Jump to content

[SOLVED] Form validation


Recommended Posts

Hi all,

I've googled, forummed, manualled and experimented but am unable to accomplish simple form validation.

Problem example; comment page.

I wish to validate a text area. I want it to contain text,numbers, punctuation and a few special characters ie/./,/"/£/$/!

I can accomplish the required regex.

Anyway, I would like to validate the input, send it to the database if ok and if not refresh the form page with existing text and an error message saying something like

"The following characters are not allowed."

I also need to know how to adjust the dreamweaver code accordingly.

 

I've been experimenting with simple validation over two pages using !preg_match and although I've had minor success, I've found that I can have (<) or (<<<<) show an error but if I input (<.) or (<anyletter), it validates as ok.

I haven't been able to make any headway with preg_match_all.

 

Is there anybody in the world who is able to help please?

 

Link to comment
Share on other sites

Todding01,

Thanks but I was referring to server-side php. However I have found a solution to my problem, which I post in case it can help anyone else.

 

I post this solution to a form validation and redirect, as an addition to a comment page written with dreamweaver. Unfortunately Dreamweaver does not provide server-side validation for php. You're expected to purchase an extension.

My problem

I have a comments page with a comment form. I wanted the comment input to a database if ok but if a user tried to input code or a link, I wanted to redirect them back to the form page without their comment input to the database. I also needed to work out where in the Dreamweaver written code to place my validation and redirect.

The code below shows the part of the page which dreamweaver writes to input form data into the database, with the associated validation.

It works.

 

 

 

 

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "comments"))
{

$comment = htmlentities($_POST['comment']);

function check_field1($comment)
{
if (preg_match("/</", $comment))
{
return TRUE;
}
}
$error=0; 
if(check_field1($comment))
{
  
  $error++;
   $insertGoTo = "comments.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $insertGoTo)); // $error=$error+1;
}

if($error == 0)
   $insertSQL = sprintf("INSERT INTO comments (comment, `day`, `month`, `year`) VALUES (%s, %s, %s, %s)",
                       GetSQLValueString($_POST['comment'], "text"),
                       GetSQLValueString($_POST['day'], "int"),
                       GetSQLValueString($_POST['month'], "text"),
                       GetSQLValueString($_POST['year'], "int"));

  mysql_select_db($database_connection, $connection);
  $Result1 = mysql_query($insertSQL, $connection) or die(mysql_error());

  $insertGoTo = "comments.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $insertGoTo));
  }

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.