FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » Simpler way to validate form fields?
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: Simpler way to validate form fields? [message #179793 is a reply to message #179786] Wed, 05 December 2012 09:56 Go to previous messageGo to previous message
M. Strobel is currently offline  M. Strobel
Messages: 386
Registered: December 2011
Karma:
Senior Member
Am 04.12.2012 23:37, schrieb Gilles:
> Hello
>
> If this the best way to validate each and every field in a form, or is
> there a better/simpler way?
>
> http://phpmaster.com/form-validation-with-php/
> (section "Validating the Form Contents")
>
> Sample:
> ========
> $nameErr = $addrErr = "";
> $name = $address "";
>
> if ($_SERVER["REQUEST_METHOD"] == "POST") {
> if (empty($_POST["name"])) {
> $nameErr = "Missing";
> }
> else {
> $name = $_POST["name"];
> }
> etc.
> ========

Too basic. My user input reader is

function getStringFromForm($key, $l=255, $val=null) {
return (isset($_REQUEST[$key])) ?
filter_var(substr($_REQUEST[$key],0,$l), FILTER_SANITIZE_STRING) :
$val;
}

Short explanation:

I have a default length limit, which might stop overflow/overload attacks.

The default value is settable, no coding like: if empty() set to "something".

I read $_REQUEST, because the first thing my dispatcher does is a check for GET/POST,
and POST form values can be as easily manipulated as get values. So EVERY string
input uses this function.

Of course there is a corresponding getEmailFromForm() and getIntFromForm().

/Str.
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: when receiving the mail(php mail function), the variable's last value is getting converted to $ or # replacing the digit
Next Topic: How to Prevent Apache Server From Hanging while running a batch file?
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Sat Nov 30 12:50:03 GMT 2024

Total time taken to generate the page: 0.03896 seconds