Results 1 to 4 of 4

Thread: Form validation when javascript is disabled

  1. #1
    Join Date
    Feb 2014

    Form validation when javascript is disabled


    Just wondering if anyone can help me with form validation when Javascript is disabled?

    HTML Code:
    <div class="form">
        <!-- Form Code Start -->
        <form class="contactForm" method="post" action="contact-form-mailer.php">    
            <div class="details details-left">
                <label for="Name">Name *</label>
                <input class="validate[required,length[0,100]] text-input" type="text" name="Name" id="Name" />
            <div class="details">
                <label for="Email">Email *</label>
                <input class="validate[required,custom[email]] text-input" type="email" name="Email" id="Email"/>
            <div class="details details-left">
                <label for="Phone">Phone *</label>
                <input class="validate[required,custom[telephone]] text-input" type="text" name="Telephone" id="Telephone" />
            <div class="details">
                <label for="message-title">Message Title:</label>
                <input type="text" name="Subject" id="Subject" />
            <div class="message">
                <label for="message">Message:</label> 
                <textarea rows="10" cols="50" class="validate[required,length[1,1000]] text-input" name="Enquiry" id="Enquiry"></textarea>
                <input class="submit" name="submit" type="submit" value="Submit"/>

    PHP Code:
    // Initialise the content string


    $Name $_POST['Name'];
    $Email $_POST['Email'];
    $Telephone $_POST['Telephone'];
    $Subject $_POST['Subject'];
    $Enquiry $_POST['Enquiry'];

    $to "info@beckybramwell.com"// your own E-mail address
    $subject "Website - Enquiry";

    $mailContent "Name: $Name\n" "Email: $Email\n" "Telephone: $Telephone\n" "Subject: $Subject\n" "Message: $Enquiry";

    $subject2 "Thanks for your message";
    $respondmailContent "Thank you for getting in touch! I will respond to your message as soon as possible. If you wish for a faster response, call me on 07512 585 349.";

    $headers "From: $Email"\r\n" .
    "Reply-To: $Email"\r\n" .
    "X-Mailer: PHP/" phpversion();

    $headers2 "From: info@beckybramwell.com" "\r\n" .
    "Reply-To: info@beckybramwell.com" "\r\n" .
    "X-Mailer: PHP/" phpversion();


    header('Location: thankyou.php');


    Thanks in advance!

  2. #2
    Join Date
    Mar 2007
    You would be better off asking in the PHP forum.

    To be quick, you need a function that will sanitize your inputs in to a variable that you can then refer to knowing that the data in the variable is safe.

    Foe example...
    PHP Code:
    function sanitize($variable){
    // do some sanitizing, only one option here to demonstrate...
    $variable stripslashes($variable); // strip slashes from data
    return $variable;

    $safePOST = array("Name"=>"","Email"=>"","Telephone"=>"","Subject"=>"","Enquiry"=>"");
    $safePOST as $key=>$c){
    $safePOST[$key] = isset($_POST[$key])? sanitize$_POST[$key] ) : false;

    The safePOST array will contain data that is safe to use and it also acts like a whitelist of what fields you are expecting.

    You will need to sort out what you want to do in the sanitize array to suit your needs as well as control for what you want to do if a field fails any validation you will be using
    --> JavaScript Frameworks like JQuery, Angular, Node <--
    ... and please remember to wrap code with forum BBCode tags:-

    [CODE]...[/CODE] [HTML]...[/HTML] [PHP]...[/PHP]

    If you can't think outside the box, you will be trapped forever with no escape...

  3. #3
    Join Date
    Feb 2014
    Brilliant, thanks! I'll give this a go when I get chance

  4. #4
    Join Date
    Mar 2007
    Thats ok, as long as you understand that it is just a rough idea, you do need to add some form of security to the sanitize function and that you do need to do a bit more than just blindly accept a form.

    I suggest that you add a check to ensure that your script received the form and the script is not processing push data from a web bot or a brute force attempt to find a weakness.

