Logo         Community
  Trog
Services
The Company
Community
Columns
Your Account
Contact Us
 
 
PHP 101 (part 13): The Trashman Cometh
Secure your PHP scripts with clever input validation tricks.

| Waiting To Exhale |

Maybe you've heard the term GIGO before.

If you haven't, it stands for Garbage In, Garbage Out, and it's a basic fact of computer programming: if you feed your program bad input, you're almost certainly going to get bad output. And no matter which way you cut it, bad output is not a Good Thing for a programmer who wants to get noticed.

In case you think I'm exaggerating, let me give you a simple example. Consider an online loan calculator that allows a user to input a desired loan amount, finance term and interest rate. Let's assume that the application doesn't include any error checks, and that the user decides to enter that magic number, 0, into the Term field.

You can imagine the result. After a few internal calculations the application will end up attempting to divide the total amount payable by zero. The slew of ugly error messages that follow don't really bear discussion, but it's worth noting that they could have been avoided had the developer had the foresight to include an input validation routine when designing the application.

The moral of this story? If you're serious about using PHP for web development, one of the most important things you must learn is how to validate user input and deal with potentially unsafe data. Such input verification is one of the most important safeguards a developer can build into an application, and a failure to do this can snowball into serious problems, or even cause your application to break when it encounters invalid or corrupt data.

That's where this edition of PHP 101 comes in. Over the next few paragraphs, I'm going to show you some basic tricks to validate user input, catch "bad" data before it corrupts your calculations and databases, and provide user notification in a gentle, understandable and non-threatening way. To prepare for this exercise, I suggest you spin up a CD of John Lennon singing "Imagine", fill your heart with peace and goodwill towards all men, and take a few deep, calming breaths. Once you've exhaled, we can get going.


How to do Everything with PHP & MySQL
How to do Everything with PHP & MySQL, the best-selling book by Melonfire, explains how to take full advantage of PHP's built-in support for MySQL and link the results of database queries to Web pages. You'll get full details on PHP programming and MySQL database development, and then you'll learn to use these two cutting-edge technologies together. Easy-to-follow sample applications include a PHP online shopping cart, a MySQL order tracking system, and a PHP/MySQL news publishing system.

Read more, or grab your copy now!


more like this print this article  next page
 
Search...
 
In trog...
Logging With PHP
Building A Quick-And-Dirty PHP/MySQL Publishing System
Output Buffering With PHP
Date/Time Processing With PHP
Creating Web Calendars With The PEAR Calendar Class
more...
 
In the hitg report...
Crime Scenes
Animal Attraction
Lord Of The Strings
more...
 
In boombox...
Patience - George Michael
Think Tank - Blur
My Private Nation - Train
more...
 
In colophon...
Hostage - Robert Crais
The Dead Heart - Douglas Kennedy
Right As Rain - George Pelecanos
more...
 
In cut!...
American Chai
The Core
Possession
more...
 
Find out how you can use this article on your own Web site!


Copyright © 1998-2017 Melonfire. All rights reserved
Terms and Conditions | Feedback