Skip to content

validating user input with php: signin_check_inputs.php (part 5)

September 25, 2013

an event listener, onchange was set up to every part in the form in the sign up page. so when the value is changed in the input field, a javascript code will fire off. through AJAX with POST that carries the value of the input, the signin_check_inputs.php will then run and will identify which field has a value through if else condition.

the php file will contain codes to evaluate the length, valid characters, duplicates in the mySQL database.

  1. /*
  2. * Check the length of the string
  3. */
  4. function checkLengthName($str) {
  5. if (strlen($str) < 2 || strlen($str) > 30) {
  6. echo ‘2 – 30 characters please’;
  7. exit();
  8. }
  9. }

###################################################################

  1. /*
  2. * Check the length of the string in password
  3. */
  4. function checkLengthPass($str) {
  5. if (strlen($str) < 6 || strlen($str) > 30) {
  6. echo ‘6 – 30 characters please’;
  7. exit();
  8. } else {
  9. echo ‘OK’;
  10. exit();
  11. }
  12. }

####################################################################

  1. /*
  2. * Check if only letters are in the string
  3. */
  4. function checkCharsLetters($str) {
  5. if (preg_match(“/^[a-zA-Z -]+$/”, $str) === 0) {
  6. echo ‘only letters and space’;
  7. exit();
  8. } else {
  9. echo ‘OK’;
  10. exit();
  11. }
  12. }

### if ($uname_check < 1) :: if there are anything that is retrieved from the database. $str :: is the email input

  1. /*
  2. * Check if there are strings same in the DB
  3. */
  4. function checkEmailDuplicatesDB($str, $whatPartOfTheTable) {
  5. $sql_uname_check = mysql_query(“SELECT id FROM users WHERE {$whatPartOfTheTable}='{$str}’ LIMIT 1”);
  6. $uname_check = mysql_num_rows($sql_uname_check);
  7. if ($uname_check < 1) {
  8. echo ‘OK’;
  9. exit();
  10. } else {
  11. echo $str . ” is TAKEN”;
  12. exit();
  13. }
  14. }

### if (!strpos($email, “@”)) :: if there are no @ symbol in the email, the code will terminate

### if (!strpos(strstr($email, “@”), “.”)) :: check if there are any dot after the @ symbol

### if (is_numeric($email[0])) :: if the first character is a number

### preg_match(“/^[a-zA-Z0-9_]+$/”, strstr($email, ‘@’, TRUE)) === 0 :: if the characters after the @ symbol has any invalid characters, only letters and numbers are allowed

### substr_count($email, “@”) == 2 :: check if there are any other @ symbol after the @ symbol, the pregmatch seem to not detect the @ and consider it to be valid, MAYBE  a bug, i dont know.

  1. /*
  2. * Check if email is valid
  3. *
  4. */
  5. function checkValidEmail($email) {
  6. if (!strpos($email, “@”)) {
  7. echo “invalid email format”;
  8. exit();
  9. }
  10. if (!strpos(strstr($email, “@”), “.”)) {
  11. echo “invalid email format”;
  12. exit();
  13. }
  14. if (is_numeric($email[0])) {
  15. echo “first character must be a letter”;
  16. exit();
  17. }
  18. if (preg_match(“/^[a-zA-Z0-9_]+$/”, strstr($email, ‘@’, TRUE)) === 0 ||
  19. substr_count($email, “@”) == 2) {
  20. echo ‘letters and numbers only’;
  21. exit();
  22. }
  23. }

 ### if ($domain == $vDomain) :: checks the accepted domain in the $validDomain array variable.

### if (!$checkDomain) :: is true if there are domains that are equal to the valid domains

### same algorithm in checking the host

  1. /*
  2. * Check if email host and domain is approved
  3. * of the site
  4. *
  5. */
  6. function checkApprovedEmail($email) {
  7. // List of acceptable Domain and Host name.
  8. $validDomain = array(“com”, “us”, “ph”);
  9. $validHost = array(“yahoo”, “gmail”, “facebook”);
  10. $HostAndDomain = strstr($email, “@”);
  11. //check the domain
  12. $domain = substr(strstr($HostAndDomain, “.”), 1);
  13. $checkDomain = FALSE;
  14. foreach ($validDomain as $vDomain) {
  15. if ($domain == $vDomain) {
  16. $checkDomain = TRUE;
  17. break;
  18. }
  19. }
  20. if (!$checkDomain) {
  21. echo “invalid domain name”;
  22. exit();
  23. }
  24. //check the host
  25. $host = substr(strstr($HostAndDomain, “.”, TRUE), 1);
  26. $checkHost = FALSE;
  27. foreach ($validHost as $vHost) {
  28. if ($host == $vHost) {
  29. $checkHost = TRUE;
  30. break;
  31. }
  32. }
  33. if (!$checkHost) {
  34. echo “invalid host name”;
  35. exit();
  36. }
  37. }

everytime php code is run, it must connect to the database. main_functions.php contains php functions.

  1. require_once(“../../connect_db/connections.php”);
  2. require ‘../main_functions.php’;

### if (isset($_POST[‘first_name’]) && $_POST[‘first_name’] != “”) :: if the POST set from AJAX has a value designated to the first name field in the sign up form. similar algorithm is applied to most fields. the mysql_prep is a function in main_function.php

  1. /////////////////FIRST NAME/////////////////////////
  2. if (isset($_POST[‘first_name’]) && $_POST[‘first_name’] != “”) {
  3. $first_name = trim(mysql_prep($_POST[‘first_name’]));
  4. checkLengthName($first_name);
  5. checkCharsLetters($first_name);

mysql_prep function :: disable the get_magic_quotes_gpc() and run the mysql_real_escape_string() if its available to the php version you are using, else live get_magic_quotes_gpc alone or set addslashes if get_magic_quotes_gpc  is not active.

  1. function mysql_prep($value) {
  2. $magic_quotes_active= get_magic_quotes_gpc();
  3. $new_enough_php= function_exists(“mysql_real_escape_string”);
  4. if ($new_enough_php) {
  5. if ($magic_quotes_active) {
  6. $value= stripslashes($value);
  7. }
  8. $value = mysql_real_escape_string($value);
  9. } else {
  10. if (!$magic_quotes_active) {
  11. $value= addslashes($value);
  12. }
  13. }
  14. return $value;
  15. }

DOWNLOAD COMPLETE CODES HERE

Advertisements
Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

TurtleAndRobot.com

Children's Book Reviews

Malav Shah

official Web Site

My Road to Programming

The journey of how I taught myself to program.

paritoshmishra

Look at what's brewing up guys! we all are work in progress. So don't meander, lets micromesh everything and have candid conversation about every problem related to C, C++ and JAVA. We can rejuvenate the crinkled faces.

ProgramThat;

A simple guide to programming...

ITechonology

Information Techonology

Rahul's Work

My Work Tips and Tutorial on Various Tech.

Turnip Farmers

Kingdom Scans

Gigaom

Technology news, trends and analysis covering mobile, big data, cloud, science, energy and media

The Neighborhood

society online's social conscious

HarsH ReaLiTy

A Good Blog is Hard to Find

VentureBeat

News About Tech, Money and Innovation

retireediary

The Diary of a Retiree

50 Year Project

My challenge to visit 192 countries, read 1,001 books, and watch the top 100 movies

[BTW] : Ben Trube, Writer

Writer, Programmer, Singer

My Arch Walkthrough

Arch linux made easy

Don Charisma

because anything is possible with Charisma

SutoCom Solutions

Success & Satisfaction with the Cloud

%d bloggers like this: