php form validation
I use a server-side form validation code in php. It is open source, and I would like to add a couple of modifications to it, but do not know php in any depth at all.
I have saved the code as a .txt file, so can be read:
Link to code
It works great as is, but I would like to enable the user to either leave email field blank, or enter a valid email address.
Also, I would like it to incorporate a check for a checkbox, ie: return the result of checked or not to me - all I have achieved so far is a valid return if the user has checked the box. If left unchecked, I get an error.
Any help, much appreciated,
thanks.
kazimmerman posted this at 16:48 — 24th June 2009.
He has: 698 posts
Joined: Jul 2005
Alright, this should allow users to leave the email field blank:
<?php
if(isset($_POST['email'])) {
// EDIT THE 2 LINES BELOW AS REQUIRED
$email_to = // COMENTED OUT ON PURPOSE! "MYEMAILADDRESS";
$email_subject = "Website enquiry";
function died($error) {
// your error code can go here
echo "We are very sorry, but there are problems with the form you submitted.<br />";
echo "These errors appear below.<br /><br />";
echo $error."<br />";
echo "Please go back and fix these errors.<br />";
die();
}
// validation expected data exists
if(!isset($_POST['name']) ||
!isset($_POST['surname']) ||
!isset($_POST['comments']) ) {
//REMOVED THE NEED FOR AN EMAIL HERE
died('We are sorry, but there appears to be a problem with the form your submitted.');
}
$first_name = $_POST['name'];
$last_name = $_POST['surname'];
//THIS WILL TELL YOU THE EMAIL OR THAT THE EMAIL WASN'T PROVIDED
if (isset($_POST['email'])) {
$email_from = $_POST['email'];
}
else {
$email_from = "Email not given";
}
$comments = $_POST['comments'];
$error_message = "";
$string_exp = "^[a-z .'-]+$";
if(!eregi($string_exp,$first_name)) {
$error_message .= 'The First Name you entered does not appear to be valid.<br />';
}
if(!eregi($string_exp,$last_name)) {
$error_message .= 'The Last Name you entered does not appear to be valid.<br />';
}
$email_exp = "^[A-Z0-9._%-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$";
if(isset($_POST['email']) && !eregi($email_exp,$email_from)) {
//NOW THIS IS ONLY CHECKED IF THE EMAIL EXISTS
$error_message .= 'The Email Address you entered does not appear to be valid.<br />';
}
if(strlen($comments) < 2) {
$error_message .= 'The Comments you entered do not appear to be valid.<br />';
}
if(strlen($error_message) > 0) {
died($error_message);
}
$email_message = "Form details below.\n\n";
function clean_string($string) {
$bad = array("content-type","bcc:","to:","cc:","href");
return str_replace($bad,"",$string);
}
$email_message .= "First Name: ".clean_string($first_name)."\n";
$email_message .= "Last Name: ".clean_string($last_name)."\n";
$email_message .= "Email: ".clean_string($email_from)."\n";
$email_message .= "Comments: ".clean_string($comments)."\n";
// create email headers
$headers = 'From: '.$email_from."\r\n".
'Reply-To: '.$email_from."\r\n" .
'X-Mailer: PHP/' . phpversion();
@mail($email_to, $email_subject, $email_message, $headers);
?>
I left comments about what I did. As for the checkbox problem, I'm not sure what you need. Have you added it to the PHP? Because I see nothing in the file you provided about a checkbox value...
Kurtis
benjy posted this at 10:43 — 26th June 2009.
They have: 32 posts
Joined: Jun 2009
Thankyou very much for taking the time.. However, I get the error message:
"we are very sorry......... Email is not valid" !!
As for the checkbox, I tried it a while ago, but again, it threw up an error if it wasn't checked. If it was checked, I had confirmation in my email..
Going from memory, I placed code here:
// validation expected data exists
if(!isset($_POST['name']) ||
!isset($_POST['checkbox']) ||
and here:
$email_message .= "Checkbox: ".clean_string($checkbox)."\n";
Hope you can assist further.
Kiss Computing
kazimmerman posted this at 13:17 — 26th June 2009.
