Ricky55 Posted May 13, 2011 Share Posted May 13, 2011 Hi I've been using jQuery to validate my forms but one of my clients is starting to receive blank emails as some idiots are just turning off JS to bypass the validation. I have therefore found a PHP script to act as a back up which is working exactly as I want. The only problem is that it forces all fields to be completed and I like to add certain fields that don't necessarily need to be completed such as a Company field. So my question is how could I modify this script to allow the company field or any other that I decide to be left blank? The basic page can be viewed here http://www.qwerty-demos.co.uk/contact/ And this is the script <?php $after = "../thanks.html"; $oops = "../oops.html"; if (!isset($_POST['submit']) || $_SERVER['REQUEST_METHOD'] != "POST") { exit("<p>You did not press the submit button; this page should not be accessed directly.</p>"); } else { $exploits = "/(content-type|bcc:|cc:|document.cookie|onclick|onload|javascript|alert)/i"; $profanity = "/(beastial|bestial|blowjob|clit|cock|cum|cunilingus|cunillingus|cunnilingus|cunt|ejaculate|fag|felatio|fellatio|fuk|fuks|gangbang|gangbanged|gangbangs|hotsex|jism|jiz|kock|kondum|kum|kunilingus|orgasim|orgasims|orgasm|orgasms|phonesex|phuk|phuq|porn|pussies|pussy|spunk|xxx)/i"; $spamwords = "/(viagra|phentermine|tramadol|adipex|advai|alprazolam|ambien|ambian|amoxicillin|antivert|blackjack|backgammon|texas|holdem|poker|carisoprodol|ciara|ciprofloxacin|debt|dating|porn)/i"; $bots = "/(Indy|Blaiz|Java|libwww-perl|Python|OutfoxBot|User-Agent|PycURL|AlphaServer)/i"; if (preg_match($bots, $_SERVER['HTTP_USER_AGENT'])) { exit("<p>Known spam bots are not allowed.</p>"); } foreach ($_POST as $key => $value) { $value = trim($value); if (empty($value)) { if ($key != "email") { exit("<p>Please go back and complete the required fields.</p>"); } } elseif (preg_match($exploits, $value)) { exit("<p>Exploits/malicious scripting attributes aren't allowed.</p>"); } elseif (preg_match($profanity, $value) || preg_match($spamwords, $value)) { exit("<p>Please keep things clean, no naughty words!</p>"); } $_POST[$key] = stripslashes(strip_tags($value)); } if (!ereg("^[_a-z0-9-]+(.[_a-z0-9-]+)*@[a-z0-9-]+(.[a-z0-9-]+)*(.[a-z]{2,6})$",strtolower($_POST['email']))) { exit("<p>How can we reply if you don't provide us with a valid email address?</p>"); } $recipient = "my email address"; $subject = "Web Site Enquiry"; $message .= "Name: {$_POST['name']} \n"; $message .= "Email: {$_POST['email']} \n"; $message .= "Tel: {$_POST['telNo']} \n"; $message .= "Company: {$_POST['company']} \n"; $message .= "Message: {$_POST['message']} \n"; $headers .= "From: {$_POST['email']}"; if (mail($recipient,$subject,$message,$headers)) { echo "<meta HTTP-EQUIV=\"REFRESH\" content=\"0; url=$after\">"; } else { echo "<meta HTTP-EQUIV=\"REFRESH\" content=\"0; url=$oops\">"; } } ?> Quote Link to comment https://forums.phpfreaks.com/topic/236307-form-validation-script/ Share on other sites More sharing options...
Lyleyboy Posted May 13, 2011 Share Posted May 13, 2011 You need to use IF statements, with regular expressions if you'd like. You'll need to check that each form field has been completed and that it is x characters long. Only once all that is done can you submit the content. Hope this helps. <?php if($_POST['fieldName'] == ''){ //fail } else { //Worked } ?> Quote Link to comment https://forums.phpfreaks.com/topic/236307-form-validation-script/#findComment-1214922 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.