function set_selected($fieldname, $value)
{
if ($_POST[$fieldname] == $value)
echo 'selected=selected';
}
And then
option value=meeting ?php set_selected('type', 'meeting');
?Meeting/option
HTH,
Paul
--
Paul M. Foster
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] form validation and error display
Ash - Thanks for correcting me [should I say us ;) ]. So, if my understandng
is right, we should use # instead of the superglobal variable.
David - Sorry to have written that. I was not aware of the implications of
the grand old way of doing it. :)
Regards,
Shreyas
On Mon, Jul 5, 2010 at 4:24 AM, Ashley Sheridan
a...@ashleysheridan.co.ukwrote:
On Sun, 2010-07-04 at 18:23 -0400, David Mehler wrote:
Hello everyone,
Thanks for your suggestions.
For my variable in the value area of the text input field I enter
value=?php echo $name; ?
Prior to this I assign the variable $name to:
$name = stripslashes($_POST['name']);
I hope this is correct.
Sticky forms sounds exactly what i'm looking for. I've changed my
action attribute to
?php echo $_SERVER['PHP_SELF']; ?
The first thing I do once the page is loaded is check whether or not
submit is set, if it is not I display the form, which is in a function
call. If submit is set I want to begtin validation, so i'm deciding to
merge my two files in to one, I like this better. My question is say
for example the name text field is not filled out but all the other
required fields are how do I get the form to redisplay itself? I was
thinking a location redirect, but this doesn't sound right.
Thanks.
Dave.
On 7/4/10, Paul M Foster pa...@quillandmouse.com wrote:
On Sun, Jul 04, 2010 at 01:57:01PM -0400, David Mehler wrote:
Hello,
I've got a form with several required fields of different types. I
want to have the php script process it only when all the required
fields are present, and to redisplay the form with filled in values on
failure so the user won't have to fill out the whole thing again.
One of my required fields is a text input field called name. If it's
not filled out the form displayed will show this:
input type=text name=name id=name size=50 value=?php
echo($name); ? / br /
Note, I've got $_POST* variable processing before this so am assigning
that processing to short variables.
If that field is filled out, but another required one is not that form
field will fill in the value entered for the name field.
This is working for my text input fields, but not for either select
boxes or textareas. Here's the textarea also a required field:
textarea name=description id=description cols=50 rows=10
value=?php echo($description); ?/textarea
Textarea fields don't work this way. To display the prior value, you
have to do this:
textarea name=description?php echo $description; ?/textarea
What this does, if a user fills out this field, but misses another, it
should echo the value of what was originally submitted. It is not
doing this. Same for my select boxes, here's one:
select name=type id=type value=?php echo($type); ?
option value=0 selected=selected-- select type --/option
option value=meeting - Meeting - /option
option value=event - Event - /option
/select
The value attribute of a select field won't do this for you. You have
to actually set up each option with an either/or choice, like this:
option value=0 ?php if ($type == 'meeting') echo
'selected=selected';
? - Meeting - /option
Since doing this is pretty tedious, I use a function here instead:
function set_selected($fieldname, $value)
{
if ($_POST[$fieldname] == $value)
echo 'selected=selected';
}
And then
option value=meeting ?php set_selected('type', 'meeting');
?Meeting/option
HTH,
Paul
--
Paul M. Foster
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
$_SERVER['PHP_SELF'] is not to be trusted, and shouldn't be used as the
action of a form like this.
http://www.mc2design.com/blog/php_self-safe-alternatives explains it all
better than I can here, so it's worth a read, but it does list safe
alternatives.
One thing I do when creating sticky select lists is this:
$colours = array('red', 'green', 'blue', 'yellow', 'pink');
echo 'select name=colour';
for($i=0; $icount($colours); $i++)
{
$selected = (isset($_POST['colour']) $_POST['colour'] ==
$i)?'selected=selected':'';
echo option value=\$i\ $selected{$colours[$i]}/option;
}
echo '/select';
Basically, this uses PHP to not only output the list from an array
(which itself can be populated from a database maybe) and select the
right option if it exists in the $_POST array and matches the current
option in the loop that's being output.
Thanks,
Ash
http://www.ashleysheridan.co.uk
--
Regards,
Shreyas Agasthya
[PHP] form validation and error display
Hello, I've got a form with several required fields of different types. I want to have the php script process it only when all the required fields are present, and to redisplay the form with filled in values on failure so the user won't have to fill out the whole thing again. One of my required fields is a text input field called name. If it's not filled out the form displayed will show this: input type=text name=name id=name size=50 value=?php echo($name); ? / br / Note, I've got $_POST* variable processing before this so am assigning that processing to short variables. If that field is filled out, but another required one is not that form field will fill in the value entered for the name field. This is working for my text input fields, but not for either select boxes or textareas. Here's the textarea also a required field: textarea name=description id=description cols=50 rows=10 value=?php echo($description); ?/textarea What this does, if a user fills out this field, but misses another, it should echo the value of what was originally submitted. It is not doing this. Same for my select boxes, here's one: select name=type id=type value=?php echo($type); ? option value=0 selected=selected-- select type --/option option value=meeting - Meeting - /option option value=event - Event - /option /select I'd also like for any not entered required fields to have an error box around them, I've got a css class to handle this, but am not sure how to tie it in to the fields since any one of the required fields could not be filled in. I'd appreciate any help. Thanks. Dave. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] form validation and error display
David, If I understand your problem/issue here, you are talking about something called 'sticky forms'. This means - (i) the form references itself. (ii) that the form knows what the previous data was when it encounters any validation issues. You achieve (i) and (ii) by re-submitting the form with the usage of a superglobal variable called $_SERVER['PHP_SELF']. form method='POST' action =php echo $_SERVER['PHP_SELF'] ? Regards, Shreyas On Sun, Jul 4, 2010 at 11:27 PM, David Mehler dave.meh...@gmail.com wrote: Hello, I've got a form with several required fields of different types. I want to have the php script process it only when all the required fields are present, and to redisplay the form with filled in values on failure so the user won't have to fill out the whole thing again. One of my required fields is a text input field called name. If it's not filled out the form displayed will show this: input type=text name=name id=name size=50 value=?php echo($name); ? / br / Note, I've got $_POST* variable processing before this so am assigning that processing to short variables. If that field is filled out, but another required one is not that form field will fill in the value entered for the name field. This is working for my text input fields, but not for either select boxes or textareas. Here's the textarea also a required field: textarea name=description id=description cols=50 rows=10 value=?php echo($description); ?/textarea What this does, if a user fills out this field, but misses another, it should echo the value of what was originally submitted. It is not doing this. Same for my select boxes, here's one: select name=type id=type value=?php echo($type); ? option value=0 selected=selected-- select type --/option option value=meeting - Meeting - /option option value=event - Event - /option /select I'd also like for any not entered required fields to have an error box around them, I've got a css class to handle this, but am not sure how to tie it in to the fields since any one of the required fields could not be filled in. I'd appreciate any help. Thanks. Dave. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Regards, Shreyas Agasthya
Re: [PHP] form validation and error display
On Sun, Jul 04, 2010 at 01:57:01PM -0400, David Mehler wrote:
Hello,
I've got a form with several required fields of different types. I
want to have the php script process it only when all the required
fields are present, and to redisplay the form with filled in values on
failure so the user won't have to fill out the whole thing again.
One of my required fields is a text input field called name. If it's
not filled out the form displayed will show this:
input type=text name=name id=name size=50 value=?php
echo($name); ? / br /
Note, I've got $_POST* variable processing before this so am assigning
that processing to short variables.
If that field is filled out, but another required one is not that form
field will fill in the value entered for the name field.
This is working for my text input fields, but not for either select
boxes or textareas. Here's the textarea also a required field:
textarea name=description id=description cols=50 rows=10
value=?php echo($description); ?/textarea
Textarea fields don't work this way. To display the prior value, you
have to do this:
textarea name=description?php echo $description; ?/textarea
What this does, if a user fills out this field, but misses another, it
should echo the value of what was originally submitted. It is not
doing this. Same for my select boxes, here's one:
select name=type id=type value=?php echo($type); ?
option value=0 selected=selected-- select type --/option
option value=meeting - Meeting - /option
option value=event - Event - /option
/select
The value attribute of a select field won't do this for you. You have
to actually set up each option with an either/or choice, like this:
option value=0 ?php if ($type == 'meeting') echo 'selected=selected';
? - Meeting - /option
Since doing this is pretty tedious, I use a function here instead:
function set_selected($fieldname, $value)
{
if ($_POST[$fieldname] == $value)
echo 'selected=selected';
}
And then
option value=meeting ?php set_selected('type', 'meeting');
?Meeting/option
HTH,
Paul
--
Paul M. Foster
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] form validation and error display
Hello everyone,
Thanks for your suggestions.
For my variable in the value area of the text input field I enter
value=?php echo $name; ?
Prior to this I assign the variable $name to:
$name = stripslashes($_POST['name']);
I hope this is correct.
Sticky forms sounds exactly what i'm looking for. I've changed my
action attribute to
?php echo $_SERVER['PHP_SELF']; ?
The first thing I do once the page is loaded is check whether or not
submit is set, if it is not I display the form, which is in a function
call. If submit is set I want to begtin validation, so i'm deciding to
merge my two files in to one, I like this better. My question is say
for example the name text field is not filled out but all the other
required fields are how do I get the form to redisplay itself? I was
thinking a location redirect, but this doesn't sound right.
Thanks.
Dave.
On 7/4/10, Paul M Foster pa...@quillandmouse.com wrote:
On Sun, Jul 04, 2010 at 01:57:01PM -0400, David Mehler wrote:
Hello,
I've got a form with several required fields of different types. I
want to have the php script process it only when all the required
fields are present, and to redisplay the form with filled in values on
failure so the user won't have to fill out the whole thing again.
One of my required fields is a text input field called name. If it's
not filled out the form displayed will show this:
input type=text name=name id=name size=50 value=?php
echo($name); ? / br /
Note, I've got $_POST* variable processing before this so am assigning
that processing to short variables.
If that field is filled out, but another required one is not that form
field will fill in the value entered for the name field.
This is working for my text input fields, but not for either select
boxes or textareas. Here's the textarea also a required field:
textarea name=description id=description cols=50 rows=10
value=?php echo($description); ?/textarea
Textarea fields don't work this way. To display the prior value, you
have to do this:
textarea name=description?php echo $description; ?/textarea
What this does, if a user fills out this field, but misses another, it
should echo the value of what was originally submitted. It is not
doing this. Same for my select boxes, here's one:
select name=type id=type value=?php echo($type); ?
option value=0 selected=selected-- select type --/option
option value=meeting - Meeting - /option
option value=event - Event - /option
/select
The value attribute of a select field won't do this for you. You have
to actually set up each option with an either/or choice, like this:
option value=0 ?php if ($type == 'meeting') echo 'selected=selected';
? - Meeting - /option
Since doing this is pretty tedious, I use a function here instead:
function set_selected($fieldname, $value)
{
if ($_POST[$fieldname] == $value)
echo 'selected=selected';
}
And then
option value=meeting ?php set_selected('type', 'meeting');
?Meeting/option
HTH,
Paul
--
Paul M. Foster
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] form validation and error display
On Sun, 2010-07-04 at 18:23 -0400, David Mehler wrote:
Hello everyone,
Thanks for your suggestions.
For my variable in the value area of the text input field I enter
value=?php echo $name; ?
Prior to this I assign the variable $name to:
$name = stripslashes($_POST['name']);
I hope this is correct.
Sticky forms sounds exactly what i'm looking for. I've changed my
action attribute to
?php echo $_SERVER['PHP_SELF']; ?
The first thing I do once the page is loaded is check whether or not
submit is set, if it is not I display the form, which is in a function
call. If submit is set I want to begtin validation, so i'm deciding to
merge my two files in to one, I like this better. My question is say
for example the name text field is not filled out but all the other
required fields are how do I get the form to redisplay itself? I was
thinking a location redirect, but this doesn't sound right.
Thanks.
Dave.
On 7/4/10, Paul M Foster pa...@quillandmouse.com wrote:
On Sun, Jul 04, 2010 at 01:57:01PM -0400, David Mehler wrote:
Hello,
I've got a form with several required fields of different types. I
want to have the php script process it only when all the required
fields are present, and to redisplay the form with filled in values on
failure so the user won't have to fill out the whole thing again.
One of my required fields is a text input field called name. If it's
not filled out the form displayed will show this:
input type=text name=name id=name size=50 value=?php
echo($name); ? / br /
Note, I've got $_POST* variable processing before this so am assigning
that processing to short variables.
If that field is filled out, but another required one is not that form
field will fill in the value entered for the name field.
This is working for my text input fields, but not for either select
boxes or textareas. Here's the textarea also a required field:
textarea name=description id=description cols=50 rows=10
value=?php echo($description); ?/textarea
Textarea fields don't work this way. To display the prior value, you
have to do this:
textarea name=description?php echo $description; ?/textarea
What this does, if a user fills out this field, but misses another, it
should echo the value of what was originally submitted. It is not
doing this. Same for my select boxes, here's one:
select name=type id=type value=?php echo($type); ?
option value=0 selected=selected-- select type --/option
option value=meeting - Meeting - /option
option value=event - Event - /option
/select
The value attribute of a select field won't do this for you. You have
to actually set up each option with an either/or choice, like this:
option value=0 ?php if ($type == 'meeting') echo 'selected=selected';
? - Meeting - /option
Since doing this is pretty tedious, I use a function here instead:
function set_selected($fieldname, $value)
{
if ($_POST[$fieldname] == $value)
echo 'selected=selected';
}
And then
option value=meeting ?php set_selected('type', 'meeting');
?Meeting/option
HTH,
Paul
--
Paul M. Foster
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
$_SERVER['PHP_SELF'] is not to be trusted, and shouldn't be used as the
action of a form like this.
http://www.mc2design.com/blog/php_self-safe-alternatives explains it all
better than I can here, so it's worth a read, but it does list safe
alternatives.
One thing I do when creating sticky select lists is this:
$colours = array('red', 'green', 'blue', 'yellow', 'pink');
echo 'select name=colour';
for($i=0; $icount($colours); $i++)
{
$selected = (isset($_POST['colour']) $_POST['colour'] ==
$i)?'selected=selected':'';
echo option value=\$i\ $selected{$colours[$i]}/option;
}
echo '/select';
Basically, this uses PHP to not only output the list from an array
(which itself can be populated from a database maybe) and select the
right option if it exists in the $_POST array and matches the current
option in the loop that's being output.
Thanks,
Ash
http://www.ashleysheridan.co.uk
[PHP] form validation code
Hello,
I've been looking at this to long, and am not seeing the issue. When i
had the below php code set to !empty instead of !isset as it is now I
got the value of the name variable echoed back, yet on sql insert that
field, along with all others are empty, though no error is generated,
just a bogus record is inserted.
When I changed to !isset I'm now getting the die statement echoed as
if no value was passed from the form. This is not the case, I filled
it out completely.
Can anyone tell me where this code went wrong?
Thanks.
Dave.
Html form:
h3Fields marked with a * (star) are required./h3
form method=post action=
div
label for=txtnameName*:/label
input type=text name=name / br /
/div
div
input id=reset name=reset type=reset/
/div
div
input id=submit name=submit type=submit/
/div
/form
/div
php Code:
// Check if fields are isset
echo Field Checs.br /;
if (!isset($_POST['name'])) {
echo The value of Name is . $_POST['name']. br /;
} else {
die('ERROR: Missing value - Event Name');
}
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] form validation code
On Wed, Jun 30, 2010 at 09:07, David Mehler dave.meh...@gmail.com wrote:
Hello,
I've been looking at this to long, and am not seeing the issue. When i
had the below php code set to !empty instead of !isset as it is now I
got the value of the name variable echoed back, yet on sql insert that
field, along with all others are empty, though no error is generated,
just a bogus record is inserted.
