1 / 19

If statements and validation

If statements and validation. If statement. In programming the if statement allows one to test certain conditions and respond differently depending on the outcome of the test. In our example the condition will be that the user actually entered some text.

gabi
Download Presentation

If statements and validation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. If statements and validation

  2. If statement • In programming the if statement allows one to test certain conditions and respond differently depending on the outcome of the test. • In our example the condition will be that the user actually entered some text. • If it is true, one set of actions will be performed. • If it is false, a different set of actions will be performed.

  3. Two places to validate • Since we are considering a client-server interaction, there are two locations in which the validation can occur – on the client and on the server. • Client-side validation should be seen mainly as not adding to internet traffic and not wasting the server’s time until the data is acceptable. • Server-side validation should be seen as maintaining data integrity (ensuring the data is of valid format) and security (making sure the user is not trying to access more than they should_

  4. Server-side if Notice when asking if two things are equal one uses two equal signs! Test if the user entered any text in the text field. If the text field was left blank print one message. The “else” handles the other case and prints the original Thank-you message.

  5. Result of invalid user data

  6. Using elseif to ask another question

  7. Another approach is to use a Boolean operator – in this case || the OR operator If it is true that either of the text fields was left blank then the first message will be printed out.

  8. If the user includes HTML tags

  9. Code to strip away any HTML (or PHP) in user’s data

  10. Example: <script> tag eliminated Eliminating tags that signal code may help with a problem known as “cross site scripting.”

  11. The quote - slash quote problem

  12. The stripslashes function

  13. Result of stripslashes

  14. Sometimes the slashes are a good thing • If a user attempts to put in SQL (database query) code, this is known as “SQL Injection.” • SQL Injection often uses quotes (single or double). • The slash tells the system to interpret the quote as a data quote not as a SQL quote. • In fact PHP has an addslashes function for this purpose

  15. PHP addslashes function

  16. Related function

  17. Result with a space in the First Name field

  18. The trim function

  19. Reference • PHP for the World Wide Web, Second edition, Larry Ullman

More Related