473,698 Members | 2,084 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Validating form input data

Hello everyone,

I am tying to come up with an elegant way to process some input data that
come from a form. When the user hits the 'Submit' button, i want the form to
appear again with the already entered valid data filled in and prompt the
user to re-enter the non-valid data. If all data is valid, i will forward to
an other .php page which enters the data into a database.

I tried to do this in the following way: the form always hits back on
itself, but when all data is valid i use the PHP:header() to redirect to the
data.php that performs the database insertion. The problem is that the data
is not available to data.php in the $_POST variable. How can i overcome this
problem? Any other subtle way to handle the whole thing? Any help
appreciated.
Apr 30 '06 #1
17 3855
stathis gotsis wrote:
Hello everyone,

I am tying to come up with an elegant way to process some input data that
come from a form. When the user hits the 'Submit' button, i want the form to
appear again with the already entered valid data filled in and prompt the
user to re-enter the non-valid data. If all data is valid, i will forward to
an other .php page which enters the data into a database.

I tried to do this in the following way: the form always hits back on
itself, but when all data is valid i use the PHP:header() to redirect to the
data.php that performs the database insertion. The problem is that the data
is not available to data.php in the $_POST variable. How can i overcome this
problem? Any other subtle way to handle the whole thing? Any help
appreciated.


I would break the function a little differently.

1. Have a form (view) that is sensitive to $SESSSION. That is, it will
use the values in SESSION to populate any dynamic values to be displayed
in the form.
2. Have another process (controller) that:
a) processes $_POST or $_GET
b) if all is valid, does the insert/update and redirects to another
page (Your data has been saved.)
c) if all is not valid, populates the $SESSION with good values and
then redirects to the view form.

The whole thing is started by calling the controller. Since no data is
valid, it will redirect to the view.
The view then presents a form for filling in.
The user fills in the form and submits which then calls the controller.
The controller processes the form data and either updates/inserts it or
calls the view again.

If you encapsulate your database accesses into a class or set of classes
which are called from the controller, you will have a light-weight
implementation of a classic Model-View-Controller (MVC2) architecture.

-david-

Apr 30 '06 #2
Hello,

on 04/30/2006 09:38 AM stathis gotsis said the following:
Hello everyone,

I am tying to come up with an elegant way to process some input data that
come from a form. When the user hits the 'Submit' button, i want the form to
appear again with the already entered valid data filled in and prompt the
user to re-enter the non-valid data. If all data is valid, i will forward to
an other .php page which enters the data into a database.

I tried to do this in the following way: the form always hits back on
itself, but when all data is valid i use the PHP:header() to redirect to the
data.php that performs the database insertion. The problem is that the data
is not available to data.php in the $_POST variable. How can i overcome this
problem? Any other subtle way to handle the whole thing? Any help
appreciated.


Nothing stops you from presenting the form and process it with the same
script.

You may want to take a look at this forms generation and validation
class that shows you how to do that. Additionally it generates your
forms with Javascript to validate the form also on the client site,
avoiding unnecessary server round trips just to tell the user the form
has invalid fields.

http://www.phpclasses.org/formsgeneration
--

Regards,
Manuel Lemos

Metastorage - Data object relational mapping layer generator
http://www.metastorage.net/

PHP Classes - Free ready to use OOP components written in PHP
http://www.phpclasses.org/
Apr 30 '06 #3
"David Haynes" <da***********@ sympatico.ca> wrote in message
news:Mp******** *******@fe17.us enetserver.com. ..
stathis gotsis wrote:
Hello everyone,

I am tying to come up with an elegant way to process some input data that come from a form. When the user hits the 'Submit' button, i want the form to appear again with the already entered valid data filled in and prompt the user to re-enter the non-valid data. If all data is valid, i will forward to an other .php page which enters the data into a database.

I tried to do this in the following way: the form always hits back on
itself, but when all data is valid i use the PHP:header() to redirect to the data.php that performs the database insertion. The problem is that the data is not available to data.php in the $_POST variable. How can i overcome this problem? Any other subtle way to handle the whole thing? Any help
appreciated.


I would break the function a little differently.

1. Have a form (view) that is sensitive to $SESSSION. That is, it will
use the values in SESSION to populate any dynamic values to be displayed
in the form.
2. Have another process (controller) that:
a) processes $_POST or $_GET
b) if all is valid, does the insert/update and redirects to another
page (Your data has been saved.)
c) if all is not valid, populates the $SESSION with good values and
then redirects to the view form.

The whole thing is started by calling the controller. Since no data is
valid, it will redirect to the view.
The view then presents a form for filling in.
The user fills in the form and submits which then calls the controller.
The controller processes the form data and either updates/inserts it or
calls the view again.

If you encapsulate your database accesses into a class or set of classes
which are called from the controller, you will have a light-weight
implementation of a classic Model-View-Controller (MVC2) architecture.


