0

I have many forms and was wondering wouldn't it be better to build a function that validates user entries? So for example we would forward the data into the function and it would return whatever and display a message with an error but i have no idea how to go about this since i am new to PHP. I don't even know if this is the best way to go about my problem.

Any tutorials or tips for validating lots of forms? Best practices?

BTW i have to avoid using external libraries. So creating simple code is the way forward.

user3032640
  • 61
  • 5
  • 1
    It's a good idea to write common functionality classes, yes. However, this question is pretty broad. You might wanna show some code samples of the types of forms you're attempting to validate, and try to be a bit more specific. – James Spence Apr 29 '15 at 21:02
  • Check https://github.com/Respect/Validation, that one is pretty good, it allows you to extend the existing validators, and you don't have to reinvent the wheel. – Cristik Apr 29 '15 at 21:04
  • Look into gump validation class: https://github.com/Wixel/GUMP Allows for rule based input sanitization and validation. – Maximus2012 Apr 29 '15 at 21:04
  • Just a tip, you're using PDO queries incorrectly. This is one of the correct ways: http://stackoverflow.com/a/10929127/174368 – Tek Apr 29 '15 at 21:08
  • @Cristik I should avoid using any libraries any other tips? – user3032640 Apr 29 '15 at 21:11
  • @Maximus2012 Thank you, will be helpful but i should avoid using any libraries – user3032640 Apr 29 '15 at 21:11
  • @tek thanks for pointing it out i will read more into using it correctly :D – user3032640 Apr 29 '15 at 21:11
  • Bear in mind that "avoid using other libraries" is usually a bad idea. Unless you can give a good reason why you want to reinvent the wheel, you should build on other people's tested/proven work. – halfer Apr 29 '15 at 21:50
  • When @Tek said you're using PDO incorrectly, what he/she meant was that you have a serious security vulnerability in this code, and you should not go live until it is fixed. – halfer Apr 29 '15 at 21:51
  • @halfer Thanks. Its not going live. I will be making changes to the PDO later but i need to learn how to validate infor firest – user3032640 Apr 29 '15 at 23:23

1 Answers1

-1

Your modular approach is good. But I think having a common function for multiple page validation might lead to unnecessary execution of multiple instructions failing the actual purpose of using it. So you would basically be trading off on performance for code optimisation. In case your pages are more or less similar in terms of the data accepted, you can always invoke the same function and pass it a parameter which indicates the page from which it has been invoked and based on that you can parse and hence validate the data received.

Ashav
  • 141
  • 1
  • 9
  • So one constant use will be checking if the length of entered data is within limits. So i can do something to checkLength(1,10,"hello") where it would check between the min 1 and max 10 of the string hello. is this not a good idea? Thank you for response – user3032640 Apr 29 '15 at 21:14