Best Way To Do Extra Validation
Moderator: General Moderators
Best Way To Do Extra Validation
I'm using a validation class that works great for sanity checking my input fields but I need a little bit of extra checking done that this class just isn't capable of and I'm trying to decide the best way and thought I'd ask for input from you guys.
Mostly these extra checks are related to whether or not some numbers entered make sense.
The way I was considering doing this is having a some php code in the form that is only activated if a session variable is returned to it when redirected back to the form.
Is there a better way?
I'm interested in Feedback.
Mostly these extra checks are related to whether or not some numbers entered make sense.
The way I was considering doing this is having a some php code in the form that is only activated if a session variable is returned to it when redirected back to the form.
Is there a better way?
I'm interested in Feedback.
- mecha_godzilla
- Forum Contributor
- Posts: 375
- Joined: Wed Apr 14, 2010 4:45 pm
- Location: UK
Re: Best Way To Do Extra Validation
I would think that you'd want to do your extra validation after the values had been sanitised, otherwise you're trying to validate data that is "doubly" wrong (IE it doesn't pass the first set of validation rules, so it certainly won't pass the second set.) By extra validation, I'm assuming you mean things like checking phone numbers for correct format - is this right?
Where you put this validation depends on how often its going to be called and what it needs to do. Does your class trap all the $_POST values received from the form or do you 'send it' the values you want validated? If it traps all your $_POST values automatically then you probably do need to think about using session variables to tell the script to "run the phone number check" or whatever else is required.
If possible, can you post up some code that shows what the validation class does, or how you call it, or what sort of extra validation you need to do?
HTH,
Mecha Godzilla
Where you put this validation depends on how often its going to be called and what it needs to do. Does your class trap all the $_POST values received from the form or do you 'send it' the values you want validated? If it traps all your $_POST values automatically then you probably do need to think about using session variables to tell the script to "run the phone number check" or whatever else is required.
If possible, can you post up some code that shows what the validation class does, or how you call it, or what sort of extra validation you need to do?
HTH,
Mecha Godzilla
Re: Best Way To Do Extra Validation
The first set of validation is checking phone numbers, etc. The second set of validation does stuff like check to see if a loan payment is at least enough to cover the interest due on the loan and other such calculations.
I'm using vdaemon for my initial validation class.
The other validation is not class based.
I am doing all of this in sessions. I turn the $_POST data in to $_SESSION data and read it back in to the form when there is an error and it's resubmitted for validation all over again.
What I'm thinking about is submitting all of the session errors to another session variable that is an array and then looping through them on the form page.
I'm using vdaemon for my initial validation class.
The other validation is not class based.
I am doing all of this in sessions. I turn the $_POST data in to $_SESSION data and read it back in to the form when there is an error and it's resubmitted for validation all over again.
Code: Select all
$errors = 0;
foreach($_POST as $k=>$v) {
$_SESSION[$k]=$v;
}
If ($min_pay < $balance * divcheck($apr,12)) {
$_SESSION['mortgage_payment_error'] = '***The payment you have entered is less than
minimum amount required to at least pay the interest. In the event that you are
currently paying less than the minimum required, we realize this is a temporary
situation and request that you enter the minimum payment required. This will
assist us in making the best long range forecast for your Equity Creator Blueprint.';
$errors ++;
}
If ($current_pay < $min_pay) {
$_SESSION['mortgage_current_payment_error'] = '***Your Current Payment Should be equal to or higher
than your Minimum Payment.'
