Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
380 views
in Technique[技术] by (71.8m points)

php - Form Validation -- A Standard Solution?

I'm a little above a newbie with web programming and I don't know much about form validation. In my research, it seems that there are a variety of ways to validate form data and some of the methods depend on what you're going to do with the data. Then you have to-be deprecated functions like mysql_real_escape_string and something called "PDO" and the whole thing is downright complicated.

So, would it be reasonable/feasible for there to be a set of functions that are basically the standard way to validate form data? Like this...

function validate_for_sql()
function validate_for_email()
function validate_for_browser()

Maybe there should be more (something for integers?). The ideal would be things like sql injections and other nasties could ALL be handled via a set of generally accepted and rock-solid functions developed by and for the coding community.

Is this doable? Does it already exist somewhere.. maybe in a hidden lair? If so, can someone email me the secret password needed to access this information? :)

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

Let me summarize your question : "would it be reasonable/feasible for there to be a set of functions, generally accepted, uniform, and solid, that are basically the standard way to validate form data?"

If what I summarize is true, then the answer is : jQuery Validation. As the name stated, you need jQuery and jQuery Validation to make this work.

Below is an example on how to use this tools.

HTML :

<form id="myForm">
    <input type="text" name="currency">
    <input type="text" name="amount">
</form>

Javascript:

$("#myForm").validate({
    rules: {
        "currency": {
            minlength: 3,
            required: true
        },
        "amount": {
            number: true
        }
    }
});

As default, validation is triggered on KeyUp. So when user change, lets say, field currency and broke one of the rules above, jQuery Validation will give pre-build notification message automatically.

These are the pre-build messages for rules above :

  1. minlength: Please enter at least three characters
  2. required: This field is required
  3. number: Please enter a valid number

What if you want to validate whether a currency is available in our exchange rate's table?

The answer is: just add custom Validation Method.

$.validator.addMethod("checkCurrency", 
    function(value, element) {
        var result = false;
        $.ajax({
            type:"GET",
            async: false,
            url: "012_ajax.php", // script to validate in server side
            data: {currency: value},
            success: function(data) {
                result = (data == "1") ? true : false;
            }
        });
        // return true if currency is exist in database
        return result; 
    }, 
    "Currency is not exist."
);

$("#myForm").validate({
    rules: {
        "currency": {
            minlength: 3,
            required: true,
            checkCurrency: true
        },
        "amount": {
            number: true
        }
    }
});

With this code, everytime user entry unexist currency in table, form will always show "Currency is not exist" message.


Last question: could I create custom message for this plugin?

The answer is YES.

$("#myForm").validate({
    rules: {
        "currency": {
            minlength: 3,
            required: true,
            checkCurrency: true
        },
        "amount": {
            number: true
        }
    },
    messages: {
        "currency": {
            minlength: "Currency should at least 3 char or more",
            required: "Currency is required"
        },
        "amount": {
            number: "Amount must be number"
        }
    }
});

Now everytime user broke rules above, form will gives messages as state in code above.

The important thing of this plugin, as every form validation should do, is that data will not be submitted as long as data are not verified. Well, as long as user is't turning-off / disable javascript from his browser. :)


UPDATE

The answer above is for client side validation.

For server side validation, there are PHP form validation scripts on internet, among them are :

  1. http://html-form-guide.com
  2. A Soares

They have build-in validation rules and user could add the custom ones.

Hopefully this help.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...