Jump to content

Sticky fields/form & field validation


codelinx

Recommended Posts

This is my code and what i need is the form to do the following:

  • validate the data with simple regex expressions
  • sticky fields
  • if the user hits submit and the field is not valid or filled out report back to the screen below the form in red
  • once the form is completed and meets validation email it to email address, which will be a static variable
  • i need to attach the ip of the current machine [have not implemented this yet bc of current issues]
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" >
<head>
	<link rel="stylesheet" type="text/css" href="style.css" />
	<title>Form Styling!</title>
</head>
<body>
<h2>Firewall Request Form</h2>

<?php
	$date = date('l F j, o g:i:s a');

if ($_POST['fr_submit']){
				checkFields();
				$fr_sd_ip = $_POST['fr_sd_ip']; 
				$fr_sd_port = $_POST['fr_sd_port']; 
				$fr_protocol = $_POST['fr_protocol'];
				$fr_sd_app = $_POST['fr_sd_app']; 
				$fr_reason = $_POST['fr_reason'];
				$fr_email = $_POST['fr_email'];
				
				$errortest = "This is not set";
				
				$email_to = "some@destination.com";
				$email_body = "Description: " + $_POST['fr_reason'] + "Source/Dest. IP: " + $_POST['fr_sd_ip'] + "Port: " 
					+ $_POST['fr_sd_port'] + "Protocol: " + $_POST['fr_protocol'] + "Application: " + $_POST['fr_sd_app'] + "Description/Reason: " + $_POST['fr_reason'] + "User/Email: " + $_POST['fr_email'];
				mail($email_to, $fr_sd_app, $email_body, 'From: ' . $fr_email);
			} elseif (!isset($_POST['fr_sd_ip']) or !isset($_POST['fr_sd_port'])  or !isset($_POST['fr_protocol']) or !isset($_POST['fr_sd_app'])  
	or !isset($_POST['fr_reason'])  or !isset($_POST['fr_email'])){
				//fieldnotset();
				echo $errortest;
				}

	//error module
    function died($error) {
        echo "We are very sorry, but there were error(s) found with the form you submitted. ";
        echo "These errors appear below.<br /><br />";
		echo $error."<br /><br />";
		echo "Please go back and fix these errors.<br /><br />";
        die();
    }

	//section for field validation
    

	function checkFields(){
		$error_message = "";
		$email_exp = '/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/';
		
		$fr_sd_ip = $_POST['fr_sd_ip']; 
		$fr_sd_port = $_POST['fr_sd_port']; 
		$fr_protocol = $_POST['fr_protocol'];
		$fr_sd_app = $_POST['fr_sd_app']; 
		$fr_reason = $_POST['fr_reason'];
		$fr_email = $_POST['fr_email'];
		
		if(!preg_match($email_exp, $fr_email) && isset($fr_email)) {
    		$error_message .= 'The Email Address you entered does not appear to be valid.<br />';
		}
		if(!preg_match('/\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.'.
			'(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.'.
			'(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.'.
			'(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b/', $fr_sd_ip) && isset($fr_sd_ip)){
			$error_message .= 'The IP address you have entered is not valid.';
		}
		$string_exp = "/^[A-Za-z .'-]+$/";
		
		if(strlen($fr_reason) < 2) {
    		$error_message .= 'The Comments you entered do not appear to be valid.<br />';
		}
	}
	
	function fieldnotset(){					
		if (!isset($fr_sd_ip) && empty($fr_sd_ip)){
			$error = "Please fill out the source/destiantion IP address.";
			} 
		if (!isset($fr_sd_port) && empty($fr_sd_port)){
			$error = "Please fill out the source/destiantion port.";
			}
		if (!isset($fr_protocol) && empty($fr_protocol)){
			$error = "Please fill out the protocol required(i.e. TCP...UDP).";
			}
		if (!isset($fr_sd_app) && empty($fr_sd_app)){
			$error = "Please fill out the source/destiantion application.";
			}
		if (!isset($fr_reason) && empty($fr_reason)){
			$error = "Please fill out the reason/description box";
			} 
		if (!isset($fr_email) && empty($fr_email)){
			$error = "Please fill out the username/email";
		}
	}
	     
    /*function clean_string($string) {
      		$bad = array("content-type","bcc:","to:","cc:","href");
      		return str_replace($bad,"",$string);
    	}*/
    	