When I changed to !isset I'm now getting the die statement echoed as
if no value was passed from the form. This is not the case, I filled
it out completely.
Can anyone tell me where this code went wrong?
Sure.
php Code:
// Check if fields are isset
echo Field Checs.br /;
if (!isset($_POST['name'])) {
the line above.
(Hint: isset != empty)
(Another hint: with !empty(), you told PHP, if it's not empty.
Now, with !isset(), you're saying, if it's not set.)
(Answer: Remove the exclamation point from !isset().)
--
/Daniel P. Brown
UNADVERTISED DEDICATED SERVER SPECIALS
SAME-DAY SETUP
Just ask me what we're offering today!
daniel.br...@parasane.net || danbr...@php.net
http://www.parasane.net/ || http://www.pilotpig.net/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] form validation code
On 30 June 2010 14:23, Daniel P. Brown daniel.br...@parasane.net wrote: (Hint: isset != empty) More importantly ... isset != !empty $a = Null; $b = ''; // $c = undefined; $d = 'Hello'; isset($a) = False vs True = empty($a) isset($b) = True vs True = empty($b) isset($c) = False vs True = empty($c) isset($d) = True vs False = empty($d) -- - Richard Quadling Standing on the shoulders of some very clever giants! EE : http://www.experts-exchange.com/M_248814.html EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498r=213474731 ZOPA : http://uk.zopa.com/member/RQuadling -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] form validation code
http://www.php.net/manual/en/types.comparisons.php http://www.php.net/manual/en/types.comparisons.phpThe first table actually gives a very good understanding. --Shreyas On Wed, Jun 30, 2010 at 7:05 PM, Richard Quadling rquadl...@gmail.comwrote: On 30 June 2010 14:23, Daniel P. Brown daniel.br...@parasane.net wrote: (Hint: isset != empty) More importantly ... isset != !empty $a = Null; $b = ''; // $c = undefined; $d = 'Hello'; isset($a) = False vs True = empty($a) isset($b) = True vs True = empty($b) isset($c) = False vs True = empty($c) isset($d) = True vs False = empty($d) -- - Richard Quadling Standing on the shoulders of some very clever giants! EE : http://www.experts-exchange.com/M_248814.html EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498r=213474731 ZOPA : http://uk.zopa.com/member/RQuadling -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Regards, Shreyas Agasthya
Re: [PHP] form validation code
On 30 June 2010 14:53, Shreyas Agasthya shreya...@gmail.com wrote: http://www.php.net/manual/en/types.comparisons.php The first table actually gives a very good understanding. --Shreyas On Wed, Jun 30, 2010 at 7:05 PM, Richard Quadling rquadl...@gmail.com wrote: On 30 June 2010 14:23, Daniel P. Brown daniel.br...@parasane.net wrote: (Hint: isset != empty) More importantly ... isset != !empty $a = Null; $b = ''; // $c = undefined; $d = 'Hello'; isset($a) = False vs True = empty($a) isset($b) = True vs True = empty($b) isset($c) = False vs True = empty($c) isset($d) = True vs False = empty($d) -- - Richard Quadling Standing on the shoulders of some very clever giants! EE : http://www.experts-exchange.com/M_248814.html EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498r=213474731 ZOPA : http://uk.zopa.com/member/RQuadling -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Regards, Shreyas Agasthya empty() === !boolean() and isset() === !is_null() -- - Richard Quadling Standing on the shoulders of some very clever giants! EE : http://www.experts-exchange.com/M_248814.html EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498r=213474731 ZOPA : http://uk.zopa.com/member/RQuadling -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Form validation and save the form
-Original Message- From: aditya shukla [mailto:adityashukla1...@gmail.com] Sent: 11 January 2010 07:37 AM To: php-general Subject: [PHP] Form validation and save the form Hello Guys, I am trying to validate a form for user input , such that when something is missing load the form again by focusing on the wrong field.Say i don not enter my address so when the form loads everything else is saved and the form points to address field. Thanks Aditya You need Javascript for that not PHP. PHP is server side, javascript is client side (browser). Regards Angelo http://www.elemental.co.za http://www.wapit.co.za -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form validation and save the form
Angelo Zanetti wrote: -Original Message- From: aditya shukla [mailto:adityashukla1...@gmail.com] Sent: 11 January 2010 07:37 AM To: php-general Subject: [PHP] Form validation and save the form Hello Guys, I am trying to validate a form for user input , such that when something is missing load the form again by focusing on the wrong field.Say i don not enter my address so when the form loads everything else is saved and the form points to address field. Thanks Aditya You need Javascript for that not PHP. PHP is server side, javascript is client side (browser). He doesn't say anything about not reloading the form... in fact he explicitly says when something is missing load the form again. This suggests a server request and not JavaScript. Either way... validation can occur either in JavaScript or PHP... but it should ALWAYS occur in PHP regardless of any JavaScript validation. Cheers, Rob. -- http://www.interjinn.com Application and Templating Framework for PHP -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form validation and save the form
Thanks for the reply guys.Do you guys know a good resource where i can read from about form validation through PHP.There a lot on google but please suggest something if you guys know. Thanks Aditya
RE: [PHP] Form validation and save the form
-Original Message- From: aditya shukla [mailto:adityashukla1...@gmail.com] Sent: 11 January 2010 05:03 PM To: Robert Cummings Cc: Angelo Zanetti; php-general Subject: Re: [PHP] Form validation and save the form Thanks for the reply guys.Do you guys know a good resource where i can read from about form validation through PHP.There a lot on google but please suggest something if you guys know. Thanks Aditya I think just do some form validation tutorials (google for them). These will help you to understand the validation process in more detail. Regards Angelo http://www.elemental.co.za http://www.wapit.co.za -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form validation and save the form
On Mon, Jan 11, 2010 at 10:18 AM, Angelo Zanetti ang...@zlogic.co.za wrote:
-Original Message-
From: aditya shukla [mailto:adityashukla1...@gmail.com]
Sent: 11 January 2010 05:03 PM
To: Robert Cummings
Cc: Angelo Zanetti; php-general
Subject: Re: [PHP] Form validation and save the form
Thanks for the reply guys.Do you guys know a good resource where i can read
from about form validation through PHP.There a lot on google but please
suggest something if you guys know.
Thanks
Aditya
I think just do some form validation tutorials (google for them).
These will help you to understand the validation process in more detail.
Regards
Angelo
http://www.elemental.co.za
http://www.wapit.co.za
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
I still like
?php
// includes go here
if(isset($_POST['submit'])){
process_form();
}else{
show_form();
}//end if
function process_form()
{
//receive the data, validate and store the data in the db goes here
//feel free to add more functions that you could re-use in other parts
//of the app
}
function show_form($data='', $errors='')
{
//code to show the form goes here
//$data and $errors could be passed in from the above function if
//there are issues with the data validation (no image, data missing etc)
}
for simple pages. Its a mini MVC where the code could post the data
back to the form with error message to indicate to the user what
should be done.
--
Bastien
Cat, the other other white meat
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Form validation and save the form
Hello Guys, I am trying to validate a form for user input , such that when something is missing load the form again by focusing on the wrong field.Say i don not enter my address so when the form loads everything else is saved and the form points to address field. Thanks Aditya
Re: [PHP] Form validation and save the form
On Sun, Jan 10, 2010 at 11:37:06PM -0600, aditya shukla wrote:
Hello Guys,
I am trying to validate a form for user input , such that when something is
missing load the form again by focusing on the wrong field.Say i don not
enter my address so when the form loads everything else is saved and the
form points to address field.
Typically, you would direct the form back to itself. Then at the top of
the form, you'd put a test to determine if the form has been processed
before or if this is the first time through. Then you make your decision
about missed fields, etc. Like this:
== someform.php ==
?php
if (empty($_POST)) {
load_some_values_or_not();
}
else { // form has entered data
$okay = process_for_errors();
if ($okay) {
store_the_data();
header(Location: success.php);
exit();
}
}
?
HTML crap goes here...
== end of someform.php ==
You'll notice that if there are entry errors, execution falls through.
In that case, you'll need to do something like this for fields:
input type=text name=pizza value=?php echo $_POST['pizza']; ?/
so that the entered data shows up in the fields. First time through, the
value attribute will yield nothing.
Paul
--
Paul M. Foster
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form validation issue
The javascript function formValidator() must return false if any errors are formed. The PHP only runs if the fields are set by testing using ‘isset”. You should definitely have a better validation than that. Remember that all users dont have javascript enabled. Moreover it is very easy to modify the request variables. However, if the server-side evaluation fails and the page is refreshed, then all the previous values are lost -- UNLESS -- you keep them in a cookie, database, or session. I suggest using a session. This is true when the page is refreshed but I doubt that is the case here. Since $_SERVER['PHP_SELF'] is being used I think value=?php echo $_POST[...] ? will be sufficient -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form validation issue
Tedd,
If you are using a post method using $_SERVER['PHP_SELF'], then values are
present in the POST array, hence, you would write your html with
interspersed php like so:
input type=text name=username value=?php if
(isset($_POST['username'])) echo $_POST['username'] ? id=username /
I sometimes use a function for the echoing of these values if I use the same
form for first time (ie. registration) and editing (update), and the
function checks for a $_POST value, then secondly for an existing database
value variable (ie. $row['username']). If either exist, populate the input
with it (precedence given to POST), otherwise it is empty.
The function looks something this:
function echoValue($post=null, $row=null) {
if (isset($post)) {
echo $post;
} elseif (isset($row)) {
echo $row;
}
}
and is used like this:
input type... value=?php echoValue($_POST['username'], $row['username'] )
? id=username /
after performing a query on a query-string variable (eg. profile.php?id=57
--- 'SELECT * FROM `users` WHERE `id` = '.$_GET['id'] ) etc.
On Mon, Dec 21, 2009 at 8:03 AM, tedd tedd.sperl...@gmail.com wrote:
At 9:43 PM -0500 12/20/09, Ernie Kemp wrote:
Good Day,
I need help in in validating a form.
The for is valdated be a javascript frist then if all the
fields are filled in its valaded be PHP.
The Form starts with:
form name=myForm action=?php echo
$_SERVER['PHP_SELF'];? method=post onsubmit='return formValidator()'
The formValidator() goes to a javascript and does display the missing
information in this case BUT then the page gets reloaded and clears all the
javascript error messages and does the PHP validation.
The PHP only runs if the fields are set by testing using 'isset.
Without puting on numeric lines of go can you suggest things I must have
overlooked. Silly request but there must be something I'm overlooking.I
have simular code on other programs but this one is casuing me trouble.
Thanks every so much..
Ernie:
Client-side javascript can help populate fields and correct any problems a
user might have, but once the form is submitted to the server, then the data
is sent and evaluated server-side, hence validation.
However, if the server-side evaluation fails and the page is refreshed,
then all the previous values are lost -- UNLESS -- you keep them in a
cookie, database, or session. I suggest using a session.
Cheers,
tedd
--
---
http://sperling.com http://ancientstones.com http://earthstones.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form validation issue
At 2:22 AM -0800 12/24/09, Allen McCabe wrote: Tedd, If you are using a post method using $_SERVER['PHP_SELF'], then values are present in the POST array, hence, you would write your html with interspersed php like so: input type=text name=username value=?php if (isset($_POST['username'])) echo $_POST['username'] ? id=username / No, I wouldn't do it that way. First, a post method using $_SERVER['PHP_SELF'] is the same as action=. A form by default, defaults to itself and thus no need for $_SERVER['PHP_SELF']. Second, I seldom use any POST variable without sanitizing it first. As such, my input statements always look like -- input type=text name=user_name value=?php echo($user_name); ? -- where the variable $user_name has beensanitized in some fashion (i.e., trim, limit length, etc.). I think that is easier to read and debug. Also, if I am using a javascript routine (as mentioned in the OP), then I add ' id=user_name ' Cheers and Merry Christmas. tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form validation issue
At 3:10 PM +0530 12/24/09, kranthi wrote: The javascript function formValidator() must return false if any errors are formed. The PHP only runs if the fields are set by testing using 'isset. You should definitely have a better validation than that. Remember that all users dont have javascript enabled. Moreover it is very easy to modify the request variables. However, if the server-side evaluation fails and the page is refreshed, then all the previous values are lost -- UNLESS -- you keep them in a cookie, database, or session. I suggest using a session. This is true when the page is refreshed but I doubt that is the case here. Since $_SERVER['PHP_SELF'] is being used I think value=?php echo $_POST[...] ? will be sufficient I forgot to mention that $_POST does hold on to the values as well -- so, one could use that. However, you still have to repopulate the form and that was what I was getting at. Cheers and Merry Christmas. tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form validation issue
Does the js function return false on the errors to block the submission? Bastien Sent from my iPod On Dec 20, 2009, at 9:43 PM, Ernie Kemp ernie.k...@sympatico.ca wrote: Good Day, I need help in in validating a form. The for is valdated be a javascript frist then if all the fields are filled in its valaded be PHP. The Form starts with: form name=myForm action=?php echo $_SERVER ['PHP_SELF'];? method=post onsubmit='return formValidator()' The “formValidator()” goes to a javascript and does display the missing information in this case BUT then the page gets reloaded and clears all the javascript error messages and does the PHP validation. The PHP only runs if the fields are set by testing using ‘isset”. Without puting on numeric lines of go can you suggest things I must have overlooked. Silly request but there must be something I’m overl ooking.I have simular code on other programs but this one is cas uing me trouble. Thanks every so much.. ../Ernie
Re: [PHP] Form validation issue
At 9:43 PM -0500 12/20/09, Ernie Kemp wrote: Good Day, I need help in in validating a form. The for is valdated be a javascript frist then if all the fields are filled in its valaded be PHP. The Form starts with: form name=myForm action=?php echo $_SERVER['PHP_SELF'];? method=post onsubmit='return formValidator()' The formValidator() goes to a javascript and does display the missing information in this case BUT then the page gets reloaded and clears all the javascript error messages and does the PHP validation. The PHP only runs if the fields are set by testing using 'isset. Without puting on numeric lines of go can you suggest things I must have overlooked. Silly request but there must be something I'm overlooking.I have simular code on other programs but this one is casuing me trouble. Thanks every so much.. Ernie: Client-side javascript can help populate fields and correct any problems a user might have, but once the form is submitted to the server, then the data is sent and evaluated server-side, hence validation. However, if the server-side evaluation fails and the page is refreshed, then all the previous values are lost -- UNLESS -- you keep them in a cookie, database, or session. I suggest using a session. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Form validation issue
Good Day, I need help in in validating a form. The for is valdated be a javascript frist then if all the fields are filled in its valaded be PHP. The Form starts with: form name=myForm action=?php echo $_SERVER['PHP_SELF'];? method=post onsubmit='return formValidator()' The formValidator() goes to a javascript and does display the missing information in this case BUT then the page gets reloaded and clears all the javascript error messages and does the PHP validation. The PHP only runs if the fields are set by testing using 'isset. Without puting on numeric lines of go can you suggest things I must have overlooked. Silly request but there must be something I'm overlooking.I have simular code on other programs but this one is casuing me trouble. Thanks every so much.. ../Ernie
Re: [PHP] Form validation issue
then the page gets reloaded and clears all the javascript error messages and does the PHP validation. That is because the form is getting submitted... make sure you js code prevents form submit if errors are found Midhun Girish On Mon, Dec 21, 2009 at 8:13 AM, Ernie Kemp ernie.k...@sympatico.ca wrote: Good Day, I need help in in validating a form. The for is valdated be a javascript frist then if all the fields are filled in its valaded be PHP. The Form starts with: form name=myForm action=?php echo $_SERVER['PHP_SELF'];? method=post onsubmit='return formValidator()' The “formValidator()” goes to a javascript and does display the missing information in this case BUT then the page gets reloaded and clears all the javascript error messages and does the PHP validation. The PHP only runs if the fields are set by testing using ‘isset”. Without puting on numeric lines of go can you suggest things I must have overlooked. Silly request but there must be something I’m overlooking.I have simular code on other programs but this one is casuing me trouble. Thanks every so much.. ../Ernie
[PHP] Form Validation filter - Regex Q
Morning All,
I've been figthing with this little problem for two days now, so far no luck
with google and am beginning to question my own sanity.
