Search the Community
Showing results for tags 'form validation'.
-
Hello! Please explain to me how gender validations from scripts 2.3 differ from the nested one in script 2.4. I have this in 2.3 (updated with NULL coalescing operator while practicing Pursue section): $gender = $_REQUEST['gender'] ?? NULL; if ($gender == 'M') { $greeting = '<p><strong>Good day, Sir!</strong></p>'; } elseif ($gender == 'F') { $greeting == '<p><strong>Good day, Madam!</strong></p>'; } else { $gender = NULL; echo '<p class="error">Gender must be either "M" or "F"!</p>'; /* You may wonder how this last case may be possible, considering the values are set in the HTML form. If a malicious user creates their own form that gets submitted to your handle_form.php script (which is very easy to do), they could give $_REQUEST[‘gender’] any value they want. */ } and this in 2.4: if (isset($_REQUEST['gender'])) { $gender = $_REQUEST['gender']; if ($gender = 'M') { $greeting = '<p><strong>Good day, Sir!</strong></p>'; } elseif ($gender = 'F') { $greeting = '<p><strong>Good day, Madam!</strong></p>'; } else { $gender = NULL; echo '<p class="error">Gender must be either "M" or "F"!</p>'; /* You may wonder how this last case may be possible, considering the values are set in the HTML form. If a malicious user creates their own form that gets submitted to your handle_form.php script (which is very easy to do), they could give $_REQUEST[‘gender’] any value they want. */ } } else { // $_REQUEST['gender'] is not set. $gender = NULL; echo '<p class="error">You forgot to select your gender!</p>'; } It seems that these scripts do the same job, or I just can't figure out the difference, please help me to understand it. And also I want to if we could use NULL coalescing operator in script 2.4 some way. Thank you!
- 1 reply
-
- nested
- null coalescing operator
- (and 6 more)
-
Hello there! Please kindly note that I've been staring down this code for days now, and I can't seem to get why the regular expression test method doesn't work (and why Firebug says "it is not a function" when my code skips over everything that deals with the results of the test method). I am trying to create a utility function for form validation that passes in an id and a regular expression. Here is my calling code: regularExpressionMatchFunction("firstName", "/^[A-Za-z'\.]+\s*[A-Za-z'\.\s]*$/"); Here is the code with the erroneous component in bold: function regularExpressionMatchFunction(id, regularExpressionMatch) { //declare variables used in field check. alert("At beginning of function, the regular expression is " + regularExpressionMatch); var fieldName; var fieldNameValue var regExFieldName var finalRegExpressBooleanFieldName var fieldNameValueTrimmed // Get field name and field value fieldName = document.getElementById(id); fieldNameValue = fieldName.value; // TRIM WHITE SPACE Function Called here-- prepare code for trimming off white space on fieldName value fieldNameValueTrimmed = trimWhiteSpace(fieldNameValue); alert("My fieldNameValueTrimmed is" + fieldNameValueTrimmed); // Now for the regular expression, which looks for letters, apostrophes, and periods, although I don't need to escape the period (plus white space // Have to change the fieldNameValue to trimmed version above // HERE IS ERROR HERE IS ERROR HERE IS ERROR // NOT RECOGNIZED AS A FUNCTION finalRegExpressBooleanFieldName = regularExpressionMatch.test(fieldNameValueTrimmed); // EVERYTHING AFTER THE ABOVE CODE JUST GETS SKIPPED OVER, INCLUDING THE FOLLOWING ALERT MESSAGE alert("After doing regular expression MATCH, the value of finalRegExpressBooleanFieldName (the boolean) is " + finalRegExpressBooleanFieldName); // These alerts need to be replaced with calls to addErrorMessage and removeErrorMessage if (finalRegExpressBooleanFieldName == true) { //removeErrorMessage inserted here will take the element by id field but not an error message as arguments removeErrorMessage(id); alert("You are an awesome coder!"); } else { // addErrorMessage will take the getElementById field "firstName" and also the error message as arguments addErrorMessage(id, "The name value must include alphabetical letters (and can include apostrophes, periods, and spaces)"); alert("You code like toodles"); // The return false code didn't work in the addErrorMessage function itself, so I'll try it here return false; } } If anyone can help me figure out why the code breaks at the test method in bold above, I would be most appreciative! Thank you so very much!
- 3 replies
-
- regular expression
- test method
-
(and 1 more)
Tagged with:
-
In the following code I am validating a url in a practice page I am using from the stuff I learned in the book. When I enter an invalid url in my form, I get an $url undefined error when running the code below. I am guessing the error is pretty easy to spot, but I am new at this. if (filter_var($scrubbed['url'], FILTER_VALIDATE_URL)){ $url = mysqli_real_escape_string($dbc, $scrubbed['url']); } else { echo '<p class="error">Please enter a valid url</p>'; }