Developer.com content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
Introduction
One of the key reasons for the meteoric rise of the World
Wide Web is that unlike television, radio, or the
traditional newspaper, it offers an immediate conduit for
two-way communication. Yet many Web developers, particularly
those with relatively little experience, seem to place
remarkably little emphasis on devising efficient methods for
accepting and processing user-provided information. Much of
the reason for such oversight is due to complexity;
effectively validating a complex string such as an e-mail
address, or ensuring that a password is of a certain length
are programmatic tasks which can strain the boundaries of
many beginning developers’ knowledge. Additionally,
developers need to understand how to effectively respond to
errors which crop up in the validation process, whether it’s
providing the user with error-specific feedback, or
repopulating the form in order to not discourage the errant
user from correcting his errors and submitting the form
anew.
Given the universal challenge forms processing presents
to Web developers no matter the project, it’s no wonder that
implementing an efficient forms processing solution is often
high on the priority list of most Web framework developers.
The Zend Framework is no different, offering developers a
powerful solution for not only validating forms data, but
actually programmatically building the form HTML. In this
tutorial I’ll introduce you to the Zend Framework’s
validation feature, showing you how easy it is to not only
validate user provided data with confidence, but also how to
inform the user of the error should validation fail.
Introducing the Zend_Validate Component
These days most serious Web sites provide the visitor
with an opportunity to become a registered user in order to
access restricted material or customized content. Because
the number of registered users is often directly
proportional to a Web site owner’s income, it’s crucial for
the registration step to be streamlined and convenient in
order to give the visitor every incentive to complete the
process. Although you should keep the required registration
fields to a minimum in order to provide the user with the
shortest path to completion, the validation necessary to vet
the data often goes beyond merely determining whether a
field was left blank. Figure 1 presents what such a
registration form might look like.
Figure 1. A Web site registration form
Although consisting of just five fields, validating this
form presents several challenges:
- Name: The name field must not be blank.
- E-mail Address: The e-mail address field must not be
blank, and must contain a valid e-mail address as defined by
RFC 2822. - Password: The password must not be blank, and must
consist of at least six characters. Further, the password
and confirmed password must match. - Terms of Service: The check box must be checked.
Using the Zend Framework’s Zend_Validate
component, carrying out these field validations is a trivial
process. Zend_Validate offers developers an
extensive suite of validation procedures capable of ensuring
data meets a wide variety of specifications, such as whether
a number falls within a certain range, a credit card is
valid as defined by the Luhn algorithm, or a value falls
within a predefined list of valid values as defined by
elements within an array. These procedures are packaged
within the component as a number of different classes, with
each class serving a specific validation purpose. See this
page of the Zend Framework manual for a complete list of
what’s available.
To validate the fields, first you’ll invoke the
Zend_Validate() class, and then add validators
by passing each to the addValidator() class,
like this:
$validator = new Zend_Validate_NotEmpty();
Next you’ll call the isValid() method,
passing in the field you’d like to validate. If the
isValid() method returns FALSE, you can call
the getMessages() method to retrieve a list of
predefined error messages.
if (! $validator->isValid($this->_request->getPost(‘name’))) {
echo “The name is not blank”;
} else {
foreach($validator->getMessages() as $message) {
echo “{$message}<br />”;
}
}
As I mentioned, the Zend_Validate component’s
capabilities go well beyond merely checking a value for
existence. For instance, to validate an e-mail address, you
can both ensure the value is not blank and that it meets the
requirements as defined by RFC 2822 by invoking the
EmailAddress class:
$validator = new Zend_Validate_EmailAddress();if (! $validator->isValid($this->_request->getPost(’email’)) {
echo “Please provide your e-mail address.”;
}
Streamlining the Validator Invocation Process
Although it’s possible to invoke each validation class as
needed, you can use a very convenient static method named
Zend_Validate::is() to streamline the
invocation process. For instance, to determine whether a
field is blank, you can invoke the NotEmpty
class like this:
if (! Zend_Validate::is($data[’name’], ‘NotEmpty’)) {
echo “Please provide your name.”;
}
Customizing Error Messages
When an error occurs, the getMessages()
method will retrieve a list of predefined error messages.
