example.com site to someone on a train using a Blackberry. Validation
must take place on the server as well as on the client. So first you??™ll briefly look at
server-based validation, and then at how and why to extend it to JavaScript.
Doing It on the Server
You??™ll use regular expressions here to check a form submission. The examples in Listing 7-1
are PHP, but every language now includes support for regular expressions; simply adapt for
your choice of server-side technology. If you??™re not familiar with regular expressions, there are
guides galore on the Web: http://www.regular-expressions.info/ is a good introduction that
goes into a decent level of detail. The canonical written reference is Jeffrey Friedl??™s Mastering
Regular Expressions, described at http://regex.info/.
147
C H A P T E R 7
Listing 7-1. simple-form.php shows validation of a simple form in PHP
$VALIDATIONS = Array(
"firstname" => Array("regexp" => '.+', "error" => "Enter a name"),
"lastname" => Array("regexp" => '.+', "error" => "Enter a name"),
"heads" => Array("regexp" => '^\d+$', "error" => "Number of heads a
should be a whole number"),
"dob" => Array("regexp" => '^\d\d[\/.-]\d\d[\/.-]\d\d\d\d$', "error" => a
"Enter dates in format DD/MM/YYYY"),
"email" => Array("regexp" => '^.+@.+\..+$', "error" => a
"This address is not valid")
);
$ERRORS = Array();
if (isset($_GET["submit"])) {
# form was submitted
foreach ($VALIDATIONS as $field => $data) {
if (!isset($_GET[$field])) continue; # skip any that aren't sent
$regexpstr = $data["regexp"];
if (preg_match("/$regexpstr/", $_GET[$field]) == 0) {
$ERRORS[$field] = $data["error"];
}
}
if (count($ERRORS) == 0) echo "Data OK; now redirect!";
}
?>
Pages:
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220