 ?>
 <form action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>" method="post">
<!-- 
 This form is setup to allow the user to request changes to the firewall with requirements needed outlined in the form below. 
Fields needed are: Description, Source/Dest. port,Source/Dest. ip, Source/Dest. Application, Protocol (i.e. TCP, UDP, etc.), Username/Email
-->

<!--	
<tr>
 <td valign="top">
  <label for="fr_sd_ip">Source/Dest. IP Address:</label>
 </td>
 <td valign="top">
  <input  type="text" name="fr_sd_ip" maxlength="30" size="20">
 </td>
</tr>
-->
<table width="375px">
<tr>
 <td valign="top">
  <label for="fr_sd_ip">Source/Dest. IP Address: *</label>
 </td>
 <td valign="top">
  <input  type="text" name="fr_sd_ip" maxlength="30" size="20" 
	value="<?php echo htmlentities($_POST['fr_sd_ip']) ?>">
 </td>
</tr>

<tr>
 <td valign="top">
  <label for="fr_sd_port">Source/Dest. Port: *</label>
 </td>
 <td valign="top">
  <input  type="text" name="fr_sd_port" maxlength="30" size="20" 
	value="<?php echo htmlentities($_POST['fr_sd_port']) ?>"> 
 </td>
</tr>

<tr>
 <td valign="top">
  <label for="fr_protocol">Protocol: *</label>
 </td>
 <td valign="top">
  <input  type="text" name="fr_protocol" maxlength="30" size="20" 
	value="<?php echo htmlentities($_POST['fr_protocol']) ?>">
 </td>
</tr>

<tr>
 <td valign="top">
  <label for="fr_sd_app">Application: *</label>
 </td>
 <td valign="top">
  <input  type="text" name="fr_sd_app" maxlength="30" size="20" 
	value="<?php echo htmlentities($_POST['fr_sd_app']) ?>">
 </td>
</tr>

<tr>
 <td valign="top">
  <label for="fr_reason">Description/Reason: *</label>
 </td>
 <td valign="top">
  <textarea name="fr_reason" maxlength="500" cols="19" rows="8" >
  <?php echo htmlentities($_POST['fr_reason']) ?></textarea>
 </td>
</tr>

<tr>
 <td valign="top">
  <label for="fr_email">Username/Email: *</label>
 </td>
 <td valign="top">
  <input  type="text" name="fr_email" maxlength="30" size="20" 
	value="<?php echo htmlentities($_POST['fr_email']) ?>">
 </td>
</tr>

</table>

  <input type="submit" name="fr_submit" value="Email Firewall Request">
 </form>
</br> 
	<?php
		echo "\r\nToday is: $date";
	?>
</body>
</html>

This is my most updated php form, i have had the form working basically without any validation. Atm it does not validate any information, it does utilize sticky fields, emailing doesn't work now with the modified variable i pass it, and the regex expressions are incomplete bc i cannot figure out the current issues. I have attached a picture of the form web page if anyone wants to see it(its plain but that's all i basically need).

post-164191-0-08287300-1373656011_thumb.png

Link to comment
Share on other sites

Your code is a bit of a mess.  Check out this tutorial, it will help you organize your code http://amecms.com/article/How-to-validate-a-form-the-right-way

I know it is im in the middle of fixing it now. and i have changed it. so i guess an update will help also, but i am just looking for pointers, like this also to help me out. Thanks.

 

I didnt run this through validation either, but i know you are definitely right.

Link to comment
Share on other sites

So this is my updated code if anyone can help me figure out what i can do to fix my field validation, why i get Undefined variables and how to solve this?

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" >
<head>
	<title> Firewall Request Form</title>
</head>
<body>
<h2>Firewall Request Form</h2>
<?php
//date for time stamp on page
$date = date("l F j, o g:i:s a");
//variable error array
$error = array();
//error data in the variable for each element
$iperror = "Please fill out the source/destiantion IP address.";
$porterror = "Please fill out the source/destiantion port.";
$protocolerror = "Please fill out the protocol required(i.e. TCP...UDP).";
$apperror = "Please fill out the source/destiantion application.";
$reasonerror = "Please fill out the reason/description box";
$emailerror = "Please fill out the username/email.";

if (isset($_POST['fr_sd_ip'], $_POST['fr_sd_port'],$_POST['fr_protocol'],$_POST['fr_sd_app'],
	$_POST['fr_reason'], $_POST['fr_email'])){

