jokerfool Posted November 2, 2014 Share Posted November 2, 2014 In the form below how do I alter the code so when someone types something into the email that is clearly not recognized an an email address it either asks the customer to recheck or fails <tr> <td align="right"><?php echo $LANG['index_email_add']; ?> </td> <td>:</td> <td align="left"> <input name="email" type="text" id="email" required></td> </tr> <tr> <td align="right"><?php echo $LANG['index_pass'] ; ?></td> <td>:</td> <td align="left"><input name="password" type="password" required id="password"></td> </tr> <tr> <td align="right"><?php echo $LANG['postcode'] ; ?> </td> <td>:</td> <td align="left"><input class="input" id="geocomplete" type="text" placeholder="<?php echo $LANG['index_location']; ?>" name="address" required> <input name="action" type="hidden" id="action" value="joinNow" /></td> </tr> The problem I have is that any data can be added to the 3 fields and by anything even using !@#$%^&*():"{}';<>., How do I prevent those special characters from being used. When it asks for email I can enter ; When it asks for password I can enter ' and last PostCode I can enter: ] How to prevent this from happening? Thanks Link to comment https://forums.phpfreaks.com/topic/292229-req-check-input-and-deny/ Share on other sites More sharing options...
Psycho Posted November 2, 2014 Share Posted November 2, 2014 That is the input form. That is not where you would add any validation logic. You would add the validation logic to the page that processes the form input. Where is that code and what have you tried so far? Link to comment https://forums.phpfreaks.com/topic/292229-req-check-input-and-deny/#findComment-1495536 Share on other sites More sharing options...
Alex_ Posted November 2, 2014 Share Posted November 2, 2014 I disagree with no validation logic in the form. Helping the user on the fly with credentials/data needed to be placed in the fields is a big plus in most applications. However, you won't be able to do this with PHP. You'd need to use, for instance, Javascript. (For on-the-fly validation, like I'm assuming based on your post is what you wanted, upon entering an Email address) In addition, like Psycho already mentioned, you should also have a validation on the script that actually process the data, for obvious reasons. Link to comment https://forums.phpfreaks.com/topic/292229-req-check-input-and-deny/#findComment-1495539 Share on other sites More sharing options...
jokerfool Posted November 3, 2014 Author Share Posted November 3, 2014 I've gone back to the code and am reposting the entire project back on freelancer.com to get some assistance and get this whole project running. Thanks for the help. Link to comment https://forums.phpfreaks.com/topic/292229-req-check-input-and-deny/#findComment-1495601 Share on other sites More sharing options...
Psycho Posted November 3, 2014 Share Posted November 3, 2014 I disagree with no validation logic in the form. Helping the user on the fly with credentials/data needed to be placed in the fields is a big plus in most applications. 1. No, you should NOT add validation logic "in the form". You can add Client-Side validation logic via JavaScript, but it should not be written "in the form". It should be written as separate JS functions that are called when there is a change event detected for the fields. 2. Client-Side validation logic is never, ever a substitute for Server-Side validation logic. Client-Side logic should only be added to compliment the logic that would be in place on the server. Client-Side logic can always be circumvented and can never be counted on to prevent erroneous or malicious input. Link to comment https://forums.phpfreaks.com/topic/292229-req-check-input-and-deny/#findComment-1495606 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.