background
|
|
RiscOS
Risc OS Info
All you need to know about Risc OS and more.
More icon

News
All in one Place
All of your regular news in one place.
More icon
|
|
Up Image
Navigation
Search this Site
Enter your search terms

Site Breadcrumb - You are here
|
PHP/MySQL Tutorial
Lesson 3
by Graeme Merrall

Page 2 — Simple Validation

Imagine for a moment that we've got our database nicely laid out and we're now requesting information from users that will be inserted into the database. Further, let's imagine that you have a field in your database waiting for some numeric input, such as a price. Finally, imagine your application falling over in a screaming heap because some smart aleck put text in that field. MySQL doesn't want to see text in that portion of your SQL statement - and it complains bitterly.

What to do? Time to validate.

Validation simply means that we'll examine a piece of data, usually from an HTML form, and check to make sure that it fits a certain model. This can range from ensuring that a element is not blank to validating that an element meets certain criteria (for example, that a numeric value is stipulated or that an email address contains an @ for an email address).

Validation can be done on the server side or on the client side. PHP is used for server-side validation, while JavaScript or another client-based scripting language can provide client-side validation. This article is about PHP, so we're going to concentrate on the server end of things. But if you're looking for some ready-made, client-side validation scripts, check out the Code library.

Let's ignore our database for the moment and concentrate on PHP validation. If you wish, you can add additional fields to our employee database quite simply by using the MySQL ALTER statement - that is, if you want to commit to the values that we'll validate.

There are several useful PHP functions we can use to validate our data, and they range from simple to highly complex. A simple function we could use might be strlen(), which tells us the length of the variable.

A more complex function would be ereg(), which uses full regular expression handling for complex queries. I won't delve into the complexities of regex here, as entire books have been written on the subject, but I will provide some examples on the next page.

Let's start with a simple example. We'll check to see whether a variable does or does not exist. 


<html>

<body>

<?php

if ($submit) {

     if (!$first || !$last) {

	$error = "Sorry! You didn't fill in all the fields!";

	} else {

		// process form

		echo "Thank You!";

	}



}



if (!$submit || $error) {

     echo $error;

     ?>

     <P>

     <form method="post" action="<?php echo $PHP_SELF ?>">

     FIELD 1: <input type="text" name="first" value="<?php echo $first ?>">

     <br>

     FIELD 2: <input type="text" name="last" value="<?php echo $last ?>">

     <br>

     <input type="Submit" name="submit" value="Enter Information">

     </form>

     <?php

} // end if

?>



</body>

</html>

The keys to this script are the nested conditional statements. The first checks to see whether the Submit button has been pressed. If it has, it goes on to check that both the variables $first and $last exist. The || symbol means "or" and the ! symbol means "not." We could also rewrite the statement to say, "If $first does not exist or $last does not exist, then set $error to the following."

Next, let's extend things a little by checking to see whether a string is a certain length. This would be ideal for passwords, since you don't want some lazy user entering a password of only one or two letters. You'd rather it be, say, six or more characters.

The function for this is, as you already know, strlen(). It simply returns a number equal to the number of characters in the variable being tested. Here, I modified the script above to check the length of $first and $last. 


<html>

<body>

<?php

if ($submit) {

     if (strlen($first) < 6 || strlen($last) < 6) {

	$error = "Sorry! You didn't fill in all the fields!";

	} else {

		// process form

		echo "Thank You!";

	}



}



if (!$submit || $error) {

     echo $error;

     ?>

     <P>

     <form method="post" action="<?php echo $PHP_SELF ?>">

     FIELD 1: <input type="text" name="first" value="<?php echo $first ?>">

     <br>

     FIELD 2: <input type="text" name="last" value="<?php echo $last ?>">
    
     <br>

     <input type="Submit" name="submit" value="Enter Information">

     </form>

     <?php

} // end if

?>



</body>

</html>

Run this script and try entering six or fewer letters to see what happens. It's simple yet quite effective.

next page»