I have a application that has over one hundred forms some quite lengthy so
what I'm trying to achieve rather than writing a bunch of individual
sanitize statements then form validation statemenst that I could run $_POST
through a foreach loop and filter the values by form class i.e.is it an
emaill addreess or simply a text block with letters and numbers. The regex's
alone work fine as does the foreach loop the only issue I have is the IF
statement comparing $key to expected varieable names.
Heres the bit of code envolved.
if(isset($_POST['submit'])){
foreach($_POST as $keyTemp = $valueTemp){
$key = mysqlclean($keyTemp);
$value = mysqlclean($valueTemp);
$$key = $key;
$$key = $value;
if($key != ($customerServiceEmail) || ($billingEmail) ||
($website)){
if(preg_match(/[^a-zA-Z0-9\s]/, $value)){
$style = yellow;
$formMsg = Invalid Characters;
$bad = $key;
}
}
if($key = ($customerServiceEmail) || ($billingEmail)){
if(preg_match(/^([a-za-z0-9._%...@[a-za-z0-9.-]+\.[a-za-z]{2,4})*$/,
$value)){
$style = yellow;
$formMsg = Invalid Characters;
$bad = $key;
}
}
}
}
Thanks for taking a peek.
Haig
Re: [PHP] Form Validation
Ashley Sheridan wrote:
On Wed, 2009-08-12 at 12:21 -0400, Micheleh Davis wrote:
Please help. My form validation worked fine until I added the terms check
at the bottom. Any ideas?
//form validation step one
function validateStep1(myForm){
// list of required fields
with (myForm) {
var requiredFields = new Array (
firstName,
lastName,
phone,
email,
terms)
}
// check for missing required fields
for (var i = 0; i requiredFields.length; i++){
if (requiredFields[i].value == ){
alert (You left a required
field blank. Please enter the required information.);
requiredFields[i].focus();
return false;
}
}
// check for valid email address format
var eaddress= myForm.email.value;
var validaddress=
/^([a-zA-Z0-9_.-])+@(([a-zA-Z0-9-])+.)+([a-zA-Z0-9]{2,4})$/;
//var validaddress= /^((\w+).?(\w+))+...@\w+/i;
var result= eaddress.match(validaddress);
if (result == null) {
alert (Please enter your complete email
address.);
myForm.email.focus();
return false;
}
// check for valid phone format
var check= myForm.phone.value;
check= check.replace(/[^0-9]/g,);
if (check.length 10) {
alert (please enter your complete phone number.);
return false;
}//end if
return true;
//begin terms and conditions check
var termsCheck= myForm.terms.value;
if (bcForm1.checked == false)
{
alert ('Please read and select I Agree to
the Terms and Conditions of Service.');
return false;
}
else
{
return true;
}
//end terms check
Erm, where's the PHP code in that?
Thanks,
Ash
http://www.ashleysheridan.co.uk
Indeed. And I hope that there is server-side form validation also.
HTH,
Stijn
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Form Validation
Please help. My form validation worked fine until I added the terms check
at the bottom. Any ideas?
//form validation step one
function validateStep1(myForm){
// list of required fields
with (myForm) {
var requiredFields = new Array (
firstName,
lastName,
phone,
email,
terms)
}
// check for missing required fields
for (var i = 0; i requiredFields.length; i++){
if (requiredFields[i].value == ){
alert (You left a required
field blank. Please enter the required information.);
requiredFields[i].focus();
return false;
}
}
// check for valid email address format
var eaddress= myForm.email.value;
var validaddress=
/^([a-zA-Z0-9_.-])+@(([a-zA-Z0-9-])+.)+([a-zA-Z0-9]{2,4})$/;
//var validaddress= /^((\w+).?(\w+))+...@\w+/i;
var result= eaddress.match(validaddress);
if (result == null) {
alert (Please enter your complete email
address.);
myForm.email.focus();
return false;
}
// check for valid phone format
var check= myForm.phone.value;
check= check.replace(/[^0-9]/g,);
if (check.length 10) {
alert (please enter your complete phone number.);
return false;
}//end if
return true;
//begin terms and conditions check
var termsCheck= myForm.terms.value;
if (bcForm1.checked == false)
{
alert ('Please read and select I Agree to
the Terms and Conditions of Service.');
return false;
}
else
{
return true;
}
//end terms check
Re: [PHP] Form Validation
On Wed, 2009-08-12 at 12:21 -0400, Micheleh Davis wrote:
Please help. My form validation worked fine until I added the terms check
at the bottom. Any ideas?
//form validation step one
function validateStep1(myForm){
// list of required fields
with (myForm) {
var requiredFields = new Array (
firstName,
lastName,
phone,
email,
terms)
}
// check for missing required fields
for (var i = 0; i requiredFields.length; i++){
if (requiredFields[i].value == ){
alert (You left a required
field blank. Please enter the required information.);
requiredFields[i].focus();
return false;
}
}
// check for valid email address format
var eaddress= myForm.email.value;
var validaddress=
/^([a-zA-Z0-9_.-])+@(([a-zA-Z0-9-])+.)+([a-zA-Z0-9]{2,4})$/;
//var validaddress= /^((\w+).?(\w+))+...@\w+/i;
var result= eaddress.match(validaddress);
if (result == null) {
alert (Please enter your complete email
address.);
myForm.email.focus();
return false;
}
// check for valid phone format
var check= myForm.phone.value;
check= check.replace(/[^0-9]/g,);
if (check.length 10) {
alert (please enter your complete phone number.);
return false;
}//end if
return true;
//begin terms and conditions check
var termsCheck= myForm.terms.value;
if (bcForm1.checked == false)
{
alert ('Please read and select I Agree to
the Terms and Conditions of Service.');
return false;
}
else
{
return true;
}
//end terms check
Erm, where's the PHP code in that?
Thanks,
Ash
http://www.ashleysheridan.co.uk
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] form validation
i need to validate a field in a form where a user enters a reference number
this can be letters, numbers and special characters also so i have not
written any special preg match as the username is a combination. the only
check i am doing is if there are any white spaces and if a user simple
presses the space bar and does not enter value i display a message to enter
the reference number and even if there are white spaces followed by the
reference number i have used trim method. i have checked in the database
even if there are white spaces followed by reference number due to trim()
method the data in the table is being inserted whithout those white spaces.
following is the code i am presently using
$referencenumber = trim($_POST[referencenumber]);
if(strlen($referencenumber) == 0)
{
$error.=liReference number cannot be blank /li br /;
}
this code works perfectly fine and does what it is supposed to, however i am
using techniques to avoid sql injection. following is the technique i have
used
if(get_magic_quotes_gpc())
{
$username = stripslashes($_POST[username]);
}
else
{
$username = $_POST[username];
}
due to this even if i use
if(get_magic_quotes_gpc())
{
$lodgementnumber = stripslashes($_POST[lodgementnumber]);
}
else
{
$lodgementnumber = trim($_POST[lodgementnumber]);
}
if(strlen($lodgementnumber) == 0)
{
$error.=reference number cannot be blank;
}
the validation is not doing what it does in the code i mentioned at the
begining.
i need to use techniques to avoid sql injection and i also need the
validation to work.
how can i fix this.
please advice.
thanks.
[PHP] form validation using php
hi
i need to validate a field in a form where a user enters their lodgement
number as part of a registration form. this lodgement number can have
letters, numbers, spaces and special characters. i do not know exactly what
those special characters are, so do i have to define the type of special
characters and validate accordingly.
presently my php code for validating the lodgement number is
$lodgementtf = $_POST[lodgementtf];
if($lodgementtf == || !preg_match(/^[a-zA-Z0-9_ ]+$/, $lodgementtf) )
{
echo display error message:
}
i also have another way of validating
if($lodgementnumber == || !preg_match(/^[a-zA-Z0-9_ [EMAIL
PROTECTED]*()]+$/,
$lodgementnumber) )
does this mean that the special characters can only be = a space AND
[EMAIL PROTECTED]*() and no other special characters.
please advice.
thanks.
[PHP] Form Validation and DB Query
Hi,
Being thrust into cleaning after another has me timid. Could some
kind soul look over the following solution for form validation and DB
query? Any suggestions on security and streamlining is humbly requested.
CK
?php
$firstname =$_POST['firstname'];
$lastname = $_POST['lastname']);
$email = $_POST['email']);
$address = $_POST['address']);
$city = $_POST['city']);
$state = $_POST['state']);
$zip = $_POST['zip']);
$comments = $_POST['comments']);
$newsletter = $_POST['signup']);
$contact = $_POST['contact']);
$dt = '.date('Y-m-d H:i:s');
$message = First Name: .$firstname.\n;
$message .= Last Name: .$lastname.\n;
$message .= Email: .$email.\n;
$message .= Address: .$address.\n;
$message .= City: .$city.\n;
$message .= State: .$state.\n;
$message .= Zip: .$zip.\n;
$message .= Comments: .$comments.\n;
$message .= Newsletter: .$newsletter.\n;
$message .= Contact: .$contact.\n;
function validate_form($email,$firstname,$lastname)
{
if(strlen($firstname)0){
$firstname=stripslashes($firstname);
}else{//If no name was entered.
$firstname=NULL;
echo 'pemYou forgot to enter your first name./em/p';
}
if(strlen($lastname)0){
$lastname=stripslashes($fm_lastname);
}else{//If no name was entered.
$lastname=NULL;
echo 'pemYou forgot to enter your last name./em/p';
}
// Create the syntax of email with validation regular expression
$regexp = ^([_a-z0-9-]+)(\.[_a-z0-9-]+)*@([a-z0-9-]+)(\.[a-z0-9-]
+)*(\.[a-z]{2,4})$;
// Presume that the email is invalid
$valid = false;
// Validate the syntax
if (eregi($regexp, $email))
{
list($username,$domaintld) = split(@,$email);
// Validate the domain
if (getmxrr($domaintld,$mxrecords))
$valid = true;
}
// attempts a socket connection to mail server
if(@fsockopen($domaintld,25,$errno,$errstr,15)) {
$valid = true;
} else {
$valid = false;
echo 'pemPlease check your email and try again./em/p';
}
return $valid;
}
if (validate_form($email,$firstname,$lastname))
@ $db = mysql_connect('mysql_host', 'mysql_user', 'mysql_password);
if (mysql_errno()) {
echo 'perror connecting to database/p';
exit;
}
if (!mysql_select_db(mysql_user)) {
echo pThere is a system error - please try later/p;
exit;
}
$query = insert into users values (NULL, .$firstname., .
$lastname., .$email., .$address., .$city., .$state., .
$zip., .$comments., .$newsletter., .$contact., .$dt.);
mysql_real_escape_string($firstname, $query),
mysql_real_escape_string($lastname, $query),
mysql_real_escape_string($email, $query),
mysql_real_escape_string($address, $query),
mysql_real_escape_string($city, $query),
mysql_real_escape_string($state, $query),
mysql_real_escape_string($zip, $query),
mysql_real_escape_string($comments, $query),
mysql_real_escape_string($newsletter, $query),
mysql_real_escape_string($contact, $query),
mysql_real_escape_string($dt, $query),
//echo p.$query./p;
$result = mysql_query($query, $db);
if (!$result) {
echo p.mysql_error()./p;
exit;
} else {
$to = [EMAIL PROTECTED];
$subject = CTS Contact;
mail($to, $subject, $message);
}
}
}
?
Re: [PHP] Form Validation Issues
On Tue, May 29, 2007 12:05 am, Greg Donald wrote: On 5/24/07, Robert Cummings [EMAIL PROTECTED] wrote: *lol* You must have missed the other thread... hence the wink on the end :) I'm guessing not everyone uses a threaded email client. And some people always feel the need to post their 'thoughts' no matter how well the question has already been beaten to death. :) Speaking of which... :-) Suppose, just for the sake of argument, that Puerto Rico becomes the 51st state? Your code is now broken Perhaps it would be wiser to web-scrape an ISO standard listing of states every six months or so, and popuplate your state listings in the DB from that. That's what I do with the country list, actually, as I can't even name half the countries, much less spell them nor get the right 2-char code... :-) If anything goes wrong, you can point to ISO as the culprit too! :-) -- Some people have a gift link here. Know what I want? I want you to buy a CD from some indie artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form Validation Issues
On 5/24/07, Robert Cummings [EMAIL PROTECTED] wrote: *lol* You must have missed the other thread... hence the wink on the end :) I'm guessing not everyone uses a threaded email client. And some people always feel the need to post their 'thoughts' no matter how well the question has already been beaten to death. :) -- Greg Donald http://destiney.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form Validation Issues
tedd wrote: SNIP on topic stuff Some men are born to greatness, some achieve greatness, and some have greatness thrust upon them. Unknown Hi Jim: You might try the array below and the quote above, I believe, was Douglas MacArthur of WWII fame. Is that the same Douglas MacArthur who was once known as William Shakespeare :-) IIRC that is from Twelfth Night. Cheers -- David Robley No, I'm from Iowa. I only work in Outer Space. Today is Sweetmorn, the 73rd day of Discord in the YOLD 3173. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form Validation Issues
tedd wrote: SNIP on topic stuff Some men are born to greatness, some achieve greatness, and some have greatness thrust upon them. Unknown Hi Jim: You might try the array below and the quote above, I believe, was Douglas MacArthur of WWII fame. Is that the same Douglas MacArthur who was once known as William Shakespeare :-) IIRC that is from Twelfth Night. Cheers -- David Robley I guess that MacArthur re-quoted it in one of his speeches, because I recall a WWII newsreel where he said it. But in any event, the author of the quote isn't Unknown. Cheers, tedd -- --- http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form Validation Issues
tedd wrote: tedd wrote: SNIP on topic stuff Some men are born to greatness, some achieve greatness, and some have greatness thrust upon them. Unknown Hi Jim: You might try the array below and the quote above, I believe, was Douglas MacArthur of WWII fame. Is that the same Douglas MacArthur who was once known as William Shakespeare :-) IIRC that is from Twelfth Night. Cheers -- David Robley I guess that MacArthur re-quoted it in one of his speeches, because I recall a WWII newsreel where he said it. But in any event, the author of the quote isn't Unknown. Cheers, tedd well, it was to me. And the digging on google that I did, didn't return anything pointing to either. But, I was told that it was a quote from MacArthur and from Shakespeare. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form Validation Issues
At 8:57 AM -0700 5/23/07, Jim Lucas wrote:
kvigor wrote:
if($value != 'Alabama' || $value!= 'AL' || $value != 'Alaska' ||
$value!= 'AK' || $value !=
-snip-
Ok, here is something that might help you.
$states['AL'] = 'Alabama';
$states['AK'] = 'Alaska';
-snip-
$states['WY'] = 'Wyoming';
now use this like this
if ( !isset($states[$value]) !in_array($value, $states) ) {
// do something because I can't find the state
}
use something like this so your logical errors will be reduced
--
Jim Lucas
Some men are born to greatness, some achieve greatness,
and some have greatness thrust upon them.
