#1
  1. No Profile Picture
    Contributing User
    Devshed Frequenter (2500 - 2999 posts)

    Join Date
    Dec 2004
    Posts
    2,968
    Rep Power
    374

    Php validating forms ( One for all)


    Hi,

    Because my work involves creating forms, I am not sure how to make one validation class for all? few years back I used to do something like:

    [php]
    function custom_validate( input, $label, $min, $max, type ) {
    ///
    return 1 or ""
    }

    $error. = custom_validate ( $_POST['name'], name, NULL, NULL, string);
    .....

    // check $error and output error message
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2010
    Posts
    87
    Rep Power
    4
    Originally Posted by paulh1983
    Hi,

    Because my work involves creating forms, I am not sure how to make one validation class for all? few years back I used to do something like:

    [php]
    function custom_validate( input, $label, $min, $max, type ) {
    ///
    return 1 or ""
    }

    $error. = custom_validate ( $_POST['name'], name, NULL, NULL, string);
    .....

    // check $error and output error message

    Would you not include the class and then declare a new instance of the custom_validate, passing in the parameters:

    $error = new custom_validate( your params to validate here);

    You offer very little information to give a better answer.

    Volterony
  4. #3
  5. No Profile Picture
    Contributing User
    Devshed Frequenter (2500 - 2999 posts)

    Join Date
    Dec 2004
    Posts
    2,968
    Rep Power
    374
    sorry, well that example was just that, an example. wasnt meant to be a starting guide if that makes sense.

    Actual Q is how do you guys validate forms? do you have a class or functions? because even if i create a class I think i will have to on each page do something like:

    [php]
    $form_fields = array (
    name = ( 'type' => 'string', max_length = 20....),
    date_of_birth = ('type => 'date', formatting = 'UK'...)...
    );
    $instance = new Validate($form_fields);

    but I suppose because most of my forms have similar fields, i could "pre-define" some fields into my validation class and then pass in any extra fields?
  6. #4
  7. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2012
    Location
    Burb of Detroit, Michigan
    Posts
    86
    Rep Power
    76
    I have a Registration class and here is just a snippet:

    PHP Code:
     // Method returns to check if password is strong enough:
        
    public function isPassWordStrong($pass Null) {
            return (
    preg_match("/^.*(?=.{8,})(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z]).*$/"$pass) === 0);
        } 

    then in my registration register.php file, I just do this

    PHP Code:
        $passOK $guest->isPassWordStrong($password);
        if (
    $passOK) {
            
    $errorMsg[0] = 'Password must be at least 8 characters, and must contain at least one lower case letter, one upper case letter and one digit.';
        } 
    I guess I could have the error message in the class, but I find it easier to do it this way. Besides if I use that for something else besides a registration form I can easy have type a different error message.

    I know it should be false if the the password is not strong enough, but I logically think if something is true then it's wrong. I know it's weird but it works for me.

    I let Javascript and HTML5 do the other mundane validation, I just let PHP be the fall back for that if the user disables JavaScript.
    Last edited by Strider64; September 30th, 2013 at 07:53 AM.
  8. #5
  9. No Profile Picture
    Contributing User
    Devshed Frequenter (2500 - 2999 posts)

    Join Date
    Dec 2004
    Posts
    2,968
    Rep Power
    374
    but this results in too many if/elses which i would then have to re-do for each forms.

    I guess if i create forms then my class can have the messages embedded in it to save me some time.
  10. #6
  11. Mad Scientist
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Oct 2007
    Location
    North Yorkshire, UK
    Posts
    3,661
    Rep Power
    4123
    I have a few classes which manage my forms...they're all a bit WiP but the concept is this:

    I write an array - this array specifies names, types, validation method etc

    This, I call a 'form definition'. In some incarnations this is written as a property of a class (I would have one class per form) and in others it is passed into a class.

    I then have 3 classes which manage the form

    (1) A manager class which checks in the data, looping through the form definition looking for the $_POST value..

    depending on a "required" flag in the definition I check to see if the field is empty or not
    depending on a "validate" flag in the definition I pass the value through a static method in my validate class (2) (by using call_user_func_array) this returns true or false

    Based on these findings I then know what state the form is in, ie

    Not submitted
    Submitted but not valid
    Submitted and valid

    The third class is a renderer class which wraps up the form, including all messages generated by the manager and generated HTML output.

    These classes are accessed by a controller, which would have logic similar to this

    Code:
    form = new customForm;
    
    //or
    //form  = new form($definition);
    
    if(form->notSubmitted || form->invalid) {
         renderer = new formRenderer
         output = renderer->render(form);
    }
    
    if(form->valid) {
        //do something with form->getData()
    }
    I've expanded this so that the customForm has an input and output filter methods as the data in the form may not relate to the data we want in the backend or to display (in on input filters (input to backend) i would hash a password and the output filter (output to html form) would set the value to be empty for a password, the generic output filter just escapes the value for html output). Each form class can define it's own filter or just use the generic one defined in an abstract parent class.

    Back to the original question, here is sample of my validator class:

    PHP Code:
    namespace libs\forms;

    class 
    validation {
        public static function 
    Email($key) {
            return 
    filter_var($_POST[$key],FILTER_VALIDATE_EMAIL);
        }

        public static function 
    URL($key) {
            return 
    filter_var($_POST[$key], FILTER_VALIDATE_URLFILTER_FLAG_SCHEME_REQUIRED);
        }
        
        public static function 
    match($key,$field) {
            
            return (
    $_POST[$key] == $_POST[$field]) ? true false;
        }

    Comments on this post

    • paulh1983 agrees : thanks northie for this. will help me start something similar.
    I said I didn't like ORM!!! <?php $this->model->update($this->request->resources[0])->set($this->request->getData())->getData('count'); ?>

    PDO vs mysql_* functions: Find a Migration Guide Here

    [ Xeneco - T'interweb Development ] - [ Are you a Help Vampire? ] - [ Read The manual! ] - [ W3 methods - GET, POST, etc ] - [ Web Design Hell ]

IMN logo majestic logo threadwatch logo seochat tools logo