1 / 19

Server-Side Validation

Server-Side Validation. Jayden Bryant. What is Server-Side Validation?. Validation of form input done on the server, not the web browser program. //Validate the Surname If ($surname == “”) print( “The surname field cannot be blank.”);.

kane
Download Presentation

Server-Side Validation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Server-Side Validation Jayden Bryant

  2. What is Server-Side Validation? • Validation of form input done on the server, not the web browser program //Validate the Surname If ($surname == “”) print( “The surname field cannot be blank.”);

  3. Differences between Client and Server Side Validation • Client-Side • No round trip to server = quicker validation, instant feedback to user • User may skip client-side validation by turning off java script • Server-Side • Ensures 100% validation of input even if front end validation fails • User cannot skip server-side validation • Ensures that improper data sent will be filtered correctly, a detailed error message can be sent back to user • Takes longer time to vaildate – information must do a round trip to the server.

  4. What we shall Discuss • Methods used when validating different form data • Number validation • URL validation • Email Validation

  5. Common Validation functions • ereg () function <?php $username = (jayden2); If (ereg ('[^A-Za-z]', $username)){ echo "Usernames must contain only letters."; } else {echo "$username is a valid username.";} ?> To example • !ereg () function if ($validate) { $text = ($n); print "email entered is $text. <br><br>"; if (!ereg("[@]",$text)) echo ("email must conatain the symbol '@'."); else echo ("Good job, email contains an '@'"); } To example

  6. Validating Numbers • is_numeric() function • Checks to see if input is numeric • is_numeric allows: • Integers e.g. 998878 • Scientific notations e.g. 15e4 • Floating points e.g. 10.25 • Hexadecimal e.g. 2xff • Negative numbers e.g. -56 if (!is_numeric($n)) print “Does not conform to function"; else print "Validation passed!! Input was: $n"; Example

  7. Validating URL’s • Parse_url: function parses a URL and returns an associative array containing any of the various components of the URL that are present. • scheme - e.g. http • host • port • user • pass • path • query - after the question mark ? • fragment - after the hashmark # Example: http://www.webdatabasebook.com/test.php?statuse=F#message parse_url

  8. Validating URL’s • function_exists: Return TRUE if the given function has been defined • checkdnsrr: Check DNS records corresponding to a given Internet hostname or IP address type may be any one of: A, MX, NS, SOA, PTR, CNAME, AAAA, A6, SRV, NAPTR or ANY. The default is MX. URL code

  9. URL Validation Code • <?php • $bits = parse_url($url); • if ($bits["scheme"] != "http") • print "URL must begin with http://."; • elseif (empty($bits["host"])) • print "URL must include a host name."; • elseif (function_exists('checkdnsrr') && !checkdnsrr($bits["host"], 'A')) • print "Host does not exist."; • else • echo ("URL: $bits Exists"); • ?> URL Example

  10. Validating Email • Empty (var) – Determines whether a variable is empty • strlen - Get string length • Returns the length of the given string • Getmxrr – Check if there is a record of the email domain as a mail exchanger (MX) • Gethostbyname -Get the IP address corresponding to a given Internet host name

  11. Validating Email • substr ( string string, int start [, int length] ) • Returns part of a string • returns the portion of string specified by the start and length parameters. • string strstr ( string haystack, string needle ) • Finds the first occurence of the string • Returns part of haystack string from the first occurrence of needle to the end of haystack • If needle is not found, returns false Code

  12. Email Validation code • { • $validEmailExpr = • "^[0-9a-z~!#$%&_-]([.]?[0-9a-z~!#$%&_-])*" . • "@[0-9a-z~!#$%&_-]([.]?[0-9a-z~!#$%&_-])*$"; • if (empty($email)) • { • print "The email field cannot be blank"; • $printFlag = false; • } • elseif (!eregi($validEmailExpr, $email)) • { • print "The email must be in the name@domain format."; • $printFlag = false; • } • elseif (strlen($email) >30) • { • print "The email address can be no longer than 30 characters."; • $printFlag = false; • }

  13. Email Validation code • elseif (function_exists("getmxrr") && function_exists("gethostbyname")) • { • $maildomain = substr(strstr($email, '@'), 1); • if (!(getmxrr($maildomain, $temp) || gethostbyname($maildomain) !=$maildomain)) • { • print "The domain does not exist."; • $printFlag = false; • } • else $printFlag = true; • } • if ($printFlag == true) { • print "email address: $email exists"; • } • } • ?> Example

  14. Class Quiz • When using is_numeric function, what are the 5 legal number formats? • Integers e.g. 998878 • Scientific notations e.g. 15e4 • Floating points e.g. 10.25 • Hexadecimal e.g. 2xff • Negative numbers e.g. -56 Question 2

  15. Class Quiz: Qu 2 • What is a major difference between client-side and server-side validation? Question 3

  16. Class Quiz: Qu 3 • What does the function parse_url do? • Returns the different components of which the URL is made up of e.g. • scheme - e.g. http • host • port • user • pass • path • query - after the question mark ? • fragment - after the hashmark # Question 4

  17. Class Quiz: Qu 5 • What does the function strstr return? • Finds the first occurence of the string • Returns part of haystack string from the first occurrence of needle to the end of haystack • If needle is not found, returns false Question 5

  18. Class Quiz: Qu 6 • What does the function empty check? • If the variable is empty

  19. Validation Complete

More Related