Validating Form Data

In terms of both error managment and security, you should never trust the data being enterd in an HTML form. Validating form data requres any number of functions, operators, and expresions. One common function is isset(). which test if a variable has a value (including 0, but not NULL or FALSE)

if (isset($var)) {
// $var has a vlue.
} else {
// $var has not have a value.
}

One problem with the isset() function is that an empty string test as TRUE, so to check for these, you can use the strlen() function, which count the number of charactors in a string.

if (isset($var) > 0) {
// $var has a vlue.
} else {
// $var has not have a value.
}

The best way to check that a form text box was filled out is to measure the length of the resulting string. If its positive (strlen($name) > 0) at least something was entered there. Check to see that it's not greaer than zero (!(strlen($email) > 0)), which could also be written as asT(strlen($email) <= 0).

Create a $message vriable instead, which will be printed later.

EX: form_all.html | handle_form_all.phps | handle_form_all.php