form validation using PHP

**Markus** · Jul 30 '08, 04:29 PM

It's better to use a combination of both PHP and JS to validate your form. PHP would use up bandwidth, while JS doesn't. However, there's no garuntee JS is enabled in the browser!

Read php form validation.

**ak1dnar** · Jul 30 '08, 05:09 PM

Originally posted by markusn00b

It's better to use a combination of both PHP and JS to validate your form. PHP would use up bandwidth, while JS doesn't. However, there's no garuntee JS is enabled in the browser!

Read php form validation.

Server side validation is better when developing high-secure applications. The problem with javascript is, a malicious user has the access to the client side script and easily then can bypass the validation process by removing the scripts. So I'll recommend js when developing simple applications only.

**Markus** · Jul 30 '08, 08:59 PM

Originally posted by ak1dnar

Server side validation is better when developing high-secure applications. The problem with javascript is, a malicious user has the access to the client side script and easily then can bypass the validation process by removing the scripts. So I'll recommend js when developing simple applications only.

As I said: a combination of both is pretty much *always* required.

**Atli** · Jul 31 '08, 04:28 AM

I wouldn't really call JavaScript validation... validation.
It doesn't really validate anything, as you have both pointed out, a malicious user can, and most likely will, bypass any JavaScript *security* measures.

It can, however, make sure that a normal user doesn't do stuff like forget to fill out required fields, or that the data he is entering is in fact the data you need.
Whether that qualifies as validation... I wouldn't call it that, but whatever.

In any case, you must always validate you data server-side, no matter what you may or may not be doing client-side.
Like always; relying on client-side code to provide any key functionality is a horrible idea.

**Markus** · Jul 31 '08, 11:32 AM

My argument for JS validation (i will use that term losely now, Atli) is that it would save the user submitting wrong information, waiting for the php script to run, then being redirected back to the form page, all of which might be time consuming.

**00johnson** · Jul 31 '08, 03:08 PM

I'm doing the same thing at the moment. Try

http://www.weberdev.com/get_example-4396.html

it helped me validate text fields along with where to place the code. Also

PHP Form Validation

http://htmlcenter.com/blog/php-form-validation/

PHP form validation tutorial walks you how to validate forms and their inputs with PHP programming language on the server side

uses the preg_match() function, I have used this for validating numerical fields. They should get you started.
Look at

PHP: PHP Manual - Manual

http://www.php.net/manual/en/index.php

PHP Manual

to understand what you are doing, the language reference section has particularly helped me.

**acoder** · Jul 31 '08, 06:11 PM

Originally posted by Atli

In any case, you must always validate you data server-side, no matter what you may or may not be doing client-side.
Like always; relying on client-side code to provide any key functionality is a horrible idea.

Very true. See Form Validation - doing it right for a nice explanation.

form validation using PHP

form validation using PHP

Comment

Comment

Comment

Comment

Comment

Comment

Comment