Jump to content

server side validation

bhazzard

By bhazzard
in PHP Coding Help

Recommended Posts

bhazzard Newbie

bhazzard

Posted
Posted

I want to do validation server side (because I will have several front ends for the same back-end and I don't want to have to do my validation over and over again) and I had this plan on how to do the validation... For some reason it doesn't actually put out anything to the screen or source code view.... Can somebody please help?

 

  // make sure the required variables were posted

  if( isset($_POST['firstName']) AND isset($_POST['lastName']) AND isset($_POST['gradYear']) AND isset($_POST['birthYear']) AND isset($_POST['birthMonth']) AND isset($_POST['birthDay']) ) {

    $firstName = $_POST['firstName'];

    $lastName = $_POST['lastName'];

    $gradYear = $_POST['gradYear'];

    $birthYear = $_POST['birthYear'];

    $birthMonth = $_POST['birthMonth'];

    $birthDay = $_POST['birthDay'];

    $birthDate = $birthYear . '-' . $birthMonth . '-' . $birthDay;

   

    // add the record

    $objAlumni =  new Alumni();

    $objAlumni->First = $firstName;

    $objAlumni->Last = $lastName;

    $objAlumni->GradYear = $gradYear;

    $objAlumni->BirthDate = new QDateTime($birthDate);

    $objAlumni->Save();

   

    // print a line indicating that the record was added

    print('Record added for ' .  $lastName . ', ' . $firstName);

   

  // if the variables were not posted print that they are required!

  } else {

    // get the boolean value indicating whether they were posted

    $blnSetStatusArray = array(

      'First Name' => isset($_POST['firstName']),

      'Last Name' => isset($_POST['lastName']),

      'Graduation Year' => isset($_POST['gradYear']),

      'Birth Date' => isset($_POST['birthYear']) OR isset($_POST['birthMonth']) OR isset($_POST['birthDay'])

    ); // end blnSetStatus array

   

    // for each one, if it wasn't posted add a line saying it is required

    while( $blnSetStatus = current($blnSetStatusArray) ) {

      if( !$blnSetStatus ) {

        print( key($blnSetStatusArray) . ' is required!/n');

      } // end if

    } // end loop

  } // end if/else

 

I appreciate your consideration!!

Link to comment
https://forums.phpfreaks.com/topic/77859-server-side-validation/
Share on other sites
Daukan Newbie

Daukan

Posted
Posted

Change

<?php
if( isset($_POST['firstName']) AND isset($_POST['lastName']) AND isset($_POST['gradYear']) AND isset($_POST['birthYear']) AND isset($_POST['birthMonth']) AND isset($_POST['birthDay']) ) {
{
?>

To

<?php
if( 
    !empty($_POST['firstName']) AND 
    !empty($_POST['lastName']) AND 
    !empty($_POST['gradYear']) AND 
    !empty($_POST['birthYear']) AND 
    !empty($_POST['birthMonth']) AND 
    !empty($_POST['birthDay']) 
) {?>

A form sets the variable even if its empty, so you need check if it has a value.

GingerRobot Regular Member

GingerRobot

Posted
Posted

I've tidied it up a little bit since we seem to be repeating the same checks a few times:

 

<?php
$fields = array('First Name' => 'firstName','Last Name'=>'lastName','Graduation Year' => 'gradYear','Full date of birth'=>'birthYear','Full date of birth'=>'birthMonth','Full date of birth'=>'birthDay');
$errors = 0;
$dob_error = FALSE;
foreach($fields as $k => $v){
if(!isset($_POST[$v]) && !empty($_POST[$v])){
 	$errors++;
	if($k == 'Full date of birth'){//these checks are needed since we have 3 DOB fields but only want the error message shown once
		if($dob_error === FALSE){
			echo $k." is required<br /> \n";
		}else{
			$dob_error = TRUE
		}
	}else{
		echo $k." is required<br /> \n"
	}
}
}
if($errors == 0){//if there were no errors we can add the record
    // add the record
    $objAlumni =  new Alumni();
    $objAlumni->First = $firstName;
    $objAlumni->Last = $lastName;
    $objAlumni->GradYear = $gradYear;
    $objAlumni->BirthDate = new QDateTime($birthDate);
    $objAlumni->Save();
    
    // print a line indicating that the record was added
    print('Record added for ' .  $_POST['lastName'] . ', ' . $_POST['firstName']);
}
?>

 

On a side note, if you're working with each element in an array, you'll probably find it easier to use the foreach statement (as i did above) rather than a while statement. If you do use a while statement, you would need to use the next() function at the end of the while statement - which was one of the issues with your code.

bhazzard Newbie

bhazzard

Posted
  • Author
Posted

Thanks so much Ben,

 

Your solution is very elegant. I would like to point out for anyone else who ends up needing something like this that I had to change:

 

if(!isset($_POST[$v]) && !empty($_POST[$v])) to if(!isset($_POST[$v]) OR empty($_POST[$v]))

 

The logic here is that we want to generate an error is the posted variable is not set or it is set to a null.

 

Thanks again Ben for your excellent help. for reference I will post the now fully functional final code.

 

<?php
  $fields = array('First Name' => 'firstName','Last Name'=>'lastName','Graduation Year' => 'gradYear','Full date of birth'=>'birthYear','Full date of birth'=>'birthMonth','Full date of birth'=>'birthDay');
  $errors = 0;
  $dob_error = FALSE;
  foreach ( $fields as $k => $v ) {
    if(!isset($_POST[$v]) || empty($_POST[$v])){
      $errors++;
      if($k == 'Full date of birth'){//these checks are needed since we have 3 DOB fields but only want the error message shown once
        if($dob_error == FALSE){
          echo $k . " is required<br /> \n";
        } else {
          $dob_error = TRUE;
        } // end if else
      } else {
        echo $k . " is required<br /> \n";
      } // end if/else
    } // end if
  } // end foreach
  if($errors == 0){//if there were no errors we can add the record
      // build the birthDate variable in the proper syntax
      $birthDate = $_POST['birthYear'] . '-' . $_POST['birthMonth'] . '-' . $_POST['birthDay'];

      // add the record
      $objAlumni =  new Alumni();
      $objAlumni->First = $_POST['firstName'];
      $objAlumni->Last = $_POST['lastName'];
      $objAlumni->GradYear = $_POST['gradYear'];
      $objAlumni->BirthDate = new QDateTime($birthDate);
      $objAlumni->Save();
      
      // print a line indicating that the record was added
      print('Record added for ' .  $_POST['lastName'] . ', ' . $_POST['firstName']);
  } // end if
?>

 

As a side note... for those confused by my QDateTime call. That is simply a reference to the QCODO framework I am using. It generates a good portion of the 'wiring' code like ORM and forms processing. This is to build on that back end but simply allow me to use other front-ends, such as an adobe flex based UI.

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.