Jump to content

Req: Check input and deny

jokerfool

By jokerfool
in PHP Coding Help

 Share

Recommended Posts

jokerfool Member

jokerfool

Posted
Posted

In the form below how do I alter the code so when someone types something into the email that is clearly not recognized an an email address it either asks the customer to recheck or fails

<tr>
					  <td align="right"><?php echo $LANG['index_email_add']; ?> </td>
					  <td>:</td>
					  <td align="left">	<input name="email" type="text" id="email" required></td>
					</tr>
                              
					<tr>
					  <td align="right"><?php echo $LANG['index_pass'] ; ?></td>
					  <td>:</td>
					  <td align="left"><input name="password" type="password" required id="password"></td>
					</tr>
					<tr>
					  <td align="right"><?php echo $LANG['postcode'] ; ?> </td>
					  <td>:</td>
					  <td align="left"><input class="input"   id="geocomplete" type="text" placeholder="<?php echo $LANG['index_location']; ?>" name="address" required>
				      <input name="action" type="hidden" id="action" value="joinNow" /></td>
					</tr>

The problem I have is that any data can be added to the 3 fields and by anything even using !@#$%^&*():"{}';<>.,

 

How do I prevent those special characters from being used.

 

When it asks for email I can enter ;

 

When it asks for password I can enter '

 

and last PostCode I can enter: ]

 

How to prevent this from happening?

 

Thanks

Link to comment
https://forums.phpfreaks.com/topic/292229-req-check-input-and-deny/
Share on other sites
Alex_ Newbie

Alex_

Posted
Posted

I disagree with no validation logic in the form. Helping the user on the fly with credentials/data needed to be placed in the fields is a big plus in most applications.

 

However, you won't be able to do this with PHP. You'd need to use, for instance, Javascript. (For on-the-fly validation, like I'm assuming based on your post is what you wanted, upon entering an Email address)

 

In addition, like Psycho already mentioned, you should also have a validation on the script that actually process the data, for obvious reasons.

Psycho Prolific Member

Psycho

Posted
Posted

I disagree with no validation logic in the form. Helping the user on the fly with credentials/data needed to be placed in the fields is a big plus in most applications.

 

1. No, you should NOT add validation logic "in the form". You can add Client-Side validation logic via JavaScript, but it should not be written "in the form". It should be written as separate JS functions that are called when there is a change event detected for the fields.

 

2. Client-Side validation logic is never, ever a substitute for Server-Side validation logic. Client-Side logic should only be added to compliment the logic that would be in place on the server. Client-Side logic can always be circumvented and can never be counted on to prevent erroneous or malicious input.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.