Jump to content



Photo

Validate Textarea User Input

textarea validation

  • Please log in to reply
4 replies to this topic

#1 mmichals

mmichals

    Newbie

  • Members
  • Pip
  • 18 posts

Posted 28 July 2016 - 10:31 PM

I have a contact form on my site.  I'm using the book's methods to validate POST data from a textarea input field called "contact_info". 

 

if ($_SERVER['REQUEST_METHOD'] == 'POST') {

...

if (empty($_POST['contact_info'])) {

     $contact_errors['contact_info'] = 'Please enter a comment.';

} elseif (preg_match('/^[A-Za-z0-9.,-$?!]*$/', $_POST['contact_info'])) {

     $_POST['contact_info'] = str_replace(' ','',$_POST['contact_info']); //remove all spaces

     $_POST['contact_info'] = trim($_POST['contact_info']); //remove any space before or after any characters

     $_POST['contact_info'] = escape_data($_POST['contact_info'], $dbc);

     // add htmlspecialchars ???

     // anything else ???

} else {

     $contact_errors['contact_info'] = 'Your comment contains inappropriate characters.  Allowable characters include letters a to z, letters A to Z, numbers 0 to 9, as well as, period, comma, exclamation mark, question mark, dollar sign and hyphen.';

}

...

}

 

<form method="post" accept-charset="utf-8">

...

<?php create_contact_form_input('contact_info', 'textarea', $contact_errors); ?>

...

</form>

 

 

 

What is the most secure way to validate user input from a textarea field?

 


  • 0

#2 mmichals

mmichals

    Newbie

  • Members
  • Pip
  • 18 posts

Posted 28 July 2016 - 10:34 PM

Should preg_quote() be used?


  • 0

#3 Larry

Larry

    Administrator/Writer

  • Administrators
  • 4766 posts
  • LocationState College, PA (USA)

Posted 23 August 2016 - 7:10 PM

Sorry for the delayed reply; been traveling. Do you still need help with this?


  • 1

#4 mmichals

mmichals

    Newbie

  • Members
  • Pip
  • 18 posts

Posted 31 July 2017 - 11:11 PM

Yes, please.  I'd like to add Summernote to my textareas and I'm just trying to figure out the best way to protect against code injection, etc...


  • 0

#5 mmichals

mmichals

    Newbie

  • Members
  • Pip
  • 18 posts

Posted 20 August 2017 - 8:23 AM

Hi Larry, I'm still looking for your assistance please. Thanks!


  • 0