Validating User Input in PHPAn HTML form contains various input fields such as text box, checkbox, radio buttons, submit button, and checklist, etc.These inputs need to be validated, and ensures that the user has entered information is valid and correct.PHP validates the data at the server-side, which is submitted by HTML form. User validate data following types:
- Empty String
- Validate String
- Validate Numbers
- Validate Email
- Validate URL
- Input length
Empty StringChecks that the field is not empty. If the user leaves the required field empty, it will show an error message.Example:-if (emptyempty ($_POST["name"])) {$errMsg = "Error! You didn't enter the Name.";echo $errMsg;}else {$name = $_POST["name"];}Validate StringChecks that the field will contain only alphabets and whitespace.example - the name field does not receive valid input from the user, then it will show an error message:$name = $_POST ["Name"];if (!preg_match ("/^[a-zA-z]*$/", $name) ) {$ErrMsg = "Only alphabets and whitespace are allowed.";echo $ErrMsg;} else {echo $name;}Validate NumberValidates that the field will only contain a numeric value.Example - the Mobile no field does not receive numeric data from the user, the code will display an error message:$mobileno = $_POST ["Mobile_no"];if (!preg_match ("/^[0-9]*$/", $mobileno) ){$ErrMsg = "Only numeric value is allowed.";echo $ErrMsg;} else {echo $mobileno;}Validate EmailA valid email must contain @ and . symbols.Use regular expressions to validate the email address.Example:- the field does not contain a valid email address, then the code will display an error message:$email = $_POST ["Email"];$pattern = "^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$^";if (!preg_match ($pattern, $email) ){$ErrMsg = "Email is not valid.";echo $ErrMsg;} else {echo "Your valid email address is: " .$email;}Input Length ValidationValidation restricts the user to provide the value between the specified range.Example - Mobile Number. A valid mobile number must have 10 digits.$mobileno = strlen ($_POST ["Mobile"]);$length = strlen ($mobileno);if ( $length < 10 && $length > 10) {$ErrMsg = "Mobile must have 10 digits.";echo $ErrMsg;} else {echo "Your Mobile number is: " .$mobileno;}Validate URLIf the field does not contain a valid URL, the code will display an error message, i.e., "URL is not valid".$websiteURL = $_POST["website"];if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&@#\/%?=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]/i",$website)){$websiteErr = "URL is not valid";echo $websiteErr;} else {echo "Website URL is: " .$websiteURL;}Button Click ValidateValidates that the user click on submit button and send the form data to the server one of the following method - get or post.if (isset ($_POST['submit']) {echo "Submit button is clicked.";if ($_SERVER["REQUEST_METHOD"] == "POST") {echo "Data is sent using POST method ";}} else {echo "Data is not submitted";}Example:- Create a registration form using HTML and perform server-side validation. :<!DOCTYPE html><html><head><style>.error {color: #FF0001;}</style></head><body><?php// define variables to empty values$nameErr = $emailErr = $mobilenoErr = $genderErr = $websiteErr = $agreeErr = "";$name = $email = $mobileno = $gender = $website = $agree = "";//Input fields validationif ($_SERVER["REQUEST_METHOD"] == "POST") {//String Validationif (emptyempty($_POST["name"])) {$nameErr = "Name is required";} else {$name = input_data($_POST["name"]);// check if name only contains letters and whitespaceif (!preg_match("/^[a-zA-Z ]*$/",$name)) {$nameErr = "Only alphabets and white space are allowed";}}//Email Validationif (emptyempty($_POST["email"])) {$emailErr = "Email is required";} else {$email = input_data($_POST["email"]);// check that the e-mail address is well-formedif (!filter_var($email, FILTER_VALIDATE_EMAIL)) {$emailErr = "Invalid email format";}}//Number Validationif (emptyempty($_POST["mobileno"])) {$mobilenoErr = "Mobile no is required";} else {$mobileno = input_data($_POST["mobileno"]);// check if mobile no is well-formedif (!preg_match ("/^[0-9]*$/", $mobileno) ) {$mobilenoErr = "Only numeric value is allowed.";}//check mobile no length should not be less and greator than 10if (strlen ($mobileno) != 10) {$mobilenoErr = "Mobile no must contain 10 digits.";}}//URL Validationif (emptyempty($_POST["website"])) {$website = "";} else {$website = input_data($_POST["website"]);// check if URL address syntax is validif (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&@#\/%?=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]/i",$website)) {$websiteErr = "Invalid URL";}}//Empty Field Validationif (emptyempty ($_POST["gender"])) {$genderErr = "Gender is required";} else {$gender = input_data($_POST["gender"]);}//Checkbox Validationif (!isset($_POST['agree'])){$agreeErr = "Accept terms of services before submit.";} else {$agree = input_data($_POST["agree"]);}}function input_data($data) {$data = trim($data);$data = stripslashes($data);$data = htmlspecialchars($data);return $data;}?><h2>Registration Form</h2><span class = "error">* required field </span><br><br><form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" >Name:<input type="text" name="name"><span class="error">* <?php echo $nameErr; ?> </span><br><br>E-mail:<input type="text" name="email"><span class="error">* <?php echo $emailErr; ?> </span><br><br>Mobile No:<input type="text" name="mobileno"><span class="error">* <?php echo $mobilenoErr; ?> </span><br><br>Website:<input type="text" name="website"><span class="error"><?php echo $websiteErr; ?> </span><br><br>Gender:<input type="radio" name="gender" value="male"> Male<input type="radio" name="gender" value="female"> Female<input type="radio" name="gender" value="other"> Other<span class="error">* <?php echo $genderErr; ?> </span><br><br>Agree to Terms of Service:<input type="checkbox" name="agree"><span class="error">* <?php echo $agreeErr; ?> </span><br><br><input type="submit" name="submit" value="Submit"><br><br></form><?phpif(isset($_POST['submit'])) {if($nameErr == "" && $emailErr == "" && $mobilenoErr == "" && $genderErr == "" && $websiteErr == "" && $agreeErr == "") {echo "<h3 color = #FF0001> <b>You have sucessfully registered.</b> </h3>";echo "<h2>Your Input:</h2>";echo "Name: " .$name;echo "<br>";echo "Email: " .$email;echo "<br>";echo "Mobile No: " .$mobileno;echo "<br>";echo "Website: " .$website;echo "<br>";echo "Gender: " .$gender;} else {echo "<h3> <b>You didn't filled up the form correctly.</b> </h3>";}}?></body></html>
Output: -
Fill
the registration form and click on the Submit button. If all required
information is provided correctly, the output will be displayed on the same
page below the submit button.:
===========================================
0 Comments