Please help! Validation Problem

[sarahlockwood]

Hi all, I am relatively new to using php. At the moment I am working on a customer page into which they must input their details. I would like to be able to validate each individual entry, but I am unsure where to insert the validation code, and whether it is correct. I need something like:

if (!preg_match("/^[\w]+[\w.-]{4,19}$/", $firstname))
return "<p>Please, enter a valid forename.</p><br />".index.php();

Here is the code so far, I would really appreciate any help:

<?php require_once('Connections/mysql.php'); ?>
<?php
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}

$editFormAction = $HTTP_SERVER_VARS['PHP_SELF'];
if (isset($HTTP_SERVER_VARS['QUERY_STRING'])) {
$editFormAction .= "?" . $HTTP_SERVER_VARS['QUERY_STRING'];
}

if ((isset($HTTP_POST_VARS["MM_insert"])) && ($HTTP_POST_VARS["MM_insert"] == "newCustomer")) {
$insertSQL = sprintf("INSERT INTO Customer (title, firstname, surname, addressline1, addressline2, email, town, county, postcode, homephone, workphone, mobile, dateofbirth) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)",
GetSQLValueString($HTTP_POST_VARS['select'], "text"),
GetSQLValueString($HTTP_POST_VARS['firstname'], "text"),
GetSQLValueString($HTTP_POST_VARS['surname'], "text"),
GetSQLValueString($HTTP_POST_VARS['addressline1'], "text"),
GetSQLValueString($HTTP_POST_VARS['addressline2'], "text"),
GetSQLValueString($HTTP_POST_VARS['email'], "text"),
GetSQLValueString($HTTP_POST_VARS['town'], "text"),
GetSQLValueString($HTTP_POST_VARS['county'], "text"),
GetSQLValueString($HTTP_POST_VARS['postcode'], "text"),
GetSQLValueString($HTTP_POST_VARS['homephone'], "text"),
GetSQLValueString($HTTP_POST_VARS['workphone'], "text"),
GetSQLValueString($HTTP_POST_VARS['mobile'], "text"),
GetSQLValueString($HTTP_POST_VARS['dateofbirth'], "text")
);

mysql_select_db($database_mysql, $mysql);
$Result1 = mysql_query($insertSQL, $mysql) or die(mysql_error());

if (empty($HTTP_POST_VARS['firstname'])) {
return "You must enter the password". index.php();
}
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "

http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="

http://www.w3.org/1999/xhtml">

<head>
<title>!</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<meta http-equiv="Content-Script-Type" content="text/javascript" />
<meta name="Author" content="Sarah" />
<meta name="Keywords" content="Sarah" />
<meta name="Description" content="!" />
<meta name="classification" content="Travel" />
<meta name="Rating" content="General" />
<meta name="copyright" content="Copyright ©2005/>
<link rel="stylesheet" type="text/css" href="style.css" />
</head>

<body>
<!-- Corporate Banner -->
<table width="800px" cellpadding="0" cellspacing="0" border="0">
<tr><td height="10"></td></tr>
</table>

<table width="800px" cellpadding="0" cellspacing="0" border="0">
<tr valign="top">
<td width="10px"></td>
<td height="123"><img src="img/banner.jpg" alt="Europe" width="780px" height="130" /></td>
<td width="10px"></td>
</tr>
</table>

<!-- Top Bar -->
<table width="800px" cellpadding="0" cellspacing="0" border="0">
<tr>
<td width="10px"></td>
<td><img src="img/top.jpg" alt="top bar" width="780px" height="20" /></td>
<td width="10px"></td>
</tr>
</table>

<!-- Table containing main content -->
<table width="800px" border="0" cellpadding="0" cellspacing="0">
<tr valign="top">
<td width="10px"></td>
<td width="180px" bgcolor="#4B007D">


<!-- W3C Validator Logos -->
<br /><p align="center"><a href="

http://validator.w3.org/check?uri=referer"><img

style="border:0;width:88px;height:31px"
src="

http://www.w3.org/Icons/valid-xhtml10"

alt="Valid XHTML 1.0!" height="31" width="88" /></a> </p>

<p align="center"><a href="

http://jigsaw.w3.org/css-validator/">

<img src="

http://jigsaw.w3.org/css-validator/images/vcss"

alt="Valid CSS!" style="border:0;width:88px;height:31px" /></a></p></td>

<td width="10px"></td>
<td width="400px"><h2>New Customer</h2>
<p>This is a dummy site!</p>
<form action="<?php echo $editFormAction; ?>" name="newCustomer" id="newCustomer" method="post">
<table>
<tbody>
<tr>
<td style="text-align: left;"> <label for="newCustomer">*Title:
</label></td>
<td> <select name="select" size="1">
<option>Mr</option>
<option>Mrs</option>
<option>Miss</option>
<option>Ms</option>
</select> <input type="hidden" name="MM_insert" value="newCustomer"/></td>
</tr>
<tr>
<td><label>*Forename: </label></td>
<td><input name="firstname" type="text" id="firstname" maxlength="30"/></td>
</tr>
<tr>
<td><label>*Surname: </label></td>
<td><input name="surname" type="text" id="surname" maxlength="30"/></td>
</tr>
<tr>
<td><label>*Address Line 1: </label></td>
<td><input name="addressline1" type="text" id="addressline1" maxlength="50"/></td>
</tr>
<tr>
<td><label>*Address Line 2: </label></td>
<td><input name="addressline2" type="text" id="addressline2" maxlength="50"/></td>
</tr>
<tr>
<td><label>*City/Town: </label></td>
<td><input name="town" type="text" id="town" maxlength="30"/></td>
</tr>
<tr>
<td><label>*County: </label></td>
<td><input name="county" type="text" id="county" maxlength="30"/></td>
</tr>
<tr>
<td><label>*Postcode: </label></td>
<td><input name="postcode" type="text" id="postcode" maxlength="8"/></td>
</tr>
<tr>
<td><label>*Email Address: </label></td>
<td><input name="email" type="text" id="email" maxlength="50"/></td>
</tr>
<tr>
<td><label>*Home Phone Number: </label></td>
<td><input name="homephone" type="text" id="homephone" maxlength="15"/></td>
</tr>
<tr>
<td><label>*Work Phone Number: </label></td>
<td><input name="workphone" type="text" id="workphone" maxlength="15"/></td>
</tr>
<tr>
<td><label>*Mobile Phone Number: </label></td>
<td><input name="mobile" type="text" id="mobile" maxlength="15"/></td>
</tr>
<tr>
<td><label>*Date Of Birth: </label></td>
<td><input name="dateofbirth" type="text" id="dateofbirth" value="0000-00-00" maxlength="10"/></td>
</tr>
</tbody>
</table>
<div align="center"> <br />
<input type="submit" name="Submit" value="Submit" />
</div>
</form>

<p align="center"> This site is &copy; Copyright
, All Rights Reserved<br />
</p>
</td>
<td width="10px"></td>
<td width="180px" bgcolor="#4B007D"></td>
<td width="10px"></td>
</tr>
</table>
</body>
</html>

 

[jpadie]

this faq faq434-2909 should give you a good idea of structuring validation inside a script.

for specification validation masks - you can bet that someone has written a regex that does what you want so hunt around. the site

http://www.regular-expressions.info

has a lot of good stuff on it.