Unknown
Hi Jim:
You might try the array below and the quote above, I believe, was
Douglas MacArthur of WWII fame.
Cheers,
tedd
$states = array(
'AL' = 'Alabama',
'AK' = 'Alaska',
'AS' = 'American Samoa',
'AZ' = 'Arizona',
'AR' = 'Arkansas',
'CA' = 'California',
'CO' = 'Colorado',
'CT' = 'Connecticut',
'DE' = 'Delaware',
'DC' = 'District Of Columbia',
'FM' = 'Federated States Of Micronesia',
'FL' = 'Florida',
'GA' = 'Georgia',
'GU' = 'Guam',
'HI' = 'Hawaii',
'ID' = 'Idaho',
'IL' = 'Illinois',
'IN' = 'Indiana',
'IA' = 'Iowa',
'KS' = 'Kansas',
'KY' = 'Kentucky',
'LA' = 'Louisiana',
'ME' = 'Maine',
'MH' = 'Marshall Islands',
'MD' = 'Maryland',
'MA' = 'Massachusetts',
'MI' = 'Michigan',
'MN' = 'Minnesota',
'MS' = 'Mississippi',
'MO' = 'Missouri',
'MT' = 'Montana',
'NE' = 'Nebraska',
'NV' = 'Nevada',
'NH' = 'New Hampshire',
'NJ' = 'New Jersey',
'NM' = 'New Mexico',
'NY' = 'New York',
'NC' = 'North Carolina',
'ND' = 'North Dakota',
'MP' = 'Northern Mariana Islands',
'OH' = 'Ohio',
'OK' = 'Oklahoma',
'OR' = 'Oregon',
'PW' = 'Palau',
'PA' = 'Pennsylvania',
'PR' = 'Puerto Rico',
'RI' = 'Rhode Island',
'SC' = 'South Carolina',
'SD' = 'South Dakota',
'TN' = 'Tennessee',
'TX' = 'Texas',
'UT' = 'Utah',
'VT' = 'Vermont',
'VI' = 'Virgin Islands',
'VA' = 'Virginia',
'WA' = 'Washington',
'WV' = 'West Virginia',
'WI' = 'Wisconsin',
'WY' = 'Wyoming'
);
--
---
http://sperling.com http://ancientstones.com http://earthstones.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form Validation Issues
On Wed, May 23, 2007 7:41 am, kvigor wrote:
if($value != 'Alabama' || $value!= 'AL' || $value != 'Alaska' ||
This mess will *ALWAYS* evaluate to TRUE, because the $value is ALWAYS
only one value, and thus the other 99 values are going to evaluate to
TRUE and you have || between them...
So you have:
TRUE || TRUE || TRUE || FALSE || TRUE || TRUE ... || TRUE
which is always gonna boil down to TRUE.
You wanted instead of ||
Actually, it would be MUCH better imho to set up a couple arrays like:
$states = array('Alabama', 'Alaska', ...);
$sts = array('AL', 'AK', ...);
if (!isset($states[$value]) !isset($sts[$value])){
echo Bad Dog!;
}
YMMV
--
Some people have a gift link here.
Know what I want?
I want you to buy a CD from some indie artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form Validation Issues
On Wed, May 23, 2007 10:48 am, Robert Cummings wrote: On Wed, 2007-05-23 at 10:10 -0500, Greg Donald wrote: On 5/23/07, kvigor [EMAIL PROTECTED] wrote: [-- SNIPPITY SNIP SNIP --] != 'Texas' || $value!= 'TX' || $value != 'Utah' || $value!= 'UT' || $value != 'Vermont' || $value!= 'VT' || $value != 'Virginia' || $value!= 'VA' || $value != 'Washington' || $value!= 'WA' || $value != 'West Virginia' ||$value!= 'WV' || $value != 'Wisconsin' || $value!= 'WI' || $value != 'Wyoming' || $value!= 'WY') //if they don't the match these You should really look into learning in_array() for stuff like this. Wouldn't that slow things down and increase the memory footprint? ;) Not in any meaningful way. And a huge gain in maintainability/readability for a meaningless loss in performance is a win -- Some people have a gift link here. Know what I want? I want you to buy a CD from some indie artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form Validation Issues
On Thu, 2007-05-24 at 17:58 -0500, Richard Lynch wrote: On Wed, May 23, 2007 10:48 am, Robert Cummings wrote: On Wed, 2007-05-23 at 10:10 -0500, Greg Donald wrote: On 5/23/07, kvigor [EMAIL PROTECTED] wrote: [-- SNIPPITY SNIP SNIP --] != 'Texas' || $value!= 'TX' || $value != 'Utah' || $value!= 'UT' || $value != 'Vermont' || $value!= 'VT' || $value != 'Virginia' || $value!= 'VA' || $value != 'Washington' || $value!= 'WA' || $value != 'West Virginia' ||$value!= 'WV' || $value != 'Wisconsin' || $value!= 'WI' || $value != 'Wyoming' || $value!= 'WY') //if they don't the match these You should really look into learning in_array() for stuff like this. Wouldn't that slow things down and increase the memory footprint? ;) Not in any meaningful way. And a huge gain in maintainability/readability for a meaningless loss in performance is a win *lol* You must have missed the other thread... hence the wink on the end :) Cheers, Rob. -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form Validation Issues
On Wed, 2007-05-23 at 07:41 -0500, kvigor wrote:
if($field == conState || $field == schState || $field == strState)
//if these 3 fields are entered
{
if($value != 'Alabama' || $value!= 'AL' || $value != 'Alaska' || $value!=
'AK' || $value != 'Arizona' || $value!= 'AZ' || $value != 'Arkansas' ||
$value!= 'AR' || $value != 'California' || $value!= 'CA' || $value !=
'Colorado' || $value!= 'CO' || $value != 'Conneticut' || $value!= 'CT' ||
$value != 'Delaware' || $value!= 'DE' || $value != 'Florida' || $value!=
'FL' || $value != 'Georgia' || $value!= 'GA' || $value != 'Hawaii' ||
$value!= 'HI' || $value != 'Idaho' || $value!= 'ID' || $value !=
'Illinois' || $value!= 'IL' || $value != 'Inidiana' || $value!= 'IN' ||
$value != 'Iowa' || $value!= 'IA' || $value != 'Kansas' || $value!= 'KS' ||
$value != 'Kentucky' || $value!= 'KY' || $value != 'Louisiana' || $value!=
'LA' || $value != 'Maine' || $value!= 'ME' || $value != 'Maryland' ||
$value!= 'MD' || $value != 'Massachusetts' || $value!= 'MA' || $value !=
'Michigan' || $value!= 'MI' || $value != 'Minnesota' || $value!= 'MN' ||
$value != 'Mississippi' || $value!= 'MS' || $value != 'Missouri' || $value!=
'MO' || $value != 'Montana' || $value!= 'MT' || $value != 'Nebraska' ||
$value!= 'NE' || $value != 'Nevada' || $value!= 'NV' || $value != 'New
Hampshire' || $value!= 'NH' || $value != 'New Jersey' || $value!= 'NJ' ||
$value != 'New Mexico' || $value!= 'NM' || $value != 'New York' || $value!=
'NY' || $value != 'North Carolina' || $value!= 'NC' || $value != 'North
Dakota' || $value!= 'ND' || $value != 'Ohio' || $value!= 'OH' || $value !=
'Oklahoma' || $value!= 'OK' || $value != 'Oregon' || $value!= 'OR' || $value
!= 'Pennsylvania' || $value!= 'PA' || $value != 'Rhode Island' || $value!=
'RI' || $value != 'South Carolina' || $value!= 'SC' || $value != 'South
Dakota' || $value!= 'SD' || $value != 'Tennesee' || $value!= 'TN' || $value
!= 'Texas' || $value!= 'TX' || $value != 'Utah' || $value!= 'UT' || $value
!= 'Vermont' || $value!= 'VT' || $value != 'Virginia' || $value!= 'VA' ||
$value != 'Washington' || $value!= 'WA' || $value != 'West Virginia'
||$value!= 'WV' || $value != 'Wisconsin' || $value!= 'WI' || $value !=
'Wyoming' || $value!= 'WY') //if they don't the match these
I'm going to vomit after seeing your if statement's condition. Anyways,
you want between all those and NOT ||.
Cheers,
Rob.
--
..
| InterJinn Application Framework - http://www.interjinn.com |
::
| An application and templating framework for PHP. Boasting |
| a powerful, scalable system for accessing system services |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for |
| creating re-usable components quickly and easily. |
`'
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form Validation Issues
2007. 05. 23, szerda keltezéssel 07.41-kor kvigor ezt írta:
Hi,
I have an issue with a particular if statement when I check 3 form fields
for their value. The problem is no matter what input is entered in the
fields the output is the same. I only added the 3 fields in question of the
form to reduce heartache for the readers of this post.
Output always reads:
Please correct the following State fields. Example: Enter state as
Illinois or IL not ILLINOIS.
Consumer State
School State
Store State
The code is:
?php
$label_array = array (conName = Consumer Name,
conAddress = Consumer Address,
conCity = Consumer City,
conState = Consumer State,
conZip = Consumer Zip Code,
conPhone = Consumer Phone,
schName = School Name,
schAddress = School Address,
schCity = School City,
schState = School State,
schZip = School Zip Code,
strName = Store Name,
strCity = Store City,
strState = Store State);
//check data fields for correct data
foreach($_POST as $field = $value)
{
if($field == conState || $field == schState || $field == strState)
//if these 3 fields are entered
{
if($value != 'Alabama' || $value!= 'AL' || $value != 'Alaska' || $value!=
'AK' || $value != 'Arizona' || $value!= 'AZ' || $value != 'Arkansas' ||
$value!= 'AR' || $value != 'California' || $value!= 'CA' || $value !=
'Colorado' || $value!= 'CO' || $value != 'Conneticut' || $value!= 'CT' ||
$value != 'Delaware' || $value!= 'DE' || $value != 'Florida' || $value!=
'FL' || $value != 'Georgia' || $value!= 'GA' || $value != 'Hawaii' ||
$value!= 'HI' || $value != 'Idaho' || $value!= 'ID' || $value !=
'Illinois' || $value!= 'IL' || $value != 'Inidiana' || $value!= 'IN' ||
$value != 'Iowa' || $value!= 'IA' || $value != 'Kansas' || $value!= 'KS' ||
$value != 'Kentucky' || $value!= 'KY' || $value != 'Louisiana' || $value!=
'LA' || $value != 'Maine' || $value!= 'ME' || $value != 'Maryland' ||
$value!= 'MD' || $value != 'Massachusetts' || $value!= 'MA' || $value !=
'Michigan' || $value!= 'MI' || $value != 'Minnesota' || $value!= 'MN' ||
$value != 'Mississippi' || $value!= 'MS' || $value != 'Missouri' || $value!=
'MO' || $value != 'Montana' || $value!= 'MT' || $value != 'Nebraska' ||
$value!= 'NE' || $value != 'Nevada' || $value!= 'NV' || $value != 'New
Hampshire' || $value!= 'NH' || $value != 'New Jersey' || $value!= 'NJ' ||
$value != 'New Mexico' || $value!= 'NM' || $value != 'New York' || $value!=
'NY' || $value != 'North Carolina' || $value!= 'NC' || $value != 'North
Dakota' || $value!= 'ND' || $value != 'Ohio' || $value!= 'OH' || $value !=
'Oklahoma' || $value!= 'OK' || $value != 'Oregon' || $value!= 'OR' || $value
!= 'Pennsylvania' || $value!= 'PA' || $value != 'Rhode Island' || $value!=
'RI' || $value != 'South Carolina' || $value!= 'SC' || $value != 'South
Dakota' || $value!= 'SD' || $value != 'Tennesee' || $value!= 'TN' || $value
!= 'Texas' || $value!= 'TX' || $value != 'Utah' || $value!= 'UT' || $value
!= 'Vermont' || $value!= 'VT' || $value != 'Virginia' || $value!= 'VA' ||
$value != 'Washington' || $value!= 'WA' || $value != 'West Virginia'
||$value!= 'WV' || $value != 'Wisconsin' || $value!= 'WI' || $value !=
'Wyoming' || $value!= 'WY') //if they don't the match these
you should replace all those || -s above with -s since you want to be
sure it does not match any of the states
greets
Zoltán Németh
{
$state[$field] = badstate; //then
}
}//end check
}
if(@sizeof($state) 0) //check size of array and display error message
{
echo div class='ermess1'br /Please correct the following \State\
fields.nbsp;nbsp;Example: Enter state as Illinois or IL not
ILLINOIS./div;
foreach($state as $field = $value) // display the fields where input is
incorrect
{
echo nbsp;nbsp;div{$label_array[$field]}/div;
}
}
echo link href='css/SOS.css' rel='stylesheet' type='text/css' /
form id='process' method='post' action='form.php'
label for='conState' class='stateLabel' *State:/label
input name='conState' type='text' class='state' id='textfield'
value='{$_POST['conState']}' /
label for='schState' class='stateLabel'*State:/label
input name='schState' type='text' class='state' id='textfield'
value='{$_POST['schState']}'/
label for='strStat' class='stateLabel'*State:/label
input name='strState' type='text' class='state' id='textfield'
value='{$_POST['strState']}' /
br /
br /
br /
label for='Reset'/label
input type='reset' name='reset' value='Reset' id='Submit'/
label for='Sumbit'/label
input type='submit' name='submit' value='Submit' id='Reset'/
/form; ?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form Validation Issues
On 5/23/07, kvigor [EMAIL PROTECTED] wrote:
The code is:
?php
$label_array = array (conName = Consumer Name,
conAddress = Consumer Address,
conCity = Consumer City,
conState = Consumer State,
conZip = Consumer Zip Code,
conPhone = Consumer Phone,
schName = School Name,
schAddress = School Address,
schCity = School City,
schState = School State,
schZip = School Zip Code,
strName = Store Name,
strCity = Store City,
strState = Store State);
//check data fields for correct data
foreach($_POST as $field = $value)
{
if($field == conState || $field == schState || $field == strState)
//if these 3 fields are entered
{
if($value != 'Alabama' || $value!= 'AL' || $value != 'Alaska' || $value!=
'AK' || $value != 'Arizona' || $value!= 'AZ' || $value != 'Arkansas' ||
$value!= 'AR' || $value != 'California' || $value!= 'CA' || $value !=
'Colorado' || $value!= 'CO' || $value != 'Conneticut' || $value!= 'CT' ||
$value != 'Delaware' || $value!= 'DE' || $value != 'Florida' || $value!=
'FL' || $value != 'Georgia' || $value!= 'GA' || $value != 'Hawaii' ||
$value!= 'HI' || $value != 'Idaho' || $value!= 'ID' || $value !=
'Illinois' || $value!= 'IL' || $value != 'Inidiana' || $value!= 'IN' ||
$value != 'Iowa' || $value!= 'IA' || $value != 'Kansas' || $value!= 'KS' ||
$value != 'Kentucky' || $value!= 'KY' || $value != 'Louisiana' || $value!=
'LA' || $value != 'Maine' || $value!= 'ME' || $value != 'Maryland' ||
$value!= 'MD' || $value != 'Massachusetts' || $value!= 'MA' || $value !=
'Michigan' || $value!= 'MI' || $value != 'Minnesota' || $value!= 'MN' ||
$value != 'Mississippi' || $value!= 'MS' || $value != 'Missouri' || $value!=
'MO' || $value != 'Montana' || $value!= 'MT' || $value != 'Nebraska' ||
$value!= 'NE' || $value != 'Nevada' || $value!= 'NV' || $value != 'New
Hampshire' || $value!= 'NH' || $value != 'New Jersey' || $value!= 'NJ' ||
$value != 'New Mexico' || $value!= 'NM' || $value != 'New York' || $value!=
'NY' || $value != 'North Carolina' || $value!= 'NC' || $value != 'North
Dakota' || $value!= 'ND' || $value != 'Ohio' || $value!= 'OH' || $value !=
'Oklahoma' || $value!= 'OK' || $value != 'Oregon' || $value!= 'OR' || $value
!= 'Pennsylvania' || $value!= 'PA' || $value != 'Rhode Island' || $value!=
'RI' || $value != 'South Carolina' || $value!= 'SC' || $value != 'South
Dakota' || $value!= 'SD' || $value != 'Tennesee' || $value!= 'TN' || $value
!= 'Texas' || $value!= 'TX' || $value != 'Utah' || $value!= 'UT' || $value
!= 'Vermont' || $value!= 'VT' || $value != 'Virginia' || $value!= 'VA' ||
$value != 'Washington' || $value!= 'WA' || $value != 'West Virginia'
||$value!= 'WV' || $value != 'Wisconsin' || $value!= 'WI' || $value !=
'Wyoming' || $value!= 'WY') //if they don't the match these
You should really look into learning in_array() for stuff like this.
