PHP Form Validation
Last Updated :
01 Apr, 2024
Form validation is a crucial step that needs to be completed before submitting data to the database. This process is performed to prevent any errors or faulty data from being inserted into the database. The HTML form includes various input fields such as email, text, checkbox, radio button, etc. These input fields must be validated to ensure that the user enters only the intended values and not incorrect ones.
Empty Field Validation
This is used to check if user has added any data in the required input field. Here, empty() is used to check if a variable is empty or not.
// Validating that the user name is added or not
if (empty($_POST["UserName"])) {
$errorMsg = "User Name is required";
} else {
// If username is added, we can use it for further use
$userName = input_data($_POST["UserName"]);
}
String Validation
This is used to check if user has added valid string in the required input field. Here, preg_match() is used for pattern matching.
$userName = $_POST["userName"];
// To check that User Name only contains alphabets, numbers, and underscores
if (!preg_match("/^[a-zA-Z0-9_]*$/", $userName)) {
$errorMsg = "Only alphabets, numbers, and underscores are allowed for User Name";
}else{
echo $userName;
}
Number Validation
This is used to check if user has added only numbers in the required input field.
$age = $_POST["age"];
// To check that Phone No is well-formed
if (!preg_match("/^[0-9]*$/", $age)) {
$errorMsg = "Only numeric values are allowed!!";
}else{
echo $age;
}
Email Validation
This is used to check if user has added a valid email in the required input field.
$emailID = $_POST["emailID"];
// This pattern is standard for email validation
$pattern = "^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$^";
// To check that the e-mail address is well-formed
if (!preg_match($pattern, $emailID) ){
$errorMsg = "Invalid Email ID format";
}else{
echo $emailID;
}
String Length Validation
This is used to check if the length of the string is in valid range. Here, strlen() is used to find the length of the string.
$phoneNo = $_POST["phoneNo"];
// To check that length of Phone Number length should not be less and greator than 10
if (strlen($phoneNo) != 10) {
$errorMsg = "Please provide a phone number of 10 digits!!";
}else{
echo $phoneNo;
}
URL Validation
This is used to check if user has added a valid URL in the required input field.
$url = $_POST["url"];
// This pattern is standard for URL validation
$pattern = "/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&@#\/%?=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]/i"
// To check that URL address syntax is valid
if (!preg_match($pattern, $url)) {
$errorMsg = "You entered an INVALID URL";
}else{
echo $url;
}
This is used to check if user has pressed the required button. Here, isset() is used to check if a variable is declared and is not NULL.
if (isset($_POST['login']) {
echo "LogIn button is clicked.";
} else {
echo "LogIn button is not clicked.";
} Example: Implementation to show all type validation in one form.
CSS
/* Filename - style.css */
body {
display: flex;
align-items: center;
flex-direction: column;
font-family: "Gill Sans", "Gill Sans MT", Calibri, "Trebuchet MS", sans-serif;
}
.container {
border: 1px solid black;
padding: 30px;
border-radius: 10px;
box-shadow: 5px 5px #77777788;
}
.error {
color: red;
margin-bottom: 30px;
}
.msg {
color: brown;
margin: 20px 0px 10px 0px;
font-size: 25px;
font-weight: bold;
}
.tags {
margin: 0px 0px 20px 0px;
}
input {
border-radius: 10px;
}
.details {
width: 200px;
height: 20px;
}
.info {
margin: 2px 0;
}
.btn {
margin-top: 20px;
width: 120px;
height: 30px;
background-color: black;
color: white;
}
/* ================================ */
#countdown-container {
display: flex;
justify-content: center;
align-items: center;
}
.countdown-section {
text-align: center;
margin: 0 10px;
}
.countdown-section span {
font-size: 26px;
font-weight: bold;
color: #000;
}
.countdown-label {
font-size: 14px;
color: #777;
}
<!-- file - index.php -->
<!DOCTYPE html>
<html>
<head>
<title>PHP Form Validation</title>
<link rel="stylesheet" href="style.css">
</head>
<body>
<?php require "validation.php" ?>
<p class="msg">A Simple Registration Form 📃</p>
<span class="error">(*) indicates required field</span>
<!-- Using 'post' method for secure data sharing -->
<form method="post" class="container" role="form"
action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>">
<table>
<tr class="tag">
<td><label for="userName">Enter your Username</label>
<span class="error">*</span>
</td>
<td><input type="text" name="userName" class="details"></td>
</tr>
<tr>
<td></td>
<td><span class="error">
<?php echo $userNameErr; ?>
</span></td>
</tr>
<tr class="tag">
<td><label for="emailID">Enter your Email Id</label>
