HomePHP Page 5 - Building An Extensible Form Validator Class
Private Eye - PHP
Wondering what OOP can do for you? Well, wonder no more - thisarticle demonstrates how OOP can save you time and effort by building aPHP-based Form Validator object to validate HTML form input. In additionto a detailed walkthrough of the process of constructing a PHP class totest user input, this article also includes usage examples and a brieflook at some powerful open-source alternatives.
Right. So I now know how the class is supposed to work, plus I have a fairly good idea of what the methods encapsulated within it will look like. This is a good time to start writing some code.
You might find it helpful to download the complete class code at this point, so that you can refer to it over the next few pages.
// FormValidator.class.inc
// class to perform form validation
class FormValidator
{
// snip
}
Now, since I plan to build some basic error-handling routines
into this class, I need to add a variable to hold this information.
<?php
class FormValidator
{
//
// private variables
//
var $_errorList;
// snip
}
Note the underscore (_) prefixed to this variable; I've done
this in order to provide a convenient way to visually distinguish between private and public class variables and functions.
You'll remember, from my schematic of how the class will be used on the previous page, that each validation method will be passed the name of the form variable to be tested as a string. Now, I need a method which will take this string, and use it to obtain the value of the corresponding form variable.
<?php
class FormValidator
{
// snip
//
// methods (private)
//
// function to get the value of a variable (field)
function _getValue($field)
{
global ${$field};
return ${$field};
}
// snip
}
?>
In this case, the _getValue() method will be passed a string
representing a particular form variable - for example, "a" - and it will return the value of the corresponding variable in the global scope - for example, $a. Notice how I've used PHP's powerful variable interpolation features to dynamically construct a variable name, and thereby access the corresponding value (more information on this is available at http://www.php.net/manual/en/language.variables.variable.php).
Again, this is a private method - it will be used internally by the class, and will never be exposed to the calling script. As you will see, this function will be used extensively by the public validation routines to get the current value of the named form variable, and test it for errors.
This probably seems like a convoluted way of doing things - after all, you might be wondering, why not just pass the value to be validated directly to the class method? There's a good reason for this, which I'll be explaining a little further down. For the moment, though, just trust that there is method to my madness.
Note also that the _getValue() method can be improved by modifying it to return the value of the form variable from the special $HTTP_POST_VARS array, rather than from the global scope. I haven't done this here because I'm not sure whether my forms will be using GET or POST; however, if you're sure that you're going to be using POST, this is probably an improvement you will want to make. And in case this didn't make any sense to you, take a look at http://www.php.net/manual/en/language.variables.predefined.php which provides more information on the special $HTTP_POST_VARS array.
PHP 