		//pass POST to variables
		$fr_sd_ip = $_POST['fr_sd_ip']; 
		$fr_sd_port = $_POST['fr_sd_port']; 
		$fr_protocol = $_POST['fr_protocol'];
		$fr_sd_app = $_POST['fr_sd_app']; 
		$fr_reason = $_POST['fr_reason'];
		$fr_email = $_POST['fr_email'];
						
	//if the fields are emptyprompt the user
	if (empty($fr_sd_ip) && empty($fr_sd_port) && empty($fr_protocol) && empty($fr_sd_app) && 
		empty($fr_reason) && empty($fr_email)){
			echo '<strong><b><font style="color:FF0000">All the fields with \'*\'are required.</font></b></strong>';
	}else{
		
		//check to see if any errors have been created
		
		//validate user input
		//creates an array of error variables and output
		/*$errormessage = array();
		//if statements that will check each element of the form
		if(strlen($name) > 25){
			$errormessage[] = 'Name is too long';
		}else{
			if($name = < 1){
				echo "please enter a name."
			}*/
			
		//Set the restrictions for each field so it may return a error
		
		//IP address					
		if (!isset($fr_sd_ip)){
			$error[] = $iperror;
		}
		//Ports		
		if (!isset($fr_sd_port)){
			$error[] = $porterror;
		}
		//protocol
		if (!isset($fr_protocol)){
			$error[] = $protocolerror;
		}
		//application
		if (!isset($fr_sd_app)){
			$error[] = $apperror;
		}
		//description
		if (!isset($fr_reason)){
			$error[] = $reasonerror;
		}
		//email
		if (!isset($fr_email)){
			$error[] = $emailerror;
		}
	/*}
		if (filater_var($email, FILTER_VALIDATEEMAIL) === FALSE){
			$error[] = 'Please submit a valid email.';
		}*/
}
	
	
	//loop to print error messages
	//check if the array is empty if it is continue if not loop & print errors
	if (!empty($error)){
		//$errorsoutput = '';
		foreach($error as $errorsoutput){
			//html formatting plus the error message
			echo $errorsoutput;
			}
		}else{
			//complete the registration
			//enter mail function to mail to the firewall request email
			//mail();
			$success = 'Your firewall request form has been submitted.';
			echo $success;
			}

}
	
 ?>
 
 <form action="<?php echo htmlentities($_SERVER["PHP_SELF"]); ?>" method="POST">
<!-- 
 This form is setup to allow the user to request changes to the firewall with requirements needed outlined in the form below. 
Fields needed are: Description, Source/Dest. port,Source/Dest. ip, Source/Dest. Application, Protocol (i.e. TCP, UDP, etc.), Username/Email
-->

<table width="525px">
<tr>
 <td valign="top" size="35%">
  <label for="fr_sd_ip">Source/Dest. IP Address: *</label>
 </td>
 <td valign="top">
  <input  type="text" name="fr_sd_ip" maxlength="30" size="20" 
	value="<?php echo htmlentities($_POST["fr_sd_ip"]) ?>">
 </td>
 <td size="45%">
	<span class="error" style="color:#FF0000"><?php echo $errorsoutput; ?></span>
 </td>
</tr>

<tr>
 <td valign="top">
  <label for="fr_sd_port">Source/Dest. Port: *</label>
 </td>
 <td valign="top">
  <input  type="text" name="fr_sd_port" maxlength="30" size="20" 
	value="<?php echo htmlentities($_POST["fr_sd_port"]) ?>">
 </td>
 <td size="45%">
	<span class="error" style="color:#FF0000"><?php echo $errorsoutput; ?></span> 
 </td>
</tr>

<tr>
 <td valign="top">
  <label for="fr_protocol">Protocol: *</label>
 </td>
 <td valign="top">
  <input  type="text" name="fr_protocol" maxlength="30" size="20" 
	value="<?php echo htmlentities($_POST["fr_protocol"]) ?>">
 </td>
 <td size="45%">
	<span class="error" style="color:#FF0000"><?php echo $errorsoutput; ?></span>
 </td>
</tr>

