PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide

Validating Form Data

A critical concept related to handling HTML forms is that of validating form data. In terms of both error management and security, you should absolutely never trust the data being entered in an HTML form. Whether it’s purposefully malicious or just unintentionally inappropriate, it’s up to you—the Web architect—to test it against expectations.

Validating form data requires the use of conditionals and any number of functions, operators, and expressions. One common function to be used is isset(), which tests if a variable has a value (including 0, but not NULL or FALSE).

if (isset($var)) {
   // $var has a value.
} else {
   // $var does not have a value.
}

One problem with the isset() function is that an empty string tests as ...

Get PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide by Larry Ullman

Validating Form Data

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly