www.webdeveloper.com
Page 1 of 2 12 LastLast
Results 1 to 15 of 30

Thread: Form validation

  1. #1
    Join Date
    Jan 2003
    Location
    Texas
    Posts
    10,413

    Form validation

    I'd like to know how to build a "better-mouse trap" for my form. (Online: http://sonoracabinets.com/contact.html and don't worry, it is valid HTML 4.01 Transitional but not Strict.) There is a way to by-pass the JavaScript form validation, so I am using PHP to validate the form if the person trying to by-pass validation just happens to know how to get past it (there's only one Javascript way that exists that I know of).

    I have the following PHP code for my form validation and it works great, however, I was wondering if there were any tips or other better ways of validating the form (in addition to what I already have).

    PHP Code:
    if($_POST['clientName']=="" || $_POST['clientName']==" "){
    $msg "<li type=\"square\">Your <i>full</i> name.</li>";
    } else{
    $correct=1;}
    if(
    $_POST['clientEmail']=="" || $_POST['clientEmail']==" "){
    $msg .= "<li type=\"square\">Your <i>email</i> address.</li>";
    } else {
    $correct+=1;}
    if(
    $_POST['clientMsg']=="" || $_POST['clientMsg']==" " || $_POST['clientMsg']=='\n'){
    $msg .= "<li type=\"square\">Your <i>message</i>.</li>";
    } else {
    $correct+=1;}
    if(
    $correct==3){
    $compMsg="You have received an email from $_POST['clientName'] from your Web site: [url]www.SonoraCabinets.com.[/url] Here is their information:\nClient Name: ".$_POST['clientName']."\nClient Email Address: ".$_POST['clientEmail']."\nClient Message: ".$_POST['clientMsg'];
    mail("sales@sonoracabinets.com","Email from [url]www.SonoraCabinets.com[/url]",$compMsg,"From:$_POST['clientEmail']");
    echo (
    "<P><h2>Here is the information you sent us:</h2></p>
    <p>Full Name: "
    .$_POST['clientName']."</p>
    <p>Email address: "
    .$_POST['clientEmail']."</p>
    <p>Your message: "
    .$_POST['clientMsg']."</p><br>
    <p><h3>Thank you for your email! We will get back to you as soon as possible!</h3></p>"
    );
    } else {
    echo (
    "<font color=\"red\">You have left out the following field(s):<br><ul>");
    echo 
    $msg;
    echo (
    "</ul><br>Please click the <a href=\"javascript:history.go(-1)\">back</a> button on your browser and fill out the form correctly.</font>");

    Thanks, guys.

    P.S. I just so wanted to post a PHP question in the new forum. lol
    Last edited by Jona; 05-14-2003 at 12:45 AM.

  2. #2
    Join Date
    Dec 2002
    Location
    High on life
    Posts
    10,104
    It looks pretty good, unless you want to validate the email address. Also, just to point out how most people would do it syntactially, they would set $correct = 0; before any validation takes place, then any errors set $correct = 1; You can then check if ($correct == 0). But, that is just a matter of preference, I would say...

    Also, in the $compMsg and mail() did you forget to \ some of your "s? It looks like it to me...

  3. #3
    Join Date
    Jan 2003
    Location
    Texas
    Posts
    10,413
    Actually, it works perfectly, but I did want to make it validate the email address better. (Did you take a look at my JavaScript code on that page? It's hard to read, but it works very well.) This forum added UBB code to my script, so the quotes were screwed. lol, it has the quotes escaped properly in the *real* script.

    So, how would I go about validating the email field? I tried using if(strlen($_POST['clientName']<3)){ but that caused a parse error (T_VARIABLE is undefined or something like that). I'm not sure why, but that doesn't really matter, though. Does PHP have a method like JavaScript's indexOf() method?

  4. #4
    Join Date
    Dec 2002
    Location
    High on life
    Posts
    10,104
    I would use regular expressions to do this. Something like this... (untested)

    PHP Code:
    if (preg_match("/^\w+@\w+\.[a-z]{2,}(\.[a-z]{2,})?$/i"$_POST['clientEmail'])) {
        echo 
    "Address is valid";
    }
    else {
        echo 
    "Address is invalid";


  5. #5
    Join Date
    Jan 2003
    Location
    Texas
    Posts
    10,413
    Hmmm.. This brings up a new question. I've never use Regular Expressions in PHP (ok, so I've used them once before, but.. ) Could you break that down for me?

    /^w+@w+.[a-z]{2,}(.[a-z]{2,})?$/i

    Ignore case, I understand the a-z thing, but what is the {2,} for? And what is the w for?

