Validation with CType

What happens when you take you eye off the ball? The CType extension becomes a default part of PHP!

Have to confess I’ve never touched them until recently and was stuck in a “validation = regular expressions” mindset. What puzzles me is I haven’t seen anyone else using them either – most libraries doing some validation, including QuickForm and Validate all use regular expressions. Anyone know why? It’s not hard to use them but fall back to regular expressions for older PHP versions.

The CType functions are wrappers for ctype.h, a standard part of C, so are, effectively, very well tested.

The point is, for validating certain basic types of data, they do a better job than regular expressions, being both faster and supporting international character sets. The also make your code more “declarative” in nature – it’s pretty clear what ctype_digit() does while ‘/(^-?dd*.d*$)|(^-?dd*$)|(^-?.dd*$)/’ is less obvious.

For example say you have a field in your form for “First Name”. Using regular expressions, you’d probably validate it something like;


if ( !preg_match('/^[a-zA-Z]*$/', $first_name) ) {
die ('Alpha characters only please!');
}

Now that’s fine if your name is Joe but what if your name is H