Jump to content

PHP contact form validation

wiggst3r

By wiggst3r
in PHP Coding Help

 Share

Recommended Posts

wiggst3r Member

wiggst3r

Posted
Posted

Hi

 

I've got a basic contact form, that users can enter their details into. At the moment there is some validation, but onl if the fields are blank etc.

The form allows users to enter, not only names, but also URLs. What I want to do is, prevent this from happening and not allowing any URLs into the form, maybe by removing :// away from anything in the input.

 

So far I have this:

 

<?php
function CheckForm()
{
	$strReturn = "";

	if(str_replace(" ","",$_POST["txtName"]) == "")
	{
		$strReturn .= "Please enter a name<br/>";
	}
	elseif(str_replace(" ","",$_POST["txtEmail"]) == "")
	{
		$strReturn .= "Please enter an email address<br/>";
	}
	elseif(str_replace(" ","",$_POST["txtCompany"]) == "")
	{
		$strReturn .= "Please enter a company name<br/>";
	}
	elseif(str_replace(" ","",$_POST["txtContact"]) == "")
	{
		$strReturn .= "Please enter a contact number<br/>";
	}
	elseif(str_replace(" ","",$_POST["txtEnquiry"]) == "")
	{
		$strReturn .= "Please enter an enquiry<br/>";
	}
	elseif(!isset($_POST["txtPrivacy"]))
	{
		$strReturn .= "Please confirm you agree with the privacy statement<br/>";
	}

	return $strReturn;
}

//$strMessage = "Register with this form to be kept up to date on <span class='strongred'>new offers</span> and <span class='strongred'>free samples</span>";
$strMessage = " ";
$blComplete = false;

$strName = "";
$strEmail = "";
$strCompany = "";
$strContact = "";
$strEnquiry = "";
$strPrivacy = "";
$strDate=date('Y-m-d');

//Try to register if required
if(isset($_POST["btnSubmit"]))
{
	$strMessage = CheckForm();

	if($strMessage == "")
	{
		//Input okay, so record in database
		mysql_connect("localhost","root","") or die("Unable to connect to database server");
		mysql_select_db("gfc") or die( "Unable to open database");

		mysql_query("SET SESSION max_join_size = 4294967295");

		$strSQL = "INSERT INTO Registration (registrationName, registrationCompany, registrationEnquiry, registrationEmail, registrationContact, registrationDate) ";
		$strSQL .= "VALUES ('".$_POST["txtName"]."','".$_POST["txtCompany"]."','".$_POST["txtEnquiry"]."','".$_POST["txtEmail"]."','".$_POST["txtContact"]."','".$_POST["txtDate"]."') ";
		mysql_query($strSQL);

		mysql_close();
		$blComplete = true;
		//$strMessage = "You have been registered.  Thank you for your interest";
		$strMessage = " ";
	}
	else
	{
		//Error in input, so repopulate form and show it

		$strName = $_POST["txtName"];
		$strEmail = $_POST["txtEmail"];
		$strCompany = $_POST["txtCompany"];
		$strContact = $_POST["txtContact"];
		$strEnquiry = $_POST["txtEnquiry"];
		$strDate=date('Y-m-d');
	}
}
?>

<?

include 'includes/header.php' ;
?>

<form id="frmRegister" action="registration.php" method="post">
<input type="hidden" name="txtDate" size="21" value="<? echo $strDate; ?>">
<?
if($blComplete == false)
{
?>
	<div id="content_image_contact">
	<h3>Get in touch with gfcyork...</h3>

	<div id="content_image_contact_left">
	<p>Name</p>
	<p>Email</p>
	<p>Company</p>
	<p>Contact No.</p>
	<p>Enquiry</p>
	</div>