Thank you for your quick answer, i am heading towards the implementation you
suggested. Just another minor question: can i add an array variable to
SESSION? How can this be done?
Apr 30 '06 #4
stathis gotsis wrote:
"David Haynes" <da***********@ sympatico.ca> wrote in message
news:Mp******** *******@fe17.us enetserver.com. ..
stathis gotsis wrote:
Hello everyone,

I am tying to come up with an elegant way to process some input data that come from a form. When the user hits the 'Submit' button, i want the form to appear again with the already entered valid data filled in and prompt the user to re-enter the non-valid data. If all data is valid, i will forward to an other .php page which enters the data into a database.

I tried to do this in the following way: the form always hits back on
itself, but when all data is valid i use the PHP:header() to redirect to the data.php that performs the database insertion. The problem is that the data is not available to data.php in the $_POST variable. How can i overcome this problem? Any other subtle way to handle the whole thing? Any help
appreciated.

I would break the function a little differently.

1. Have a form (view) that is sensitive to $SESSSION. That is, it will
use the values in SESSION to populate any dynamic values to be displayed
in the form.
2. Have another process (controller) that:
a) processes $_POST or $_GET
b) if all is valid, does the insert/update and redirects to another
page (Your data has been saved.)
c) if all is not valid, populates the $SESSION with good values and
then redirects to the view form.

The whole thing is started by calling the controller. Since no data is
valid, it will redirect to the view.
The view then presents a form for filling in.
The user fills in the form and submits which then calls the controller.
The controller processes the form data and either updates/inserts it or
calls the view again.

If you encapsulate your database accesses into a class or set of classes
which are called from the controller, you will have a light-weight
implementation of a classic Model-View-Controller (MVC2) architecture.


Thank you for your quick answer, i am heading towards the implementation you
suggested. Just another minor question: can i add an array variable to
SESSION? How can this be done?


$my_array = array('one' => 1, 'two' => 2);
$_SESSION['my_array'] = $my_array;

or

$_SESSION['my_array'] = array('one' => 1, 'two' => 2);

-david-

Apr 30 '06 #5
stathis gotsis wrote:
Hello everyone,

I am tying to come up with an elegant way to process some input data that
come from a form. When the user hits the 'Submit' button, i want the form to
appear again with the already entered valid data filled in and prompt the
user to re-enter the non-valid data. If all data is valid, i will forward to
an other .php page which enters the data into a database.

I tried to do this in the following way: the form always hits back on
itself, but when all data is valid i use the PHP:header() to redirect to the
data.php that performs the database insertion. The problem is that the data
is not available to data.php in the $_POST variable. How can i overcome this
problem? Any other subtle way to handle the whole thing? Any help
appreciated.


Stathis,

I do things the same way you do - the page validates its own input and then uses
header() to move to the next page. But before the header() call, I store the
data in the $_SESSION variable.

I prefer validating the data in the same page that contains the data. It keeps
the code together and, IMHO, cleaner. Plus, if it isn't needed in the next
page, you don't even have to touch that page.

--
=============== ===
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attgl obal.net
=============== ===
Apr 30 '06 #6
Manuel Lemos wrote:
Hello,

on 04/30/2006 09:38 AM stathis gotsis said the following:
Hello everyone,

I am tying to come up with an elegant way to process some input data that
come from a form. When the user hits the 'Submit' button, i want the form to
appear again with the already entered valid data filled in and prompt the
user to re-enter the non-valid data. If all data is valid, i will forward to
an other .php page which enters the data into a database.

I tried to do this in the following way: the form always hits back on
itself, but when all data is valid i use the PHP:header() to redirect to the
data.php that performs the database insertion. The problem is that the data
is not available to data.php in the $_POST variable. How can i overcome this
problem? Any other subtle way to handle the whole thing? Any help
appreciated .

Nothing stops you from presenting the form and process it with the same
script.

You may want to take a look at this forms generation and validation
class that shows you how to do that. Additionally it generates your
forms with Javascript to validate the form also on the client site,
avoiding unnecessary server round trips just to tell the user the form
has invalid fields.

http://www.phpclasses.org/formsgeneration


And what happens if someone has javascript turned off?

NEVER rely on client side validation!

--
=============== ===
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attgl obal.net
=============== ===
Apr 30 '06 #7

Jerry Stuckle wrote (in part):
You may want to take a look at this forms generation and validation
class that shows you how to do that. Additionally it generates your
forms with Javascript to validate the form also on the client site,
avoiding unnecessary server round trips just to tell the user the form
has invalid fields.

http://www.phpclasses.org/formsgeneration


And what happens if someone has javascript turned off?

NEVER rely on client side validation!


Also, what happen if a hacker screen scraps your form and uses another
program to send information to your script directly to try to break it
or use it in ways you didn't think about.

