form validation

Hello

I am a newbie to PHP. Please bear with me. I need to validate the
following fields using php.

1. email (needs to be just one e-mail address, and take out stuff like
bcc or anything that would be used for e-mail injection vulnerability)
2. Phone number (has to be in the format 555-5555)
3. Phone number area code (has to be limited to 3 characters)
4. Address has to be stripped of all illegal characters like slashes,
special characters etc

Another thing is I don't want people to be able to leave any of the
fields blank.

Where does the validation code go?

After this statement?

if($REQUEST_METHOD=="POST") or before?

I have tried a few things, but I am not sure what most people use, any
help would be appreciated.

Have a wonderful day

Diane

re: form validation

Hi,

Here's one function to check an email address:

http://www.ilovejackdaniels.com/php/...ss-validation/

For phone, you could do:

if (!preg_match('/^[2-9]\d{2}-\d{4}$/', $email)) {
// Bad phone
}

For address, you could do:

$addr = preg_replace('#[^[[:print:]]]|[/\\\\]#', '', $addr);

You can check that each item is filled-in like so:

$errors = array();
if (trim($_POST['name']) == '') {
$errors[] = 'Name is missing.';
}
if (trim($_POST['addr']) == '') {
$errors[] = 'Address is missing.';
}
foreach ($errors as $err) {
echo "<span style=\"color: red;\">$err</span><br>";
}


On Feb 28, 10:57 am, "lepage.di...@gmail.com" <lepage.di...@gmail.com>
wrote:
On Feb 28, 10:57 am, "lepage.di...@gmail.com" <lepage.di...@gmail.com>
wrote:

re: form validation

..oO(petersprc)
I still doubt that this will match all valid addresses. The RFC is way
too complex to be handled with a simple regular expression. Compare the
address from the site above with this one:

http://www.ex-parrot.com/~pdw/Mail-RFC822-Address.html

I would just check that there's an "@" char with something before it,
something after it and no line breaks. That's it. Just because a mail
address looks valid doesn't mean that it really exists, so why bother?
Just send out a mail and either it will reach its destination or not.

Micha

re: form validation

lepage.diane@gmail.com formulated on keskiviikko :Hi, you should check these:
http://www.php.net/manual/en/ref.filter.php,
http://phpro.org/tutorials/Filtering-Data-with-PHP.html and
http://devzone.zend.com/node/view/id/1113.

-Lurius

re: form validation

On Mar 1, 2:40 pm, Lurius <romu.k...@elisanet.fiwrote:So much restriction as old thing now.
For address king of thing just check those invalid char that can harm
your system.

re: form validation

On Mar 1, 2:40 pm, Lurius <romu.k...@elisanet.fiwrote:So much restriction as old thing now.
For address kind of things just check those invalid chars that can
harm your system.

re: form validation

Lurius wrote:Don't bother. While the idea is good, this is one of the worst
interfaces ever added to PhP.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

re: form validation

Hello,

on 02/28/2007 12:57 PM lepage.diane@gmail.com said the following:Take a look at this forms generation and validation. It does all that
you ask without need to learn special javascript:

http://www.phpclasses.org/formsgeneration

Here is a generic example in action:

http://www.meta-language.net/forms-examples.html


--

Regards,
Manuel Lemos

Metastorage - Data object relational mapping layer generator
http://www.metastorage.net/

PHP Classes - Free ready to use OOP components written in PHP
http://www.phpclasses.org/