<tr>
 <td valign="top">
  <label for="fr_sd_app">Application: *</label>
 </td>
 <td valign="top">
  <input  type="text" name="fr_sd_app" maxlength="30" size="20" 
	value="<?php echo htmlentities($_POST["fr_sd_app"]) ?>">
 </td>
 <td size="45%">
	<span class="error" style="color:#FF0000"><?php echo $errorsoutput; ?></span>
 </td>
</tr>

<tr>
 <td valign="top">
  <label for="fr_reason">Description/Reason: *</label>
 </td>
 <td valign="top">
  <textarea name="fr_reason" maxlength="500" col="20" rows="8" placeholder="Describe the scenario...">
  <?php echo htmlentities($_POST["fr_reason"]) ?></textarea>
 </td>
 <td size="45%">
  <span class="error" style="color:#FF0000"><?php echo $errorsoutput; ?></span>
 </td>
</tr>

<tr>
 <td valign="top">
  <label for="fr_email">Username/Email: *</label>
 </td>
 <td valign="top">
  <input  type="text" name="fr_email" maxlength="30" size="20" 
	value="<?php echo htmlentities($_POST["fr_email"]) ?>">
 </td>
 <td size="45%">
	<span class="error" style="color:#FF0000"><?php echo $errorsoutput; ?></span>
 </td>
</tr>

</table>

  <input type="submit" value="Email Firewall Request">
 </form>
</br>

	<?php
		echo "\r\nToday is: $date";
	?>
</body>
</html>

Link to comment
Share on other sites

Well, most of this is redudnant and doesn't really work

	//if the fields are emptyprompt the user
if (empty($fr_sd_ip) && empty($fr_sd_port) && empty($fr_protocol) && empty($fr_sd_app) &&
empty($fr_reason) && empty($fr_email)){
echo '<strong><b><font style="color:FF0000">All the fields with \'*\'are required.</font></b></strong>';
}else{
//check to see if any errors have been created
//validate user input
//creates an array of error variables and output
/*$errormessage = array();
//if statements that will check each element of the form
if(strlen($name) > 25){
$errormessage[] = 'Name is too long';
}else{
if($name = < 1){
echo "please enter a name."
}*/
//Set the restrictions for each field so it may return a error
//IP address
if (!isset($fr_sd_ip)){
$error[] = $iperror;
}
//Ports
if (!isset($fr_sd_port)){
$error[] = $porterror;
}
//protocol
if (!isset($fr_protocol)){
$error[] = $protocolerror;
}
//application
if (!isset($fr_sd_app)){
$error[] = $apperror;
}
//description
if (!isset($fr_reason)){
$error[] = $reasonerror;
}
//email
if (!isset($fr_email)){
$error[] = $emailerror;
}

The first part of that should be using || instead of &&.  Why, bcause you're saying that in order to see the error all the fields have to be empty rather than just one or more.  Then all the next checks you do are pointless the way you have them. Why, cause all the vars you are checking if are set, you already set so of course they will be set.  Changing those to check for empty would be more correct but that still is not correct cause you are already checking them all for empty on the first check.

 

Unless you plan on doing more specific validation per var, you only really need the first if() that is checking them all for empty.

	//if the fields are emptyprompt the user
if (empty($fr_sd_ip) || empty($fr_sd_port) || empty($fr_protocol) || empty($fr_sd_app) || 
empty($fr_reason) || empty($fr_email)){
echo '<strong><b><font style="color:FF0000">All the fields with \'*\'are required.</font></b></strong>';
}else{
Link to comment
Share on other sites

yea i am going to do more specific validation, so that is why it looks like this for now.

 

I had the || (or) but changed it and didnt change that back. 

 

the errors i am receiving from the code posted in post #4 was:

 

Notice: Undefined variable: errorsoutput in/var/www/html/test/form.validation.phpon line 120

Notice: Undefined variable: errorsoutput in/var/www/html/test/form.validation.phpon line 133

Notice: Undefined variable: errorsoutput in/var/www/html/test/form.validation.phpon line 146

Notice: Undefined variable: errorsoutput in/var/www/html/test/form.validation.phpon line 159

Notice: Undefined variable: errorsoutput in/var/www/html/test/form.validation.phpon line 172
Notice: Undefined variable: errorsoutput in/var/www/html/test/form.validation.phpon line 185

Link to comment
Share on other sites

Those are cause you are trying to echo the var upon page load, they don't have any value until after you submit the form and even then it depends on if you throw any validation errors.  You should use a isset() around them in the form and they will go away.  But really there is no point for them in the form cause you are echoing them out in the validation area already.

