Now that we have seen some basic form validation routines, let's put them all together and examine how to use them. We will create a basic HTML form and use the different functions we have just examined to validate each field. If a field does not validate properly, the original form will be displayed again with the incorrect field highlighted in red. This is a common technique used in web applications and one you should find valuable to learn.
Validation Script
The first thing we will do in the script is to check if the form has been submitted. If it has, we will validate each piece of data. We will store, in a boolean variable, whether or not the test was successful. We will then be able to use these boolean variables to determine whether the entire form was filled in correctly. If the form was not properly completed, we will then use the boolean variables to determine which form element was incorrectly entered and highlight that element in red.
The display to the browser is controlled by the if statement at the top of the script. If all the validations evaluate TRUE, we simply inform the user that the form was filled in correctly and stop execution of the script. It is at this point that we would normally insert this information into a database, email the user for further confirmation, or perform a variety of other actions. If, however, any one of the validations evaluate FALSE, we redisplay the form with the incorrect entry highlighted in red.
Now that we have a basic understanding of how the script will work, let's look at it.
<?php /* validation.php */
require_once ('functions.php');
$valid = TRUE;
if (isset ($_POST['submit'])) { foreach($_POST as $key=>$value) { $$key = $value; }
$valid = $fn = checkLength($fname, 1, 30); $ln = checkLength($lname, 1, 30); $valid = $valid && $ln; $em = checkEmail($email); $valid = $valid && $em; $ps = checkPassword($password); $valid = $valid && $ps; $ps2 = $password == $password2; $valid = $valid && $ps2; $hp = checkURL($homepage); $valid = $valid && $hp; $zp = checkMailCode($zipcode, 'US'); $valid = $valid && $zp; if ($valid) { echo "Form filled successfully!"; exit; } } else { $fn = $ln = $em = $ps = $ps2 = $hp = $zp = TRUE; $fname = $lname = $email = $zipcode = $homepage = ''; } ?> <h1>Sample Registration Form</h1> <?php if (!$valid) { ?> <style type="text/css"> td.error {color:C03; font-weight:bold; } </style> Please correct the items in red and resubmit.<br /><br /> <?php } ?> <form method="POST" action="validation.php"> <table border="0"> <tr> <td colspan="2">Please fill out the form for registration.<br /><br /> Passwords should be a minimum of 8 characters.<br /> They should be composed of numbers and letters with a number<br /> somewhere in the middle. You should also avoid using the same<br /> character repeatedly.<br /><br /> Your homepage should begin with <b>http://</b><br /><br /></td> </tr> <tr> <td align="right"<?php if(!$fn) echo 'class="error"'; ?>> First Name: </td> <td> <input type="text" name="fname" size="30" value="<?= $fname ?>"> </td> </tr> <tr> <td align="right"<?php if(!$ln) echo 'class="error"'; ?>> Last Name: </td> <td> <input type="text" name="lname" size="30" value="<?= $lname ?>"> </td> </tr> <tr> <td align="right"<?php if(!$em) echo 'class="error"'; ?>> Email Address: </td> <td> <input type="text" name="email" size="20" value="<?= $email ?>"> </td> </tr> <tr> <td align="right"<?php if(!($ps && $ps2)) echo 'class="error"'; ?>> Password: </td> <td> <input type="password" name="password" size="10"> </td> </tr> <tr> <td align="right"<?php if(!($ps && $ps2)) echo 'class="error"'; ?>> Password Again: </td> <td> <input type="password" NAME="password2" SIZE="10"> </td> </tr> <tr> <td align="right"<?php if(!$zp) echo 'class="error"'; ?>> Zip Code: </td> <td> <input type="text" name="zipcode" size="10" value="<?= $zipcode ?>"> </td> </tr> <tr> <td align="right"<?php if(!$hp) echo 'class="error"'; ?>> Home Page: </td> <td> <input type="text" name="homepage" size="40" value="<?= $homepage ?>"> </td> </tr> <tr> <td align="right">&nbsp;</td> <td> <input type="SUBMIT" name="submit" value="Submit"> </td> </tr> </table> </form>
You will notice that the functions we built earlier are not within this script. We placed all of those functions into a file of their own in order to keep the validation script easier to read. Another great reason for having the functions within their own file is that you can include that file in any project you are working on to reuse the functions. In order for the scripts above to work, you should place all the functions presented earlier into a script called functions.php.
/ 7 