How To Validate Email and URL In PHP Forms

Throughout this article, we will be discussing how to validate email addresses, URLs, and other fields on PHP forms, so that we will be able to fill them out correctly.

The validation of user input is an essential part of developing a reliable and secure web application. Email addresses and URLs are commonly inserted into web forms and applications, as well as in other types of apps. When processing these inputs, it is important that they are formatted correctly and are valid before they are processed.

This tutorial will show you how to validate data on the server-side and on the client-side, as well as how to avoid some common pitfalls when working with these types of inputs.

Table Of Content-

Validate Name

Below is a simple example of checking if the name field contains only letters, dashes, apostrophes, and whitespace and age contains only numbers..

There will be an error message stored if the value of the name field is not valid:

$firstname = input_validation($_POST["firstname"]);
if (!preg_match("/^[a-zA-Z-‘ ]*$/",$firstname)) {
$fnameErr = "Only letters and white space allowed";
}
age = input_validation($_POST["age"]);
if (!preg_match("/^[0-9 ]*$/", $age)) {
$ageErr = "Only numbers allowed";
}

When preg_match() is called, a string is searched for a pattern, and if the pattern exists, it returns true, otherwise it returns false.

Validate Email

Using PHP’s filter_var() function is the easiest and most reliable way of checking whether an email address is well-formed or not.

If the email address provided is not a well-formed one, then the following error message will be displayed in the code:

$email = input_validation($_POST["email"]);
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailErr = "Invalid email format";
}

Validate URL

Below is a code example on how to verify whether the URL address syntax is valid (this regular expression also allows dashes in the URL address).

If there is a syntax error in the URL address, then store an error message that states:

$linkedin = input_validation($_POST["linkedin"]);
if (!preg_match("/^(?:(?:https?|ftp):\\/\\/|www.)[-a-z0-9+&@#\\/%?=~_|!:,.;]*[-a-z0-9+&@#\\/%=~_|]/i", $linkedin)) {
$linkedInErr = "URL is not valid";
}

Php Form Validate Email and Url

This is what the script looks like now:

Example: 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
<?php
$fnameErr = $lnameErr = $ageErr = $emailErr = $designationErr = $skillsErr = $linkedInErr = "";
$firstname = $lastname = $age = $email = $designation = $skills = $linkedin = $yrofexp = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["firstname"])) {
$fnameErr = "First name is required";
} else {
$firstname = input_validation($_POST["firstname"]);
if (!preg_match("/^[a-zA-Z-' ]*$/", $firstname)) {
$fnameErr = "Only letters and white space allowed";
}
}
$lastname = input_validation($_POST["lastname"]);
if (empty($_POST["age"])) {
$ageErr = "Age is required";
} else {
$age = input_validation($_POST["age"]);
if (!preg_match("/^[0-9 ]*$/", $age)) {
$ageErr = "Only numbers allowed";
}
}
if (empty($_POST["email"])) {
$emailErr = "Email is required";
} else {
$email = input_validation($_POST["email"]);
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailErr = "Invalid email format";
}
}
if (empty($_POST["skills"])) {
$skillsErr = "Skills is required";
} else {
$skills = input_validation($_POST["skills"]);
}
if (empty($_POST["designation"])) {
$designationErr = "Designation is required";
} else {
$designation = input_validation($_POST["designation"]);
if (!preg_match("/^[a-zA-Z-' ]*$/", $designation)) {
$designationErr = "Only letters and white space allowed";
}
}
if (empty($_POST["linkedin"])) {
$linkedInErr = "URL is required";
} else {
$linkedin = input_validation($_POST["linkedin"]);
if (!preg_match("/^(?:(?:https?|ftp):\\/\\/|www.)[-a-z0-9+&@#\\/%?=~_|!:,.;]*[-a-z0-9+&@#\\/%=~_|]/i", $linkedin)) {
$linkedInErr = "URL is not valid";
}
}
$yrofexp = input_validation($_POST["yrofexp"]);
}
// define variables and set to empty values
function input_validation($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Merge HTML and PHP code:

