[SOLVED] £Â£ Problem with validation?

[mattyvx]

Hi all,

 

I have a form which will take a currency value from the user. The form data once captured and filtered is inserted into a table in my database.

 

What i want to do is;

 

In the $price field (POSTed from form) ensure that the first character is a '£' sign. If not, add one to the string. I've tried:

 

$price = ($_POST['Price']); 
if ($price{0} == £){$price = $price;}
else{$price = "£$price";}

 

when the data is inserted into my database I get the following;

 

CASE 1. If the string price was entered as '15' i get the desired outcome of '£15'

CASE 2. If the string was entered correctly as £15 i get '£Â£15'

 

Looks like an encoding issue?! Any thoughts.

 

 

[cags]

Yes, it's an encoding issue. The £ sign is a 2 byte character. As recently as yesterday there was a post by somebody saying they were getting the 2 characters instead of £, this was because of the encoding of the page. In your case your comparison is not working correctly causing you to add an extra character when it is not required.

 

Unfortunately despite knowing this I don't know enough to give you a true solution. Changing the character encoding of the script may work. This might work as an alternative, but certainly wouldn't be the only way...

 

$val = preg_replace("#^£?([\d.])$#", "£$1", $_POST['Price']);

[JonnoTheDev]

You should not store the currency symbol in your database price field. Only the numeric value in a decimal data type. If you require multiple currencies use an ISO code in another field i.e GBP, USD, EUR and marry up to currency symbols within the application.

 

When displaying the price add the correct currency symbol. The HTML for:

£ is £

€ is €

$ is $

 

However when storing UTF characters in a mysql table you must set the encoding. This can be done easily by running the following query when connecting to your database:

"SET NAMES UTF8"

[cags]

You should not store the currency symbol in your database price field. Only the numeric value in a decimal data type. If you require multiple currencies use an ISO code in another field i.e GBP, USD, EUR and marry up to currency symbols within the application.

 

When displaying the price add the correct currency symbol. The HTML for:

£ is £

€ is €

$ is $

 

However when storing UTF characters in a mysql table you must set the encoding. This can be done easily by running the following query when connecting to your database:

"SET NAMES UTF8"

 

Whilst everything you said there is true, it none-the-less doesn't fix the problem of the check for $price{0} == "£" failing (which it obviously is), since the OP would need to check if it's there to remove it. I guess in the case of not storing it in the value the obvious answer would be to use trim to remove the character.

[JonnoTheDev]

Whilst everything you said there is true, it none-the-less doesn't fix the problem of the check for $price{0} == "£" failing (which it obviously is), since the OP would need to check if it's there to remove it. I guess in the case of not storing it in the value the obvious answer would be to use trim to remove the character.

 

PHP has no native support for UTF-8 character sets (think PHP6 will). This is why the code is of a bad design.

[mattyvx]

ok taking this further then, the information from the SQLtable is outputted in a html table on site.

 

From your comments to fix this problem I should strip these characters from the inputted POST_ string and save only an integer to my SQL table. i.e. 15

 

Then change the output of the HTML table code to something like;

 

$price = "£$price";
echo "\n<td>$price</td>";

 

Haven't got time to check this now, i'll do it later. Am I barking up the right tree?

 

[JonnoTheDev]

Yes however

save only an integer to my SQL table

Decimal. If the price is 5.50 this is not an integer!

From your comments to fix this problem I should strip these characters from the inputted POST_ string

You should not even allow the use to put a currency symbol in the price field. It should only be a number!

You can validate this by using the following function. i.e.

<?php if(!is_numeric($_POST['price'])) {
echo "Invalid Price";
exit();
} ?>

Just print the currency symbol next to the input field or if they can add a price in a different currency use radio buttons or a select list for the user to select their preferred currency.

[mattyvx]

Thanks, this works a treat.

 

Oh another thing, I currently have the form validation in a seperate script which first validates the data, inserts it into my database then sends confirmation emails to both parties.

 

The trouble with doing this is that any error messages are echoed in a new page. I'm thinking that if the error messages were presented on the form itself it would make a more streamlined approach.

 

Whats the best way to achieve this? Would i need to sumbit the form to itself?

[cags]

That's how I'd do it. Then as your validating each item, add any errors into an associative error array eg. $errors['username'] = "Too short"; that way next to username you can use if(isset($errors['username'])) { echo $errors['username']; } that way you get your error messages next to the appropriate input.

[mattyvx]

ok, i'll have a go a doing this before i ask anymore.

 

Expect to see a topic tomorrow if I get stuck 

 

Thanks - SOLVED!