By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
438,347 Members | 1,390 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 438,347 IT Pros & Developers. It's quick & easy.

form validation

P: n/a
Hello

I am a newbie to PHP. Please bear with me. I need to validate the
following fields using php.

1. email (needs to be just one e-mail address, and take out stuff like
bcc or anything that would be used for e-mail injection vulnerability)
2. Phone number (has to be in the format 555-5555)
3. Phone number area code (has to be limited to 3 characters)
4. Address has to be stripped of all illegal characters like slashes,
special characters etc

Another thing is I don't want people to be able to leave any of the
fields blank.

Where does the validation code go?

After this statement?

if($REQUEST_METHOD=="POST") or before?

I have tried a few things, but I am not sure what most people use, any
help would be appreciated.

Have a wonderful day

Diane

Feb 28 '07 #1
Share this Question
Share on Google+
7 Replies


P: n/a
Hi,

Here's one function to check an email address:

http://www.ilovejackdaniels.com/php/...ss-validation/

For phone, you could do:

if (!preg_match('/^[2-9]\d{2}-\d{4}$/', $email)) {
// Bad phone
}

For address, you could do:

$addr = preg_replace('#[^[[:print:]]]|[/\\\\]#', '', $addr);

You can check that each item is filled-in like so:

$errors = array();
if (trim($_POST['name']) == '') {
$errors[] = 'Name is missing.';
}
if (trim($_POST['addr']) == '') {
$errors[] = 'Address is missing.';
}
foreach ($errors as $err) {
echo "<span style=\"color: red;\">$err</span><br>";
}
On Feb 28, 10:57 am, "lepage.di...@gmail.com" <lepage.di...@gmail.com>
wrote:
Hello

I am a newbie to PHP. Please bear with me. I need to validate the
following fields using php.

1. email (needs to be just one e-mail address, and take out stuff like
bcc or anything that would be used for e-mail injection vulnerability)
2. Phone number (has to be in the format 555-5555)
3. Phone number area code (has to be limited to 3 characters)
4. Address has to be stripped of all illegal characters like slashes,
special characters etc

Another thing is I don't want people to be able to leave any of the
fields blank.

Where does the validation code go?

After this statement?

if($REQUEST_METHOD=="POST") or before?

I have tried a few things, but I am not sure what most people use, any
help would be appreciated.

Have a wonderful day

Diane

On Feb 28, 10:57 am, "lepage.di...@gmail.com" <lepage.di...@gmail.com>
wrote:
Hello

I am a newbie to PHP. Please bear with me. I need to validate the
following fields using php.

1. email (needs to be just one e-mail address, and take out stuff like
bcc or anything that would be used for e-mail injection vulnerability)
2. Phone number (has to be in the format 555-5555)
3. Phone number area code (has to be limited to 3 characters)
4. Address has to be stripped of all illegal characters like slashes,
special characters etc

Another thing is I don't want people to be able to leave any of the
fields blank.

Where does the validation code go?

After this statement?

if($REQUEST_METHOD=="POST") or before?

I have tried a few things, but I am not sure what most people use, any
help would be appreciated.

Have a wonderful day

Diane

Feb 28 '07 #2

P: n/a
..oO(petersprc)
>Here's one function to check an email address:

http://www.ilovejackdaniels.com/php/...ss-validation/
I still doubt that this will match all valid addresses. The RFC is way
too complex to be handled with a simple regular expression. Compare the
address from the site above with this one:

http://www.ex-parrot.com/~pdw/Mail-RFC822-Address.html

I would just check that there's an "@" char with something before it,
something after it and no line breaks. That's it. Just because a mail
address looks valid doesn't mean that it really exists, so why bother?
Just send out a mail and either it will reach its destination or not.

Micha
Feb 28 '07 #3

P: n/a
le**********@gmail.com formulated on keskiviikko :
Hello

I am a newbie to PHP. Please bear with me. I need to validate the
following fields using php.

1. email (needs to be just one e-mail address, and take out stuff like
bcc or anything that would be used for e-mail injection vulnerability)
2. Phone number (has to be in the format 555-5555)
3. Phone number area code (has to be limited to 3 characters)
4. Address has to be stripped of all illegal characters like slashes,
special characters etc

Another thing is I don't want people to be able to leave any of the
fields blank.

Where does the validation code go?

After this statement?

if($REQUEST_METHOD=="POST") or before?

I have tried a few things, but I am not sure what most people use, any
help would be appreciated.

Have a wonderful day

Diane
Hi, you should check these:
http://www.php.net/manual/en/ref.filter.php,
http://phpro.org/tutorials/Filtering-Data-with-PHP.html and
http://devzone.zend.com/node/view/id/1113.