Your logic seems weird to me, using != with a bunch of ||'s, is it
possible you need to those together?
{
$state[$field] = badstate; //then
}
}//end check
}
if(@sizeof($state) 0) //check size of array and display error message
I can't think of a good reason to suppress an error coming from
sizeof(). It will return zero for anything that is unset. You might
switch to count(), it's one character less to type than sizeof() and
much more common in other programming languages.
echo div class='ermess1'br /Please correct the following \State\
fields.nbsp;nbsp;Example: Enter state as Illinois or IL not
ILLINOIS./div;
foreach($state as $field = $value) // display the fields where input is
incorrect
{
echo nbsp;nbsp;div{$label_array[$field]}/div;
}
}
echo link href='css/SOS.css' rel='stylesheet' type='text/css' /
form id='process' method='post' action='form.php'
label for='conState' class='stateLabel' *State:/label
input name='conState' type='text' class='state' id='textfield'
value='{$_POST['conState']}' /
label for='schState' class='stateLabel'*State:/label
input name='schState' type='text' class='state' id='textfield'
value='{$_POST['schState']}'/
label for='strStat' class='stateLabel'*State:/label
input name='strState' type='text' class='state' id='textfield'
value='{$_POST['strState']}' /
br /
br /
br /
label for='Reset'/label
input type='reset' name='reset' value='Reset' id='Submit'/
label for='Sumbit'/label
input type='submit' name='submit' value='Submit' id='Reset'/
/form; ?
Looks like you just need to do some logic debugging to get things
wired up how you want.
Try adding this to the top of your script so the post action shows you
more info:
if( isset( $_POST['submit'] ) )
{
echo 'pre';
print_r( $_POST );
echo '/pre';
}
--
Greg Donald
http://destiney.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form Validation Issues
Thanks Dan,
Work like a dream. I solute you.
Daniel Brown [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
On 5/23/07, kvigor [EMAIL PROTECTED] wrote:
Hi,
I have an issue with a particular if statement when I check 3 form fields
for their value. The problem is no matter what input is entered in the
fields the output is the same. I only added the 3 fields in question of
the
form to reduce heartache for the readers of this post.
Output always reads:
Please correct the following State fields. Example: Enter state as
Illinois or IL not ILLINOIS.
Consumer State
School State
Store State
The code is:
?php
$label_array = array (conName = Consumer Name,
conAddress = Consumer Address,
conCity = Consumer City,
conState = Consumer State,
conZip = Consumer Zip Code,
conPhone = Consumer Phone,
schName = School Name,
schAddress = School Address,
schCity = School City,
schState = School State,
schZip = School Zip Code,
strName = Store Name,
strCity = Store City,
strState = Store State);
//check data fields for correct data
foreach($_POST as $field = $value)
{
if($field == conState || $field == schState || $field ==
strState)
//if these 3 fields are entered
{
if($value != 'Alabama' || $value!= 'AL' || $value != 'Alaska' ||
$value!=
'AK' || $value != 'Arizona' || $value!= 'AZ' || $value != 'Arkansas' ||
$value!= 'AR' || $value != 'California' || $value!= 'CA' || $value !=
'Colorado' || $value!= 'CO' || $value != 'Conneticut' || $value!= 'CT' ||
$value != 'Delaware' || $value!= 'DE' || $value != 'Florida' || $value!=
'FL' || $value != 'Georgia' || $value!= 'GA' || $value != 'Hawaii' ||
$value!= 'HI' || $value != 'Idaho' || $value!= 'ID' || $value !=
'Illinois' || $value!= 'IL' || $value != 'Inidiana' || $value!= 'IN' ||
$value != 'Iowa' || $value!= 'IA' || $value != 'Kansas' || $value!= 'KS'
||
$value != 'Kentucky' || $value!= 'KY' || $value != 'Louisiana' ||
$value!=
'LA' || $value != 'Maine' || $value!= 'ME' || $value != 'Maryland' ||
$value!= 'MD' || $value != 'Massachusetts' || $value!= 'MA' || $value !=
'Michigan' || $value!= 'MI' || $value != 'Minnesota' || $value!= 'MN' ||
$value != 'Mississippi' || $value!= 'MS' || $value != 'Missouri' ||
$value!=
'MO' || $value != 'Montana' || $value!= 'MT' || $value != 'Nebraska' ||
$value!= 'NE' || $value != 'Nevada' || $value!= 'NV' || $value != 'New
Hampshire' || $value!= 'NH' || $value != 'New Jersey' || $value!= 'NJ' ||
$value != 'New Mexico' || $value!= 'NM' || $value != 'New York' ||
$value!=
'NY' || $value != 'North Carolina' || $value!= 'NC' || $value != 'North
Dakota' || $value!= 'ND' || $value != 'Ohio' || $value!= 'OH' || $value
!=
'Oklahoma' || $value!= 'OK' || $value != 'Oregon' || $value!= 'OR' ||
$value
!= 'Pennsylvania' || $value!= 'PA' || $value != 'Rhode Island' ||
$value!=
'RI' || $value != 'South Carolina' || $value!= 'SC' || $value != 'South
Dakota' || $value!= 'SD' || $value != 'Tennesee' || $value!= 'TN' ||
$value
!= 'Texas' || $value!= 'TX' || $value != 'Utah' || $value!= 'UT' ||
$value
!= 'Vermont' || $value!= 'VT' || $value != 'Virginia' || $value!= 'VA' ||
$value != 'Washington' || $value!= 'WA' || $value != 'West Virginia'
||$value!= 'WV' || $value != 'Wisconsin' || $value!= 'WI' || $value !=
'Wyoming' || $value!= 'WY') //if they don't the match these
{
$state[$field] = badstate; //then
}
}//end check
}
if(@sizeof($state) 0) //check size of array and display error message
{
echo div class='ermess1'br /Please correct the following
\State\
fields.nbsp;nbsp;Example: Enter state as Illinois or IL not
ILLINOIS./div;
foreach($state as $field = $value) // display the fields where input
is
incorrect
{
echo nbsp;nbsp;div{$label_array[$field]}/div;
}
}
echo link href='css/SOS.css' rel='stylesheet' type='text/css' /
form id='process' method='post' action='form.php'
label for='conState' class='stateLabel' *State:/label
input name='conState' type='text' class='state' id='textfield'
value='{$_POST['conState']}' /
label for='schState' class='stateLabel'*State:/label
input name='schState' type='text' class='state' id='textfield'
value='{$_POST['schState']}'/
label for='strStat' class='stateLabel'*State:/label
input name='strState' type='text' class='state' id='textfield'
value='{$_POST['strState']}' /
br /
br /
br /
label for='Reset'/label
input type='reset' name='reset' value='Reset' id='Submit'/
label for='Sumbit'/label
input type='submit' name='submit' value='Submit' id='Reset'/
/form; ?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
You're doing all OR statements. This means if it's not this or it's
not this or it's not this or it's not this
Replace
Re: [PHP] Form Validation Issues
On Wed, 2007-05-23 at 10:17 -0500, kvigor wrote: Thanks Dan, Work like a dream. I solute you. Don't look now Dan... but you're dissolving!!! *hehe* Cheers, Rob. -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form Validation Issues
On Wed, 2007-05-23 at 10:10 -0500, Greg Donald wrote: On 5/23/07, kvigor [EMAIL PROTECTED] wrote: [-- SNIPPITY SNIP SNIP --] != 'Texas' || $value!= 'TX' || $value != 'Utah' || $value!= 'UT' || $value != 'Vermont' || $value!= 'VT' || $value != 'Virginia' || $value!= 'VA' || $value != 'Washington' || $value!= 'WA' || $value != 'West Virginia' ||$value!= 'WV' || $value != 'Wisconsin' || $value!= 'WI' || $value != 'Wyoming' || $value!= 'WY') //if they don't the match these You should really look into learning in_array() for stuff like this. Wouldn't that slow things down and increase the memory footprint? ;) Cheers, Rob. -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form Validation Issues
On 5/23/07, Robert Cummings [EMAIL PROTECTED] wrote: You should really look into learning in_array() for stuff like this. Wouldn't that slow things down and increase the memory footprint? ;) It'd be interesting to see a benchmark. -- Greg Donald http://destiney.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form Validation Issues
kvigor wrote:
if($value != 'Alabama' || $value!= 'AL' || $value != 'Alaska' || $value!=
'AK' || $value != 'Arizona' || $value!= 'AZ' || $value != 'Arkansas' ||
$value!= 'AR' || $value != 'California' || $value!= 'CA' || $value !=
'Colorado' || $value!= 'CO' || $value != 'Conneticut' || $value!= 'CT' ||
$value != 'Delaware' || $value!= 'DE' || $value != 'Florida' || $value!=
'FL' || $value != 'Georgia' || $value!= 'GA' || $value != 'Hawaii' ||
$value!= 'HI' || $value != 'Idaho' || $value!= 'ID' || $value !=
'Illinois' || $value!= 'IL' || $value != 'Inidiana' || $value!= 'IN' ||
$value != 'Iowa' || $value!= 'IA' || $value != 'Kansas' || $value!= 'KS' ||
$value != 'Kentucky' || $value!= 'KY' || $value != 'Louisiana' || $value!=
'LA' || $value != 'Maine' || $value!= 'ME' || $value != 'Maryland' ||
$value!= 'MD' || $value != 'Massachusetts' || $value!= 'MA' || $value !=
'Michigan' || $value!= 'MI' || $value != 'Minnesota' || $value!= 'MN' ||
$value != 'Mississippi' || $value!= 'MS' || $value != 'Missouri' || $value!=
'MO' || $value != 'Montana' || $value!= 'MT' || $value != 'Nebraska' ||
$value!= 'NE' || $value != 'Nevada' || $value!= 'NV' || $value != 'New
Hampshire' || $value!= 'NH' || $value != 'New Jersey' || $value!= 'NJ' ||
$value != 'New Mexico' || $value!= 'NM' || $value != 'New York' || $value!=
'NY' || $value != 'North Carolina' || $value!= 'NC' || $value != 'North
Dakota' || $value!= 'ND' || $value != 'Ohio' || $value!= 'OH' || $value !=
'Oklahoma' || $value!= 'OK' || $value != 'Oregon' || $value!= 'OR' || $value
!= 'Pennsylvania' || $value!= 'PA' || $value != 'Rhode Island' || $value!=
'RI' || $value != 'South Carolina' || $value!= 'SC' || $value != 'South
Dakota' || $value!= 'SD' || $value != 'Tennesee' || $value!= 'TN' || $value
!= 'Texas' || $value!= 'TX' || $value != 'Utah' || $value!= 'UT' || $value
!= 'Vermont' || $value!= 'VT' || $value != 'Virginia' || $value!= 'VA' ||
$value != 'Washington' || $value!= 'WA' || $value != 'West Virginia'
||$value!= 'WV' || $value != 'Wisconsin' || $value!= 'WI' || $value !=
'Wyoming' || $value!= 'WY') //if they don't the match these
Ok, here is something that might help you.
$states['AL'] = 'Alabama';
$states['AK'] = 'Alaska';
$states['AZ'] = 'Arizona';
$states['AR'] = 'Arkansas';
$states['CA'] = 'California';
$states['CO'] = 'Colorado';
$states['CT'] = 'Conneticut';
$states['DE'] = 'Delaware';
$states['FL'] = 'Florida';
$states['GA'] = 'Georgia';
$states['HI'] = 'Hawaii';
$states['ID'] = 'Idaho';
$states['IL'] = 'Illinois';
$states['IN'] = 'Inidiana';
$states['IA'] = 'Iowa';
$states['KS'] = 'Kansas';
$states['KY'] = 'Kentucky';
$states['LA'] = 'Louisiana';
$states['ME'] = 'Maine';
$states['MD'] = 'Maryland';
$states['MA'] = 'Massachusetts';
$states['MI'] = 'Michigan';
$states['MN'] = 'Minnesota';
$states['MS'] = 'Mississippi';
$states['MO'] = 'Missouri';
$states['MT'] = 'Montana';
$states['NE'] = 'Nebraska';
$states['NV'] = 'Nevada';
$states['NH'] = 'New Hampshire';
$states['NJ'] = 'New Jersey';
$states['NM'] = 'New Mexico';
$states['NY'] = 'New York';
$states['NC'] = 'North Carolina';
$states['ND'] = 'North Dakota';
$states['OH'] = 'Ohio';
$states['OK'] = 'Oklahoma';
$states['OR'] = 'Oregon';
$states['PA'] = 'Pennsylvania';
$states['RI'] = 'Rhode Island';
$states['SC'] = 'South Carolina';
$states['SD'] = 'South Dakota';
$states['TN'] = 'Tennesee';
$states['TX'] = 'Texas';
$states['UT'] = 'Utah';
$states['VT'] = 'Vermont';
$states['VA'] = 'Virginia';
$states['WA'] = 'Washington';
$states['WV'] = 'West Virginia';
$states['WI'] = 'Wisconsin';
$states['WY'] = 'Wyoming';
now use this like this
if ( !isset($states[$value]) !in_array($value, $states) ) {
// do something because I can't find the state
}
use something like this so your logical errors will be reduced
--
Jim Lucas
Some men are born to greatness, some achieve greatness,
and some have greatness thrust upon them.
