Checking user input date of a form ( Validation )

Before using any user input data ( via web form ) or from any other sources ( than the script itself ), we must check it before using them.

Only Integer is allowed

$number=5236;
if(is_int($number)){
echo "Validation passed ";//This is the output (True)
}else{
echo "Validation failed ";
}

Only Integer & Float is allowed ( received from Web Form)

$userid=$_POST['userid']; // If form submit method is POST
if(is_numeric($userid)){
echo "Validation passed ";
}else{
echo "Validation failed ";
}

Only alphabetic characters are allowed

$userid=$_POST['userid']; // If form submit method is POST
if(ctype_alpha($userid)){
echo "Validation passed ";
}else{
echo "Validation failed ";
}
ctype_alpha()

Only number and characters are allowed

$userid=$_POST['userid']; // If form submit method is POST
if(ctype_alnum($userid)){
echo "Validation passed ";
}else{
echo "Validation failed ";
}
ctype_alnum()

Only number, character and space are allowed ( without regular expression)

$state='abc de';
if ((strlen($state)) > 0 and !ctype_alpha(str_replace(' ', '', $state)) === true) {
echo "Validation failed ";//This is the output (True)
}else{
echo "Validation passed ";
}

String of particular length only allowed.

$userid='abc1df';
if(strlen($userid) == 6){
echo "Validation passed ";// This is the output (True)
}else{
echo "Validation failed ";
}

String of minimum and maximum length is only allowed.

$userid=trim('abcde');
if(strlen($userid)  > 3 and strlen($userid)< 8){
echo "Validation passed "; // This is the output (True)
}else{
echo "Validation failed ";
}
While using length calculations it is better to use trim() function to remove blank space at left and right side of the variable.

Validation of Date

signed userid is already present in table or not. Checked by using PDO and SQL 

$no = $dbo->query("select count(userid) from mem_signup where userid='$userid'")->fetchColumn(); 

if($no >0 ){
$msg=$msg."User Name already exists. Choose a different User Name";
}

Structure of the FORM and Submitting for validation

<form method=post action=form_validate.php>
<input type=text name=userid>
<input type=text name=password>
<input type=submit value=Submit></form>
On submit of this form, all entered variables will be available in form_validate.php page so let us go to form_validate.php page and read the variable and check if any value is there or not. Let us use one flag to check the status of the variables for form validation. 
<?php
$userid=$_POST['userid']; // Collect userid using POST method
$password=$_POST['password']; // Collect password using POST method

$flag="OK"; // This is the flag and we set it to OK
$msg=""; // Initializing the message to hold the error messages
if(strlen($userid) < 5){ // must be more than 5 character in length
$msg=$msg."( Please enter user id more than 5 character length )<BR>";
$flag="NOTOK";   //setting the flag to error flag.
}
User id validation is over, now let us start password checking. 
if(strlen($password) < 5 ){ // must be more than 5 character in length
$msg=$msg."( Please enter password of more than 5 character length )<BR>";
$flag="NOTOK";   //setting the flag to error flag.
}
Now let us check the flag and give message accordingly, if the flag is set to OK then all validations is passed and we can proceed for the database checking. If the flag is set to NOTOK then entries are not ok so we have to display the messages.We also give one back button for the user to go back and correct the entries. 
if($flag <>"OK"){
echo "<center>$msg <br> 
<input type='button' value='Retry' onClick='history.go(-1)'></center>";
}else{ // all entries are correct and let us proceed with the database checking etc …
}
This is PHP form validation by using two simple text boxes. We have checked only the number of characters entered by the user. Now let us move one more step and go for form validation checking the type of entry. Say in userid field  other than   characters are not allowed. We will use same flag to set the status and append the message to the message variable. 
if(ctype_alpha($userid)){ //Only lower or upper case letters allowed.
$msg=$msg."( Please use only alphabets a to z as userid  )<BR>";
$flag="NOTOK";   //setting the flag to error flag.
}
ctype_aplha() checks the input here and read more on email validation here. We will use this function more for advance PHP form validation
Email address validation PHP Form DEMO : Form all components validation and post back Storing form data in a table
We missed anything here ? Let us know ( post it here )
Subhendu Mohapatra — author at plus2net
Subhendu Mohapatra

Author

🎥 Join me live on YouTube

Passionate about coding and teaching, I publish practical tutorials on PHP, Python, JavaScript, SQL, and web development. My goal is to make learning simple, engaging, and project‑oriented with real examples and source code.

LinkedIn X (Twitter) YouTube
Subscribe to our YouTube Channel here


Subscribe to our YouTube Channel here

plus2net.com










PHP video Tutorials
We use cookies to improve your browsing experience. . Learn more
HTML MySQL PHP JavaScript ASP Photoshop Articles Contact us
©2000-2025   plus2net.com   All rights reserved worldwide Privacy Policy Disclaimer