HTML.form.guide

PHP Form Validation Script

downloads form validation PHP php form validation

It is very essential to have the input to your form validated before taking the form submission data for further processing. When there are many fields in the form, the PHP validation script becomes too complex. Moreover, since you are doing the same or similar validation for most of the forms that you make, just too much of duplicate effort is spent on form validations.

About this generic PHP form validation script

This generic PHP form validator script makes it very easy to add validations to your form.

We create and associate a set of “validation descriptors” with each element in the form. The “validation descriptor” is a string specifying the type of validation to be performed. For example, “req” means required, “alpha” means allow only alphabetic characters and so on.

Each field in the form can have zero, one or more validations. For example, the input should not be empty, should be less than 25 chars, should be alpha-numeric, etc

You can associate a set of validation descriptors for each input field in the form.

Download the PHP form validation script

You can download the PHP form validation script below: php-form-validator.zip The zip file contains the form validation script formvalidator.php, documentation and usage samples.

Using the PHP form validation script

  1. Include formvalidator.php in your form processing script
require_once "formvalidator.php"
  1. Create a FormValidator object and add the form validation descriptors.

$validator = new FormValidator();
$validator->addValidation("Name","req","Please fill in Name");
$validator->addValidation("Email","email",
"The input for Email should be a valid email value");
$validator->addValidation("Email","req","Please fill in Email"); 

The first argument is the name of the input field in the form. The second argument is the validation descriptor that tells the type of the validation required. The third argument is the error message to be displayed if the validation fails.6. Validate the form by calling ValidateForm() function


if(!$validator->ValidateForm())
{
    echo "<B>Validation Errors:</B>";
    $error_hash = $validator->GetErrors();
    foreach($error_hash as $inpname => $inp_err)
    {
        echo "<p>$inpname : $inp_err</p>\n";
    }
}

Example

The example below will make the idea clearer


<?PHP
require_once "formvalidator.php";
$show_form=true;
if(isset($_POST['Submit']))
{
    $validator = new FormValidator();
    $validator->addValidation("Name","req","Please fill in Name");
    $validator->addValidation("Email","email",
"The input for Email should be a valid email value");
    $validator->addValidation("Email","req","Please fill in Email");
    if($validator->ValidateForm())
    {
        echo "<h2>Validation Success!</h2>";
        $show_form=false;
    }
    else
    {
        echo "<B>Validation Errors:</B>";

        $error_hash = $validator->GetErrors();
        foreach($error_hash as $inpname => $inp_err)
        {
          echo "<p>$inpname : $inp_err</p>\n";
        }
    }
}

if(true == $show_form)
{
?>

<form name='test' method='POST' action='' accept-charset='UTF-8'>
Name: <input type='text' name='Name' size='20'>
Email: <input type='text' name='Email' size='20'>
<input type='submit' name='Submit' value='Submit'>
</form>

<?PHP
}//true == $show_form
?>

Adding Custom Validation

If you want to add a custom validation, which is not provided by the validation descriptors, you can do so. Here are the steps:

  1. Create a class for the custom validation and override the DoValidate() function

class MyValidator extends CustomValidator
{
    function DoValidate(&$formars,&$error_hash)
    {
        if(stristr($formars['Comments'],'http://'))
        {
            $error_hash['Comments']="No URLs allowed in comments";
            return false;
        }
    return true;
    }
}
  1. Add the custom validation object

$validator = new FormValidator();
$validator->addValidation("Name","req","Please fill in Name");
$validator->addValidation("Email","email",
 "The input for Email should be a valid email value");
$validator->addValidation("Email","req","Please fill in Email");
$custom_validator = new MyValidator();
$validator->AddCustomValidator($custom_validator);

The custom validation function will be called automatically after other validations.

Table of Validation Descriptors

Here is the list of all validation descriptors:

Validation Descriptor Usage
req The field should not be empty
maxlen=??? checks the length entered data to the maximum. For example, if the maximum size permitted is 25, give the validation descriptor as “maxlen=25”
minlen=??? checks the length of the entered string to the required minimum. example “minlen=5”
alnum Check the data if it contains any other characters other than alphabetic or numeric characters
alnum_s Allows only alphabetic, numeric and space characters
num Check numeric data
alpha Check alphabetic data.
alpha_s Check alphabetic data and allow spaces.
email The field is an email field and verify the validity of the data.
lt=??? lessthan=??? Verify the data to be less than the value passed. Valid only for numeric fields. example: if the value should be less than 1000 give validation description as “lt=1000”
gt=??? greaterthan=??? Verify the data to be greater than the value passed. Valid only for numeric fields. example: if the value should be greater than 10 give validation description as “gt=10”
regexp=??? Check with a regular expression the value should match the regular expression. example: “regexp=^[A-Za-z]{1,20}$” allow up to 20 alphabetic characters.
dontselect=?? This validation descriptor is for select input items (lists) Normally, the select list boxes will have one item saying ‘Select One’. The user should select an option other than this option. If the value of this option is ‘Select One’, the validation description should be “dontselect=Select One”
dontselectchk This validation descriptor is for check boxes. The user should not select the given check box. Provide the value of the check box instead of ?? For example, dontselectchk=on
shouldselchk This validation descriptor is for check boxes. The user should select the given check box. Provide the value of the check box instead of ?? For example, shouldselchk=on
dontselectradio This validation descriptor is for radio buttons. The user should not select the given radio button. Provide the value of the radio button instead of ?? For example, dontselectradio=NO
selectradio This validation descriptor is for radio buttons. The user should select the given radio button. Provide the value of the radio button instead of ?? For example, selectradio=yes
selmin=?? Select at least n number of check boxes from a check box group. For example: selmin=3
selone Makes a radio group mandatory. The user should select at least one item from the radio group.
eqelmnt=??? compare two elements in the form and make sure the values are the same For example, ‘password’ and ‘confirm password’. Replace the ??? with the name of the other input element. For example: eqelmnt=confirm_pwd

Also See:

PHP Form Validation Tutorial

See Also