I'd like to know how to build a "better-mouse trap" for my form. (Online: http://sonoracabinets.com/contact.html and don't worry, it is valid HTML 4.01 Transitional but not Strict.) There is a way to by-pass the JavaScript form validation, so I am using PHP to validate the form if the person trying to by-pass validation just happens to know how to get past it (there's only one Javascript way that exists that I know of).
I have the following PHP code for my form validation and it works great, however, I was wondering if there were any tips or other better ways of validating the form (in addition to what I already have).
PHP Code:
if($_POST['clientName']=="" || $_POST['clientName']==" "){
$msg = "<li type=\"square\">Your <i>full</i> name.</li>";
} else{$correct=1;}
if($_POST['clientEmail']=="" || $_POST['clientEmail']==" "){
$msg .= "<li type=\"square\">Your <i>email</i> address.</li>";
} else {$correct+=1;}
if($_POST['clientMsg']=="" || $_POST['clientMsg']==" " || $_POST['clientMsg']=='\n'){
$msg .= "<li type=\"square\">Your <i>message</i>.</li>";
} else {$correct+=1;}
if($correct==3){
$compMsg="You have received an email from $_POST['clientName'] from your Web site: [url]www.SonoraCabinets.com.[/url] Here is their information:\nClient Name: ".$_POST['clientName']."\nClient Email Address: ".$_POST['clientEmail']."\nClient Message: ".$_POST['clientMsg'];
mail("sales@sonoracabinets.com","Email from [url]www.SonoraCabinets.com[/url]",$compMsg,"From:$_POST['clientEmail']");
echo ("<P><h2>Here is the information you sent us:</h2></p>
<p>Full Name: ".$_POST['clientName']."</p>
<p>Email address: ".$_POST['clientEmail']."</p>
<p>Your message: ".$_POST['clientMsg']."</p><br>
<p><h3>Thank you for your email! We will get back to you as soon as possible!</h3></p>");
} else {
echo ("<font color=\"red\">You have left out the following field(s):<br><ul>");
echo $msg;
echo ("</ul><br>Please click the <a href=\"javascript:history.go(-1)\">back</a> button on your browser and fill out the form correctly.</font>");
}
Thanks, guys.
P.S. I just so wanted to post a PHP question in the new forum. lol
Last edited by Jona; 05-13-2003 at 11:45 PM.
Visit Slightly Remarkable to see my portfolio, resumé, and consulting rates.
It looks pretty good, unless you want to validate the email address. Also, just to point out how most people would do it syntactially, they would set $correct = 0; before any validation takes place, then any errors set $correct = 1; You can then check if ($correct == 0). But, that is just a matter of preference, I would say...
Also, in the $compMsg and mail() did you forget to \ some of your "s? It looks like it to me...
Actually, it works perfectly, but I did want to make it validate the email address better. (Did you take a look at my JavaScript code on that page? It's hard to read, but it works very well.) This forum added UBB code to my script, so the quotes were screwed. lol, it has the quotes escaped properly in the *real* script.
So, how would I go about validating the email field? I tried using if(strlen($_POST['clientName']<3)){ but that caused a parse error (T_VARIABLE is undefined or something like that). I'm not sure why, but that doesn't really matter, though. Does PHP have a method like JavaScript's indexOf() method?
Visit Slightly Remarkable to see my portfolio, resumé, and consulting rates.
Hmmm.. This brings up a new question. I've never use Regular Expressions in PHP (ok, so I've used them once before, but.. ) Could you break that down for me?
/^w+@w+.[a-z]{2,}(.[a-z]{2,})?$/i
Ignore case, I understand the a-z thing, but what is the {2,} for? And what is the w for?
Visit Slightly Remarkable to see my portfolio, resumé, and consulting rates.
Ah, crap... the forums messed it up. It is supposed to be \w which stands for any alpha-numeric character, including the underscore. It is equivalent to [A-Z-a-z0-9_] And, the {2,} is to check the lenght of the TLD. It makes sure the TLD is at least 2 characters long, but it can be longer. I am not certain on the maximum length of a TLD, so I left the second part blank (and lenght) For insance .museum is a valid TLD, and if we were sure that was the longest, we could do {2,6} to make sure the TLD is anywhere from 2 to 6 characters long.
Let me know if you need me to explain any of the rest of it...
Unfortunately that regex will reject some valid addresses. Here's a regex derived from RFC822: Standard for ARPA Internet Text Messages. Obviously more complex, but nothing short of perfect.
*Eyes enlarge to 3 feet* Whoa! OK, I'll give that one a shot. Jeff, what was the URL/site that you got the from? I really need to have a look at what else they have to say. lol
Visit Slightly Remarkable to see my portfolio, resumé, and consulting rates.
Problem, guys.... I tried it and it give me an error: "Unexpected '[' line 35" Of course, line 35 in the document is plain HTML, and line 35 starting with the first line of PHP code is almost the last line of PHP and has nothing to do with the error for sure. Here's what I tried:
I took out the quotes and made them apostrophes, but that just cause error: "Unexpected '{' line 35" instead! (I used preg_match(' ') instead of preg_match(" ").)
Visit Slightly Remarkable to see my portfolio, resumé, and consulting rates.
You need to use single quotes (') rather than double (") around the regexp, like this:
PHP Code:
if (preg_match('/[^\x00-\x20()<>@,;:\\".[\]\x7f-\xff]+(?:\.[^\x00-\x20()<>@,;:\\".[\]\x7f-\xff]+)*\@[^\x00-\x20()<>@,;:\\".[\]\x7f-\xff]+(?:\.[^\x00-\x20()<>@,;:\\".[\]\x7f-\xff]+)+/i', $_POST['clientEmail']))
Reply With Quote
Whoa
Bookmarks