Unknown
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form Validation Issues
On Wed, 2007-05-23 at 10:55 -0500, Greg Donald wrote: On 5/23/07, Robert Cummings [EMAIL PROTECTED] wrote: You should really look into learning in_array() for stuff like this. Wouldn't that slow things down and increase the memory footprint? ;) It'd be interesting to see a benchmark. You're good at those... but I'll pull off the top of my head that the array overhead ought to require more memory due to the need for indexes (maybe) but at least for internal tree structure. The speed ought to slow down since the array will need to be created and built. Then using in_array() I'm guessing is a linear search since values aren't sorted (at least I can't image the values being sorted). You could probably overcome the speed issue using an array with the values as indexes instead of the values and using isset() to check for membership of the value :) Cheers, Rob. -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form Validation Issues
On 5/23/07, Jim Lucas [EMAIL PROTECTED] wrote: $states['TN'] = 'Tennesee'; :%s/Tennesee/Tennessee/ -- Greg Donald http://destiney.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form Validation Issues
On 5/23/07, Jim Lucas [EMAIL PROTECTED] wrote: Ok, here is something that might help you. $states['AL'] = 'Alabama'; $states['AK'] = 'Alaska'; And a little something for you as well: :%s/=/=/g -- Greg Donald http://destiney.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form Validation Issues
Greg Donald wrote: On 5/23/07, Jim Lucas [EMAIL PROTECTED] wrote: Ok, here is something that might help you. $states['AL'] = 'Alabama'; $states['AK'] = 'Alaska'; And a little something for you as well: :%s/=/=/g oops, did over look that one -- Jim Lucas Some men are born to greatness, some achieve greatness, and some have greatness thrust upon them. Unknown -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form Validation Issues
Greg Donald wrote: On 5/23/07, Jim Lucas [EMAIL PROTECTED] wrote: $states['TN'] = 'Tennesee'; :%s/Tennesee/Tennessee/ Not my typo, this was the ops list just reformatted. -- Jim Lucas Some men are born to greatness, some achieve greatness, and some have greatness thrust upon them. Unknown -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] form validation
I''ve tried !preg_match and !eregi to validate my form. I get back whatever the
user inputs into the textboxes. I would like to validate each textbox before
submitting and redirect the user after submission? Here's part of the code
?php // Script 1 handle .html
// Should accept First Last Name email address phone city state
// Validate input from textfields
if (!preg_match(/[^a-zA-Z\.\-\Ä\ä\Ö\ö\Ü\ü\
]+$/s,$firstname)); {
print 'pPlease enter Letters from A to Z/p';
}
-
8:00? 8:25? 8:40? Find a flick in no time
with theYahoo! Search movie showtime shortcut.
[PHP] form validation
I found the error in my previous question about parse just a simple ; at the end. I'm trying to validate some textfields especially name fields and email addresses. I'm having a little trouble writing the code using classes and regular expressions? I would like to validate the input from server side scripting. If anyone has any examples or guidelines when writing a function or a if statement I would gladly welcome an outside opinion. Sincerely, - Don't get soaked. Take a quick peek at the forecast with theYahoo! Search weather shortcut.
Re: [PHP] Form Validation
On what percent browsers Javascript is enabled? On Wed, 13 Oct 2004 15:48:51 -0700, Mattias Thorslund [EMAIL PROTECTED] wrote: There are several JavaScript solutions for validating forms on the client side. Search on hotscripts.com and google.com. Client-side validation (in the browser) is useful, but you shouldn't depend on it to guarantee that the data that your users submit is valid. You should also validate the data in your PHP script as you process the form. Oh, and there are several PHP-based list managers available, for instance phplist, so you may not need to program it yourself. /Mattias Huang, Ou wrote: I am currently working on a newsletter mailing list project and developed a form in php. I would like to validate before it is submitted. What would be the best way to validate a form? Write your own routines or using a form validator. I just started learning PHP, so don't have much experience on this. I am thinking using a form validator but not sure where I can get it. Any suggestions would be appreciated! Thanks. -- More views at http://www.thorslund.us -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Form Validation
I am currently working on a newsletter mailing list project and developed a form in php. I would like to validate before it is submitted. What would be the best way to validate a form? Write your own routines or using a form validator. I just started learning PHP, so don't have much experience on this. I am thinking using a form validator but not sure where I can get it. Any suggestions would be appreciated! Thanks. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Form Validation
Huang, Ou wrote: I am currently working on a newsletter mailing list project and developed a form in php. I would like to validate before it is submitted. What would be the best way to validate a form? Write your own routines or using a form validator. I just started learning PHP, so don't have much experience on this. I am thinking using a form validator but not sure where I can get it. Any suggestions would be appreciated! Thanks. http://pear.php.net/package/HTML_QuickForm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form Validation
Huang, Ou wrote: I am currently working on a newsletter mailing list project and developed a form in php. I would like to validate before it is submitted. What would be the best way to validate a form? Write your own routines or using a form validator. I just started learning PHP, so don't have much experience on this. I am thinking using a form validator but not sure where I can get it. Any suggestions would be appreciated! Before the form is submitted? Can't do it with PHP. JavaScript is your answer. -- John C. Nichel ÜberGeek KegWorks.com 716.856.9675 [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form Validation
There are several JavaScript solutions for validating forms on the client side. Search on hotscripts.com and google.com. Client-side validation (in the browser) is useful, but you shouldn't depend on it to guarantee that the data that your users submit is valid. You should also validate the data in your PHP script as you process the form. Oh, and there are several PHP-based list managers available, for instance phplist, so you may not need to program it yourself. /Mattias Huang, Ou wrote: I am currently working on a newsletter mailing list project and developed a form in php. I would like to validate before it is submitted. What would be the best way to validate a form? Write your own routines or using a form validator. I just started learning PHP, so don't have much experience on this. I am thinking using a form validator but not sure where I can get it. Any suggestions would be appreciated! Thanks. -- More views at http://www.thorslund.us -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] form validation wih html input FILE
Hi, I'd like your opinion on the best way to do a form validation when the form contains a file upload object (input type=file) When the form does not validate, I try to re-show all values entered by the user. But, as far as I know, browsers do not allow to set the default value (local file path) of a FILE component I can get and display the default value in a label or text input, but how could I upload that file then? Will I be limited to display a warning message indicating that the user will have to select his/her file again?? thank you vincent -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] form validation wih html input FILE
Hello Vincent, Wednesday, May 5, 2004, 2:26:44 PM, you wrote: VD Will I be limited to display a warning message indicating VD that the user will have to select his/her file again?? Pretty much, yes. Or you could do what I do - store the file in a temporary folder, passing the filename back to the form again. So the user doesn't have to upload a 2nd time - but if they don't bother re-submitting the form, this folder is cleared out every hour via a cron job. -- Best regards, Richard Davey http://www.phpcommunity.org/wiki/296.html -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] form validation wih html input FILE
From: Vincent DUPONT [EMAIL PROTECTED] I'd like your opinion on the best way to do a form validation when the form contains a file upload object (input type=file) When the form does not validate, I try to re-show all values entered by the user.But, as far as I know, browsers do not allow to set the default value (local file path) of a FILE component I can get and display the default value in a label or text input, but how could I upload that file then? Will I be limited to display a warning message indicating that the user will have to select his/her file again?? You're not going to be able to fill it in for them. There's no way around that (which is a good thing). Solutions are to either notify them to select the file again and hope they notice, or keep the file in a temp directory when it's uploaded the first time and call it from there when the validation is successful. Simply remove the input type=file from the form when you have the file, but make them correct / validate the rest of the data. Then, you know that if $_FILES is empty, you can search in the temp directory according to a hidden field / session value you've set to look for the file. Retrieve it from there and proceed as normal. ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Form validation
Can some one point me in the right direction for a good tutorial on form validation in PHP? Thanks, alex hogan ** The contents of this e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom it is addressed. The views stated herein do not necessarily represent the view of the company. If you are not the intended recipient of this e-mail you may not copy, forward, disclose, or otherwise use it or any part of it in any form whatsoever. If you have received this e-mail in error please e-mail the sender. **
Re: [PHP] Form validation
[snip] Can some one point me in the right direction for a good tutorial on form validation in PHP? Thanks, alex hogan [/snip] I like to use regular expressions for my form validation. Search google for reugular expressions, you will get a bunch of results. Also take a look at the php manual. http://www.php.net/pcre/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Form validation
[snip] Hi, you can do it on server site (php code) or client side (javascript code) DS [/snip] Is this a question? If it is, yes you can use regular expressions with javascript and php. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form validation
If you can use Dreamweaver, there is an extension to do this. zerof - Matt Matijevich [EMAIL PROTECTED] escreveu na mensagem news:[EMAIL PROTECTED] Can some one point me in the right direction for a good tutorial on form validation in PHP? --- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Form validation
Alex Hogan mailto:[EMAIL PROTECTED]
on Wednesday, January 21, 2004 7:18 AM said:
Can some one point me in the right direction for a good tutorial on
form validation in PHP?
Here is a basic practical application.
?php
// gather and validate data
$fname = (preg_match(/[a-zA-Z-\.\s]{2,25}/, $_GET['fname'])) ?
$_GET['fname'] : 0 ;
$zip = (preg_match(/[0-9]{5}/,$_GET['zip'])) ?
$_GET['zip'] : 0 ;
?
Chris.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Form validation: client- or server-side?
Is there a distinct advantage to doing form validation / error checking on the server side using PHP? That's how I've always done it because I know PHP better than JavaScript, but wouldn't it make sense to validate as much of your form as possible using JavaScript before the form was ever posted? I'm just talking about the basics, like empty required fields, illegal characters, string lengths, etc. What are your preferred methods? I do an awful lot of content management with HTML forms, so it's not an entirely spurious question. -- Matt Grimm Web Developer The Health TV Channel, Inc. (a non - profit organization) 3820 Lake Otis Parkway Anchorage, AK 99508 907.770.6200 ext. 686 907.336.6205 (fax) E-mail: [EMAIL PROTECTED] Web: www.healthtvchannel.org -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form validation: client- or server-side?
Matt -- ...and then Matt Grimm said... % % Is there a distinct advantage to doing form validation / error checking on % the server side using PHP? That's how I've always done it because I know 1) I hate JavaScript. 2) Don't trust anything coming from a client. You should be validating on the server anyway -- empty fields and all -- and so there's no need to do it twice especially when it eliminates surfers who don't use JS. HTH HAND Happy New Year :-D -- David T-G * There is too much animal courage in (play) [EMAIL PROTECTED] * society and not sufficient moral courage. (work) [EMAIL PROTECTED] -- Mary Baker Eddy, Science and Health http://justpickone.org/davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg! pgp0.pgp Description: PGP signature
RE: [PHP] Form validation: client- or server-side?
Yes, it's considered best practice to do as much client-side validation as you can as to save your server time and load. This doesn't mean you still shouldn't do full validation on the server-side, but the fewer times the form is posted to your site the better. You might want to recheck what Javascript can do now - it's pretty extensive for a client-side scripting language. -M -Original Message- From: Matt Grimm [mailto:[EMAIL PROTECTED] Sent: Friday, January 09, 2004 1:08 PM To: [EMAIL PROTECTED] Subject: [PHP] Form validation: client- or server-side? Is there a distinct advantage to doing form validation / error checking on the server side using PHP? That's how I've always done it because I know PHP better than JavaScript, but wouldn't it make sense to validate as much of your form as possible using JavaScript before the form was ever posted? I'm just talking about the basics, like empty required fields, illegal characters, string lengths, etc. What are your preferred methods? I do an awful lot of content management with HTML forms, so it's not an entirely spurious question. -- Matt Grimm Web Developer The Health TV Channel, Inc. (a non - profit organization) 3820 Lake Otis Parkway Anchorage, AK 99508 907.770.6200 ext. 686 907.336.6205 (fax) E-mail: [EMAIL PROTECTED] Web: www.healthtvchannel.org -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form validation: client- or server-side?
On Fri, 2004-01-09 at 11:07, Matt Grimm wrote: Is there a distinct advantage to doing form validation / error checking on the server side using PHP? That's how I've always done it because I know PHP better than JavaScript, but wouldn't it make sense to validate as much of your form as possible using JavaScript before the form was ever posted? I'm just talking about the basics, like empty required fields, illegal characters, string lengths, etc. What are your preferred methods? I do an awful lot of content management with HTML forms, so it's not an entirely spurious question. I do both server and client side...javascript helps with the really basic and server-side helps with the complicated stuff. My theory is do as much on the client and then do server-side. -- Ray -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Form validation: client- or server-side?
Is there a distinct advantage to doing form validation / error checking on the server side using PHP? The actual code you use to validate remains hidden from a potential malicious user, while javascript code can be seen, so if there is a hole in your error checking, it can be found easier. The big advantage to javascript is that it is fast, since a request isn't sent back to the server, processed, and then sent back. It also reduces network traffic, and reduces server load. That's how I've always done it because I know PHP better than JavaScript, but wouldn't it make sense to validate as much of your form as possible using JavaScript before the form was ever posted? I'm just talking about the basics, like empty required fields, illegal characters, string lengths, etc. even if you partially validate on the client, you still have to validate on the client side, which seems redundant to me. What are your preferred methods? I do an awful lot of content management with HTML forms, so it's not an entirely spurious question. I only use javascript for things that I can't do with php, and I can validate with php. that's my 2 cents worth, Craig -- Matt Grimm Web Developer The Health TV Channel, Inc. (a non - profit organization) 3820 Lake Otis Parkway Anchorage, AK 99508 907.770.6200 ext. 686 907.336.6205 (fax) E-mail: [EMAIL PROTECTED] Web: www.healthtvchannel.org -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form validation: client- or server-side?
On Fri, 2004-01-09 at 13:07, Matt Grimm wrote: Is there a distinct advantage to doing form validation / error checking on the server side using PHP? That's how I've always done it because I know PHP better than _javascript_, but wouldn't it make sense to validate as much of your form as possible using _javascript_ before the form was ever posted? I'm just talking about the basics, like empty required fields, illegal characters, string lengths, etc. I would shove off as much work as possible for the client to do on his/her machine and not bog down my server which could be busy serving pages/processing bigger and better things. Plus it also cuts down on bandwidth because you only send the form to the server if the _javascript_ checked everything and didn't find any errors. The downside is that you have to make sure the client has _javascript_ turned on otherwise your form authentication will not work and the code for your _javascript_ is available to the user to see and if you have any bugs in it then they can see and work around it. I guess it would depend on the site you are planning to do the authentication on. If the site is not super busy, bandwidth is not an issue and your server is not pegged at 100% most of the time then I would suggest using PHP to validate your forms because it's safer since the client can not see your code and it doesn't matter if the user has _javascript_ turned on of off. Just my $0.02... -Pete -- perl -e 'print pack(H*, 70766572746573406E79632E72722E636F6D0A)' signature.asc Description: This is a digitally signed message part
Re: [PHP] Form validation: client- or server-side?
--- Matt Grimm [EMAIL PROTECTED] wrote: Is there a distinct advantage to doing form validation / error checking on the server side using PHP? Yes, security. Basically, I never think of it as client-side *versus* server-side. I think of it more like this: 1. Server-side data validation? YES 2. Client-side data validation? Maybe Client-side validation can save people from having to submit their data before realizing a problem. This does nothing for security, but it can be convenient for your users. Of course, this can be more annoying if there are several errors. In addition, I think it's very unprofessional to have a popup appear to display the errors. If you're going to do any client-side validation, you should do something more sophisticated than popping up a JavaScript error message. :-) But, no matter what, always validate data on the server. Otherwise, it's like being a teacher and having your students grade their own work; it only works when everyone is honest (and I can guarantee you that won't be the case on a public Web site). That's my opinion... Chris = Chris Shiflett - http://shiflett.org/ PHP Security Handbook Coming mid-2004 HTTP Developer's Handbook http://httphandbook.org/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form validation: client- or server-side?
On Fri, 2004-01-09 at 14:22, Chris Shiflett wrote: But, no matter what, always validate data on the server. Otherwise, it's like being a teacher and having your students grade their own work; it only works when everyone is honest (and I can guarantee you that won't be the case on a public Web site). Just to play devil's advocate; why would you validate data on the server if you have a _javascript_ that checked the user's input before it gets submitted to the server ? I mean the whole point of you having that _javascript_ is to make sure the the correct data gets entered so why bother checking it once again on the server-side with PHP ? Wouldn't that be redundant and a waste of resources ? -Pete -- perl -e 'print pack(H*, 70766572746573406E79632E72722E636F6D0A)' signature.asc Description: This is a digitally signed message part
Re: [PHP] Form validation: client- or server-side?
[snip] why would you validate data on the server if you have a JavaScript that checked the user's input before it gets submitted to the server ? I mean the whole point of you having that JavaScript is to make sure the the correct data gets entered so why bother checking it once again on the server-side with PHP ? Wouldn't that be redundant and a waste of resources ? [/snip] Javascript can be turned off. Never trust the data you get from forms or query strings, they can easily be tampered with. Client side validation is just a convenience, save the users a round trip to the server and back to display input errors. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form validation: client- or server-side?
