Is there a way to force all fields to be filled in with "something" before the submit button will work?

Thanx.

Code follows:
-------------------------
<?PHP

$filename = "guestbook.txt"; #CHMOD to 666
$text = "";

if (isset($_POST["submit"])) {
$name = $_POST["name"];
$message = $_POST["message"];

$date = date ("l, F jS, Y");
$time = date ("h:i A");

$value = $message."<br>\n<span style=\"font-family: verdana, arial, sans-serif; font-size: 70%; font-weight: bold;\">Posted by $name at $time on $date.</span>\n<break>\n";

##Write the file##

$fp = fopen ($filename, "a");
if ($fp) {
fwrite ($fp, $value);
fclose ($fp);
}
else {
echo ("Your entry could not be added.");
}
}

?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Guestbook</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body>
<form action="<?PHP echo $_SERVER["PHP_SELF"]; ?>" method="post">
<p>Your Message:<br>
<textarea name="message" rows="7" cols="50"></textarea><br>
Your Name: <input type="text" name="name">
<input type="submit" name="submit" value="submit"></p>
</form>

<?PHP

$contents = @file($filename) or die("No files in guestbook.");

foreach ($contents as $line_num => $line) {
$text .= $line;
}

$text = split("<break>", $text);

for ($i=0; $i<count($text)-1; $i++) {
echo "<div style=\"border: gray 1px solid; padding: 5px; font-family: arial, sans-serif; background-color: #eeeeee;\">";
echo $text[$i];
echo "</div>";
}

?>
</body>
</html>
-------------------------

Just check if they are empty() (http://us3.php.net/manual/en/function.empty.php).

Also, you should run $name and $message through htmlspecialchars() (http://us3.php.net/manual/en/function.htmlspecialchars.php) to be sure they don't insert HTML/PHP in their entries... :)

You'll have to excuse my ignorance in this matter...could you inform me of where the "empty()" should be inserted into the existing code?

Thank you.

Try this (also locked the file, to keep data protected):

<?PHP

$filename = "guestbook.txt"; #CHMOD to 666
$text = "";

if (isset($_POST["submit"])) {
$name = htmlspecialchars($_POST["name"]);
$message = htmlspecialchars($_POST["message"]);

if (empty($name)) {
echo "Please fill in your name.";
}
else if (
echo "Please fill out a message.";
}
else {
$date = date ("l, F jS, Y");
$time = date ("h:i A");

$value = $message."<br>\n<span style=\"font-family: verdana, arial, sans-serif; font-size: 70%; font-weight: bold;\">Posted by $name at $time on $date.</span>\n<break>\n";

##Write the file##

$fp = fopen ($filename, "a");
if ($fp) {
flock($fp, LOCK_EX);
fwrite ($fp, $value);
flock($fp, LOCK_UN);
fclose ($fp);
}
else {
echo ("Your entry could not be added.");
}
}
}

?>

It must be closer now because now I'm getting an error:

Parse error: parse error, unexpected T_ECHO in guestbook.php on line 14


Any ideas?

Thanx yet again.

Yeah. That error is called "me not thinking..." :rolleyes:

<?PHP

$filename = "guestbook.txt"; #CHMOD to 666
$text = "";

if (isset($_POST["submit"])) {
$name = htmlspecialchars($_POST["name"]);
$message = htmlspecialchars($_POST["message"]);

if (empty($name)) {
echo "Please fill in your name.";
}
else if (empty($message)) {
echo "Please fill out a message.";
}
else {
$date = date ("l, F jS, Y");
$time = date ("h:i A");

$value = $message."<br>\n<span style=\"font-family: verdana, arial, sans-serif; font-size: 70%; font-weight: bold;\">Posted by $name at $time on $date.</span>\n<break>\n";

##Write the file##

$fp = fopen ($filename, "a");
if ($fp) {
flock($fp, LOCK_EX);
fwrite ($fp, $value);
flock($fp, LOCK_UN);
fclose ($fp);
}
else {
echo ("Your entry could not be added.");
}
}
}

?>

Thank you. Thank you. Thank you. Thank you. Thank you. Thank you. Thank you. Thank you. Thank you. Thank you. Thank you. Thank you. Thank you. Thank you. Thank you.

;-)

You bet... :)

One last thing...

Is there a way to force a preset number of characters?

Okay...two last things...

Is there a way to check for a valid email address?

Thanx...thanx...a million times thanx.

8^)>

Take a look at this:

<?PHP
$numchars = "abcd";
if (strlen($numchars) < 5) {
echo "String too short<br>";
}
$email = "foo@your";
if (!preg_match('/[^\x00-\x20()<>@,;:\\".[\]\x7f-\xff]+(?:\.[^\x00-\x20()<>@,;:\\".[\]\x7f-\xff]+)*\@[^\x00-\x20()<>@,;:\\".[\]\x7f-\xff]+(?:\.[^\x00-\x20()<>@,;:\\".[\]\x7f-\xff]+)+/', $email)) {
echo "Please enter a valid email address";
}
?>All credit to Jeff Mott for the regex (email validation).

Thanx Pyro!!!

Thanx Jeff!!!

How about client IP Address? I tried REMOTE_ADDR, but it doesn't seem to work.

Thanx again.

$_SERVER['REMOTE_ADDR'] ;)

Originally posted by pyro
Take a look at this:

<?PHP
$email = "foo@your";
if (!preg_match('/[^\x00-\x20()<>@,;:\\".[\]\x7f-\xff]+(?:\.[^\x00-\x20()<>@,;:\\".[\]\x7f-\xff]+)*\@[^\x00-\x20()<>@,;:\\".[\]\x7f-\xff]+(?:\.[^\x00-\x20()<>@,;:\\".[\]\x7f-\xff]+)+/', $email)) {
echo "Please enter a valid email address";
}
?>


I was just wondering what part that massive line of gibberish plays in making this script work?

That "massive line of gibberish" is called a regular expression, and plays a massive roll in it. Regex are an extremely powerful tool for manipulation text and data. They allow you to match things (as the email address validation is doing), replace text (even if you do not necessarily know the text to be replaced), split text, etc.