| Re: Simpler way to validate form fields? [message #179797 is a reply to message #179795] |
Wed, 05 December 2012 11:09   |
M. Strobel
Messages: 386
Registered: December 2011
Karma:
|
Senior Member |
|
|
Am 05.12.2012 11:36, schrieb Gilles:
> On Wed, 05 Dec 2012 10:56:24 +0100, "M. Strobel"
> <sorry_no_mail_here(at)nowhere(dot)dee> wrote:
>> Too basic. My user input reader is
>>
>> function getStringFromForm($key, $l=255, $val=null) {
>> return (isset($_REQUEST[$key])) ?
>> filter_var(substr($_REQUEST[$key],0,$l), FILTER_SANITIZE_STRING) :
>> $val;
>> }
>>
> [...]
>> I read $_REQUEST, because the first thing my dispatcher does is a check for GET/POST,
>> and POST form values can be as easily manipulated as get values. So EVERY string
>> input uses this function.
>
> Thanks much for the code. I'm not sure I understand what you mean
> about checking for GET/POST. Do you mean this?
>
> ============
> if ($_SERVER['REQUEST_METHOD'] === 'POST') {
> //Call getStringFromForm, getEmailFromForm, and getIntFromForm
> //for each form field
> }
> ============
One more observation to the default value val:
with getIntFromForm() the settable default is especially useful, because PHP likes to
return integer 0 for an empty input. Example:
php > echo 'simple conversion to integer: ', (int) '', PHP_EOL;
simple conversion to integer: 0
php >
With my function design you decide at call time which default value you want to have,
without cluttering your code with if branches.
/Str.
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]