--- Peter Vertes [EMAIL PROTECTED] wrote: Just to play devil's advocate; why would you validate data on the server if you have a JavaScript that checked the user's input before it gets submitted to the server? I mean the whole point of you having that JavaScript is to make sure the the correct data gets entered so why bother checking it once again on the server-side with PHP? Wouldn't that be redundant and a waste of resources? The redundancy is in performing client-side validation, because you should never consider server-side validation as optional. Aside from the obvious fact that people can (and should be able to) turn off any client-side scripting, an attacker can do things far more sophisticated, to the point of writing a specialized Web client specifically to attack your site. When you receive a POST request, it will look something similar to this: POST /path/to/script.php HTTP/1.1 Host: example.org Content-Type: application/x-www-form-urlencoded Content-Length: 35 Connection: close first_name=chrislast_name=shiflett That's it. This may have resulted from the user submitting the following HTML form: form action=http://example.org/path/to/script.php; method=post input type=text name=first_name / input type=text name=last_name / input type=submit / /form You really can't tell what form was used on the receiving site, right? In fact, you can't even be sure that the user used a form at all. As an example, people ask on this list about performing a POST with PHP at least once a week. PHP doesn't need to use an HTML form for this; it just sends a request similar to the above (see http://shiflett.org/hacks/php/http_post for an example). The point is that the client decides what it sends, not you. If you want to think about security, you have to get rid of the assumption that your users will all use your site exactly as you intend. As I mentioned before, client-side checking is basically like saying, User, can you please send me a username only if it is less than 10 characters in length and alphanumeric only? Someone attacking your site is not going to abide by your requests. Hope that helps. Chris = Chris Shiflett - http://shiflett.org/ PHP Security Handbook Coming mid-2004 HTTP Developer's Handbook http://httphandbook.org/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form validation: client- or server-side?
It makes perfect sense now. Thanks for clearing it up for me Chris :) -Peter On Fri, 2004-01-09 at 15:29, Chris Shiflett wrote: --- Peter Vertes [EMAIL PROTECTED] wrote: Just to play devil's advocate; why would you validate data on the server if you have a _javascript_ that checked the user's input before it gets submitted to the server? I mean the whole point of you having that _javascript_ is to make sure the the correct data gets entered so why bother checking it once again on the server-side with PHP? Wouldn't that be redundant and a waste of resources? The redundancy is in performing client-side validation, because you should never consider server-side validation as optional. Aside from the obvious fact that people can (and should be able to) turn off any client-side scripting, an attacker can do things far more sophisticated, to the point of writing a specialized Web client specifically to attack your site. When you receive a POST request, it will look something similar to this: POST /path/to/script.php HTTP/1.1 Host: example.org Content-Type: application/x-www-form-urlencoded Content-Length: 35 Connection: close first_name=chrislast_name=shiflett That's it. This may have resulted from the user submitting the following HTML form: form action="">http://example.org/path/to/script.php method=post input type=text name=first_name / input type=text name=last_name / input type=submit / /form You really can't tell what form was used on the receiving site, right? In fact, you can't even be sure that the user used a form at all. As an example, people ask on this list about performing a POST with PHP at least once a week. PHP doesn't need to use an HTML form for this; it just sends a request similar to the above (see http://shiflett.org/hacks/php/http_post for an example). The point is that the client decides what it sends, not you. If you want to think about security, you have to get rid of the assumption that your users will all use your site exactly as you intend. As I mentioned before, client-side checking is basically like saying, User, can you please send me a username only if it is less than 10 characters in length and alphanumeric only? Someone attacking your site is not going to abide by your requests. Hope that helps. Chris = Chris Shiflett - http://shiflett.org/ PHP Security Handbook Coming mid-2004 HTTP Developer's Handbook http://httphandbook.org/ -- perl -e 'print pack(H*, 70766572746573406E79632E72722E636F6D0A)' signature.asc Description: This is a digitally signed message part
RE: [PHP] Form Validation: Surnames with Apostrophe
I just tried your regexp:
(preg_match(/[a-z](\\')?[a-z-]+/i,$_POST[Last_Name])
and it allows the following:
O' [EMAIL PROTECTED]
It seems to allow any number of characters and spaces between the O' and
Re
On Wed, 12 Mar 2003, John W. Holmes wrote:
preg_match ( /[A-Za-z-']+/, $_POST['Last_Name'] );
[EMAIL PROTECTED] wrote:
I have been trying to validate a form field Last_Name and have
been
unable
to find a regexp to account for the apostrophe (e.g., O'Reilly).
The
following statement:
preg_match('/^[[:alpha:]]+[-]?[[:alpha:]]+$/', $_POST[Last_Name])
accepts hyphenated surnames and I have tried escaping the
apostrophe:
[\\'] and [\\\'] to no avail. Any idea what I am doing wrong?
that could work but the user may now submit one or more apostrophes
as the Last Name.
Watch out for magic_quotes. If O'Reilly is submitted, unless you
stripslash() it, you're validating against O\'Relly.
preg_match(/[a-z](\\')?[a-z-]+/i,$_POST['Last_Name'])
---John W. Holmes...
PHP Architect - A monthly magazine for PHP Professionals. Get your copy
today. http://www.phparch.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Form Validation: Surnames with Apostrophe
That is because it is not saying that is all that can be in the string. The
'Re' matches that pattern. Put a ^ at the beginning to signify it must
start with the pattern and a $ at the end to signify it must end there.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Thursday, March 27, 2003 1:19 PM
To: John W. Holmes
Cc: 'John Nichel'; [EMAIL PROTECTED]
Subject: RE: [PHP] Form Validation: Surnames with Apostrophe
I just tried your regexp:
(preg_match(/[a-z](\\')?[a-z-]+/i,$_POST[Last_Name])
and it allows the following:
O' [EMAIL PROTECTED]
It seems to allow any number of characters and spaces between the O' and
Re
On Wed, 12 Mar 2003, John W. Holmes wrote:
preg_match ( /[A-Za-z-']+/, $_POST['Last_Name'] );
[EMAIL PROTECTED] wrote:
I have been trying to validate a form field Last_Name and have
been
unable
to find a regexp to account for the apostrophe (e.g., O'Reilly).
The
following statement:
preg_match('/^[[:alpha:]]+[-]?[[:alpha:]]+$/', $_POST[Last_Name])
accepts hyphenated surnames and I have tried escaping the
apostrophe:
[\\'] and [\\\'] to no avail. Any idea what I am doing wrong?
that could work but the user may now submit one or more apostrophes
as the Last Name.
Watch out for magic_quotes. If O'Reilly is submitted, unless you
stripslash() it, you're validating against O\'Relly.
preg_match(/[a-z](\\')?[a-z-]+/i,$_POST['Last_Name'])
---John W. Holmes...
PHP Architect - A monthly magazine for PHP Professionals. Get your copy
today. http://www.phparch.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Form Validation: Surnames with Apostrophe
When I do that:
(preg_match(/^[a-z](\\')?[a-z-]+$/i,$_POST[Last_Name])
it won't allow O'Reilly
and seems to not allow anything at all
On Thu, 27 Mar 2003, Jennifer Goodie wrote:
That is because it is not saying that is all that can be in the string. The
'Re' matches that pattern. Put a ^ at the beginning to signify it must
start with the pattern and a $ at the end to signify it must end there.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Thursday, March 27, 2003 1:19 PM
To: John W. Holmes
Cc: 'John Nichel'; [EMAIL PROTECTED]
Subject: RE: [PHP] Form Validation: Surnames with Apostrophe
I just tried your regexp:
(preg_match(/[a-z](\\')?[a-z-]+/i,$_POST[Last_Name])
and it allows the following:
O' [EMAIL PROTECTED]
It seems to allow any number of characters and spaces between the O' and
Re
On Wed, 12 Mar 2003, John W. Holmes wrote:
preg_match ( /[A-Za-z-']+/, $_POST['Last_Name'] );
[EMAIL PROTECTED] wrote:
I have been trying to validate a form field Last_Name and have
been
unable
to find a regexp to account for the apostrophe (e.g., O'Reilly).
The
following statement:
preg_match('/^[[:alpha:]]+[-]?[[:alpha:]]+$/', $_POST[Last_Name])
accepts hyphenated surnames and I have tried escaping the
apostrophe:
[\\'] and [\\\'] to no avail. Any idea what I am doing wrong?
that could work but the user may now submit one or more apostrophes
as the Last Name.
Watch out for magic_quotes. If O'Reilly is submitted, unless you
stripslash() it, you're validating against O\'Relly.
preg_match(/[a-z](\\')?[a-z-]+/i,$_POST['Last_Name'])
---John W. Holmes...
PHP Architect - A monthly magazine for PHP Professionals. Get your copy
today. http://www.phparch.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Form Validation: Surnames with Apostrophe
This is what I use
$LastName = stripslashes($_POST['LastName']);
preg_match(/^\w+[\s\-\'\.\w]*$/i, $LastName)
This is less strict than yours as I'm allowing whitespace, periods,
underscores, hyphens, apostrophes, and numbers because I don't so much care
if someone tacks on Jr. or something like that to the end of their name.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Thursday, March 27, 2003 3:05 PM
To: Jennifer Goodie
Cc: John W. Holmes; 'John Nichel'; [EMAIL PROTECTED]
Subject: RE: [PHP] Form Validation: Surnames with Apostrophe
When I do that:
(preg_match(/^[a-z](\\')?[a-z-]+$/i,$_POST[Last_Name])
it won't allow O'Reilly
and seems to not allow anything at all
On Thu, 27 Mar 2003, Jennifer Goodie wrote:
That is because it is not saying that is all that can be in the string.
The
'Re' matches that pattern. Put a ^ at the beginning to signify it must
start with the pattern and a $ at the end to signify it must end there.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Thursday, March 27, 2003 1:19 PM
To: John W. Holmes
Cc: 'John Nichel'; [EMAIL PROTECTED]
Subject: RE: [PHP] Form Validation: Surnames with Apostrophe
I just tried your regexp:
(preg_match(/[a-z](\\')?[a-z-]+/i,$_POST[Last_Name])
and it allows the following:
O' [EMAIL PROTECTED]
It seems to allow any number of characters and spaces between the O' and
Re
On Wed, 12 Mar 2003, John W. Holmes wrote:
preg_match ( /[A-Za-z-']+/, $_POST['Last_Name'] );
[EMAIL PROTECTED] wrote:
I have been trying to validate a form field Last_Name and have
been
unable
to find a regexp to account for the apostrophe (e.g., O'Reilly).
The
following statement:
preg_match('/^[[:alpha:]]+[-]?[[:alpha:]]+$/', $_POST[Last_Name])
accepts hyphenated surnames and I have tried escaping the
apostrophe:
[\\'] and [\\\'] to no avail. Any idea what I am doing wrong?
that could work but the user may now submit one or more apostrophes
as the Last Name.
Watch out for magic_quotes. If O'Reilly is submitted, unless you
stripslash() it, you're validating against O\'Relly.
preg_match(/[a-z](\\')?[a-z-]+/i,$_POST['Last_Name'])
---John W. Holmes...
PHP Architect - A monthly magazine for PHP Professionals. Get your copy
today. http://www.phparch.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Form Validation: Surnames with Apostrophe
Thank you. Strip_slashes was the key. The following Regular
Expression:
(preg_match(/^[[:alpha:]]{2,}[-]?[[:alpha:]]+$|^[[:alpha:]]{2,}[[:space:]]?[[:alpha:]]+$|^[[:alpha:]]{1,1}[']?[[:alpha:]]+$/,
$Last_Name)
allows only alphabetical characters (e.g., Smith), alphabetical characters
with whitespace then more alphabetical characters (e.g., Au Yong),
alphabetical character with apostrophe then more alphabetical characters
(e.g., O'Neal), or alphabetical characters with hyphen then more
alphabetical characters (e.g., Zeta-Jones). It does not, however, allow
alphabetical character with apostrophe then more alphabetical characters
then hyphen then more alphabetical characters (D'Agostino-Wong),
alphabetical characters with whitespace then more alphabetical characters
then hyphen then more alphabetical characters (e.g., von Hollander-Smith),
or alphabetical characters with whitespace then more alphabetical
characters then hyphen then alphabetical character then apostrophe then more
alphabetical characters (e.g, Van Horn-O'Reilly) or anything else anyone
may type in or not type in.
On Thu, 27 Mar 2003, Jennifer Goodie wrote:
This is what I use
$LastName = stripslashes($_POST['LastName']);
preg_match(/^\w+[\s\-\'\.\w]*$/i, $LastName)
This is less strict than yours as I'm allowing whitespace, periods,
underscores, hyphens, apostrophes, and numbers because I don't so much care
if someone tacks on Jr. or something like that to the end of their name.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Thursday, March 27, 2003 3:05 PM
To: Jennifer Goodie
Cc: John W. Holmes; 'John Nichel'; [EMAIL PROTECTED]
Subject: RE: [PHP] Form Validation: Surnames with Apostrophe
When I do that:
(preg_match(/^[a-z](\\')?[a-z-]+$/i,$_POST[Last_Name])
it won't allow O'Reilly
and seems to not allow anything at all
On Thu, 27 Mar 2003, Jennifer Goodie wrote:
That is because it is not saying that is all that can be in the string.
The
'Re' matches that pattern. Put a ^ at the beginning to signify it must
start with the pattern and a $ at the end to signify it must end there.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Thursday, March 27, 2003 1:19 PM
To: John W. Holmes
Cc: 'John Nichel'; [EMAIL PROTECTED]
Subject: RE: [PHP] Form Validation: Surnames with Apostrophe
I just tried your regexp:
(preg_match(/[a-z](\\')?[a-z-]+/i,$_POST[Last_Name])
and it allows the following:
O' [EMAIL PROTECTED]
It seems to allow any number of characters and spaces between the O' and
Re
On Wed, 12 Mar 2003, John W. Holmes wrote:
preg_match ( /[A-Za-z-']+/, $_POST['Last_Name'] );
[EMAIL PROTECTED] wrote:
I have been trying to validate a form field Last_Name and have
been
unable
to find a regexp to account for the apostrophe (e.g., O'Reilly).
The
following statement:
preg_match('/^[[:alpha:]]+[-]?[[:alpha:]]+$/', $_POST[Last_Name])
accepts hyphenated surnames and I have tried escaping the
apostrophe:
[\\'] and [\\\'] to no avail. Any idea what I am doing wrong?
that could work but the user may now submit one or more apostrophes
as the Last Name.
Watch out for magic_quotes. If O'Reilly is submitted, unless you
stripslash() it, you're validating against O\'Relly.
preg_match(/[a-z](\\')?[a-z-]+/i,$_POST['Last_Name'])
---John W. Holmes...
