At 5/6/2007 09:39 AM, Todd Cary wrote:
You make a good point. What is your suggestion for the following sequence:
$number = $row->AMOUNT; // Get the double from MySQL
To display the number in the HTML edit field, I do
$display_number = number_format($number, 2, '.', '');
The user may enter a character that will not be accepted by MySQL, so I do
$mysql_number = preg_replace('/[^0-9^\.]/', '', $display_number);
Ah. I had earlier assumed that you were supplying the same numeric
value to two output destinations -- display and SQL. Instead, you're
taking a single value from SQL to input and another single value from
input to SQL. Even if you understand that these are the same number
in the context of the application, they could as easily be totally
separate because the two operations are disconnected from one another:
1) [SQL] --> [transform 1] --> [input]
2) submit form
3) [input] --> [transform 2] --> [SQL]
Transform 1 converts from the pure float value to a formatted string,
for which number_format() works fine. (You mentioned that these are
dollar amounts, but I wouldn't bother including the currency symbol
in with the input text, rather more like:
Enter price: $[__0.00]
where [___] is the input field.)
Transform 2 converts whatever the user has entered into a valid
numeric to pass to SQL. For many applications, I don't think a good
input validation routine would simply delete any non-numeric
character from the input. A user could erroneously type oh for zero,
el for one, or hit the shift key while typing a digit. Better, I
think, to preserve the input if it isn't valid and ask the user to
reconsider. Their own correction of their input might be
significantly different from a simple reduction.
A regular expression pattern to check for valid currency input might be:
[+-($]*\d{1,3}(,\d{3})*(\.\d*){0,1}\){0,1}
[+-($]* zero or more: plus, minus, open-paren, or currency symbol
\d{1,3} one to three: numeric digits
(,\d{3})* zero or more: comma-digit-digit-digit groups
(\.\d*){0,1} zero or one: decimal point followed by any number of digits
\){0,1} zero or one: close-paren
Any string failing to match this pattern could warrant an error message.
This example is of course dollar-oriented; you may wish to make your
logic apply equally to foreign currencies. Note that different
cultures have very different ways of expressing numbers -- comma for
the decimal point and period for the thousands separator, different
numbers of digits between separators, and different characters mixed
with the digits to indicate scale.
Once you accept the input, then you could delete all the characters
that aren't digits or period. Keep that decimal point, it's too
significant to lose.
Regards,
Paul
__________________________
Paul Novitski
Juniper Webcraft Ltd.
http://juniperwebcraft.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