    I also suggest that you have a couple of hidden fields that is something like

    HTML Code:
    <input type="hidden" name="login" value="" readonly />
    <input type="hidden" name="pass" value="" readonly />
    which you also check, a web bot is not interested in if a field is hidden or readonly or not, it will see the name of login and pass and it will be programmed to assume that they are what they say they are (bit like a honey trap) and you can check that the fields are also present and also empty!!! If they are not then you know something is wrong and your script could then reject the submission

    I also advise that when you detect anything hinkey going on that your script monitors the IP address and part of your checks are made to see if you have logged the IP address and number of attempts, if they are persistent then your script does not process but dumps the user at an empty page.

    I had a web login page that would accept any log in attempt, it recorded the users IP address and simply left the user at a page thanking them for logging in, then a legitimate user would know where to go whereas anyone else would be left scratching their heads or if they were a bot then it would be apparent from the number of attempts in a specific time and all they would get is a blank screen treatment.
    --> JavaScript Frameworks like JQuery, Angular, Node <--
    ... and please remember to wrap code with forum BBCode tags:-

    [CODE]...[/CODE] [HTML]...[/HTML] [PHP]...[/PHP]

    If you can't think outside the box, you will be trapped forever with no escape...

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
HTML5 Development Center



X vBulletin 4.2.2 Debug Information

  • Page Generation 0.09883 seconds
  • Memory Usage 2,904KB
  • Queries Executed 15 (?)
More Information
Template Usage (34):
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_global_above_footer
  • (1)ad_global_below_navbar
  • (1)ad_global_header1
  • (1)ad_global_header2
  • (1)ad_navbar_below
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)ad_thread_first_post_content
  • (1)ad_thread_last_post_content
  • (2)bbcode_html
  • (2)bbcode_php
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)headinclude_bottom
  • (4)memberaction_dropdown
  • (1)navbar
  • (4)navbar_link
  • (1)navbar_moderation
  • (1)navbar_noticebit
  • (1)navbar_tabs
  • (2)option
  • (4)postbit
  • (4)postbit_onlinestatus
  • (4)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available (6):
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files (26):
  • ./showthread.php
  • ./global.php
  • ./includes/class_bootstrap.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/functions_navigation.php
  • ./includes/class_friendly_url.php
  • ./includes/class_hook.php
  • ./includes/class_bootstrap_framework.php
  • ./vb/vb.php
  • ./vb/phrase.php
  • ./includes/functions_facebook.php
  • ./includes/functions_calendar.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_notice.php
  • ./packages/vbattach/attach.php
  • ./vb/types.php
  • ./vb/cache.php
  • ./vb/cache/db.php
  • ./vb/cache/observer/db.php
  • ./vb/cache/observer.php 

Hooks Called (72):
  • init_startup
  • friendlyurl_resolve_class
  • init_startup_session_setup_start
  • database_pre_fetch_array
  • database_post_fetch_array
  • init_startup_session_setup_complete
  • global_bootstrap_init_start
  • global_bootstrap_init_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • load_show_variables
  • load_forum_show_variables
  • global_state_check
  • global_bootstrap_complete
  • global_start
  • style_fetch
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • strip_bbcode
  • friendlyurl_clean_fragment
  • friendlyurl_geturl
  • forumjump
  • cache_templates
  • cache_templates_process
  • template_register_var
  • template_render_output
  • fetch_template_start
  • fetch_template_complete
  • parse_templates
  • fetch_musername
  • notices_check_start
  • notices_noticebit
  • process_templates_complete
  • friendlyurl_redirect_canonical
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • memberaction_dropdown
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • build_navigation_data
  • build_navigation_array
  • check_navigation_permission
  • process_navigation_links_start
  • process_navigation_links_complete
  • set_navigation_menu_element
  • build_navigation_menudata
  • build_navigation_listdata
  • build_navigation_list
  • set_navigation_tab_main
  • set_navigation_tab_fallback
  • navigation_tab_complete
  • fb_like_button
  • showthread_complete
  • page_templates