PHP check input type for validation

Question

I'm wondering if there is a way to check what type of input was used for $_POST information. I want to then use that type for validation. For instance, if an input type="text" then I would want to be able to create certain validations for that type of input.

So this is my code to generate the form:

$fields = array(
    array(
        'label' => 'Name:',
        'id' => $meta.'_nhm_lead_name',
        'class' => 'field-name input', // optional
        'wrapper_class' => 'four columns', // optional
        'type' => 'text',
        'required' => true,
    ),
)

and this is how I generate the html:

    public function make_fields(){
    foreach($this->fields as $field => $value){
        switch ($value['type']) {
            case 'text':
                $inputs .= '<li class="field '.$value['wrapper_class'].'">';
                $inputs .= '<input type="text" name="'.$value['id'].'" class="'.$value['class'].'" />';
                $inputs .= '<span class="error-message"></span>';
                $inputs .= '</li>';
            break;
         }
     } 
     }

Answer 1

You could write a jQuery script that checks the prop of the input, and then adds it to the $_POST. Something like:

HTML:

<form method="POST" action = "here.php" id="myform">
   <input type="text" value="hello" id= "input1" />
</form>

jQuery:

var input1type="&input1type=" + $('#input1').prop('type');
$.post('here.php', $('#myform').serialize()+input1type );

This would be best used if you can't affect the originating HTML.

Please note, that this is dangerous, and you can't trust the data from the www, but it might work in a secured (such as intranet) system.

Answer 2

When receiving the data from $_POST only the values are passed. However, you can use an structure like this:

$Fields = array( 
  array('type' => 'text',   'name' => 'name'),
  array('type' => 'text',   'name' => 'password'),
  array('type' => 'number', 'name' => 'age'));

Then generate the html form from that. So then, you can use that same variable to generate the validation. However, this is normally too much work for few forms (engine to generate form inputs from an array), and it's preferred to make it 'hardcoded' unless you are using already a framework with this functionality.

To give you an idea, the form would be like:

<form method = "POST" action = "/post.php">
  <?php foreach ($Fields as $Input) {
    switch($Input['type']) {
      case "text": 
        echo "<input type = 'text' name = '" . $Input['name'] . "'>";
        break;
      case "number":
        echo "<input type = 'number' name = '" . $Input['name'] . "'>";
        break;
      }
    }
   ?>
 </form>

And then in post.php:

foreach ($Fields as $Input) {
  $Name = $Input['name'];
  if (array_key_exists($Name, $_POST) &&
      // You need to define this:
      checktype($_POST[$Name], $Input['type'])) {
    $Posted = $_POST[$Name];
    }
  }

Answer 3

You would want to do that based on the name of the key in the $_POST array. A user can submit data without using any type (Javascript for example) making what you are asking to do impractical. They would be sending data that had no type.

Data being posted to your page can come from anywhere.

For re-usability, create a data object for the submission of your form that contains the validations for each of the inputs or write a validation function. Keep that on the server so that a malicious user isn't able to manipulate the data and change how you validate what is being submitted.