Jump to content


Photo

Auto Filling Form


  • Please log in to reply
52 replies to this topic

#41 Love2c0de

Love2c0de

    Advanced Member

  • Members
  • PipPipPip
  • 366 posts
  • LocationThe Pleiades
  • Age:23

Posted 26 November 2012 - 07:41 AM

Thanks very much for your reply. I've gotta get ready for college (first day w00p w00p) so I don't really have time to play about with it but should be on after 9pm gmt+00 so i'll try to implement it then.

Regards,

AoTB>

#42 Love2c0de

Love2c0de

    Advanced Member

  • Members
  • PipPipPip
  • 366 posts
  • LocationThe Pleiades
  • Age:23

Posted 26 November 2012 - 05:41 PM

It still didn't work bud. The last code I posted worked when I used the preg_replace() with the preg_match() so I will stick with that I think. Seems to work ok when I use the preg_replace().

I'm also having trouble with the name validation. Could you tell me exactly how that regExp works please?


//VALIDATE NAME

//trim the value to compensate for the possibility the user entered nothing but whitespace characters.
$_POST['name'] = trim($_POST['name']);

$length = strlen($_POST['name']);

$nameRegExp = '/^[a-zA-Z\\pL][\\w\\pL \\.\\-]'.$length.'\\z/u';

if(preg_match($nameRegExp,$_POST['name']) != 1){
$errors[] = "You did not enter a valid name.";
}

When I say it's not working, I mean it is allowing characters such as { and } into my DB. Should I just let them be entered or strip em out? I'm just cautious of people spoofing the form and entering '{}{}{}{}{}{}{}' for example.

Kind regards,

AoTB.

Edited by AoTBuNgLe, 26 November 2012 - 05:42 PM.


#43 Christian F.

Christian F.

    Advanced Member

  • Staff Alumni
  • 3,106 posts
  • LocationNorway

Posted 26 November 2012 - 09:06 PM

That code shouldn't validate anything, as the length variable doesn't contain a valid RegExp quantifier. I had intended for the Length parameter to contain either "+" or "{0,#}", where # is the maximum length accepted.
You might want to follow the link I posted above, and read up on RegExps. Should help you avoid these kind of problems later on. ;)

So why it's allowing anything in the database at all must mean that there's a logic problem somewhere in your code. I just did a test to prove the RegExp is indeed working as intended:
php > $length = '{0,20}';
php > $nameRegExp = '/^[a-zA-Z\\pL][\\w\\pL \\.\\-]'.$length.'\\z/u';
php > $name = array ("Christian", "Andre-3000", "Invalid{}");
php > foreach ($name as $test) {
    var_dump (preg_match ($nameRegExp, $test));
}
int(1)
int(1)
int(0)

When it comes to the code that does the testing, I recommend that you take a look at the phone validation example I posted on the previous page. Notice how I only use of line for the testing, only one test to determine whether or not the input is considered legit. You should do that for all validation in the same manner, without affecting the input at all.

As for those invalid characters: You shouldn't do any of those two choices. You should refuse to accept any input containing invalid data, and then show a message to the user explaining why the input was rejected. In fact, in my opinion you shouldn't even be trimming data before saving it, as it can significantly alter the user's experience.
Keeping it simple.

#44 Love2c0de

Love2c0de

    Advanced Member

  • Members
  • PipPipPip
  • 366 posts
  • LocationThe Pleiades
  • Age:23

Posted 27 November 2012 - 06:56 PM

So basically the point is, if the data is not what you are looking for, don't delete any characters from their input but still send them back to the form to correct it, auto filling with their exact value?

Also, when defining the length for myself, should I be using '{0, maxlength value defined in form?}'?

PS-Thanks for that site, it will prove very useful I'm sure.

Kind regards,

AoTB.

Edited by AoTBuNgLe, 27 November 2012 - 06:59 PM.


#45 Love2c0de

Love2c0de

    Advanced Member

  • Members
  • PipPipPip
  • 366 posts
  • LocationThe Pleiades
  • Age:23

Posted 27 November 2012 - 07:26 PM

Does the \\pL part of the reg exp have something to do with matching the different characters like the áéíóú ones?

Regards,

AoTB>

#46 Christian F.

Christian F.

    Advanced Member

  • Staff Alumni
  • 3,106 posts
  • LocationNorway

Posted 28 November 2012 - 01:10 AM

So basically the point is, if the data is not what you are looking for, don't delete any characters from their input but still send them back to the form to correct it, auto filling with their exact value?

Exactly!
Only don't send them back to the form, but just show the form again. Minor detail it might seem, but the difference is a header ("Location: ..") call, and a lot of code to handle said redirect. :P

Also, when defining the length for myself, should I be using '{0, maxlength value defined in form?}'?

Yes, this is to ensure that their input isn't cut off by the SQL storage engine (or have it return an error). In the former case it can create a lot of problems when trying to log in, effectively making their account inaccessible; And in the latter they wouldn't have the faintest idea why your site seems to be broken.

