Server Side Form Validation

Server Side Form Validation using Regular Expressions

The preg_match() function searches a string for pattern, returning true if the pattern exists, and false otherwise.

Validate Name

The code below shows a simple way to check if the name field only contains letters and whitespace. If the value of the name field is not valid, then store an error message:

$name = $_POST["name"];
if (!preg_match("/^[a-zA-Z ]*$/",$name)) {
  $nameErr = "Only letters and white space allowed";

Validate Email

The easiest and safest way to check whether an email address is well-formed is to use PHP’s filter_var() function.

In the code below, if the e-mail address is not well-formed, then store an error message:

$email = $_POST["email"];
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
  $emailErr = "Invalid email format";

Validate Url

The code below shows a way to check if a URL address syntax is valid (this regular expression also allows dashes in the URL). If the URL address syntax is not valid, then store an error message:

$website = $_POST["website"];
if (!preg_match("/b(?:(?:https?|ftp)://|www.)[-a-z0-9+&@#/%?=~_|!:,.;]*[-a-z0-9+&@#/%=~_|]/i",$website)) {
  $websiteErr = "Invalid URL";

Validate Name, E-mail, and URL

$nameErr = $emailErr = $genderErr = $websiteErr = "";
$name = $email = $gender = $comment = $website = "";

   if (empty($_POST["name"])) {
     $nameErr = "Name is required";
   } else {
     $name = test_input($_POST["name"]);
     // check if name only contains letters and whitespace
     if (!preg_match("/^[a-zA-Z ]*$/",$name)) {
       $nameErr = "Only letters and white space allowed";
   if (empty($_POST["email"])) {
     $emailErr = "Email is required";
   } else {
     $email = test_input($_POST["email"]);
     // check if e-mail address is well-formed
     if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
       $emailErr = "Invalid email format";
   if (empty($_POST["website"])) {
     $website = "";
   } else {
     $website = test_input($_POST["website"]);
     // check if URL address syntax is valid (this regular expression also allows dashes in the URL)
     if (!preg_match("/b(?:(?:https?|ftp)://|www.)[-a-z0-9+&@#/%?=~_|!:,.;]*[-a-z0-9+&@#/%=~_|]/i",$website)) {
       $websiteErr = "Invalid URL";

   if (empty($_POST["comment"])) {
     $comment = "";
   } else {
     $comment = test_input($_POST["comment"]);

   if (empty($_POST["gender"])) {
     $genderErr = "Gender is required";
   } else {
     $gender = test_input($_POST["gender"]);

function test_input($data) {
   $data = trim($data);
   $data = stripslashes($data);
   $data = htmlspecialchars($data);
   return $data;

Html form

Name: <input type="text" name="name"> <span class="error">* <?php echo $nameErr;?></span>
E-mail: <input type="text" name="email"> <span class="error">* <?php echo $emailErr;?></span>
Website: <input type="text" name="website"> <span class="error"><?php echo $websiteErr;?></span>
Comment: <textarea name="comment" rows="5" cols="40"></textarea>
<input type="radio" name="gender" value="female">Female
<input type="radio" name="gender" value="male">Male
<span class="error">* <?php echo $genderErr;?></span>
<input type="submit" name="submit" value="Submit">

Creating a Date Range Array with PHP

I recently needed to come up with an array of dates between two given dates. I typically work in the MySQL-compatible ‘YYYY-MM-DD’ date format, so I wanted it to use dates like that. So I came up with the following function:

function createDateRangeArray($strDateFrom,$strDateTo) {
  // takes two dates formatted as YYYY-MM-DD and creates an
  // inclusive array of the dates between the from and to dates.

  // could test validity of dates here but I'm already doing
  // that in the main script


  $iDateFrom=mktime(1,0,0,substr($strDateFrom,5,2),     substr($strDateFrom,8,2),substr($strDateFrom,0,4));
  $iDateTo=mktime(1,0,0,substr($strDateTo,5,2),     substr($strDateTo,8,2),substr($strDateTo,0,4));

  if ($iDateTo>=$iDateFrom) {
    array_push($aryRange,date('Y-m-d',$iDateFrom)); // first entry

    while ($iDateFrom<$iDateTo) {
      $iDateFrom+=86400; // add 24 hours
  return $aryRange;


Auto Redirect page after a specified time

A refresh Meta tag can be used in the head tags that allow for the automatic redirection of a page after a specified time. Check the code example below.

<meta http-equiv="refresh" content="5;http://localhost/homeseekers_rent/select_pickup_time.php" />

Simple Redirection in Php

To redirect the visitor to another page (particularly useful in a conditional loop), simply use the following code:

header('Location: mypage.php');

Where mypage.php is the address of the page to which you want to redirect the visitors.

Relative/absolute path

Ideally, choose an absolute path from the root of the server (DOCUMENT_ROOT), the following format:

header('Location: /directory/mypage.php');

If ever the target page is on another server, you include the full URL:

<?php     header('Location:');     ?>   

Pick Last element from the url in php

parse_url() is php function which parses a URL and returns an associative array containing any of the various components of the URL that are present.
This function is not meant to validate the given URL, it only breaks it up into parts. Partial URLs are also accepted, parse_url() tries its best to parse them correctly.

$keys = parse_url($url); // parse the url
$path = explode("/", $keys['path']); // splitting the path

Example of url

Output Value;