	<div id="content_image_contact_right">
	<p><input type="text" name="txtName" class="form" tabindex="1" value="<? echo $strName; ?>"></p>
	<p><input type="text" name="txtEmail" class="form" tabindex="1" value="<? echo $strEmail; ?>"></p>
	<p><input type="text" name="txtCompany" class="form" tabindex="1" value="<? echo $strCompany; ?>"></p>
	<p><input type="text" name="txtContact" class="form" tabindex="1" value="<? echo $strContact; ?>"></p>
	<p><textarea rows="4" name="txtEnquiry" class="form" tabindex="1" cols="10"><? echo $strEnquiry; ?></textarea></p>
	<p><input type="checkbox" name="txtPrivacy" style="padding:0px; margin:0px;" value="<? echo $strPrivacy; ?>"><A HREF="javascript:void(0)" onclick="window.open('privacystatement.php', 'welcome','width=400,height=400,scrollbars=yes,menubar=no,status=no,toolbar=no,left=100,top=100')" title="Privacy Statement">privacy statement</a></p>
	<p><input type="submit" class="formbutton" name="btnSubmit" value=" Send " tabindex="6">  <input type="button" value=" Reset " class="formbutton" onclick="location.href='<? echo $_SERVER['PHP_SELF']?>'"></p>
	</div>

	</div>

	<div id="content_header_text_contact">

	<div id="content_header_text_error">
	<? echo $strMessage; ?>
	</div>

  	<?
}
else
{
?>
	<div id="content_image_contact">
	<h3>Get in touch...</h3>

	<div id="content_image_contact_left">
	<p>Name</p>
	<p>Email</p>
	<p>Company</p>
	<p>Contact No.</p>
	<p>Enquiry</p>
	</div>

	<div id="content_image_contact_right">
	<p><input type="text" name="txtName" class="form" tabindex="1" value="<? echo $strName; ?>"></p>
	<p><input type="text" name="txtEmail" class="form" tabindex="1" value="<? echo $strEmail; ?>"></p>
	<p><input type="text" name="txtCompany" class="form" tabindex="1" value="<? echo $strCompany; ?>"></p>
	<p><input type="text" name="txtContact" class="form" tabindex="1" value="<? echo $strContact; ?>"></p>
	<p><textarea rows="4" name="txtEnquiry" class="form" tabindex="1" cols="10"><? echo $strEnquiry; ?></textarea></p>
	<p><input type="checkbox" name="txtPrivacy" style="padding:0px; margin:0px;" value="<? echo $strPrivacy; ?>"><A HREF="javascript:void(0)" onclick="window.open('privacystatement.php', 'welcome','width=400,height=400,scrollbars=yes,menubar=no,status=no,toolbar=no,left=100,top=100')" title="Privacy Statement">privacy statement</a></p>
	<p><input type="submit" class="formbutton" name="btnSubmit" value=" Send " tabindex="6">  <input type="button" value=" Reset " class="formbutton" onclick="location.href='<? echo $_SERVER['PHP_SELF']?>'"></p>
	</div>

	</div>




<?
}
?>

<?
include 'includes/footer.php' ;
?>

</form>
</body>
</html>

Link to comment
Share on other sites
premiso Regular Member

premiso

Posted
Posted

If you want to check contents you can use stristr or eregi

 

If you want to check length you can use strlen

 

You can also let the user know that certain characters are not allowed, and disallow the use of the /  : and .  in the username using the same functions above.

 

Hope that will help you to get started. I am sure there are a ton of tutorials of form validation online for php that are already created so you can use that as an example and take out the parts you want/need. I know on the eregi page they have zipcode validation procedures etc in the comments.

Link to comment
Share on other sites
premiso Regular Member

premiso

Posted
Posted

You could but I do not think it would help the situation. You want to test if the user inputted a url or a name. If it was a URL (tested by finding either www.  or http://  using stristr or eregi).

 

If it is you check it differently, if it does not contain those then verify the username according to your standards. I know there are more elaborate URL checkers online or even in the PHP.net comments portion on either eregi or ereg which can test if it is a URL with any type of form it can be passed in.

 

I do not think stripslashes will be useful with what you are trying to do honestly.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.