PHP Form - Verify messages and URLs
To ensure the integrity and security of PHP forms, we need to validate the forms, and in this section we'll show you how to verify names (names), e-mails (mail), and URLs.
PHP - Verify the name
The following code detects whether the name field contains letters and spaces in a simple way, and if the name field value is not legal, an error message is output:
$name = test_input($_POST["name"]);
if (!preg_match("/^[a-zA-Z ]*$/",$name)){
$nameErr = "只允许字母及空格";
}
preg_match - Make regular expression matching.
Grammar: int preg_match ( string $pattern , string $subject [, array $matches [, int $flags ]] ) Search the subject string for content that matches the regular expression given by pattern. I f matches are provided, they are populated by the results of the search. $matches will contain text that matches the entire pattern, $matches will contain text that matches the sub-pattern in the parentheses of the first capture, and so on. |
PHP - Verify the message
The following code will detect whether the e-mail address is legitimate in a simple way. If the e-mail address is illegal, an error message is output:
$email = test_input($_POST["email"]);
if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/",$email)){
$emailErr = "非法邮件地址";
}
PHP - Verify the URL
The following code detects whether the URL address is legitimate (the following regular expression runs the URL with a dash: "-") and outputs an error message if the URL address is illegal:
$website = test_input($_POST["website"]);
if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&@#\/%?=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]/i",$website)){
$websiteErr = "不合法的 URL";
}
PHP - Verify Name, E-mail, and URL
The code looks like this:
/ / Define variables and set to null values
$nameErr = $emailErr = $genderErr = $websiteErr = "";
$name = $email = $gender = $comment = $website = "";
if ($_SERVER["REQUEST_METHOD"] == "POST")
{
if (empty($_POST["name"]))
{$nameErr = "Name is required";}
else
{
$name = test_input($_POST["name"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$name))
{
$nameErr = "Only letters and white space allowed";
}
}
if (empty($_POST["email"]))
{$emailErr = "Email is required";}
else
{
$email = test_input($_POST["email"]);
// check if e-mail address syntax is valid
if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/",$email))
{
$emailErr = "Invalid email format";
}
}
if (empty($_POST["website"]))
{$website = "";}
else
{
$website = test_input($_POST["website"]);
// check if URL address syntax is valid (this regular expression also allows dashes in the URL)
if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&@#\/%?=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]/i",$website))
{
$websiteErr = "Invalid URL";
}
}
if (empty($_POST["comment"]))
{$comment = "";}
else
{$comment = test_input($_POST["comment"]);}
if (empty($_POST["gender"]))
{$genderErr = "Gender is required";}
else
{$gender = test_input($_POST["gender"]);}
}
?>
Run an instance . . .