Jump to content

Form action validation

meltingpoint

By meltingpoint
in PHP Coding Help

 Share

Recommended Posts

meltingpoint Member

meltingpoint

Posted
Posted

Form has combo box that lets users pick - Delete or Edit with corresponding values of delete and edit sent via $_POST.

 

I want to validate that either one or the other has been picked.  Doing this will keep from someone trying to inject some other crud.  So I tried ;

 

<?php
if($action !== 'delete' || 'edit'){ echo "ERROR- you must choose an appropriate form Action.  Please try again.";}
?>

It does not seem to work.  Before I go on, is my syntax / coding correct?

 

If I do it like below- it works.

<?php
if($action !== 'delete' or $action !== 'edit'){ echo "ERROR- you must choose an appropriate form Action.  Please try again.";}
?>

Just trying to figure out the proper coding method.

 

Tks

Link to comment
Share on other sites
Psycho Prolific Member

Psycho

Posted
Posted

Hmm, the first one doesn't work and the second one does. I wonder which one is correct?

 

When using and AND or OR, the parts on each side of that clause are interpreted individually. So, in this case:

if($action !== 'delete' || 'edit')

 

It is saying if [$action !== 'delete' ] is true OR if ['edit'] is true. It doesn't know you wanted to compare 'edit' to $action. Each clause of the condition stands on it's own. In this case (with only two options), a more simple approach would be to simply check for one value and if not that value then choose the other. I would default to the edit.

$action = (isset($_POST['action']) && $_POST['action']=='delete') ? 'delete' : 'edit';

 

Or, to make your code easier to read you could use in_array() which is also useful wehn you have more than two values

if(!in_array($action, array('edit', 'delete')))
{
    echo "ERROR- you must choose an appropriate form Action.  Please try again."
}

Link to comment
Share on other sites
meltingpoint Member

meltingpoint

Posted
  • Author
Posted

Hey- nice idea with the array.  So......should work...

<?php
$action = $_POST['action'];

if(!in_array($action, array('edit', 'delete')))
{
echo "ERROR- you must choose an appropriate form Action.  Please try again";
}
?>

 

I did not know that you could use in_array() in that way. 

Excellent!  I will try it and see if it works.

 

Thanks

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.