how to eliminate space in forms in php

how can i prevent a form to be submitted when it only contains a space? for example a user presses the space bar on a field, the space will be considered as a character so the forms submits. how can i prevent that in php?

13.10.2009 21:14:19
PHP can't prevent the direct submission of a form, that falls within the javascript realm. I assume you mean checking for space-only characters in a submitted form.
Mike B 13.10.2009 21:22:14
how can i check it in javascript?
noob 13.10.2009 22:13:13

For PHP - Server-side validation (After the form is submitted)

A combination of trim() and empty() will return true if passed a string with only a space.

$a = ' ';
$a = trim($a);
if (empty($a)) print 'Empty!'; // Empty!

Sidenote: Under normal circumstances, it's always a good idea to trim() user-input.

For Javascript - Client-side validation (Before the form is submitted)

Use the onSubmit event to fire a validate function:

<form onSubmit="validate()">
  <input type="text" id="myInput" />
  <input type="submit" value="submit" />

<script type="text/javascript">
function validate() {
  myInput = document.getElementById('myInput');
  if (myInput.value.match(/^s+$/) || myInput.value == '') {
    alert('No Empty Values!');
    return false;
13.10.2009 22:54:19
At my firm, we consider it "good practice" to validate both via client and server. Just a thought.
Bryan A 13.10.2009 22:42:32

Use trim() and then test against null values.

Mike B presents a good point. You could prevent the form from actually being submitted with Javascript. If you rely on PHP, the form will be submitted, but you could present the same form to the user with an error message.

13.10.2009 21:25:51
test against null? Shouldn't you test against an empty string? Yes "" == null, but "" === ""!
nickf 13.10.2009 22:47:14


<form onsubmit="return validate(this);">


function validate(form) {
    ok = true;
    for (var i = 0, il = form.elements.length; i < il; ++i) {
        form.elements[i].value = form.elements[i].value
                                    .replace(/^\s\s*/, '')
                                    .replace(/\s\s*$/, '');
        ok &= !!form.elements[i].value;
    if (!ok) alert("Oh hey - type something in these boxes, k?");
    return ok;


$myVar = trim($_POST['myFormVariable']);
if (!$myVar) {
    echo "Oh hey, you should type something.";
} else {
13.10.2009 22:46:23
\s\s* == \s+. Also, why not just form.elements[i].value = form.elements[i].value.replace(/^\s+|\s+$/g, '');?
Justin Johnson 13.10.2009 23:04:38
because that's much slower. The regex has to parse the entire string, instead of the just the first (and last) chars which are spaces. See this article which benchmarks 11 different types of trim function. Note specifically the difference between functions 1 and 2 (I used #1 above). \s+ is actually slower than \s\s*
nickf 14.10.2009 02:39:26

Once your forms get more complex Jquery has a wonderful plugin for this called validate that provides extensive form validation.

+1 to Plan B. Always validate the same input again in php as there is nothing stopping a user from just creating his own form and submitting it to your page.

14.10.2009 04:56:02