PHP Architect - A monthly magazine for PHP Professionals. Get your copy
today. http://www.phparch.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form Validation: Surnames with Apostrophe
Hi,
I made a little function that will allow allow alphabetical character with
apostrophe then more alphabetical characters then hyphen then more
alphabetical characters (D'Agostino-Wong). The downside is that it will
automatically cap von Hollander-Smith
function ucase_words($txt){
if(ereg(['-], $txt)){
$txt = strtolower($txt);
$boom = explode(', $txt);
foreach($boom as $key = $txt){
$boom[$key] = ucfirst($txt);
}
$booms = implode(', $boom);
$boomer = explode(-, $booms);
foreach($boomer as $key = $booms){
$boomer[$key] = ucfirst($booms);
}
$boomers = implode(-, $boomer);
return($boomers);
}
else {
$txt = strtolower($txt);
$txt = ucwords($txt);
return($txt);
}
}
I suppose you could add an if-then test for the odd lowercase. It seems to
work well and covers most of the scenarios you listed. [Btw, it was my
'very-first-function' so go easy on me! :]
Just my $0.01 worth,
Andre
On Thursday 27 March 2003 06:49 pm, [EMAIL PROTECTED] wrote:
Thank you. Strip_slashes was the key. The following Regular
Expression:
(preg_match(/^[[:alpha:]]{2,}[-]?[[:alpha:]]+$|^[[:alpha:]]{2,}[[:space:]]
?[[:alpha:]]+$|^[[:alpha:]]{1,1}[']?[[:alpha:]]+$/, $Last_Name)
allows only alphabetical characters (e.g., Smith), alphabetical characters
with whitespace then more alphabetical characters (e.g., Au Yong),
alphabetical character with apostrophe then more alphabetical characters
(e.g., O'Neal), or alphabetical characters with hyphen then more
alphabetical characters (e.g., Zeta-Jones). It does not, however, allow
alphabetical character with apostrophe then more alphabetical characters
then hyphen then more alphabetical characters (D'Agostino-Wong),
alphabetical characters with whitespace then more alphabetical characters
then hyphen then more alphabetical characters (e.g., von Hollander-Smith),
or alphabetical characters with whitespace then more alphabetical
characters then hyphen then alphabetical character then apostrophe then
more alphabetical characters (e.g, Van Horn-O'Reilly) or anything else
anyone may type in or not type in.
On Thu, 27 Mar 2003, Jennifer Goodie wrote:
This is what I use
$LastName = stripslashes($_POST['LastName']);
preg_match(/^\w+[\s\-\'\.\w]*$/i, $LastName)
This is less strict than yours as I'm allowing whitespace, periods,
underscores, hyphens, apostrophes, and numbers because I don't so much
care if someone tacks on Jr. or something like that to the end of
their name.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Thursday, March 27, 2003 3:05 PM
To: Jennifer Goodie
Cc: John W. Holmes; 'John Nichel'; [EMAIL PROTECTED]
Subject: RE: [PHP] Form Validation: Surnames with Apostrophe
When I do that:
(preg_match(/^[a-z](\\')?[a-z-]+$/i,$_POST[Last_Name])
it won't allow O'Reilly
and seems to not allow anything at all
On Thu, 27 Mar 2003, Jennifer Goodie wrote:
That is because it is not saying that is all that can be in the string.
The
'Re' matches that pattern. Put a ^ at the beginning to signify it must
start with the pattern and a $ at the end to signify it must end there.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Thursday, March 27, 2003 1:19 PM
To: John W. Holmes
Cc: 'John Nichel'; [EMAIL PROTECTED]
Subject: RE: [PHP] Form Validation: Surnames with Apostrophe
I just tried your regexp:
(preg_match(/[a-z](\\')?[a-z-]+/i,$_POST[Last_Name])
and it allows the following:
O' [EMAIL PROTECTED]
It seems to allow any number of characters and spaces between the O'
and Re
On Wed, 12 Mar 2003, John W. Holmes wrote:
preg_match ( /[A-Za-z-']+/, $_POST['Last_Name'] );
[EMAIL PROTECTED] wrote:
I have been trying to validate a form field Last_Name and have
been
unable
to find a regexp to account for the apostrophe (e.g.,
O'Reilly).
The
following statement:
preg_match('/^[[:alpha:]]+[-]?[[:alpha:]]+$/',
$_POST[Last_Name])
accepts hyphenated surnames and I have tried escaping the
apostrophe:
[\\'] and [\\\'] to no avail. Any idea what I am doing wrong?
that could work but the user may now submit one or more apostrophes
as the Last Name.
Watch out for magic_quotes. If O'Reilly is submitted, unless you
stripslash() it, you're validating against O\'Relly.
preg_match(/[a-z](\\')?[a-z-]+/i,$_POST['Last_Name'])
---John W. Holmes...
PHP Architect - A monthly magazine for PHP Professionals. Get your
copy today. http
[PHP] Form Validation: Surnames with Apostrophe
I have been trying to validate a form field Last_Name and have been unable
to find a regexp to account for the apostrophe (e.g., O'Reilly). The
following statement:
preg_match('/^[[:alpha:]]+[-]?[[:alpha:]]+$/', $_POST[Last_Name])
accepts hyphenated surnames and I have tried escaping the apostrophe:
[\\'] and [\\\'] to no avail. Any idea what I am doing wrong?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form Validation: Surnames with Apostrophe
Try
preg_match ( /[A-Za-z-']+/, $_POST['Last_Name'] );
[EMAIL PROTECTED] wrote:
I have been trying to validate a form field Last_Name and have been unable
to find a regexp to account for the apostrophe (e.g., O'Reilly). The
following statement:
preg_match('/^[[:alpha:]]+[-]?[[:alpha:]]+$/', $_POST[Last_Name])
accepts hyphenated surnames and I have tried escaping the apostrophe:
[\\'] and [\\\'] to no avail. Any idea what I am doing wrong?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Form Validation: Surnames with Apostrophe
that could work but the user may now submit one or more apostrophes
as the Last Name.
On Wed, 12 Mar 2003, John Nichel wrote:
Try
preg_match ( /[A-Za-z-']+/, $_POST['Last_Name'] );
[EMAIL PROTECTED] wrote:
I have been trying to validate a form field Last_Name and have been unable
to find a regexp to account for the apostrophe (e.g., O'Reilly). The
following statement:
preg_match('/^[[:alpha:]]+[-]?[[:alpha:]]+$/', $_POST[Last_Name])
accepts hyphenated surnames and I have tried escaping the apostrophe:
[\\'] and [\\\'] to no avail. Any idea what I am doing wrong?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Form Validation: Surnames with Apostrophe
preg_match ( /[A-Za-z-']+/, $_POST['Last_Name'] );
[EMAIL PROTECTED] wrote:
I have been trying to validate a form field Last_Name and have
been
unable
to find a regexp to account for the apostrophe (e.g., O'Reilly).
The
following statement:
preg_match('/^[[:alpha:]]+[-]?[[:alpha:]]+$/', $_POST[Last_Name])
accepts hyphenated surnames and I have tried escaping the
apostrophe:
[\\'] and [\\\'] to no avail. Any idea what I am doing wrong?
that could work but the user may now submit one or more apostrophes
as the Last Name.
Watch out for magic_quotes. If O'Reilly is submitted, unless you
stripslash() it, you're validating against O\'Relly.
preg_match(/[a-z](\\')?[a-z-]+/i,$_POST['Last_Name'])
---John W. Holmes...
PHP Architect - A monthly magazine for PHP Professionals. Get your copy
today. http://www.phparch.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] New to PHP- Form Validation Logic/Design Question
I am *very* new to PHP am trying to write a tool where a user can add books to a
library MySQL database.
The user fills out an HTML form. I do some form validation if the form entries are
ok, I need to run some SQL queries using the form variables.
I have the HTML form posting back to itself to do the error checking. The part I am
unclear on is how to handle the SQL queries.
I was thinking that if the user filled out the form correctly, I could redirect to a
new php script/page to handle the SQL queries. The problem is that if I do so, I do
not have access to the form variables that I need. The only way I know to pass
variables to a new script is through a form posting it doesn't make sense to have 2
form postings for one form.
I suppose I could run the SQL queries from the same script although when I use my
below logic, the SQL queries print out underneath the HTML form which looks pretty bad.
I was thinking that if I approach it this way, I need some way to loop back through
all my if statements so that I could catch the last one only ($REQUEST_METHOD ==
post $validated == yes)
and therefore wouldn't get the HTML form again. I tried putting a while(true){ } loop
around the entire thing which resulted in printing my HTML table infinity times :)
I included a pseudocode form of my logic here my actual code below.
If anyone has any thoughts, suggestions, ideas, or comments, I'd really appreciate it!
Also, is there a good IRC channel for php users?
Laura
[EMAIL PROTECTED]
Instant Messenger: lefindley
if ($REQUEST_METHOD != POST){
include(./form.html);
} else if ($REQUEST_METHOD == POST $validated == no){
perform error checking
display errors at top of page
include(./form.html);
} else if ($REQUEST_METHOD == POST $validated
== yes) {
**here is where I need to run the SQL queries**
}
--
?
$err = ;
$validated = no;
// display form for user to fill out
if ($REQUEST_METHOD != POST) {
include(./form.html);
} else if ($REQUEST_METHOD == POST $validated == no) {
// if user is submitting the form, do error
// checking. if there are errors, display them at
// the beginning of the form
if ($book_title == ){
$err .= LIfont color=redBook title cannot be blank!/fontbr;
}
if ($author == ) {
$err .= LIfont color=redAuthor cannot be left blank!/fontbr; }
if ($author != ){
if (!ereg('[a-zA-Z]', $author)){
$err .= LIfont color=redAuthor name must be .
letters!/fontbr;
}
}
if ($price == ){
$err .= LIfont color=redPrice cannot be left blank!/fontbr;
}
if ($price != ){
if (!is_numeric($price)){
$err .= LIfont color=redPrice must be numbers!/fontbr;
}
}
if ($isbn == ){
$err .= LIfont color=redISBN cannot be left blank!/fontbr;
}
if ($isbn != ){
if (!is_numeric($isbn)){
$err .= LIfont color=redISBN must be numbers!/fontbr;
}
}
if ($num_copies != ){
if (!is_numeric($num_copies)){
$err .= LIfont color=red# of copies must be .
numbers!/fontbr;
}
}
if ($checked_out != ){
if (!is_numeric($checked_out)){
$err .= LIfont color=red# of checked out copies must be .
if ($checked_out != ){
if (!is_numeric($checked_out)){
$err .= LIfont color=red# of checked out copies must be .
numbers!/fontbr;
}
}
if (is_numeric($checked_out) is_numeric($num_copies)){
if ($checked_out $num_copies){
$err .= LIfont color=red# of copies checked out cannot .
exceed number of copies in library!/fontbr;
}
}
include(./form.html);
if ($err == ){
$validated = yes;
break;
}
print Validated: $validated;
} // end of else if
if ($REQUEST_METHOD == POST $validated == yes){
// if user has correctly filled out the form, I
// need to run some MySQL queries using the form // variables - not sure if it is best
to do this // on the same page or redirect to another.
// if i run the SQL queries from the same page,
// i need to be able to not display the HTML form
// if i redirect to another script, I need a way
// to pass the form variables
print do some SQL stuff;
}
?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] New to PHP- Form Validation Logic/Design Question
I included a pseudocode form of my logic here my actual code below.
A suggestion in similar pseudo code.
top of page
set a flag to display form
If (form submitted)
{
validate entered data
if (data is correctly validated)
{
enter data into database
if (database operation ok)
{
include database ok page
clear a flag to display form
} else {
include database error page
clear a flag to display form (or not, depends on how you want to
deal with this)
}
} else {
display information about data entry problems
set a flag to display form
}
}
If (flag to display form is set)
{
display form
}
end of page
This is much the same as yours but permits you to handle the whole thing
in one page without having to re-display the form if you don't need to.
I use this basic layout all the time and it has the advantage that you
can keep the form but clear the data if you're expecting someone to
enter more data into the thing.
This method can also let you redisplay the form with data already
provided in cases where the form validation has failed. You can also
display the relevant validation errors in a way that highlights the
problem within the actual form.
CYA, Dave
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] New to PHP- Form Validation Logic/Design Question
if($REQUEST_METHOD == post)
{
//do validation of data
if($validated == yes)
{
//do queries
}
else
{
echo not validated;
include(form.html);
}
}
else
{include(form.html);}
Maybe that'll work. I'm trying to follow your logic. That will check for
the request method first. If it's POST, go on to validation. If it's not
POST, show the form. If the validation succeeds (validation == yes),
then do your queries, otherwise give an error message and show the form
again.
Works?
---John Holmes...
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Saturday, June 01, 2002 5:11 PM
To: [EMAIL PROTECTED]
Subject: [PHP] New to PHP- Form Validation Logic/Design Question
I am *very* new to PHP am trying to write a tool where a user can
add
books to a library MySQL database.
The user fills out an HTML form. I do some form validation if the
form
entries are ok, I need to run some SQL queries using the form
variables.
I have the HTML form posting back to itself to do the error checking.
The
part I am unclear on is how to handle the SQL queries.
I was thinking that if the user filled out the form correctly, I could
redirect to a new php script/page to handle the SQL queries. The
problem
is that if I do so, I do not have access to the form variables that I
need. The only way I know to pass variables to a new script is through
a
form posting it doesn't make sense to have 2 form postings for one
form.
I suppose I could run the SQL queries from the same script although
when I
use my below logic, the SQL queries print out underneath the HTML form
which looks pretty bad.
I was thinking that if I approach it this way, I need some way to loop
back through all my if statements so that I could catch the last one
only ($REQUEST_METHOD == post $validated == yes)
and therefore wouldn't get the HTML form again. I tried putting a
while(true){ } loop around the entire thing which resulted in printing
my
HTML table infinity times :)
I included a pseudocode form of my logic here my actual code below.
If anyone has any thoughts, suggestions, ideas, or comments, I'd
really
appreciate it! Also, is there a good IRC channel for php users?
Laura
[EMAIL PROTECTED]
Instant Messenger: lefindley
if ($REQUEST_METHOD != POST){
include(./form.html);
} else if ($REQUEST_METHOD == POST $validated == no){
perform error checking
display errors at top of page
include(./form.html);
} else if ($REQUEST_METHOD == POST $validated
== yes) {
**here is where I need to run the SQL queries**
}
--
?
$err = ;
$validated = no;
// display form for user to fill out
if ($REQUEST_METHOD != POST) {
include(./form.html);
} else if ($REQUEST_METHOD == POST $validated == no) {
// if user is submitting the form, do error
// checking. if there are errors, display them at
// the beginning of the form
if ($book_title == ){
$err .= LIfont color=redBook title cannot be
blank!/fontbr;
}
if ($author == ) {
$err .= LIfont color=redAuthor cannot be left
blank!/fontbr; }
if ($author != ){
if (!ereg('[a-zA-Z]', $author)){
$err .= LIfont color=redAuthor name must be .
letters!/fontbr;
}
}
if ($price == ){
$err .= LIfont color=redPrice cannot be left
blank!/fontbr;
}
if ($price != ){
if (!is_numeric($price)){
$err .= LIfont color=redPrice must be
numbers!/fontbr;
}
}
if ($isbn == ){
$err .= LIfont color=redISBN cannot be left
blank!/fontbr;
}
if ($isbn != ){
if (!is_numeric($isbn)){
$err .= LIfont color=redISBN must be
numbers!/fontbr;
}
}
if ($num_copies != ){
if (!is_numeric($num_copies)){
$err .= LIfont color=red# of copies must be .
numbers!/fontbr;
}
}
if ($checked_out != ){
if (!is_numeric($checked_out)){
$err .= LIfont color=red# of checked out copies must
be
.
if ($checked_out != ){
if (!is_numeric($checked_out)){
$err .= LIfont color=red# of checked out copies must
be
.
numbers!/fontbr;
}
}
if (is_numeric($checked_out) is_numeric($num_copies)){
if ($checked_out $num_copies){
$err .= LIfont color=red# of copies checked out cannot
.
exceed number of copies in library!/fontbr;
}
}
include(./form.html);
if ($err == ){
$validated = yes;
break;
}
print Validated: $validated;
} // end of else if
if ($REQUEST_METHOD == POST $validated == yes){
// if user has correctly filled out the form, I
// need to run some MySQL queries using the form // variables - not
sure
if it is best to do
