Jump to content

How do you check for NULL fields in registration pages?

diode

By diode
in PHP Coding Help

Recommended Posts

diode Member

diode

Posted
Posted
Hello and how are you?

I have searched the phpfaq and other places, and seem to remain confused. What I am trying to do is create a simple registration page for a small message board. Currently, I am using the html <form> tags. But I don't know how to check for NULL fields such as password, account name, etc. if I use a form, because there aren't any variables in there. The closest thing to variables that I can see is the name:

<input type="text" name="firstname" />

And with this, I am not sure how to do an if-then-else, since 'firstname' doesn't begin with '$'.

Basically, if someone forgets to fill out a field, I want my webpage to prompt them telling them that they left out a field, and to fill it in, and when all fields are completed, the page goes on to the verification page to make sure their information is correct.

Please excuse my catastrophic ignorance.

Thanks :),
diode
realjumper Regular Member

realjumper

Posted
Posted
You *could* do server side (with php) if you want, but then it is one more action that the server must perform. There is nothing wrong with doing that, but to save the extra work on the server side, why not do it on the client side with javascript? http://developer.apple.com/internet/webcontent/validation.html
roopurt18 Advanced Member

roopurt18

Posted
Posted
You should never, ever, not in a million years, rely on javascript as your [i]only[/i] form validation enforcement.

Why?  Because it can be turned off by the user.  If you only use javascript to validate your forms, any malicious user can just turn off javascript and submit any old data they want to.

You must always, forever, and every single time, validate form data on the server.  It is much more difficult for a malicious user to bypass this sort of form validation than just changing a browser setting.

You can use javascript validation as a convenience feature to prevent your user from having to submit the form and wait for the server to validate it to fix a field, however.

As for your specific problem, use the [b]method="post"[/b] when creating your HTML form and in the validation routine check the values in $_POST.  If you have a form text field named "username", it will show up in $_POST['username'].  You can do something like this:

[code]
if(isset($_POST['username']) && strlen(trim($_POST['username']))){
  // A user name was entered!
}else{
  // You must enter a user name!
}
[/code]
realjumper Regular Member

realjumper

Posted
Posted
Sorry roopurt, I don't agree...in this instance. The OP isn't protecting Fort Knox with his application. Any mesage board as the OP is developing is going to get hit with all sorts of troll type users irrespective of the validation method employed, and it will be up to a moderator to manually sort that out. I user server side validation where necessary, but (imo) it isn't warrented in this case and is just a waste of server resources....for the other 999,999 years you may have a point!!

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.