You want to ensure data entered from a form passes certain criteria.

Create a function that takes a string to validate and returns true if the string passes a check and false if it doesn’t. Inside the function, use regular expressions and comparisons to check the data. For example, Example 9-1 shows the pc_validate_zipcode( ) function, which validates a U.S. Zip Code.

function pc_validate_zipcode($zipcode) {
    return preg_match('/^[0-9]{5}([- ]?[0-9]{4})?$/', $zipcode);
}

Here’s how to use it:

if (pc_validate_zipcode($_REQUEST['zipcode'])) {
    // U.S. Zip Code is okay, can proceed
    process_data();
} else {
    // this is not an okay Zip Code, print an error message
    print "Your ZIP Code is should be 5 digits (or 9 digits, if you're ";
    print "using ZIP+4).";
    print_form();
}

Deciding what constitutes valid and invalid data is almost more of a philosophical task than a straightforward matter of following a series of fixed steps. In many cases, what may be perfectly fine in one situation won’t be correct in another.

The easiest check is making sure the field isn’t blank. The empty( ) function best handles this problem.

Next come relatively easy checks, such as the case of a U.S. Zip Code. Usually, a regular expression or two can solve these problems. For example:

 /^[0-9]{5}([- ]?[0-9]{4})?$/

finds all valid U.S. Zip Codes.

Sometimes, however, coming up with the correct regular expression is difficult. If you ...