What exactly does the PHP function "test_input()" do?

Question

I know I will be voted down for this, but I need to ask. What does the code below mean? Specifically, I am confused by

if (empty($_POST["comment"])) { $comment = ""; 

Does this mean that if the user has not inserted his comments, then the field for which the value is "$comment" will be blank? And if the user HAS inserted a comment, then the value "$comment" will be put through the test_input function? I have looked at the w3schools website but I am none the wiser. It is unbelievable that NO website even describes what test_input does, and believe me, I've looked at dozens of websites. In fact, I am not the only SO user who thinks that test_input is a mysterious function.

if ($_SERVER["REQUEST_METHOD"] == "POST") {
    echo 'posted';
    if (empty($_POST["comment"])) {
        $comment = "";
    } else {
        $comment = test_input($_POST["comment"]);
    }

Answer 1

test_input is a user defined function and not a function built into PHP. Looking at the code it does indeed mean that if no comment has been inserted then it will be empty, however if it is not empty run the comment through the test_input function.

On this page http://www.w3schools.com/php/php_form_validation.asp we can see where they have declared the test_input function, specifically this part of the page

<?php
// define variables and set to empty values
$name = $email = $gender = $comment = $website = "";

if ($_SERVER["REQUEST_METHOD"] == "POST") {
  $name = test_input($_POST["name"]);
  $email = test_input($_POST["email"]);
  $website = test_input($_POST["website"]);
  $comment = test_input($_POST["comment"]);
  $gender = test_input($_POST["gender"]);
}

function test_input($data) {
  $data = trim($data);
  $data = stripslashes($data);
  $data = htmlspecialchars($data);
  return $data;
}
?>

Lets say for example that every comment that was made you wanted to put a date and timestamp on the end, the following code would achieve this.

if ($_SERVER["REQUEST_METHOD"] == "POST")
{
     echo 'posted';

     if (empty($_POST["comment"]))
     {
         $comment = "";
     }
     else
     {
        $comment = add_date($_POST["comment"]);
     }
 }

 function add_date($comment)
 {
      return $comment . date('d-m-Y G:i:s');
 }

Therefore if the user entered Hello this is a comment, $comment would now be Hello this is a comment 28-11-2014 16:00:00

So to finalize, test_input is simply a function name created by w3schools and they use it whenever the page refers to any kind of validation of input etc.

Answer 2

test_input() is a user - defined function used by w3schools:

function test_input($data) {
    $data = trim($data);
    $data = stripslashes($data);
    $data = htmlspecialchars($data);
    return $data;
}

For example:

<?php
  // define variables and set to empty values
  $name = $email = $gender = $comment = $website = "";

  if ($_SERVER["REQUEST_METHOD"] == "POST") {
    $name = test_input($_POST["name"]);
    $email = test_input($_POST["email"]);
    $website = test_input($_POST["website"]);
    $comment = test_input($_POST["comment"]);
    $gender = test_input($_POST["gender"]);
  }

  function test_input($data) {
    $data = trim($data);
    $data = stripslashes($data);
    $data = htmlspecialchars($data);
    return $data;
  }
?>

• trim($data) will strip unnecessary characters (extra space, tab, newline) from the user input data (with the PHP trim() function).
• stripslashes($data) will remove backslashes () from the user input data (with the PHP stripslashes() function).
• htmlspecialchars($data) converts special characters to HTML entities.
  • (If the user inputs < and >, htmlspecialchars() will translate it to < and >).

Answer 3

There is no any such PHP function like test_input().

It might be the user defined function in w3schools website. Just go on the website you mentioned and run the example code and in tryit editor check the source code once, you may get that function there.

Some times websites dont display all the functions while giving the explanation, so just refer the source code

Answer 4

test_input() is not a standard php function but you know you can make your own functions just like this:

function test_input($input){
   $output = $input." Oh, I'm updated."; // Whatever process you want to make
   return $output;
}

Then you can call test_input() in your php script.

So basically you should ask the author what this does or just search for definition of test_input().

If you use frameworks, libraries or plugins, there are tons of non-standard functions defined and what you can is to check the document(api) or to read the source code to find out the answer.

Perhaps you can post the whole script, maybe we can find out where test_input() is.