However, these messages can be quite terse; For instance, in
the case the Zend_Validate_NotEmpty() validator
determines a value to be empty, the following error message
will be provided:
Value is required and can’t be empty
This isn’t exactly an ideal message, if for any other
reason because it doesn’t tell the user precisely which
value is required and can’t be empty. You can override the
default messages
$validator->setMessages(array(Zend_Validate_NotEmpty::IS_EMPTY => “Please provide your name.”));
Next, rather than output the error messages using a
for loop within your controller action (which
would break the MVC paradigm), create an array used to
contain errors, and then assign the
getMessages() return value to it:
$this->view->errors = array();
$this->view->errors = $validator->getMessages();
Finally, to present the errors in a well-organized
fashion, I like to use a custom view helper which can be
repeatedly used throughout the Web site as desired:
<?phpclass Zend_View_Helper_Errors extends Zend_View_Helper_Abstract
{public function Errors($errors)
{echo “<div id=’errors’>”;
echo “<p>Errors were found:</p>”;
echo “<ul>”;foreach ($errors AS $error) {
echo “<li>$error</li>”;
}echo “</ul>”;
echo “</div>”;}
}
?>
Within the view, you can call the helper like this:
<?php if (count($this->errors) > 0) { ?>
<?= $this->Errors($this->errors); ?>
<?php } ?>
After some CSS styling, attempting to submit the form
with a blank name will produce the error message shown in
Figure 2.
Figure 2. Displaying an error message
Validating Multiple Fields
Of course, chances are your form will contain multiple
fields, such as the aforementioned registration form.
Because you’ll need to validate each field, it’s possible
that several errors could crop up. You’ll need to keep track
of all errors and present them to the user. To do this, I
like to eliminate the need to use the
getMessages method altogether and just use my
own simple error tracking feature, like this:
$this->errors = array();if (! Zend_Validate::is($this->_request->getPost(‘name’), ‘NotEmpty’)) {
$this->errors[] = “Please provide your name.”;
}if (! Zend_Validate::is($this->_request->getPost(’email’), ‘EmailAddress’)) {
$this->errors[] = “Please provide a valid e-mail address.”;
}if (count($this->view->errors) > 0) {
$this->view->errors = $this->errors;
} else {
// Continue with processing
}
Where to From Here?
Processing user input is such a commonplace task within
Web sites of all sizes and purposes, that there’s really no
excuse to not rely upon a well-organized approach such as
the one offered by the Zend Framework. In fact, forms
processing is so important that the framework actually
offers quite a bit more functionality than what has been
introduced in this tutorial. Check out the following links
for more information!
- The Zend_Form Component: This component gives developers
the ability to not only programmatically create forms, but
also filter and validate input. - The Zend_Filter_Input Component: This component
offers developers a means for declaratively identifying
which form fields must be validated.
About the Author
Jason Gilmore is founder of EasyPHPWebsites.com, and author of the popular book, “Easy PHP Websites
with the Zend Framework“. Formerly Apress‘ open source
editor, Jason fostered the development of more than 60
books, along the way helping to transform their open source
line into one of the industry’s most respected publishing
programs. Over the years he’s authored several other books,
including the best-selling Beginning PHP
and MySQL: From Novice to Professional (currently in its
third edition), Beginning PHP
and PostgreSQL: From Novice to Professional, and Beginning PHP
and Oracle: From Novice to Professional.
Jason is a cofounder and speaker chair of CodeMash, a nonprofit
organization tasked with hosting an annual namesake
developer’s conference, and was a member of the 2008 MySQL
Conference speaker selection board.
Jason has published more than 100 tutorials and articles
within prominent publications such as Developer.com, Linux Magazine, and TechTarget.
