The following warnings occurred:
Warning [2] Undefined array key "avatartype" - Line: 783 - File: global.php PHP 8.1.27 (Linux)
File Line Function
/global.php 783 errorHandler->error
/printthread.php 16 require_once
Warning [2] Undefined array key "avatartype" - Line: 783 - File: global.php PHP 8.1.27 (Linux)
File Line Function
/global.php 783 errorHandler->error
/printthread.php 16 require_once
Warning [2] Undefined variable $newpmmsg - Line: 40 - File: global.php(841) : eval()'d code PHP 8.1.27 (Linux)
File Line Function
/global.php(841) : eval()'d code 40 errorHandler->error
/global.php 841 eval
/printthread.php 16 require_once
Warning [2] Undefined array key "style" - Line: 909 - File: global.php PHP 8.1.27 (Linux)
File Line Function
/global.php 909 errorHandler->error
/printthread.php 16 require_once
Warning [2] Undefined property: MyLanguage::$lang_select_default - Line: 5024 - File: inc/functions.php PHP 8.1.27 (Linux)
File Line Function
/inc/functions.php 5024 errorHandler->error
/global.php 909 build_theme_select
/printthread.php 16 require_once
Warning [2] Undefined array key "additionalgroups" - Line: 7162 - File: inc/functions.php PHP 8.1.27 (Linux)
File Line Function
/inc/functions.php 7162 errorHandler->error
/inc/functions.php 5044 is_member
/global.php 909 build_theme_select
/printthread.php 16 require_once
Warning [2] Undefined array key "showimages" - Line: 160 - File: printthread.php PHP 8.1.27 (Linux)
File Line Function
/printthread.php 160 errorHandler->error
Warning [2] Undefined array key "showvideos" - Line: 165 - File: printthread.php PHP 8.1.27 (Linux)
File Line Function
/printthread.php 165 errorHandler->error
Warning [2] Undefined array key "showimages" - Line: 160 - File: printthread.php PHP 8.1.27 (Linux)
File Line Function
/printthread.php 160 errorHandler->error
Warning [2] Undefined array key "showvideos" - Line: 165 - File: printthread.php PHP 8.1.27 (Linux)
File Line Function
/printthread.php 165 errorHandler->error
Warning [2] Undefined array key "showimages" - Line: 160 - File: printthread.php PHP 8.1.27 (Linux)
File Line Function
/printthread.php 160 errorHandler->error
Warning [2] Undefined array key "showvideos" - Line: 165 - File: printthread.php PHP 8.1.27 (Linux)
File Line Function
/printthread.php 165 errorHandler->error
Warning [2] Undefined array key "showimages" - Line: 160 - File: printthread.php PHP 8.1.27 (Linux)
File Line Function
/printthread.php 160 errorHandler->error
Warning [2] Undefined array key "showvideos" - Line: 165 - File: printthread.php PHP 8.1.27 (Linux)
File Line Function
/printthread.php 165 errorHandler->error



Form Tools
3 Different Validation Methods - Why? - Printable Version

+- Form Tools (https://forums.formtools.org)
+-- Forum: Modules / Other (https://forums.formtools.org/forumdisplay.php?fid=8)
+--- Forum: Form Validation: JS + PHP (https://forums.formtools.org/forumdisplay.php?fid=18)
+--- Thread: 3 Different Validation Methods - Why? (/showthread.php?tid=1325)



3 Different Validation Methods - Why? - asgaroth - May 23rd, 2011

Hey there,

i took the Demo 3 (Something with Flight/Travel Registration) as Template for my own Form.
I rewrote the code using some of the code already present.
This is where i discovered that you are using three types/methods of Validation.

1. Client-Side Validation with JS and rsv.js.
e.g.
Code:
<script type="text/javascript" src="rsv.js"></script>

  <script type="text/javascript">
  var rules = []

  // Attendee / work information
  rules.push("required,name,Please fill in your name.");

  </script>

2. Server Side Validation with PHP using validate_fields();
e.g.
Code:
$rules = array();
  $rules[] = "required,name,Please fill in your name.";
  $errors = validate_fields($_POST, $rules);


3. Server Side Validation with PHP filling the Error Array by yourself.
e.g.
Code:
if (isset($_POST) && !empty($_POST))
{
  if(!empty($_POST['name']))
        $errors[] = "Please fill in your name.";
}

Is there an advantage in using two or all three Methods at the same time? Or should i choose only one method?
Is the second Method more reliable because Client-Side is JavaScript?
Is the third for checking more complex conditions like the following?
Code:
if(!empty($_POST['a']) && empty($_POST['b']))
        $errors[] = "Please fill in B when providing A.";

Thanks in advance for replies, asgaroth


RE: 3 Different Validation Methods - Why? - Ben - Jun 3rd, 2011

Hi Asgaroth,

Sorry for not responding to this sooner.

There are really only two methods: client-side (JS with RSV) and server-side (with the PHP version of RSV). Both validation libraries come bundled with Form Tools for your use. Depending on your requirements, you can use one, both or neither.

RSV
Using the Really Simple Validation JS has it's advantages. First, it lets the user know what the problems are right away - right at the moment they submit the form. From a usability perspective, client-side validation is terrific. However, there are drawbacks: maybe the user doesn't have javascript enabled in his/her form, or maybe you're dealing with someone Evil who wants to hack your form by submitting dud values: this is all too easy for hackers, so the security-conscious can't rely on client-side validation.

PHP Validation
This is done on the server and is immutable. Provided your logic is tight, hackers won't be able to get around it. However, from a usability perspective it's kind of crumby: users would submit the form, wait, then the page would reload showing whatever errors were detected by the server.

So most times, I use both methods. That's pretty much the difference!

The third point you raised is actually just syntactic. Javascript and PHP are very different languages and work differently. The rules.push("if:condition,...") syntax of RSV was written to allow for conditional logic to be applied to your validation rules, but on the server, you don't need anything so fussy (though if memory serves, it still supports that syntax...).

Anyway, hope this info helps! Big Grin

- Ben


RE: 3 Different Validation Methods - Why? - AlacratStore - Sep 8th, 2012

Validation Vs Sanization Validation means the string format is exactly what you want Validated String can't be assumed 'Secure' Can't know if validated string might have malicious characters meaningful for various back-end systems That's why, validated one needs to be sanitized!



RE: 3 Different Validation Methods - Why? - Daniel10Wilson - Mar 29th, 2013

I need a function or a few lines of code that will check whether a password that has been entered contains 2 numbers and 2 letters and checks that they DONT contain characters like < > ? & $
Can any one help me out.