[prev in list] [next in list] [prev in thread] [next in thread]
List: php-db
Subject: [PHP-DB] How to test PHP form for proper input
From: Phil Matt <admin () philmatt ! com>
Date: 2007-08-03 18:49:15
Message-ID: 46B378AB.1080505 () philmatt ! com
[Download RAW message or body]
I've got a mail form that automatically pulls in the addressee from a MySQL db, and lets the sender
fill in his/her own info before sending. I figured out how to set up tests for legal input in the
different fields, but I don't know how to incorporate the test results into my form submission code.
(Sorry for the dumb question, but I'm not an experienced PHP coder...)
Here the basic stuff:
//SENDS MAIL
<?
if ($submit){
mail($recipient, $subject, $message, "From:\"$from_name\"<$from_email>\r\n" .
"Reply-to: $from_email\r\n" .
"X-Mailer: PHP/" . phpversion());
echo "<h1>Your message has been sent!</h1>";}
?>
//FORM USED
<form name="mymail" id="talign3" method="post" action="<? $_SERVER['PHP_SELF']; ?>">
<table class="bg" summary="Form for sending email" cellspacing="0">
<tr rowspan="2"><th colspan="3">Send e-mail to: <? $recip=$_GET['recip']; echo "$recip"; ?></th></tr>
<tr>
<td width="23%"><label for="your name">Your Name</label></td>
<td width="77%"><input name="from_name" type="text" id="from_name" value="<?=$from_name?>"
size="45"></td>
</tr>
<tr>
<td nowrap><label for="email address">Your Email Address</label></td>
<td width="70%"><input name="from_email" type="text" id="from_email" value="<?=$from_email?>"
size="45"></td>
</tr>
<tr>
<td><label for="subject">Subject</label></td>
<td><input name="subject" type="text" id="subject" value="<?=$subject?>" size="55"></td>
</tr>
<tr>
<td style="vertical-align:top">Message</td>
<td><textarea name="message" cols="45" rows="15" id="message"><?=$message?></textarea></td>
</tr>
<tr>
<td><div align="right">
<input name="userid" type="hidden" id="userid" value="<?$to_name?>" />
<input name="cmd" type="hidden" id="cmd" value="validate_form">
<input type="submit" name="submit" value="send mail">
</div></td>
</tr>
</table></form>
//TESTING CODE
<?
$pattern = '/.*@.*\..*/';
extract($_POST);
/*validate*/
function check_from($from_name)
{
if(!preg_match("/[^a-zA-Z0-9\.\-\Ä\ä\Ö\ö\Ü\ü\]+$/s",$from_name))
return TRUE;
else
return FALSE;
}
function check_email($from_email)
{
if (!preg_match($pattern,$from_email))
return TRUE;
else
return FALSE;
}
function check_subject($subject)
{
if(!preg_match("/[^a-zA-Z0-9\.\-\Ä\ä\Ö\ö\Ü\ü\]+$/s",$from_name))
return TRUE;
else
return FALSE;
}
function check_message($message)
{
if(!preg_match("/[^a-zA-Z0-9\.\-\Ä\ä\Ö\ö\Ü\ü\]+$/s",$message))
return TRUE;
else
return FALSE;
}
/*test fails*/
$error=0; // check up variable
/*start*/
if(!check_from($from_name))
{
echo "You haven't entered your name in the Name box!";
$error++; // $error=$error+1;
}
if(!check_email($from_email))
{
echo "You haven't entered a valid email address in the email box!";
$error++;
if(!check_subject($subject))
{
echo "You haven't entered your name in the Name box!";
$error++;
if(!check_message($message))
{
echo "You haven't entered anything in the Message box!";
$error++;
}
if($error==0)
{echo
"Thank you for your email. You should receive a reply shortly from the staff person you contacted";
} else
{
echo"Number of errors: $error";
}
?>
TIA for your help!
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic