Form validation is an essential part of web development to ensure that the data submitted by users is accurate and secure. PHP provides various functions and techniques for form validation in storing, updating, retrieving, and deleting the data of form.
An HTML form contains various input fields such as text box, checkbox, radio buttons, submit button, and checklist, etc. These fields need to be validated, which ensures that the user has entered information which are valid and correct in all required fields.
Note: PHP validates the data at the server-side, which is submitted by the HTML form.
The HTML form we will be working at in these chapters, contains various input fields: required and optional text fields, radio buttons, and a submit button:
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>PHP Form Validation</title>
<style>
.error {color: #FF0001;}
</style>
</head>
<body>
<?php
// define variables to empty values
$nameErr = $emailErr = $mobilenoErr = $passwordErr = $genderErr = $websiteErr = $agreeErr = "";
$name = $email = $mobileno = $gender = $website = $agree = "";
//Input fields validation
if ($_SERVER["REQUEST_METHOD"] == "POST") {
// Name Validation
if (empty($_POST["name"])) {
$nameErr = "Name is required";
} else {
$name = testValidation($_POST["name"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$name)) {
$nameErr = "Only alphabets and white space are allowed";
}
}
// Email Validation
if (empty($_POST["email"])) {
$emailErr = "Email is required";
} else {
$email = testValidation($_POST["email"]);
// check that the e-mail address is well-formed
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailErr = "Invalid email format";
}
}
// Number Validation
if (empty($_POST["mobileno"])) {
$mobilenoErr = "Mobile no is required";
} else {
$mobileno = testValidation($_POST["mobileno"]);
// check if mobile no is well-formed
if (!preg_match ("/^[0-9]*$/", $mobileno) ) {
$mobilenoErr = "Only numeric value is allowed.";
}
//check mobile no length should not be less and greator than 10
if (strlen ($mobileno) != 10) {
$mobilenoErr = "Mobile no must contain 10 digits.";
}
}
// Validate password
if (empty($_POST["password"])) {
$passwordErr = "Password is required";
} else {
$password = testValidation($_POST["password"]);
}
// URL Validation
if (empty($_POST["website"])) {
$website = "";
} else {
$website = testValidation($_POST["website"]);
// check if URL address syntax is valid
if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&@#\/%?=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]/i",$website)) {
$websiteErr = "Invalid URL";
}
}
// Empty Field Validation
if (empty ($_POST["gender"])) {
$genderErr = "Gender is required";
} else {
$gender = testValidation($_POST["gender"]);
}
// Checkbox Validation
if (!isset($_POST['agree'])){
$agreeErr = "Accept terms of services before submit.";
} else {
$agree = testValidation($_POST["agree"]);
}
}
function testValidation($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<h2>Registration Form</h2>
<span class = "error">* required field </span>
<br><br>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" >
Full Name:
<input type="text" name="name">
<span class="error">* <?php echo $nameErr; ?> </span>
<br><br>
Your E-mail:
<input type="text" name="email">
<span class="error">* <?php echo $emailErr; ?> </span>
<br><br>
Your Mobile No:
<input type="text" name="mobileno">
<span class="error">* <?php echo $mobilenoErr; ?> </span>
<br><br>
Password:
<input type="password" name="password">
<span class="error"><?php echo $passwordErr; ?> </span>
<br><br>
<!-- <label for="password">Password:</label>
<input type="password" id="password" name="password">
<span class="error"><?php // echo $passwordErr; ?></span> -->
Website:
<input type="text" name="website">
<span class="error"><?php echo $websiteErr; ?> </span>
<br><br>
Gender:
<input type="radio" name="gender" value="male"> Male
<input type="radio" name="gender" value="female"> Female
<input type="radio" name="gender" value="other"> Other
<span class="error">* <?php echo $genderErr; ?> </span>
<br><br>
Agree to Terms of Service:
<input type="checkbox" name="agree">
<span class="error">* <?php echo $agreeErr; ?> </span>
<br><br>
<input type="submit" name="submit" value="Submit">
<br><br>
</form>
<?php
if(isset($_POST['submit'])) {
if($nameErr == "" && $emailErr == "" && $mobilenoErr == "" && $genderErr == "" && $websiteErr == "" && $agreeErr == "") {
echo "<h3 color = #FF0001> <b>Your Data is Valid.</b> </h3>";
echo "<h2>Your Input:</h2>";
echo "Name: " .$name;
echo "<br>";
echo "Email: " .$email;
echo "<br>";
echo "Mobile No: " .$mobileno;
echo "<br>";
echo "Website: " .$website;
echo "<br>";
echo "Gender: " .$gender;
} else {
echo "<h3> <b>Please fill the form Correctly.</b> </h3>";
}
}
?>
</body>
</html>
Field | Validation Rules |
Name | Required. + Must only contain letters and whitespace |
E-mail | Required. + Must contain a valid email address (with @ and .) |
Mobile No | Required + Number + 10 digit |
Password | Required |
Website | Optional. If present, it must contain a valid URL |
Gender | Required. Must select one |
Agree | Required |