Example: 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
<!DOCTYPE HTML>
<html lang="en">
<head>
<title>PHP Form</title>
<style>
.error {
color: #FF0000;
}
</style>
</head>
<body>
<?php
$fnameErr = $lnameErr = $ageErr = $emailErr = $designationErr = $skillsErr = $linkedInErr = "";
$firstname = $lastname = $age = $email = $designation = $skills = $linkedin = $yrofexp = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["firstname"])) {
$fnameErr = "First name is required";
} else {
$firstname = input_validation($_POST["firstname"]);
if (!preg_match("/^[a-zA-Z-' ]*$/", $firstname)) {
$fnameErr = "Only letters and white space allowed";
}
}
$lastname = input_validation($_POST["lastname"]);
if (empty($_POST["age"])) {
$ageErr = "Age is required";
} else {
$age = input_validation($_POST["age"]);
if (!preg_match("/^[0-9 ]*$/", $age)) {
$ageErr = "Only numbers allowed";
}
}
if (empty($_POST["email"])) {
$emailErr = "Email is required";
} else {
$email = input_validation($_POST["email"]);
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailErr = "Invalid email format";
}
}
if (empty($_POST["skills"])) {
$skillsErr = "Skills is required";
} else {
$skills = input_validation($_POST["skills"]);
}
if (empty($_POST["designation"])) {
$designationErr = "Designation is required";
} else {
$designation = input_validation($_POST["designation"]);
if (!preg_match("/^[a-zA-Z-' ]*$/", $designation)) {
$designationErr = "Only letters and white space allowed";
}
}
if (empty($_POST["linkedin"])) {
$linkedInErr = "URL is required";
} else {
$linkedin = input_validation($_POST["linkedin"]);
if (!preg_match("/^(?:(?:https?|ftp):\\/\\/|www.)[-a-z0-9+&@#\\/%?=~_|!:,.;]*[-a-z0-9+&@#\\/%=~_|]/i", $linkedin)) {
$linkedInErr = "URL is not valid";
}
}
$yrofexp = input_validation($_POST["yrofexp"]);
}
// define variables and set to empty values
function input_validation($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<h2>PHP Form Validation</h2>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>">
<p><span class="error">* required field</span></p>
First name: <input type="text" name="firstname"><span class="error"> * <?php echo $fnameErr; ?></span>
<br><br>
Last name: <input type="text" name="lastname"><span class="error"></span>
<br><br>
Age: <input type="text" name="age"><span class="error">* <?php echo $ageErr; ?></span>
<br><br>
E-mail: <input type="text" name="email"><span class="error"> * <?php echo $emailErr; ?></span>
<br><br>
<label for="yrofexp">Year of Experience:</label>
<select name="yrofexp" id="yrofexp">
<option value="">Select number</option>
<option value="1">1</option>
<option value="2">2</option>
<option value="3">3</option>
<option value="4">4</option>
<option value="5">5</option>
<option value="6">6</option>
<option value="7">7</option>
<option value="8">8</option>
</select>
<br><br>
Designation: <input type="text" name="designation"><span class="error"> * <?php echo $designationErr; ?></span>
<br><br>
LinkedIn: <input type="text" name="linkedin"><span class="error"> * <?php echo $linkedInErr; ?></span>
<br><br>
Write your Skills: <textarea name="skills" rows="5" cols="40"></textarea><span class="error"> * <?php echo $skillsErr; ?></span>
<br>
<br><br>
<input type="submit" name="submit" value="Submit">
</form>
<?php
echo "<h2>Your Form Data:</h2>";
echo "First Name: ".$firstname;
echo "<br>";
echo "Last Name: ".$lastname;
echo "<br>";
echo "Age: ".$age;
echo "<br>";
echo "Email: ".$email;
echo "<br>";
echo "Year of Experience: ".$yrofexp;
echo "<br>";
echo "Designation: ".$designation;
echo "<br>";
echo "LinkedIn URL: ".$linkedin;
echo "<br>";
echo "Skills: ".$skills;
?>
</body>
</html>
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Next, we will demonstrate how to prevent the form from emptying all the input fields when the user submits the form, which will prevent the form from becoming unusable.
We value your feedback.
+1
0
+1
0
+1
0
+1
0
+1
0
+1
0
+1
0
Subscribe To Our Newsletter
Enter your email to receive a weekly round-up of our best posts. Learn more!
icon
By subscribing, you agree with our privacy policy and our terms of service.

Leave a Reply

Your email address will not be published. Required fields are marked *