I wonder if anyone can point me to a good discussion about the practical application of regex in forms. Trying to validate every field in a form can be quite daunting and it seems necessary to make some choices about what is validated and to what degree. I'm interested in what experienced coders have to say about this, especially what solutions they have come to through experience.
Areas that are daunting to me are international formats like postal codes and phone numbers that vary hugely from country to country and ways to keep stuff out of forms that might break susequent code.
There are several issues of course, like trying to get good data by refusing obviously flawed imput (like a US phone number in the form xxx-xxx, while also accepting international numbers), text fields with numbers and extraneous characters (pretty straight forward), and security issues.
Any of these are easily handled if there are only one or two fields in the form, but when you have dozens of fields it seems impossible to check everything and decisions need to be made as to what is most important.
Thanks,
--Kenoli
Practical application of regex in forms
Moderator: General Moderators
I'm not sure what exactly it is that you're asking, but here's some comments, hoping they would be of help.
Validation != Regex. Validation >> Regex
That is to say, although regex are useful when validating, sometimes they may not be enough and sometimes they are overkill.
If your method of validation is cumbersome to use, I suggest you change it untill it is pleasant enough.
If you build a collection of validation functions like IsEmail(), IsUsPhone() etc., validation is reduced to a single expression:
Validation != Regex. Validation >> Regex
That is to say, although regex are useful when validating, sometimes they may not be enough and sometimes they are overkill.
Everything must be validated, to the fullest extent possible!Trying to validate every field in a form can be quite daunting and it seems necessary to make some choices about what is validated and to what degree.
...
but when you have dozens of fields it seems impossible to check everything and decisions need to be made as to what is most important.
If your method of validation is cumbersome to use, I suggest you change it untill it is pleasant enough.
If you build a collection of validation functions like IsEmail(), IsUsPhone() etc., validation is reduced to a single expression:
Code: Select all
if (!IsUsPhone($_GET['phone'])) ...Practical application of regex in forms
Guess I have to bite the bullet.
So, here's a specific question. What is a good way to validate phone numbers when they are coming from many different countries, since there are so many different formats and different habits, like some people include country codes and others do not (most people from the USA leave out their country code). I could say it can only include numbers "-" and "()". Is that adequate?
--Kenoli
So, here's a specific question. What is a good way to validate phone numbers when they are coming from many different countries, since there are so many different formats and different habits, like some people include country codes and others do not (most people from the USA leave out their country code). I could say it can only include numbers "-" and "()". Is that adequate?
--Kenoli
- feyd
- Neighborhood Spidermoddy
- Posts: 31559
- Joined: Mon Mar 29, 2004 3:24 pm
- Location: Bothell, Washington, USA
depending on how thorough you want to get
- Strip non-numeric characters.
- You can ask them if the number includes the country code (otherwise assume its the same as the country they list in their address) this way you can automatically add it into their submission data if they chose not to include it.
- Most, if not all, nations have a specific number of digits in their phone numbers and some have limitations in certain digit ranges. http://en.wikipedia.org/wiki/Category:T ... ring_plans may be of interest