How to filter and validate user input in Zend Framework

1.9k Views Asked by DarkLeafyGreen At 20 October 2024 at 10:59

on my website I have a comment section. I want to filter and validate the input before I store it in my database. If there are any invalid chars in the input the user gets the notice that his input is invalid.

My question, which chars are not allowed? e.g. I want to avoid sql injections

Tags are not allowed. How do I check that?

Original Q&A

There are 1 best solutions below

Andrei Serdeliuc ॐ On 29 August 2010 at 07:39 BEST ANSWER

If you are using Zend_Db and parameterised queries (i.e.: $adapter->insert($tableName, array('param' => 'value'))) then it will automagically escape everything for you.

If however you want to further validate the user input, have a look at Zend_Validate and Zend_Filter

Also, if by "tags" you mean HTML tags, I wouldn't do anything to those on input but do make sure you properly escape / strip them on output (have a look at htmlspecialchars())

If you want to display an error message if the input contains HTML tags, and assuming $comment is the comment body, you could try:

if(strip_tags($comment) !== $comment) {
    // It seems it contained some html tags
}

How to filter and validate user input in Zend Framework

There are 1 best solutions below

Related Questions in ZEND-FRAMEWORK

Related Questions in ZEND-FORM

Related Questions in ZEND-FILTER

Trending Questions

Popular # Hahtags

Popular Questions