Hi everyone,
I'm setting up a databse to store visitor name and other info, and i would like to put in validation on the name input. I have no idea how. Also should it be serverside or clientside. Thanks for any help
CSS Codes
Administrator
Php validation
Hi everyone,
I'm setting up a databse to store visitor name and other info, and i would like to put in validation on the name input. I have no idea how. Also should it be serverside or clientside. Thanks for any help
Elite Coders
What do you mean by validation? It depends on what you mean by that but probably client side. For example validation of a phone number could be broken down to only allowing
Code:\d{3}-\d{3}-\d{4}Code:\d{3}.\d{3}.\d{4}Code:\(\d{3}\)-\d{3}-\d{4}
Corrections to my coding/thoughts welcome.
global $Moderator;
client-side for user convenience, server-side for anything that's actually important.
client-side validation can always be bypassed and/or faked, so when your input gets to the server, you should always treat it as "bad."
client-side validation does, however, save time for good boys and girls by pointing out mistakes before bothering your server with them.
to validate a name (and many other things), usingpreg_match()works well.
regexs, as you can see from bluewalrus' examples above, can be complex depending on what you want to validate. phone numbers are probably one of the hardest things to validate because there are so many formats for them, depending on localization and individual preference. bluewalrus' examples will (individually) catch:
234-567-8910
234.567.8910
(234)-567-8910
but will reject:
567-8910
(234)567-8910
234-567-89-10
2345678910
1(234)567-8910
+1-234-567-8910 etc., etc., etc.. even though they all correctly describe a phone number.
Edit:
here's an example that seems to work most of the time (though another post admonishes us to just trust that the user knows their own phone number):
(lol i luv it when code gives u unexpected smilies!)Originally Posted by http://stackoverflow.com/questions/123559/a-comprehensive-regex-for-phone-number-validation
^(??:\+?1\s*(?:[.-]\s*)?)?(?:\(\s*([2-9]1[02-9]|[2-9][02-8]1|[2-9][02-8][02-9])\s*\)|([2-9]1[02-9]|[2-9][02-8]1|[2-9][02-8][02-9]))\s*(?:[.-]\s*)?)?([2-9]1[02-9]|[2-9][02-9]1|[2-9][02-9]{2})\s*(?:[.-]\s*)?([0-9]{4})(?:\s*(?:#|x\.?|ext\.?|extension)\s*(\d+))?$
in contrast, validating a name is much simpler: almost always, you just want letters and possibly spaces, apostrophes, and hyphens.
preg_match usage:Code:^[ -'A-Za-z]+$PHP Code:$validName = preg_match( '/^[ -\'A-Za-z]+$/', $_POST['unvalidatedName'] ) ?
$_POST['unvalidatedName'].' is a good name':
$_POST['unvalidatedName'].' is a bad name';
// ( note we add delimiters and have to escape the apostrophe )
Last edited by traq; 07-19-2011 at 07:11 AM. Reason: see post below
keyboard (07-19-2011)
Administrator
How do I use this code? i get i have to fill in the name of the input from the form but how do i use it. Do i just put it in the page the form is being processed by? Also, what happens if there is a error with the imput?preg_match usage:PHP Code:$validName = preg_match( '/^[ -\'A-Za-z]+$/', $_POST['name'] );
// ( note we add delimiters and have to escape the apostrophe )
Would this code work?PHP Code:<?php
if(isset($_COOKIE['Authorization'])){
$cheese = $_POST['name'];
$validName = preg_match( '/^[ -\'A-Za-z]+$/', $_POST['name'] );
$inTwoMonths = 60 * 60 * 24 * 60 + time();
setcookie('lastVisit',$cheese, $inTwoMonths);}
else{
header('location: index.php');}
?>
global $Moderator;
sorry; I got ahead of myself. preg_match() returns TRUE or FALSE, so use it as a condition instead, not as the assigned value:as far as your code goes, your name validation is not connected to the script in any way: nothing happens because of it, and all the other code is completely unrelated.PHP Code:$validName = preg_match( '/^[ -\'A-Za-z]+$/', $_POST['name'] ) ? $_POST['name']: NULL;
if(empty($validName)){
print "please use only letters (a-z), spaces ( ), hyphens (-), and/or apostrophes (') in your name";
}else{ print "hello, $validName!"; }
why are you trying to use this in the middle of your cookie code? i would think that you'd want to insert the name in your database if it was valid, and reject it and show an error if it was bad.
Last edited by traq; 07-19-2011 at 07:13 AM.
Administrator
I am eventually going to use it for a database but I wanted to test it.
Elite Coders
You can use the regex with javascript as well to test it before passing it to the php, and let the user know to correct it at that point.
This is a rough js sample if you want a functioning one please provide your HTML.
Code:var check_name = /^[ -\'A-Za-z]+$/; //if jquery if ( check_name.test( $(this).attr('id').val())) { submit } else { error message dont submit } //non jquery if ( check_name.test( document.getElementById('IDofINPUT/textarea').value)) { submit } else { error message dont submit }
Corrections to my coding/thoughts welcome.
global $Moderator;
yes, but you need to have some result from your test, or you will never know if it "worked" or not.
try something like this, in its own script:then build your logic further on that, and get closer to what you want it to actually do.PHP Code:<?php
if(!empty($_POST['name'])){
// note I changed the regex slightly: the hyphen _must_ go first
$validName = preg_match( '/^[- \'A-Za-z]+$/', $_POST['name'] ) ?
$_POST['name'].' is a good name':
$_POST['name'].' is a bad name';
print $validName;
}
?>
<form method="POST">
<input name="name">
<input type="submit" value="Submit">
</form>
Last edited by traq; 07-19-2011 at 04:10 PM.
Administrator
Do you put the preg_match thing on the page with the form or the page the form is being processed by?
Elite Coders
It should go where it is being processed.
Corrections to my coding/thoughts welcome.
Posting Permissions
Reply With Quote
Bookmarks