I've checked out vdaemon (http://www.x-code.com/vdaemon_web_form_validation.php), Formproc v3.02, and phorm v3.0 (http://www.holotech.net/scripts.html) but they don't all do what I need -- at least not yet. I know that they have the email, phone #, num/int/float, and non-empty validation, but I want to take it further...I have some sensitive data that I need to keep safe in my database. I to somehow integrate a class to :
-
integrate no mysql inject for all fields(http://www.phpfreaks.com/quickcode/Anti_SQL_Injection_Login_Filter/203.php ) -- anyone have any tips on ways of preventing this besides this class?
-
check referrer url (allow multiple but not every url in the world)
-
strip non alphanumeric characters other than . (period) / (backslash) and - (dash) for most fields
-
allow characters !?.&@-/ in one field
i'm not too familiar with the scripts i mentioned but I think they could be useful, if anyone could offer some tips making a custom validation class that'd be really helpful
also, is the $var = $_POST['var']; thing really necessary? I haven't used it in some of my form processing and it seems to work fine.
any help would be appreciated
i love php