PS-Thanks for that site, it will prove very useful I'm sure.

You're very welcome, and it is immensely useful. That's what I used when properly learning RegExps. :)

Does the \\pL part of the reg exp have something to do with matching the different characters like the áéíóú ones?

Yes, as specified in the PHP manual. In the Unicode character properties, under PCRE.

Edited by Christian F., 28 November 2012 - 01:11 AM.

Keeping it simple.

#47 Love2c0de

Love2c0de

    Advanced Member

  • Members
  • PipPipPip
  • 366 posts
  • LocationThe Pleiades
  • Age:23

Posted 28 November 2012 - 05:47 PM

Thanks very much for confirming that. I am not going mad.

I have been sitting here for about 2 hours reading up on regexp and the one I am dealing with, trying to work it out...I think i've figured out the first character set

Here is my attempt:

The caret used outside of an opening square bracket means we want to match characters specified in the character class. These are from a-z and A-Z. Using 2 backslashes means we want to escape its special use and use the literal? That literal backslash used with pL matches any of the unicode characters followed by any literal character?

Let me know!

Regards,

AoTB.

Edited by AoTBuNgLe, 28 November 2012 - 05:48 PM.


#48 Christian F.

Christian F.

    Advanced Member

  • Staff Alumni
  • 3,106 posts
  • LocationNorway

Posted 28 November 2012 - 05:57 PM

Let's do a quick run down of what the RegExp does:
/            # Opening delimiter, to mark the start of the RegExp.
^            # Binds the RegExp to the start of the string.
[a-zA-Z\\pL]        # First character must be one of the characters in this group (printable letter).
            # No quantifiers, so only 1 character is matched
[\\w\\pL \\.\\-]    # Second character group allows for any printable character, numbers, underscores,
            # periods and dashes.
{0,20}            # Repeated from 0 up to 20 times, inclusive.
\\z            # Ties the RegExp to the end of the string, disallowing any trailing newline characters.
/            # Closing delimiter, to mark the end of the RegExp.
u            # Unicode modifier, to enable the unicode (\p#) control sequences.

Also note that this allows the name to be up to 21 characters long, and since it allows for unicode letters the string can use up to 3 or 4 bytes per character. Not normally something you have to worry too much about, but nice to keep in mind still.

Edited by Christian F., 28 November 2012 - 06:10 PM.

Keeping it simple.

#49 Love2c0de

Love2c0de

    Advanced Member

  • Members
  • PipPipPip
  • 366 posts
  • LocationThe Pleiades
  • Age:23

Posted 29 November 2012 - 03:06 AM

Thanks a lot for that explanation, I was way off! aha.

I was doing some tests with the 'test' code you gave me and changed the first array element to read "d'angelo" and it didn't return 1. What I did was added this - \' to the second character class like this: [\\w\\pL \'\\.\\-] and var_dump() then returned int(1)


So, searching {0,20} means search 21 times, {0,36} would mean search 37 times? 0 is also counted as being the first similar to array indexes?

Cheers again for explaining that.

Regards

AoTB.

Edited by AoTBuNgLe, 29 November 2012 - 03:07 AM.


#50 Love2c0de

Love2c0de

    Advanced Member

  • Members
  • PipPipPip
  • 366 posts
  • LocationThe Pleiades
  • Age:23

Posted 29 November 2012 - 06:49 AM

Won't let me edit for some reason, I can get my head around everything pretty much except the \pL part.

Does the p hold a 'collection' of these special characters and the L means check for a match of one of those letters?

Regards,

AoTB.

#51 Love2c0de

Love2c0de

    Advanced Member

  • Members
  • PipPipPip
  • 366 posts
  • LocationThe Pleiades
  • Age:23

Posted 29 November 2012 - 08:50 AM

also, when I change your 'test' array values for instance, 'Christian' to 'Chrístian', it returns boolean false.

I thought it was supposed to allow that character ?

Regards,

AoTB.

#52 Christian F.

Christian F.

    Advanced Member

  • Staff Alumni
  • 3,106 posts
  • LocationNorway

Posted 29 November 2012 - 05:54 PM

The {0,20} means that it'll accept 0 to 20 repetitions of the pattern/character, but sine we're matching one character prior to this the total will be 1 through 21 characters in length.

As for the Unicode letter class (\p#), it's explained in detail in the PHP manual.

Good catch in the apostrophe though, I'll have to remember to update my own code with that one.
Keeping it simple.

#53 Love2c0de

Love2c0de

    Advanced Member

  • Members
  • PipPipPip
  • 366 posts
  • LocationThe Pleiades
  • Age:23

Posted 29 November 2012 - 08:52 PM

Yup I think I definitely have some studying to do!

Thanks for all the help.

Much appreciated.

Kind regards,

AoTB.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Cheap Linux VPS from $5
SSD Storage, 30 day Guarantee
1 TB of BW, 100% Network Uptime

AlphaBit.com