SitePoint Sponsor

User Tag List

Results 1 to 7 of 7

Thread: Form validation

  1. #1
    SitePoint Addict
    Join Date
    Aug 2007
    Posts
    318
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Question Form validation

    Below is the extract of a validation script

    If no title is typed then it gives the desired message "fill your title properly." but for content validation even if no content is submitted it does not echo the message but continues to the next part of the script

    PHP Code:
    //validation for next field

              
    if(isset($_POST['title']))//title field is set
                  
    {
                   
    $n $_POST['title'];
                   if (
    strlen($n) > && strlen($n) < 61//valid and sql friendly name now in $name
                     
    {
        
    $title trim(mysql_real_escape_string($_POST['title']));
                           }
                   else {
                     
    // $n is not valid
                         
    echo "fill your title properly.";
    $fault++;
                    exit;
                        }
                       }     
                else {
                    
    //name not set
                   
    echo "you left the title field blank.";
    $fault++;    
                exit;
                     }     

    //validation for next field
              
    if(isset($_POST['content']))//content  field is set
                  
    {
                       
    $content trim(mysql_real_escape_string($_POST['content']));

                       }     
                else {
                    
    //name not set
                   
    echo "left the content field blank.";
    $fault++;
                    exit;
                     } 

  2. #2
    SitePoint Zealot
    Join Date
    Aug 2006
    Location
    Newcastle, England
    Posts
    142
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi,

    isset() checks if the variable exists so if you've declared it before your script this will always be true.

    If you leave the title field blank it should echo the "you left the title field blank." message and not the other one.

    The problem with the content validation is isset() - it will always return true if the variable exists (which it does because your passing it in the ofrm).

    Use

    Code PHP:
    if(strlen($_POST["content"]) > 0)

    instead of

    Code PHP:
    if(isset($_POST['content']))

    This runs runs a condition that checks for sting length (true if has at least 1 character)

  3. #3
    dooby dooby doo silver trophybronze trophy
    spikeZ's Avatar
    Join Date
    Aug 2004
    Location
    Manchester UK
    Posts
    13,788
    Mentioned
    151 Post(s)
    Tagged
    3 Thread(s)
    also look at empty() as an alternative or addition to thejackal's suggestion.
    (you can never have too much validation )
    Mike Swiffin - Community Team Advisor
    Only a woman can read between the lines of a one word answer.....

  4. #4
    SitePoint Addict
    Join Date
    Aug 2007
    Posts
    318
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by thejackel View Post
    Hi,

    isset() checks if the variable exists so if you've declared it before your script this will always be true.

    If you leave the title field blank it should echo the "you left the title field blank." message and not the other one.

    The problem with the content validation is isset() - it will always return true if the variable exists (which it does because your passing it in the ofrm).

    Use

    Code PHP:
    if(strlen($_POST["content"]) > 0)

    instead of

    Code PHP:
    if(isset($_POST['content']))

    This runs runs a condition that checks for sting length (true if has at least 1 character)
    You converted $_POST['content'] into $_POST["content"] . Was that double quotes put explicitly or by mistake what is the difference if i use single quotes

  5. #5
    play of mind Ernie1's Avatar
    Join Date
    Sep 2005
    Posts
    1,252
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    strlen is better
    my mobile portal
    ghiris.ro

  6. #6
    play of mind Ernie1's Avatar
    Join Date
    Sep 2005
    Posts
    1,252
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by krishnakhanna View Post
    You converted $_POST['content'] into $_POST["content"] . Was that double quotes put explicitly or by mistake what is the difference if i use single quotes
    http://www.php.net/types.string
    my mobile portal
    ghiris.ro

  7. #7
    SitePoint Zealot
    Join Date
    Aug 2006
    Location
    Newcastle, England
    Posts
    142
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    No reason, just because I copied it from another file and changed the var name.

    Have a look at Ernies link for details.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •