Jump to content

validate email in a form


sofia403

Recommended Posts

how can i validate if email is being entered correctly in a form?

 

i have the following code

 

<?php 
if(isset($_POST['Submit'])){
//NEED TO CHECK IF FIELDS ARE FILLED IN
if( empty($_POST['email'])){
header("Location:Messages.php?msg=12"); 
exit();
}
if( empty($_POST['name'])){
header("Location:Messages.php?msg=3"); 
exit();
}
if( empty($_POST['pw1']) && (empty($_POST['pw2']))){
header( "Location:Messages.php?msg=4" ); 
exit();
}
$name=$_POST['name'];
$email=$_POST['email'];

$pw1=$_POST['pw1'];
$pw2=$_POST['pw2'];

if("$pw1" !== "$pw2"  ){
header( "Location:Messages.php?msg=5" ); 
exit();
}
$ip = $_SERVER['REMOTE_ADDR'];

//connect to the db server , check if uname exist
include('config.php');
$query1=("Select * from user where email='$email'");
$result1= mysql_query($query1); 
$num1=mysql_num_rows($result1);
if ($num1 > 0) {//Email already been used
header( "Location:Messages.php?msg=11" ); 
exit();
}else{
$query=("Select * from user where uname='$name'");
$result= mysql_query($query); 
$num=mysql_num_rows($result);
if ($num > 0) {//Username already exist
header( "Location:Messages.php?msg=6" ); 
exit();
}else{
//if username does not exist insert user details
$query=( "INSERT INTO user (uname, pw,email,date_joined,ip,level) VALUES ('$name','$pw1','$email',NOW(),'$ip','Normal')");
if (@mysql_query ($query)) {
header("location:login.php?reg=1");
exit;
}
}
}
mysql_close();

}
?>

Link to comment
Share on other sites

If you are using PHP version 5.2 or above you can use filter_var(): http://www.php.net/manual/en/function.filter-var.php. If you are on an older server (or want backwards compatibility) you can use a function. I have provided one that I have used below.

 

In your current logic, you would just do an elseif() right after the check to see if email was even entered

if( empty($_POST['email']))
{
    header("Location:Messages.php?msg=12"); 
    exit();
}
elseif(!is_email($_POST['email']))
{
    header("Location:Messages.php?msg=13"); 
    exit();
}

 

Also, you can avoid a lot of duplication in your code with some minor modifications. Instead of doing a header() and exit() for each error condition, just call a function to do that. Otherwise, in the future if you decide on a different process for error handling you have a lot of copying/pasting to do which will lead to errors.

 

Example:

function error_redirect($error_code)
{
    header("Location:Messages.php?msg={$error_code}"); 
    exit();
}
if(isset($_POST['Submit'])){
  //NEED TO CHECK IF FIELDS ARE FILLED IN
  if( empty($_POST['email'])){
    error_redirect(12);
  }
  elseif(!is_email($_POST['email'])){
    error_redirect(13);
  }
  if( empty($_POST['name'])){
    error_redirect(3);
  }
  if( empty($_POST['pw1']) && (empty($_POST['pw2']))){
    error_redirect(2);
  }
  //etc...

 

My is_email() function with full documentation

// NOTES:
//
// Format test
// - Username:
//     - Can contain the following characters: 
//         - Uppercase and lowercase English letters (a-z, A-Z) 
//         - Digits 0 to 9 
//         - Characters _ ! # $ % & ' * + - / = ? ^ ` { | } ~ 
//     - May contain '.' (periods), but cannot begin or end with a period
//       and they may not appear in succession (i.e. 2 or more in a row) 
//     - Must be between 1 and 64 characters 
// - Domain:
//     - Can contain the following characters: 'a-z', 'A-Z', '0-9', '-' (hyphen), and '.' (period). 
//     - There may be subdomains, separated by a period (.), but the combined domain may not
//       begin with a period and they not appear in succession (i.e. 2 or more in a row) 
//     - Domain/Subdomain name parts may not begin or end with a hyphen 
//     - Domain/Subdomain name parts must be between 1-64 characters
// - TLD accepts: 'a-z' & 'A-Z' (2 to 6 characters)
//
// Note: the domain and tld parts must be between 4 and 255 characters total 
//
// Length test
// - Username: 1 to 64 characters
// - Domain: 4 to 255 character


//=====================================================
// Function: is_email ( string $email )
//
// Description: Finds whether the given string variable
//              is a properly formatted email.
//
// Parameters: $email the string being evaluated
//
// Return Values: Returns TRUE if $email is valid email
//                format, FALSE otherwise.
//=====================================================

function is_email($email) 
{
    $formatTest = '/^[\w!#$%&\'*+\-\/=?^`{|}~]+(\.[\w!#$%&\'*+\-\/=?^`{|}~]+)*@[a-z\d]([a-z\d-]{0,62}[a-z\d])?(\.[a-z\d]([a-z\d-]{0,62}[a-z\d])?)*\.[a-z]{2,6}$/i';
    $lengthTest = '/^(.{1,64})@(.{4,255})$/';
    return (preg_match($formatTest, $email) && preg_match($lengthTest, $email));
}

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.