Jump to content

Archived

This topic is now archived and is closed to further replies.

Taffd

[SOLVED] Form validation

Recommended Posts

Hi all,

I've googled, forummed, manualled and experimented but am unable to accomplish simple form validation.

Problem example; comment page.

I wish to validate a text area. I want it to contain text,numbers, punctuation and a few special characters ie/./,/"/£/$/!

I can accomplish the required regex.

Anyway, I would like to validate the input, send it to the database if ok and if not refresh the form page with existing text and an error message saying something like

"The following characters are not allowed."

I also need to know how to adjust the dreamweaver code accordingly.

 

I've been experimenting with simple validation over two pages using !preg_match and although I've had minor success, I've found that I can have (<) or (<<<<) show an error but if I input (<.) or (<anyletter), it validates as ok.

I haven't been able to make any headway with preg_match_all.

 

Is there anybody in the world who is able to help please?

 

Share this post


Link to post
Share on other sites

Todding01,

Thanks but I was referring to server-side php. However I have found a solution to my problem, which I post in case it can help anyone else.

 

I post this solution to a form validation and redirect, as an addition to a comment page written with dreamweaver. Unfortunately Dreamweaver does not provide server-side validation for php. You're expected to purchase an extension.

My problem

I have a comments page with a comment form. I wanted the comment input to a database if ok but if a user tried to input code or a link, I wanted to redirect them back to the form page without their comment input to the database. I also needed to work out where in the Dreamweaver written code to place my validation and redirect.

The code below shows the part of the page which dreamweaver writes to input form data into the database, with the associated validation.

It works.

 

 

 

 

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "comments"))
{

$comment = htmlentities($_POST['comment']);

function check_field1($comment)
{
if (preg_match("/</", $comment))
{
return TRUE;
}
}
$error=0; 
if(check_field1($comment))
{
  
  $error++;
   $insertGoTo = "comments.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $insertGoTo)); // $error=$error+1;
}

if($error == 0)
   $insertSQL = sprintf("INSERT INTO comments (comment, `day`, `month`, `year`) VALUES (%s, %s, %s, %s)",
                       GetSQLValueString($_POST['comment'], "text"),
                       GetSQLValueString($_POST['day'], "int"),
                       GetSQLValueString($_POST['month'], "text"),
                       GetSQLValueString($_POST['year'], "int"));

  mysql_select_db($database_connection, $connection);
  $Result1 = mysql_query($insertSQL, $connection) or die(mysql_error());

  $insertGoTo = "comments.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $insertGoTo));
  }

Share this post


Link to post
Share on other sites

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.