Please go to the PHP Security Consortuim's web site <phpsec.org> and
read the different articles in both the "Articles" and "Library"
sections.

Ken

Apr 30 '06 #8
Jerry Stuckle:
Manuel Lemos wrote:
You may want to take a look at this forms generation and validation
class that shows you how to do that. Additionally it generates your
forms with Javascript to validate the form also on the client site,
avoiding unnecessary server round trips just to tell the user the form
has invalid fields.

http://www.phpclasses.org/formsgeneration
And what happens if someone has javascript turned off?


I would assume the brunt of Manuel's class is its server-side
checking. The javascript is, as he said, an *addition*, an addition
which, when javascript happens to be available, obviates the need for a
round trip to the server just to say some field data was unacceptable.
Sounds good to me.
NEVER rely on client side validation!


Fair enough, bears repeating.

--
Jock

Apr 30 '06 #9
Jerry Stuckle:
Manuel Lemos wrote:
You may want to take a look at this forms generation and validation
class that shows you how to do that. Additionally it generates your
forms with Javascript to validate the form also on the client site,
avoiding unnecessary server round trips just to tell the user the form
has invalid fields.

http://www.phpclasses.org/formsgeneration
And what happens if someone has javascript turned off?


I would assume the brunt of Manuel's class is its server-side
checking. The javascript is, as he said, an *addition*, an addition
which, when javascript happens to be available, obviates the need for a
round trip to the server just to say some field data was unacceptable.
Sounds good to me.
NEVER rely on client side validation!


Fair enough, bears repeating.

--
Jock

Apr 30 '06 #10

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

5
2890
by: The Plankmeister | last post by:
Hi... What's the best method of validating input characters? I would like to prevent users submitting exotic characters (such as those acquired on Windows Systems by pressing ALT+) and thought a way of doing this would be to compare the submitted strings with the array keys returned by get_html_translation_table(HTML_ENTITIES), but padding this array out with all the remaining normal keyboard characters. But... am I reinventing the...
3
14006
by: Mark | last post by:
Hi, Im trying to validate a form, all the validating works apart from one field. This particular field must consist of the first 2 characters as letters, & the following 5 as numbers. And if it dosent meet these requirments an error message will be displayed. I have pasted the code (and highlighted the relevant parts) below in the hope that someone can help me out with this. Ive been trying to suss it out all week & it's driving me nuts!...
0
1603
by: Bradley Bossard via DotNetMonster.com | last post by:
I am having an issue with the .NET framework (or C#) and validating events. I have implemented several validating event handlers for textboxes on a form. When I run the app, the form works correctly the first time, but if I input some data in the form and click another control to change focus, the validator fires, but if I continue to hit 'ESC' enough times, it eventually lets me out of the validating loop and moves focus to the other...
2
1346
by: Osmosis | last post by:
I have a form with several controls, which all have their validating and validated events in my code. However, if these controls don't get focus, these events don't get called. When my OK button is pressed, I need all the controls to be validated. How can I get this done ? Do I have to call the events individually for each control, and if so, how do I do this ?
0
2435
by: Gary Shell | last post by:
I am experiencing some strange behavior between a UserControl's validating event and a treeview control. Initially, I thought it was related to an issue in the Knowledgebase article 810852 (http://support.microsoft.com/kb/810852), but then I realized that the hotfix mentioned was in .Net v1.1, which I am using. I took the sample from that article and recreated the situation I see in my application. (Code included below.) If you run the...
9
5835
by: chuck | last post by:
I need some help with validating user input. I am writing a C computer program for an intro to C course. Here is the situation. I am creating an application that will do currency conversions. The user will be presented with a list of 5 selections they can make. They will then be prompted for which selection they want to enter (which can only be 1-5, no characters or anything like it). Once they select the number, 1 for Euro, 2 for...
4
2477
by: easoftware | last post by:
I am using VS .Net 2003 and VB. I have an app with one parent and two Mdi child forms. I need to validate data in the Mdi form. The Form.Validating event works when I try to close a Mdi form, but not when I try to switch form one Mdi form to the other. I tried to add code to MdiForm1's Deactivate event: Private Sub MidForm1_Deactivate(ByVal sender As Object, ByVal e As System.EventArgs) Handles MyBase.Deactivate Dim TempE As...
2
1486
by: MadMike42 | last post by:
This is really starting to annoy me, I've got a form, that has some input boxes, a example of the code is here:- <form action="admin_save_stock.asp" method="post" name="MyFormData"> <input name="Make" type="text" id="MenuText" value=<% response.write rsTable("Make") %size="50" maxlength="50"> <input name="DateBought" id="MenuText" type="text" value=<% response.write rsTable("DateBought") % size="10" maxlength="10"> </form>
0
8672
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
0
8600
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
0
9156
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
1
8892
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
0
7712
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
1
6518
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...
0
4614
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
2
2323
muto222
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
3
1998
bsmnconsultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.