Hello,
I've got a form with various fields. One is a text input field called
name with a size and a maxlength of 30. I've got the following
validation code for this field. I'd appreciate feedback on it before I
do the others.
Thanks.
Dave.
$contact_page_errors = array();
$errorCount = "";
$name = "";
function test_input($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
// Validate the name field
if (empty($_POST["name"]))
{
$contact_page_errors['name'] = "Name is Required";
$errorCount++;
}
else
{ // trims, strips slashes, and runs through htmlspecialchars
$name = test_input($_POST["name"]);
// Field should be at least two characters maximum of 30 and non-numeric
if (!strlen($name <= 2)) {
$contact_page_errors['name'] = "Name must have at least two characters\n";
$errorCount++;
}
if (strlen($name > 30)) {
$contact_page_errors['name'] = "Name can not have more than 30
characters\n";
$errorCount++;
}
if (is_numeric($name)) {
$contact_page_errors['name'] = "Name can not be numeric\n";
$errorCount++;
}
}
// check if name only contains letters and whitespace
if (!preg_match("/^[A-Z][a-zA-Z -]+$/",$name))
{
$contact_page_errors['name'] = "Name must be from letters,
dashes, spaces, first letter uppercase, and must not start
with dash.\n";
$errorCount++;
}
// Use php's filter_var to sanitize what's left
$name = filter_var($name, FILTER_SANITIZE_STRING);
} // end of name checks
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