<span class="error">*</span>
</td>
<td><input type="text" name="emailID" class="details"></td>
</tr>
<tr>
<td></td>
<td><span class="error">
<?php echo $emailIDErr; ?>
</span></td>
</tr>
<tr class="tag">
<td><label for="phoneNo">Enter your Phone Number</label>
<span class="error">*</span>
</td>
<td><input type="text" name="phoneNo" class="details"></td>
</tr>
<tr>
<td></td>
<td><span class="error">
<?php echo $phoneNoErr; ?>
</span></td>
</tr>
<tr class="tag">
<td><label for="website">Enter your Your Website</label>
</td>
<td><input type="text" name="website" class="details"></td>
</tr>
<tr>
<td></td>
<td><span class="error">
<?php echo $websiteErr; ?>
</span></td>
</tr>
<tr class="tag">
<td><label for="gender">Enter your Gender</label>
<span class="error">*</span>
</td>
<td>
<input type="radio" name="gender" value="male"> Male
<input type="radio" name="gender" value="female"> Female
<input type="radio" name="gender" value="other"> Other
</td>
</tr>
<tr>
<td></td>
<td><span class="error">
<?php echo $genderErr; ?>
</span></td>
</tr>
<tr class="tag">
<td><label for="tc">Agree to our Terms & Conditions</label>
<span class="error">*</span>
</td>
<td><input type="checkbox" name="tc"></td>
</tr>
<tr>
<td></td>
<td><span class="error">
<?php echo $tcErr; ?>
</span></td>
</tr>
<tr class="tag">
<td><input type="submit" name="submit" value="Submit" class="btn"></td>
<td></td>
</tr>
</table>
</form>
<?php
// Checking if submit button is pressed or not
if (isset ($_POST['submit'])) {
// Checking if there is any error or not
if ($userNameErr == "" && $emailIDErr == "" &&
$phoneNoErr == "" && $genderErr == "" &&
$websiteErr == "" && $tcErr == "") {
echo "<p class='msg'>You have been sucessfully registered👍</p>";
echo "<h3>Your Details are :</h3>";
echo "<p class='info'>User Name : " . $userName . "</p>";
echo "<p class='info'>EmailID ID : " . $emailID . "</p>";
echo "<p class='info'>Phone Number : " . $phoneNo . "</p>";
echo "<p class='info'>Website : " . $website . "</p>";
echo "<p class='info'>Gender : " . $gender . "</p>";
} else {
echo "<p class='msg'>You shared Invalid details❌
<br/>Please provide correct data!</p>";
}
}
?>
</body>
</html>
<!-- Filename - validation.php -->
<?php
// For defining variables to empty values
// For Showing Errors
$userNameErr = "";
$emailIDErr = "";
$phoneNoErr = "";
$genderErr = "";
$websiteErr = "";
$tcErr = "";
// For holding user data
$userName = "";
$emailID = "";
$phoneNo = "";
$gender = "";
$website = "";
$tc = "";
// Input fields validation
if ($_SERVER["REQUEST_METHOD"] == "POST") {
// Validating the User Name
if (empty($_POST["userName"])) {
$userNameErr = "User Name is required";
} else {
$userName = input_data($_POST["userName"]);
// To check that User Name only contains alphabets, numbers, and underscores
if (!preg_match("/^[a-zA-Z0-9_]*$/", $userName)) {
$userNameErr =
"Only alphabets, numbers, and underscores are allowed for User Name";
}
}
// Validating the User EmailID ID
if (empty($_POST["emailID"])) {
$emailIDErr = "Email ID is required";
} else {
$emailID = input_data($_POST["emailID"]);
// To check that the e-mail address is well-formed
if (!filter_var($emailID, FILTER_VALIDATE_EMAIL)) {
$emailIDErr = "Invalid Email ID format";
}
}
// Validating the User Phone Number
if (empty($_POST["phoneNo"])) {
$phoneNoErr = "Phone Number is required";
} else {
$phoneNo = input_data($_POST["phoneNo"]);
// To check that Phone No is well-formed
if (!preg_match("/^[0-9]*$/", $phoneNo)) {
$phoneNoErr = "Only numeric values are allowed!!";
}
// To check that Phone No length should not be less and greator than 10
if (strlen($phoneNo) != 10) {
$phoneNoErr = "Please provide a phone number of 10 digits!!";
}
}
// Validating the User Website URL
if (empty($_POST["website"])) {
$website = "";
} else {
$website = input_data($_POST["website"]);
// To check that URL address syntax is valid
if (!preg_match(
"/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&@#\/%?=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]/i",
$website
)) {
$websiteErr = "You entered an INVALID URL";
}
}
// Checking if user has shared his gender
if (empty($_POST["gender"])) {
$genderErr = "Please provide your Gender";
} else {
$gender = input_data($_POST["gender"]);
}
// Checking if user has agreed to the terms and conditions
if (!isset($_POST['tc'])) {
$tcErr = "Please accept our terms & conditions.";
} else {
$tc = input_data($_POST["tc"]);
}
}
// For handling whitespaces and special characters in the data
function input_data($data)
{
// trim() is used to remove any trailing whitespace
$data = trim($data);
// htmlspecialchars() is used to convert
// special characters into their HTML entities
// Example - "&" -> "&"
$data = htmlspecialchars($data);
return $data;
}
?>
Output:
Share your thoughts in the comments
Please Login to comment...