Hi I am in the process of validating my post data and have come to the phone number field.
I'm not quite sure how to approach this.
When I get to that part of my switch, I send it through the intval() function. This seems to take of the 0 on the beginning of the string.
I decided to leave it as a string, and then use settype() just before doing my database stuff.
Here is my code relating to the phone number:
PHP Code:
case "phone": $num_len = strlen($value); if(!ctype_digit($value)){ $errors[] = "You can only enter digits into the phone field."; } if($num_len != 11){ $errors[] = "Your telephone number must be 11 digits."; } die(); break;
I also did a bit of research and found UK landline and mobile numbers contain 11 digits, and the landlines range from 01200 up to 01997 (with the exception of around 50 which are 'not in use' (according to wikipedia)).
is all you really need for a phone number unless you want to allow international numbers (which I assume you dont)
from my experience people will often add spaces (even when you tell them not to)...e.g. '04033 55555'
so you might be well to $input=str_replace(' ','',$input) , then check for strlen() and is_numeric().
MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)
Last edited by firepages; 11-14-2012 at 04:10 AM..
Reason: spelin'
What if they start entering characters such as the hyphen (-)?
I need a way so that if they enter anything but numbers it will get rid of it. I know I can add arrays to the first 2 parameters of str_replace() but it could get a little tedious for my liking.
MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)
I'll have a play around with that code and read up on preg_replace(). Regular Expressions are complicated to understand. Tried using an example code someone gave the other day so thought I'd read up on it.
Can't find any good documentation anywhere for detailed explanations etc.
What would happen if they enter different characters (say someone is pratting about), does your code compensate for these other characters or malfunction?
That is used before additional checking to make sure it is just numbers. Those are the most common things used when someone is entering a phone number or credit card number. After that "cleaning" additional checking is done to make sure it's the proper length and only numeric (and, in the case of a credit card number for example, whether or not it passes MOD10 check).
__________________
Dave .... HostMonster for all of your hosting needs
Regular Expressions are complicated to understand. Tried using an example code someone gave the other day so thought I'd read up on it.....
yup I hate regular expressions as well and the documentation confuses me more often than not , that said the above simply replaces anything that is not a number from 0-9 and is better than string replace (in this case) since it will replace newlines/tabs/+ etc , err well anything that is not a digit
MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)
Is there any particular way to deal with a drop-down list? Just wondering whether I really need a case in my switch for this as the value will always be one of the options.
MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)
Just wondering what kind of validation would I have to perform on a drop-down list? Never used one in my forms before so I'm not quite sure if I need to validate anything?
I have 2 text areas so the only validation I perform on these 2 is making sure the user entered 400 characters or less.
I was racking my brains last night thinking of a way that my list needs to be validated and to be honest I cannot think of one. The value which someone selects will always be 'default' or one of the product names i.e 'benches' or 'gates'.
The only thing I can see to validate is whether or not the user selected something, in which case I need to distinguish which product it was.
OK, with you now.
Like you said the user can only select from one of the dropdown boxes so in theory you can only ever get one of your pre-determined values.
That said, if someone was to create a POST request to your webpage via CURL or simply from creating their own form its possible they could add their own options so you need to be aware of that.
Normally you would counter that by ensuring that the POST data came from your server and assuming that ALL user input is potentially evil.
You could check that the incoming product_options is one of your predetermined values or run a filter_var() or more regex to check its a string etc, in your case its probably best to check for one of your predetermined values.
MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)
Before you post, read our: 