  6. #6
    Join Date
    Dec 2002
    Location
    High on life
    Posts
    10,104
    Ah, crap... the forums messed it up. It is supposed to be \w which stands for any alpha-numeric character, including the underscore. It is equivalent to [A-Z-a-z0-9_] And, the {2,} is to check the lenght of the TLD. It makes sure the TLD is at least 2 characters long, but it can be longer. I am not certain on the maximum length of a TLD, so I left the second part blank (and lenght) For insance .museum is a valid TLD, and if we were sure that was the longest, we could do {2,6} to make sure the TLD is anywhere from 2 to 6 characters long.

    Let me know if you need me to explain any of the rest of it...

  7. #7
    Join Date
    Jan 2003
    Location
    Texas
    Posts
    10,413
    Actually, I do understand... Except... What is a TLD? lol

  8. #8
    Join Date
    Dec 2002
    Location
    High on life
    Posts
    10,104
    TLD stands for 'Top Level Domain' and is the domain ending, ie. .com, .net, etc...

  9. #9
    Join Date
    Nov 2002
    Location
    NY, USA
    Posts
    731
    PHP:--------------------------------------------------------------------------------
    if (preg_match("/^w+@w+.[a-z]{2,}(.[a-z]{2,})?$/i", $_POST['clientEmail'])) {
    echo "Address is valid";
    }
    else {
    echo "Address is invalid";
    }

    --------------------------------------------------------------------------------
    Unfortunately that regex will reject some valid addresses. Here's a regex derived from RFC822: Standard for ARPA Internet Text Messages. Obviously more complex, but nothing short of perfect.
    Code:
    /^[^\x00-\x20()<>@,;:\\".[\]\x7f-\xff]+(?:\.[^\x00-\x20()<>@,;:\\".[\]\x7f-\xff]+)*\@[^\x00-\x20()<>@,;:\\".[\]\x7f-\xff]+(?:\.[^\x00-\x20()<>@,;:\\".[\]\x7f-\xff]+)+$/
    This regex was tested in Perl, so some characters preceeded with a backslash (such as @) may not need be in PHP.
    Last edited by jeffmott; 03-29-2005 at 10:20 AM.

  10. #10
    Join Date
    Jan 2003
    Location
    Texas
    Posts
    10,413

    Exclamation Whoa

    *Eyes enlarge to 3 feet* Whoa! OK, I'll give that one a shot. Jeff, what was the URL/site that you got the from? I really need to have a look at what else they have to say. lol

  11. #11
    Join Date
    Nov 2002
    Location
    NY, USA
    Posts
    731

  12. #12
    Join Date
    Jan 2003
    Location
    Texas
    Posts
    10,413
    Wow, very interesting, indeed. lol Thanks, Jeff.

  13. #13
    Join Date
    Jan 2003
    Location
    Texas
    Posts
    10,413
    Problem, guys.... I tried it and it give me an error: "Unexpected '[' line 35" Of course, line 35 in the document is plain HTML, and line 35 starting with the first line of PHP code is almost the last line of PHP and has nothing to do with the error for sure. Here's what I tried:

    PHP Code:
    if(preg_match("/[^\x00-\x20()<>@,;:\\".[\]\x7f-\xff](?:\.[^\x00-\x20()<>@,;:\\".[\]\x7f-\xff])*\@[^\x00-\x20()<>@,;:\\".[\]\x7f-\xff](?:\.[^\x00-\x20()<>@,;:\\".[\]\x7f-\xff])*/"$_POST['clientEmail']))
    {
    $correct+=1;}
    else{
    $msg.="<li>Your <i>email</i> address.</li>";} 
    I took out the quotes and made them apostrophes, but that just cause error: "Unexpected '{' line 35" instead! (I used preg_match(' ') instead of preg_match(" ").)

  14. #14
    Join Date
    Dec 2002
    Location
    High on life
    Posts
    10,104
    Often times the line number means you forgot something one line before ( like a closing } ). Check line 34 for errors.

  15. #15
    Join Date
    Dec 2002
    Location
    High on life
    Posts
    10,104
    Jona -

    You need to use single quotes (') rather than double (") around the regexp, like this:

    PHP Code:
    if (preg_match('/[^\x00-\x20()<>@,;:\\".[\]\x7f-\xff]+(?:\.[^\x00-\x20()<>@,;:\\".[\]\x7f-\xff]+)*\@[^\x00-\x20()<>@,;:\\".[\]\x7f-\xff]+(?:\.[^\x00-\x20()<>@,;:\\".[\]\x7f-\xff]+)+/i'$_POST['clientEmail'])) 

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles