HI all,
Well I have been going through various methods on filtering form data, and
the one I never see is filtering form data using regular expressions,
(although the html form and validition class by Manuel Lemos does seem to
use them) this is the only I could find.
I often see lines like (for checking a 4 character number for example):
$input_value = html_entities($input_value);
If (strval(intval($input_value)) && strlen($input_value) == 4) {
// do something with validated data (maybe put in valid array or
something)
}
Ok so whats wrong with good ole:
If (preg_match('/^[0-9]{4}$/',trim($input_value)) {
// do something with validated data (maybe put in valid array or
something)
}
Am I going to get a performance hit if I validate all my fields with regular
expressions?
As I see it I am only calling one function (ok 2 with the trim()) to
validate my form data.
Just wondering what you all thought about these different methods, and what
approach suits best a given situation..
Regards,
Tim
