I am really messed up. Does anyone can help me out that what is the easier way or simple way for server side validation using php. I would really appreciate that.....
Asked
Active
Viewed 1,316 times
0
-
1There is no "simple" way, because everyone's validation requirements are different. – Marc B Jul 19 '12 at 17:26
-
This answer might help you: http://stackoverflow.com/questions/737385/easiest-form-validation-library-for-php – redbirdo Jul 19 '12 at 17:35
-
Please be specific. Zend Framework has [Zend_Validate](http://framework.zend.com/manual/en/zend.validate.introduction.html). – Marcus Adams Jul 19 '12 at 17:36
3 Answers
0
As Marc B stated, there's really no simple way. You can use a third party form validation library/class or utilize a framework which has form validation as a component. I personally use the Zend Framework, but that could be overkill for you.
If you're doing it on your own, you'll want to keep in mind the following (plus more depending on your needs):
- Is the data correct according to a specific desired format? (i.e., email, phone number, zip code) You can validate this in a number of ways. (Regular expressions)
- Are you inserting into a database or back into the page? Then you should escape. Simple methods include: htmlentities, htmlspecialchars, etc. Again, it depends on your specific needs
- Is there a maximum limit you'd like to enforce? If so, you'll need to do this server-side as the DOM can be manipulated by the user and any
inputlevel restrictions can easily be altered. - Is the field required? Make sure the
POSTvariable exists and is not empty.
You just need to write down your requirements for the form, and then decide from there how you're going to implement the validation.
wanovak
- 6,117
- 25
- 32
0
Here is a simple PHP form validation:
<?php
// validate $_GET['foo'], here I test that it is at least 1 character long
$valid = TRUE;
if( isset($_GET['foo']) && strlen($_GET['foo']) < 1 ) {
$valid = FALSE;
}
// if the form is submitted and $_GET['foo'] is valid, show a success message
if( isset($_GET['bar']) && $valid ) :
// do something with the form data
?>
<p>The form was successfully submitted.</p>
<?php
// show the form
else :
?>
<form method="get" action="">
<div>
<label for="foo">Foo: </label>
<input type="text" id="foo" name="foo" value="<?php echo $_GET['foo']; ?>" />
<?php if( !$valid ) : ?>
<p>Please enter a valid value.</p>
<?php endif; ?>
</div>
<div>
<input type="submit" id="bar" name="bar" value="Bar" />
</div>
</form>
<?php
endif;
?>
kingjeffrey
- 14,894
- 6
- 42
- 47
0
Use this:
<?php
class Validator {
public $data = array();
public $rules = array();
public $messages = array();
public $error = array();
public $pass = true;
public function __construct($options = null) {
foreach ($options as $option => $value) {
$this->$option = $value;
}
}
public function validate() {
foreach($this->rules as $k=>$v) {
$rules = explode('|',$v);
$pass = true;
foreach ($rules as $rule) {
$rule = explode(':',$rule);
switch ($rule[0]) {
case 'required':
if(empty($this->data[$k])) {
$pass = false;
}
break;
case 'min':
if(strlen($this->data[$k]) < $rule[1]) {
$pass = false;
}
break;
case 'max':
if(strlen($this->data[$k]) > $rule[1]) {
$pass = false;
}
break;
case 'equal':
if(strlen($this->data[$k]) != $rule[1]) {
$pass = false;
}
break;
case 'not':
if($this->data[$k] == $rule[1]) {
$pass = false;
}
break;
case 'allow':
$allowed = explode(',',$rule[1]);
if(!in_array($this->data[$k],$allowed)) {
$pass = false;
}
break;
case 'email':
if (!filter_var($this->data[$k],FILTER_VALIDATE_EMAIL)) {
$pass = false;
}
break;
case 'same':
if ($this->data[$k] != $this->data[$rule[1]]) {
if(!isset($this->error[$rule[1]])) {
$this->error[$rule[1]] = '';
}
$pass = false;
} else {
if(isset($this->error[$rule[1]])) {
$this->error[$k] = $this->error[$rule[1]];
}
}
break;
case 'unique':
if (egrediDB_checkUnique($rule[1],$k,$this->data[$k]) != 0) {
$pass = false;
}
}
if($pass == false) {
$this->pass = false;
$this->error[$k] = $this->messages[$k];
}
}
}
//print_r($this->error);
return array(
'error'=>$this->error,
'pass'=>$this->pass
);
}
}
?>
Note: I made a custom function for a database check:
<?php
// Funktion für die Klasse Validator.php
function egrediDB_checkUnique($table,$column,$value) {
global $egrediDB;
return $egrediDB->count($table,array($column=>$value));
}
?>
<?php
$Validator = new Validator(array(
'data'=>$_POST['data'],
'rules' => array(
'firstname' => 'required',
'lastname' => 'required',
'password' => 'required|min:8',
'password_repeat' => 'required|same:password',
'email' => 'email|unique:user',
'email_repeat' => 'required|same:email',
'timezone' => 'required|not:-1',
'country' => 'required|not:-1|max:2',
'street' => 'required',
'postalcode' => 'required',
'city' => 'required',
),
'messages' => array(
'firstname' => 'Bitte geben Sie ein Vornamen ein',
'lastname' => 'Bitte geben Sie ein Nachnamen ein',
'password' => 'Bitte geben Sie ein Sicheres 8-stelliges Passwort ein',
'password_repeat' => 'Ihre Passwörter stimmen nicht überein',
'email' => 'E-Mail ist ungültig oder schon registriert',
'email_repeat' => 'Ihre E-Mails stimmen nicht überein',
'timezone' => 'Bitte wählen Sie eine Zeitzone',
'country' => 'Bitte wählen Sie ein Land',
'street' => 'required',
'postalcode' => 'required',
'city' => 'required',
),
));
echo json_encode($Validator->validate());exit;
?>