-Lurius
Mar 1 '07 #4

P: n/a
On Mar 1, 2:40 pm, Lurius <romu.k...@elisanet.fiwrote:
lepage.di...@gmail.com formulated on keskiviikko :
Hello
I am a newbie to PHP. Please bear with me. I need to validate the
following fields using php.
1. email (needs to be just one e-mail address, and take out stuff like
bcc or anything that would be used for e-mail injection vulnerability)
2. Phone number (has to be in the format 555-5555)
3. Phone number area code (has to be limited to 3 characters)
4. Address has to be stripped of all illegal characters like slashes,
special characters etc
Another thing is I don't want people to be able to leave any of the
fields blank.
Where does the validation code go?
After this statement?
if($REQUEST_METHOD=="POST") or before?
I have tried a few things, but I am not sure what most people use, any
help would be appreciated.
Have a wonderful day
Diane

Hi, you should check these:http://www.php.net/manual/en/ref.fil...e/view/id/1113.

-Lurius
So much restriction as old thing now.
For address king of thing just check those invalid char that can harm
your system.

Mar 3 '07 #5

P: n/a
On Mar 1, 2:40 pm, Lurius <romu.k...@elisanet.fiwrote:
lepage.di...@gmail.com formulated on keskiviikko :
Hello
I am a newbie to PHP. Please bear with me. I need to validate the
following fields using php.
1. email (needs to be just one e-mail address, and take out stuff like
bcc or anything that would be used for e-mail injection vulnerability)
2. Phone number (has to be in the format 555-5555)
3. Phone number area code (has to be limited to 3 characters)
4. Address has to be stripped of all illegal characters like slashes,
special characters etc
Another thing is I don't want people to be able to leave any of the
fields blank.
Where does the validation code go?
After this statement?
if($REQUEST_METHOD=="POST") or before?
I have tried a few things, but I am not sure what most people use, any
help would be appreciated.
Have a wonderful day
Diane

Hi, you should check these:http://www.php.net/manual/en/ref.fil...e/view/id/1113.

-Lurius
So much restriction as old thing now.
For address kind of things just check those invalid chars that can
harm your system.

Mar 3 '07 #6

P: n/a
Lurius wrote:
le**********@gmail.com formulated on keskiviikko :
>Hello

I am a newbie to PHP. Please bear with me. I need to validate the
following fields using php.

1. email (needs to be just one e-mail address, and take out stuff like
bcc or anything that would be used for e-mail injection vulnerability)
2. Phone number (has to be in the format 555-5555)
3. Phone number area code (has to be limited to 3 characters)
4. Address has to be stripped of all illegal characters like slashes,
special characters etc

Another thing is I don't want people to be able to leave any of the
fields blank.

Where does the validation code go?

After this statement?

if($REQUEST_METHOD=="POST") or before?

I have tried a few things, but I am not sure what most people use, any
help would be appreciated.

Have a wonderful day

Diane

Hi, you should check these: http://www.php.net/manual/en/ref.filter.php,
http://phpro.org/tutorials/Filtering-Data-with-PHP.html and
http://devzone.zend.com/node/view/id/1113.

-Lurius

Don't bother. While the idea is good, this is one of the worst
interfaces ever added to PhP.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================
Mar 3 '07 #7

P: n/a
Hello,

on 02/28/2007 12:57 PM le**********@gmail.com said the following:
Hello

I am a newbie to PHP. Please bear with me. I need to validate the
following fields using php.

1. email (needs to be just one e-mail address, and take out stuff like
bcc or anything that would be used for e-mail injection vulnerability)
2. Phone number (has to be in the format 555-5555)
3. Phone number area code (has to be limited to 3 characters)
4. Address has to be stripped of all illegal characters like slashes,
special characters etc

Another thing is I don't want people to be able to leave any of the
fields blank.

Where does the validation code go?

After this statement?

if($REQUEST_METHOD=="POST") or before?

I have tried a few things, but I am not sure what most people use, any
help would be appreciated.
Take a look at this forms generation and validation. It does all that
you ask without need to learn special javascript:

http://www.phpclasses.org/formsgeneration

Here is a generic example in action:

http://www.meta-language.net/forms-examples.html
--

Regards,
Manuel Lemos

Metastorage - Data object relational mapping layer generator
http://www.metastorage.net/

PHP Classes - Free ready to use OOP components written in PHP
http://www.phpclasses.org/
Mar 4 '07 #8

This discussion thread is closed

Replies have been disabled for this discussion.