|
IMPORTANT: This tutorial (and other component parts) make use of the datLib library, which you can download here. The author has stopped working on this project, but you can check out their website for similar up-to-date libraries.
|
In this rather advanced and sequential tutorial, we will teach you how to create
an expandable Form Validation Class, that once complete, you will able to use in
any of your PHP scripts. The beauty of this Class is that it is expandable with
ease. This means that once the base code of the Class is complete, you can
easily configure it to validate different types of form data with virtually no
changes. The extra configurations will only be limited to your programming
knowledge.
This tutorial is rather long and thus will be divided into several Parts. In
Part 1 here, we will give an overview of the Class and how it will be used.
Please make sure you have an idea of how to program in PHP as well as an idea on
Object Oriented Programming. These concepts are not discussed here and even
though we will try to be as descriptive as possible, an idea will help you
understand what we are exactly talking about.
The ideas discussed in this tutorial are basically the same as the ones that our
script, datVForm, is based
on. So after you complete this tutorial, you might want to download
datVForm to give it a shot
and build upon it to test your know skills. Okay enough introductions, let's get
started...
The Idea Behind The Code
There are literally hundreds, if not thousands, of tutorials available that
teach you how to validate form data. This is important to ensure the security of
your script and also to ensure that any user received data is in the format you
want it to be in. As you develop different web sites, however, it becomes a big pain
to copy the same code over and over again, modifying it to fit the new web
site's needs.
Even if you wrap your form validation in functions, what happens when you want
to expand on them? You have to rewrite them. And what about the error messages
for each validation? These are all common features that with object oriented
programming can become easier.
The Keyword Concept
Our Class will operate on a keyword basis. This means that based on a specific
keyword we assign to each form field, the Class will know how to validate it.
This makes the validation process very fast because the Class only validates
fields with a keyword and nothing else. Secondly, it makes expanding the Class
quite easy. To create new validation Methods, all you have to do is add a new
keyword and tell the Class how to validate that keyword. Very simple.
A third concept is that because the validation always takes place on the server,
the form will always be validated no matter where it is sent, from your server,
or from a clients computer. In our script, we always instruct the Class to
expect specific form fields and keywords. If such fields are not present, then
it will assume the form has been tampered with and will always return an error.
If the form field exists, it will always be validated! Our Class will also
be able to validate form data received by either a _POST or _GET method, which
makes it much more portable.
Class Common Features
Our Class will have common features as well as several Methods. Let's first
discuss the common features. First, there are the Form Error Messages and the
System Error Messages.
The Form Error Messages are the error messages that are generated if a form
field does not pass validation. So for example, if a form field is suppose to be
an email and a user did not supply a valid email, this would generate a Form
Error Message.
The System Error Messages are those that are generated by the Class when it
encounters an internal error, such as a non existent keyword or non existent
form field. These messages are helpful in the development process but should not
be displayed when the Class is eventually used in a working environment.
The second set of common features are the Methods. Each Method in our Class will
correspond to a keyword. Like stated before, a keyword instructs our Class to
validate a form field in a specific way. This is done by calling the Method that
corresponds to each keyword. Adding a new validation method is as simple as
adding a new keyword and the Class Method that corresponds to it.
Creating The Class
Let's get started in creating our Class. The base code of our Class will contain
several Attributes, a Constructor, and one Method. This one Method will be in
charge of actually finding all form fields, determining if there are keywords
associated with it, and calling the appropriate validation Method.
Because it is usually easier to see the code and then explain it, we will
provide the code for the above elements that proceed to explain them one section
a time. You should get an idea though of what is going on by reading the
comments.
Please keep in mind that the code we show in this Part of the tutorial is not
the complete Class, bur rather the important segments relevant to this Part. As
Parts 2 and 3 become available, the code will be expanded to be much bigger.
<?php
class datVForm
{
/**
* Form field names including the keywords.
*
* @var array
*/
var $_f_cFName;
/**
* Form data.
*
* @var array
*/
var $_f_data;
/**
* Form field names without the keywords.
*
* @var array
*/
var $_f_tFName;
/**
* Form method.
*
* @var string
*/
var $_f_type;
/**
* Form validation error messages.
*
* @var array
*/
var $_l_fError;
/**
* Class system error messages.
*
* @var array
*/
var $_l_sError;
//////////////////////////////////////////////////////////////////////
/**
* Constructor.
*
* The Constructor has several jobs. First based on the form
* method type, POST or GET, it will get all form data from
* the PHP Super Global. Also it defines the attributes that
* will be used by the Class.
*/
function datVForm( $f_type )
{
// Initialize Class Variables.
$this->_f_cFName = array( );
$this->_f_data = array( );
$this->_f_tFName = array( );
$this->_f_type = $f_type;
$this->_l_fError = array( );
$this->_l_sError = array( );
// Determine Form Method.
if( $this->_f_type == 'p' ) {
$this->_f_data = datLib::string_trim_array( $_POST );
}
else if( $this->_f_type == 'g' ) {
$this->_f_data = datLib::string_trim_array( $_GET );
}
else {
$this->_l_sError[] = 'datVForm() Method : Invalid Form ' .
'Method :: Ignore Validation : <em>' .
'All Fields</em>';
}
}
//////////////////////////////////////////////////////////////////////
/**
* Validate.
*
* This Method does several things. First it determines how many form fields
* there are in the submitted form, then loops through each and every single
* one of them to determine which keywords, if any, are assosiated with one.
*
* If there are keywords assosiated with a field, it calls the appropiate
* validation Method for that field.
*/
function validate( )
{
// Define Local Variables.
$l_dataCount = count( $this->_f_data );
$l_key = array( );
$l_keyCount = NULL;
$l_vm = NULL;
// Find Complete Field Names.
$this->_f_cFName = array_keys( $this->_f_data );
// Find Field Names Without Keywords.
$this->_s_tFName( );
// Loop.
for( $i = 0; $i < $l_dataCount; $i++ )
{
// Determine If Keyword Exists In Field Name.
preg_match_all( '/\((.*?)\)/s' , $this->_f_cFName[ $i ] , $l_key );
// Determine Number Of Keywords, If Any.
$l_keyCount = datLib::array_count_2D( $l_key , 0 );
// Loop.
for( $j = 0; $j < $l_keyCount; $j++ )
{
if( method_exists( $this , '_vm_' . strtolower( $l_key[ 1 ][ $j ] ) ) == TRUE )
{
// Extract Keyword Validation Method.
$l_vm = '_vm_' . strtolower( $l_key[ 1 ][ $j ] );
// Call Validation Method.
$this->$l_vm( $this->_f_data[ $this->_f_cFName[ $i ] ] , $i );
}
else {
$this->_l_sError[] = 'validate() Method : Non Existant Keyword : ' .
'Ignore Validation : ' .
'<strong>' . $this->_f_tFName[ $i ] . '</strong>';
}
}
}
// Return.
if( datLib::array_isNull( $this->_l_fError ) == FALSE ) {
return FALSE;
}
if ( datLib::array_isNull( $this->_l_sError ) == FALSE ) {
return FALSE;
}
/**
* Return TRUE.
*
* The Method will only return TRUE if there are no validation errros.
* Return TRUE means that every field has been validated
* correctly and it is now generally safe to use this form data.
*/
return TRUE;
}
//////////////////////////////////////////////////////////////////////
}
?>
|
That was a lot of code, so let's break up the code into segments and explain
each segment alone...
- Tutorial written by Limitless
|
