I have a form in my shopping cart and once submitted goes through regex check to prevent sql injection. My question begins when any portion of form validation returns false it wipes out all the data and the form returns with blank fields (very frustrating for end user).
Additional information about validation; if it the validation through fine it stores the data in a cookie. When the person gets to the end of checkout and if they entered wrong info in their address I have set an Edit link to take them back to either Billing or Shipping page to correct. This data is read back in via the cookie and loads the cookie data into form make easier to correct.
My question is this, how can I keep the functionality of reading in cookie data if the customer is Editing previously entered information but also prevent the new data (not stored in cookie yet as it fails in regex) from being wiped when returned false in the validation?