KodeInfo | Learning resources for web and mobile development

PHP Form Validation

September 12th, 2014 20:33:07 by Irfan Iqbal Comments(0) - Views(7150)

In this chapter let us study how to validate form data and what is the necessity of validating form data.

 Necessity of Form validation 

Form validation is a security machanism to protect confidential data from hackers .let us see an example of form validation you can understand how to validate a form .

Example

<html>
<head>
<title>
</title>
</head>
<body>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
Name: <input type="text" name="name">
E-mail: <input type="text" name="email">
Website: <input type="text" name="website">
Comment: <textarea name="comment" rows="5" cols="40"></textarea>
Gender:
<input type="radio" name="gender" value="female">Female
<input type="radio" name="gender" value="male">Male
</form>
</body>
</html>

In the above example 

method=post is used to collect form data 

htmlspecialchars converts special characters to html entities for example < and > can be converted as $lt; and $gt;

$_server["php_self"] is used to return a file name of the current executing script

Security issues 

If htmlspecialchars() is not used the probabilities of hacking increases for example 

php_self can be directly hacked by the hackers by entering / and some cross scripting commands

The address can be directly obtained by the hacker

To avoid this issues htmlspecialchars is used to validate form .

 

Author

  • Irfan Iqbal
    Irfan Iqbal

    Irfan is a web developer and consultant from India. He is the co-founder of KodeInfo, the PHP and Laravel Community . In the meantime he follows other projects, manages everything related to marketing and seo for kodeinfo , works as a freelance backend consultant for PHP applications and studies IT Engineering . He loves to learn new things, not only about PHP or development but everything.

Related

WHY USE A FRAMEWORK OVER PLAIN PHP

WHY USE A FRAMEWORK OVER PLAIN PHP
read more

GETTING STARTED WITH LARAVEL

GETTING STARTED WITH LARAVEL
read more

UNDERSTANDING LARAVEL STRUCTURE

UNDERSTANDING LARAVEL STRUCTURE
read more

UNDERSTANDING LARAVEL ROUTES

UNDERSTANDING LARAVEL ROUTES
read more

comments powered by Disqus