How to Validate Form Data With PHP?

0 votes
Want to know what is the generic code i can used using php to validate  from data?
Feb 13 in PHP by kartik
• 10,760 points
89 views

1 answer to this question.

0 votes

Hey @kartik,

The first thing we will do is to pass all variables through PHP's htmlspecialchars() function.

When we use the htmlspecialchars() function; then if a user tries to submit the following in a text field:

<script>location.href('http://www.hacked.com')</script>

- this would not be executed, because it would be saved as HTML escaped code, like this:

&lt;script&gt;location.href('http://www.hacked.com')&lt;/script&gt;

The code is now safe to be displayed on a page or inside an e-mail.

We will also do two more things when the user submits the form:

  1. Strip unnecessary characters (extra space, tab, newline) from the user input data (with the PHP trim() function)
  2. Remove backslashes (\) from the user input data (with the PHP stripslashes() function)

The next step is to create a function that will do all the checking for us (which is much more convenient than writing the same code over and over again).

We will name the function test_input().

Now, we can check each $_POST variable with the test_input() function, and the script looks like this:

Example

<?php
// define variables and set to empty values
$name = $email = $gender = $comment = $website = "";

if ($_SERVER["REQUEST_METHOD"] == "POST") {
  $name = test_input($_POST["name"]);
  $email = test_input($_POST["email"]);
  $website = test_input($_POST["website"]);
  $comment = test_input($_POST["comment"]);
  $gender = test_input($_POST["gender"]);
}

function test_input($data) {
  $data = trim($data);
  $data = stripslashes($data);
  $data = htmlspecialchars($data);
  return $data;
}
?>

If you want to know how can we avoid my php form from hacking check it out-  PHP Security

answered Feb 13 by Niroj
• 21,680 points

Related Questions In PHP

0 votes
1 answer

How to validate E-mail and URL of Php form?

hey, The code below shows a simple way ...READ MORE

answered Feb 13 in PHP by manish
81 views
0 votes
1 answer

How to prevent XSS with HTML/PHP?

Hello, HTML Encoding htmlspecialchars will convert any "HTML special characters" ...READ MORE

answered Apr 1 in PHP by Niroj
• 21,680 points
33 views
0 votes
1 answer

How to detect search engine bots with php?

Hello, You can checkout if it's a search ...READ MORE

answered Apr 20 in PHP by Niroj
• 21,680 points
58 views
0 votes
1 answer

How to convert from MySQL datetime to another format with PHP?

Hello, To convert a date retrieved from MySQL ...READ MORE

answered May 19 in PHP by Niroj
• 21,680 points
21 views
+1 vote
1 answer

What is the relationship between angularjs Scope with controller/view?

Let us consider the below block: <div ng-controller="emp"> ...READ MORE

answered Jan 20 in Web Development by Niroj
• 21,680 points

edited Jan 21 by Niroj 67 views
+1 vote
1 answer

What is css box module?

Hey, All the element present in html follows ...READ MORE

answered Jan 20 in Web Development by Niroj
• 21,680 points

edited Jan 21 by Niroj 53 views
0 votes
1 answer

Explain the difference between visibility:hidden; and display:none?

hii, visibility:hidden; and display:none are totally different used ...READ MORE

answered Jan 20 in Web Development by Niroj
• 21,680 points
349 views
+1 vote
1 answer

How to access the Angularjs scope of a particular html element from our console?

Hello, You should follow the below steps:-- 1.Compile and ...READ MORE

answered Jan 21 in Web Development by Niroj
• 21,680 points

edited Jan 21 by Niroj 52 views
0 votes
1 answer

What is a Cookie? How to create Cookies With PHP?

A cookie is often used to identify ...READ MORE

answered Feb 13 in PHP by Niroj
• 21,680 points
106 views
0 votes
1 answer

How to retrieve or obtain data from the MySQL database using PHP?

Hello kartik,  Actually there are many functions that  ...READ MORE

answered Mar 27 in PHP by Niroj
• 21,680 points
33 views