PHP：验证表单输入（添加到购物车）

the forms in my onlinestore have looked like this in the past:

<form action="cart.php" method="post">
    <input type="hidden" name="article_number" value="12345">
    <input type="hidden" name="article_name" value="T-Shirt Summer 2015">
    <input type="hidden" name="price" value="19.00">
    <select name="size"><option>S<option>M<option>L</select>
    <select name="colour"><option>black<option>white</select>
    <input type="submit" value="Add to cart">
</form>

The cart.php just put the data into a session without any validation. As you can see it would be very easy to cheat with the form (save local, change price to 9.00, add colours that doesn't exist in reality etc.

So my new idea was this:

<form action="cart.php" method="post">
    <input type="hidden" name="article_number" value="12345">
    <select name="size"><option>S<option>M<option>L</select>
    <select name="colour"><option>black<option>white</select>
    <input type="submit" value="Add to cart">
</form>

I've removed the name of the article and the price to avoid manipulations here.

So what's next? Best way to validate the data?

1. if(!empty($_POST['article_number']))
2. Check in DB if article_number is valid
3. Get all available colours (in DB in field "colours" like "black,white,blue")
4. if(in_array($_POST['colour'], explode(",",$row['colours'])))
5. Get all available sizes (in DB in field "sizes" like "S,M,L,XL,XXL")
6. if(in_array($_POST['size'], explode(",",$row['sizes'])))
7. Get article name and article price from DB
8. Write data to session (to show cart)

Do i need to do more validating? trim()? I'm using PDO...

Thanks!