He has: 698 posts
Joined: Jul 2005
Alright, this should work for the email part:
<?php
if(isset($_POST['email'])) {
// EDIT THE 2 LINES BELOW AS REQUIRED
$email_to = // COMENTED OUT ON PURPOSE! "MYEMAILADDRESS";
$email_subject = "Website enquiry";
function died($error) {
// your error code can go here
echo "We are very sorry, but there are problems with the form you submitted.<br />";
echo "These errors appear below.<br /><br />";
echo $error."<br />";
echo "Please go back and fix these errors.<br />";
die();
}
// validation expected data exists
if(!isset($_POST['name']) ||
!isset($_POST['surname']) ||
!isset($_POST['comments']) ) {
//REMOVED THE NEED FOR AN EMAIL HERE
died('We are sorry, but there appears to be a problem with the form your submitted.');
}
$first_name = $_POST['name'];
$last_name = $_POST['surname'];
$email_from = $_POST['email'];
$comments = $_POST['comments'];
$error_message = "";
$string_exp = "^[a-z .'-]+$";
if(!eregi($string_exp,$first_name)) {
$error_message .= 'The First Name you entered does not appear to be valid.<br />';
}
if(!eregi($string_exp,$last_name)) {
$error_message .= 'The Last Name you entered does not appear to be valid.<br />';
}
$email_exp = "^[A-Z0-9._%-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$";
if(($email_from != "") && !eregi($email_exp,$email_from)) {
//NOW THIS IS ONLY CHECKED IF THE EMAIL EXISTS
$error_message .= 'The Email Address you entered does not appear to be valid.<br />';
}
if(strlen($comments) < 2) {
$error_message .= 'The Comments you entered do not appear to be valid.<br />';
}
if(strlen($error_message) > 0) {
died($error_message);
}
$email_message = "Form details below.\n\n";
function clean_string($string) {
$bad = array("content-type","bcc:","to:","cc:","href");
return str_replace($bad,"",$string);
}
$email_message .= "First Name: ".clean_string($first_name)."\n";
$email_message .= "Last Name: ".clean_string($last_name)."\n";
$email_message .= "Email: ".clean_string($email_from)."\n";
$email_message .= "Comments: ".clean_string($comments)."\n";
// create email headers
$headers = 'From: '.$email_from."\r\n".
'Reply-To: '.$email_from."\r\n" .
'X-Mailer: PHP/' . phpversion();
@mail($email_to, $email_subject, $email_message, $headers);
}
?>
As for the checkbox, I don't believe you can use
isset()to check it because it will throw an error if it is not checked. If you use the code you provided, theifstatement will only validate if the checkbox value is set.Kurtis
wbeaver posted this at 02:52 — 25th April 2011.
They have: 3 posts
Joined: Apr 2011
Cute. I go to join your forum and you throw me under the bus, asking for "Input". OK, here goes.
Problem: I need to know more about the mail function so that I can cause a "Email Successful!" window to appear on top of my email info collection window when mail() comes back with "true".
Application:
1) my main index.html uses a menu button to call "javascript popUp(URL)" which specifies index.php;
2) index.php uses "http://www.thnc.org/) by changing php names, but I cannot get it to appear after emails have been sent.
wbeaver posted this at 02:54 — 25th April 2011.
They have: 3 posts
Joined: Apr 2011
Replace (2) and ... "the rest of my post"...
2) index.php uses "http://www.thnc.org/) by changing php names, but I cannot get it to appear after emails have been sent.
wbeaver posted this at 03:00 — 25th April 2011.
They have: 3 posts
Joined: Apr 2011
I need help with the "mail()" function so that I can cause a "Email Successful!" window to appear on top of my email info collection window when mail() comes back with "true". Application: 1) my main index.html uses a menu button to call "javascript popUp(URL)" which specifies index.php; 2) index.php uses "http://www.thnc.org/) by changing php names, but I cannot get it to appear after emails have been sent. Suggestions?
Greg K posted this at 19:04 — 1st May 2011.
He has: 2,145 posts
Joined: Nov 2003
Hi, I was looking at your site, I take it you got it working, as I did get a "Send Successful" message (or does it show that no matter what?) I was looking at your contact page.
If you are talking about a different page and/or need more help, let me know.
-Greg
PS. I see in terms of a world read forum, we are practically neighbors. I'm over in Upper Arlington.
Want to join the discussion? Create an account or log in if you already have one. Joining is fast, free and painless! We’ll even whisk you back here when you’ve finished.