Input Validation

Introduction. Whenever you are obtaining inputs from a user it is essential to have input validation. Since I am more inclined to use JavaScript for this since it is done on the client side before the inputs are even submitted, we will not get into great depth on this topic in PHP. Regular expressions, common to a number of languages at least in concept, can greatly ease the efforts towards getting input validation.

The following is a list of some different purposes for getting input validation.

making sure certain entries are non-blank

making sure numeric entries are numbers

making sure dates are dates

making certain that particular data types are appropriate in general

making sure things like e-mail addresses have certain minimal structures

making sure other sorts of structured entries have certain patterns such as

telephone

zip code

social security numbers

state abbreviations

on and on

While there are any number of reasons to engage in preprocessing to help ensure inputs are valid, we will quickly present a few strategies that are often used.

marking required inputs

using select boxes with preset options

using radio buttons that are grouped

these might be initialized in a way where the user is leveraged to change them

using check boxes

formatting text boxes in certain ways to ensure that only certain characters are typed

Again, there are many other approaches to doing these sorts of things.

In this page we will focus on what is essentially testing only for whether or not particular entries have blanks or appropriate length. These will be done with two different built in functions.

isset( )

strlen( )

We will work with a fairly simple form of text boxes and text areas, though this can be easily elaborated on. You should call the form page inputs.html.

<html>
<head>
<title>HTML Form</title>
</head>

<body bgcolor = "664500" text="cccccc">
<form action="handle_inputs.php" method=post>
<table>
<tr>
<td><font size = 4 color=cccccc>First Name:</font>
</td>
<td><input type=text name="txtFirstName" size=20>
</td>
</tr>
<tr>
<td><font size = 4 color=cccccc>Last Name:</font>
</td>
<td><input type=text name="txtLastName" size=20>
</td>
</tr>
<tr>
<td><font size = 4 color=cccccc>EMail Address:</font>
</td>
<td><input type=text name="txtEMail" size=50>
</td>
</tr>
<tr>
<td><font size = 4>Comments:</font>
</td>
<td><textarea name="tareaComments" rows = 5 columns = 20></textarea>
</td>
</tr>
<tr>
<td colspan = 2 align = center><input type = submit name="submit" value="submit">
</td>
</tr>
</table>
</form>
</body>
</html>

<html>
<head>
<title>Displaying the Inputted Information</title>
</head>

<body>
<?php
// obtaining the information from the form and displaying it
if (isset($txtFirstName))
{

if (strlen($txtFirstName) > 0)
{

print "Your first name is <b>$txtFirstName </b><BR>\n";

}
else
{

print "Your first name was set as <b>an empty string</b><BR>\n";

}

}
else
{

print "Your first name <b>wasn't set </b><BR>\n";

}
if (isset($txtLastName))
{

if (strlen($txtLastName) > 0)
{

print "Your last name is <b>$txtLastName </b><BR>\n";

}
else
{

print "Your last name was set as <b>an empty string</b><BR>\n";

}

}
else
{

print "Your last name <b>wasn't set </b><BR>\n";

}
if (isset($txtEMail))
{

if (strlen($txtEMail) > 0)
{

print "Your e-mail address is <b>$txtEMail </b><BR>\n";

}
else
{

print "Your e-mail address was set as <b>an empty string</b><BR>\n";

}

}
else
{

print "Your e-mail address <b>wasn't set </b><BR>\n";

}

print "Your comments are <b>$tareaComments </b><BR>\n";
?>
</body>
</html>