Importance of validating information
For instance, a credit-reporting application may authenticate users before they're allowed to submit data or pull reports.
The login form uses the following code to grab user IDs with a maximum input of 12 characters, as denoted by the By submitting you agree to receive email from Tech Target and its partners.
If any form field input is not filled out correctly, HTML_Quickform will allow you to show the user an error message rather than passing the invalid field values into your application.
As mentioned in the last post’s comments, database servers such as My SQL and Postgre SQL also perform data validation to ensure that the values being entered will not cause problems when inserting them into database tables.
An extra bonus to self-praise is that you can acknowledge what you didn’t do.
Sometimes, I use a PHP library for generating and processing web forms, such as a library we use at Site Point (affectionately called Rapid Admin), or PEAR’s HTML_Quickform, or a library of my own.This data validation is for the sake of the database, and not your (PHP) application, so it is not a replacement for your own validation.Also, as Simon pointed out, My SQL sometimes silently truncates or transforms data without validating it, which could lead to unexpected behaviour without an error message explaining it.Such a library can usually validate your data for you.For instance, HTML_Quickform is capable of validating the data according to the patterns you specify when you create the form.