$errors ++;
}
If ($balance OR $originalbalance OR $originalterm OR $min_pay OR $current_pay or $apr or $escrow <0) {
$_SESSION['negative_number'] = '***You have entered a negative number in one of your fields, please correct it and resubmit.;
$errors ++;
}
If ($original_term > 50 or < 5) {
$_SESSION['mortgage_term_error'] = '***Your Original Mortgage term must be a number between 5 and 50. Please correct and resubmit.';
$errors ++:
}- Christopher
- Site Administrator
- Posts: 13596
- Joined: Wed Aug 25, 2004 7:54 pm
- Location: New York, NY, US
Re: Best Way To Do Extra Validation
It seems strange to assign post data into the session and then read it back again. It seems like you could just keep passing it in the form. And if one of your basic checks fails and then one of your custom checks fails you can just gather up the error messages and display them as necessary.JakeJ wrote:I am doing all of this in sessions. I turn the $_POST data in to $_SESSION data and read it back in to the form when there is an error and it's resubmitted for validation all over again.
(#10850)
Re: Best Way To Do Extra Validation
The reason I'm assigning $_POST data back in to the session is so that it will be there for the user to correct the mistakes. Otherwise, the form would be blank again.
I'm using vdaemon as my initial validator but it doesn't do some things I want it to so I go through a second round, that's my custom validator.
I had never written my own validator before and maybe after I'm done with this project, I'll turn it in to a class and extend it out to some more functionality.
When the user is returned to the form after validation and submits again, I completely unset the array I've created to hold all the validation messages as well as the error messages themselves. It frees up memory and starts the process over fresh again.
When the post data goes back to the action page, it's read in yet again and goes through the checks. It seems like a clean system to me and I couldn't think of a better way to do it on short notice. If you have a better way though I'm all ears.
I'm using vdaemon as my initial validator but it doesn't do some things I want it to so I go through a second round, that's my custom validator.
I had never written my own validator before and maybe after I'm done with this project, I'll turn it in to a class and extend it out to some more functionality.
When the user is returned to the form after validation and submits again, I completely unset the array I've created to hold all the validation messages as well as the error messages themselves. It frees up memory and starts the process over fresh again.
When the post data goes back to the action page, it's read in yet again and goes through the checks. It seems like a clean system to me and I couldn't think of a better way to do it on short notice. If you have a better way though I'm all ears.
- Christopher
- Site Administrator
- Posts: 13596
- Joined: Wed Aug 25, 2004 7:54 pm
- Location: New York, NY, US
Re: Best Way To Do Extra Validation
I guess I am confused. Is the form posted to a second page and then the user is sent back to the form? The usual practice is for the form to post to itself until validated, and then redirect to a success page. And since the form posts to itself, you can just repopulate the form with the filtered/escaped values from the previous submission.
(#10850)
Re: Best Way To Do Extra Validation
Yes, the form is posted to a second page and then back to itself if there is an error or continues on to another page after some database inserts, etc. if there are no errors. Don't ask me why I did it that way to start with, it seemed to make sense to me at the time. I haven't done much with forms and I think I didn't realize that a form could post to itself or that it would even make sense.
Even so, I need the $_POST data as $_SESSION data because users might have to step back through several forms to do it.
Even so, I need the $_POST data as $_SESSION data because users might have to step back through several forms to do it.
- Christopher
- Site Administrator
- Posts: 13596
- Joined: Wed Aug 25, 2004 7:54 pm
- Location: New York, NY, US
Re: Best Way To Do Extra Validation
Even with multiple steps you can post to yourself. You just need to wrap the forms in some control code to deal with tracking the step you are on (what can be saved in the session). Technically it is called an Application Controller.JakeJ wrote:Even so, I need the $_POST data as $_SESSION data because users might have to step back through several forms to do it.
(#10850)
Re: Best Way To Do Extra Validation
Is there any disadvantage to using $_SESSION data instead of $_POST?. In come cases I might need $_SESSION data on a later page and I don't want to keep posting it all through just to maintain it from once include file to another. That seems a bit unwieldy.
What I am doing though is destroying all of the Session error variables upon submit.
What I am doing though is destroying all of the Session error variables upon submit.
- Christopher
- Site Administrator
- Posts: 13596
- Joined: Wed Aug 25, 2004 7:54 pm
- Location: New York, NY, US
Re: Best Way To Do Extra Validation
No, nothing wrong with using the session for holding data that is needed on more than one page. That is what it is for.
(#10850)