Jump to content

validate email in a form


sofia403

Recommended Posts

how can i validate if email is being entered correctly in a form?

 

i have the following code

 

<?php 
if(isset($_POST['Submit'])){
//NEED TO CHECK IF FIELDS ARE FILLED IN
if( empty($_POST['email'])){
header("Location:Messages.php?msg=12"); 
exit();
}
if( empty($_POST['name'])){
header("Location:Messages.php?msg=3"); 
exit();
}
if( empty($_POST['pw1']) && (empty($_POST['pw2']))){
header( "Location:Messages.php?msg=4" ); 
exit();
}
$name=$_POST['name'];
$email=$_POST['email'];

$pw1=$_POST['pw1'];
$pw2=$_POST['pw2'];

if("$pw1" !== "$pw2"  ){
header( "Location:Messages.php?msg=5" ); 
exit();
}
$ip = $_SERVER['REMOTE_ADDR'];

//connect to the db server , check if uname exist
include('config.php');
$query1=("Select * from user where email='$email'");
$result1= mysql_query($query1); 
$num1=mysql_num_rows($result1);
if ($num1 > 0) {//Email already been used
header( "Location:Messages.php?msg=11" ); 
exit();
}else{
$query=("Select * from user where uname='$name'");
$result= mysql_query($query); 
$num=mysql_num_rows($result);
if ($num > 0) {//Username already exist
header( "Location:Messages.php?msg=6" ); 
exit();
}else{
//if username does not exist insert user details
$query=( "INSERT INTO user (uname, pw,email,date_joined,ip,level) VALUES ('$name','$pw1','$email',NOW(),'$ip','Normal')");
if (@mysql_query ($query)) {
header("location:login.php?reg=1");
exit;
}
}
}
mysql_close();

}
?>

Link to comment
Share on other sites

If you are using PHP version 5.2 or above you can use filter_var(): http://www.php.net/manual/en/function.filter-var.php. If you are on an older server (or want backwards compatibility) you can use a function. I have provided one that I have used below.

 

In your current logic, you would just do an elseif() right after the check to see if email was even entered

if( empty($_POST['email']))
{
    header("Location:Messages.php?msg=12"); 
    exit();
}
elseif(!is_email($_POST['email']))
{
    header("Location:Messages.php?msg=13"); 
    exit();
}

 

Also, you can avoid a lot of duplication in your code with some minor modifications. Instead of doing a header() and exit() for each error condition, just call a function to do that. Otherwise, in the future if you decide on a different process for error handling you have a lot of copying/pasting to do which will lead to errors.

 

Example:

function error_redirect($error_code)
{
    header("Location:Messages.php?msg={$error_code}"); 
    exit();
}
if(isset($_POST['Submit'])){
  //NEED TO CHECK IF FIELDS ARE FILLED IN
  if( empty($_POST['email'])){
    error_redirect(12);
  }
  elseif(!is_email($_POST['email'])){
    error_redirect(13);
  }
  if( empty($_POST['name'])){
    error_redirect(3);
  }
  if( empty($_POST['pw1']) && (empty($_POST['pw2']))){
    error_redirect(2);
  }
  //etc...

 

My is_email() function with full documentation

// NOTES:
//
// Format test
// - Username:
//     - Can contain the following characters: 
//         - Uppercase and lowercase English letters (a-z, A-Z) 
//         - Digits 0 to 9 
//         - Characters _ ! # $ % & ' * + - / = ? ^ ` { | } ~ 
//     - May contain '.' (periods), but cannot begin or end with a period
//       and they may not appear in succession (i.e. 2 or more in a row) 
//     - Must be between 1 and 64 characters 
// - Domain:
//     - Can contain the following characters: 'a-z', 'A-Z', '0-9', '-' (hyphen), and '.' (period). 
//     - There may be subdomains, separated by a period (.), but the combined domain may not
//       begin with a period and they not appear in succession (i.e. 2 or more in a row) 
//     - Domain/Subdomain name parts may not begin or end with a hyphen 
//     - Domain/Subdomain name parts must be between 1-64 characters
// - TLD accepts: 'a-z' & 'A-Z' (2 to 6 characters)
//
// Note: the domain and tld parts must be between 4 and 255 characters total 
//
// Length test
// - Username: 1 to 64 characters
// - Domain: 4 to 255 character


//=====================================================
// Function: is_email ( string $email )
//
// Description: Finds whether the given string variable
//              is a properly formatted email.
//
// Parameters: $email the string being evaluated
//
// Return Values: Returns TRUE if $email is valid email
//                format, FALSE otherwise.
//=====================================================

function is_email($email) 
{
    $formatTest = '/^[\w!#$%&\'*+\-\/=?^`{|}~]+(\.[\w!#$%&\'*+\-\/=?^`{|}~]+)*@[a-z\d]([a-z\d-]{0,62}[a-z\d])?(\.[a-z\d]([a-z\d-]{0,62}[a-z\d])?)*\.[a-z]{2,6}$/i';
    $lengthTest = '/^(.{1,64})@(.{4,255})$/';
    return (preg_match($formatTest, $email) && preg_match($lengthTest, $email));
}

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.