I am struggling in trying to find a solution for the above problem. I have a simple html form and have some php code set up to validate the user input. Below is an example of how i am validating one particular field:
So for that field if the user fails to enter anything or if they include anything other than Lower/Uppercase letters, numbers and a space then the script returns false and brings up the error.
Now i am trying to set up some fields where by the user must match their input with an exact string that i will set for it to correctly validate otherwise it will flag an error.
So for example on ‘field 2’ - the user must enter the input of ‘red’ or ‘blue’ or ‘green’ or ‘pink’. Anything other than either 1 of these will not be passed.
Now i know instantly from that it would seem i should just use the ‘select name’ and ‘option’ values for my html to just have those 4 options in a drop down list to select but it needs to be a typed user input not selected from a list.
Am i able to add exact terms into the above validation example or do i need to use a different technique? I have a feeling that it might be best to use MySql with this in the form of a database but i unfortunately have no knowledge of this language at present…
Just because you added the html for them to pick from does not mean someone will change your values and send you some spoof data to give you problems.
Dan showed you how to create something often termed a “white-list”, the value only passes the test if it checks positive against something in the list.
As for the length of the variable being less that 1, you might want to carefully check [fphp]isset/fphp and [fphp]empty/fphp in the manual, and only evoke your function if the variable is set at all.
This checklist should help open your eyes to some of the issues involved.
Thank you for the further replies, i have included the trim() function and Cups thanks for the checklist, i am still very new at learning all this so references like this are a big help.