Link to comment
Share on other sites

Those are cause you are trying to echo the var upon page load, they don't have any value until after you submit the form and even then it depends on if you throw any validation errors.  You should use a isset() around them in the form and they will go away.  But really there is no point for them in the form cause you are echoing them out in the validation area already.

Okay i guess ill get rid of them, but i did that as part of the sticky form i think.

 

 

This is what i changed for validation after reading a little more:

//IP address					
		if (!filter_var($fr_sd_ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)){
			$error[] = $iperror;
		}
		//Ports		
		//http://stackoverflow.com/questions/6726450/check-for-valid-hostport-combination
		if (!isset($fr_sd_port)){
			$error[] = $porterror;
		}
		//protocol
		if (!isset($fr_protocol)){
			$error[] = $protocolerror;
		}
		//application
		if (!isset($fr_sd_app)){
			$error[] = $apperror;
		}
		//description
		if (!isset($fr_reason)){
			$error[] = $reasonerror;
		}
		//$email_exp = "/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/";
		$email_exp = "/^[A-Za-z0-9.-]+@[A-Za-z.-]+\.[A-Za-z]{2,4}$/";
		//email
		if (!preg_match($email_exp, $fr_email)){
			$error[] = $emailerror;
		}
Link to comment
Share on other sites

Those are cause you are trying to echo the var upon page load, they don't have any value until after you submit the form and even then it depends on if you throw any validation errors.  You should use a isset() around them in the form and they will go away.  But really there is no point for them in the form cause you are echoing them out in the validation area already.

I tried changing the line in the form to this as an example :

<tr>
 <td valign="top" size="35%">
  <label for="fr_sd_ip">Source/Dest. IP Address: *</label>
 </td>
 <td valign="top">
  <input  type="text" name="fr_sd_ip" maxlength="30" size="20" 
	value="<?php echo htmlentities($_POST["fr_sd_ip"]) ?>">
 </td>
 <td size="45%">
	<span class="error" style="color:#FF0000">
		<?php if (isset($_POST["fr_sd_ip"]) && $errorsoutput == $iperror){echo $errorsoutput;} ?></span>
 </td>
</tr>

And when i type something in the 'Sour/Dest. IP Address: *' field i get the same errors like this:

 

Notice: Undefined variable: errorsoutput in /var/www/html/test/form.validation.php on line 124...138...152...166...180...194

 

 for every section in the form that references the $errorsoutput variable

 

 

 

EDIT:

 

if i remove this line

<?php if (isset($_POST["fr_sd_ip"]) && $errorsoutput == $iperror){echo $errorsoutput;} ?>

I receive no error messages when a field is blank and i press submit.

Link to comment
Share on other sites

Honestly I don't know what you mean by "sticky form".  The code you just posted doesn't really mean anything to us without seeing it in the whole context with the rest of the code around it, especially since you have changed things around while testing.

Link to comment
Share on other sites

Notice: Undefined variable: errorsoutput in /var/www/html/test/form.validation.php on line 124...138...152...166...180...194

 

You're still trying to check for it before it exists.  You can add another isset() around the $errorsoutput.  Also I realized, I don't think these vars will ever equal what you want cause you are getting this value from the foreach loop of $error.  By the time the $errorsouput gets to the form fields it will only hold the last value the loop did.  Is there a reason you need to have the error printed next to the form field rather than just above them all like normal.  Typically when there is a error next to a form field it's generated by javascript not php validation.  Not that is can't be done but it seems rather pointless to echo the errors twice.

Link to comment
Share on other sites

I kind of figured as much because I seen that it was catching an error from the $errorsoutput variable. I will also change that and allow for the errors to be printed in a central location due to the loop pushing the output like you stated. I will try this and then see what happens. Thanks for all the help so far.

 

EDIT:

 

I will post the changed code shortly.

Link to comment
Share on other sites

This is the updated code:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" >
<head>
	<title> Firewall Request Form</title>
</head>
<body>
<h2>Firewall Request Form</h2>
<?php
//date for time stamp on page
$date = date("l F j, o g:i:s a");
//variable error array
$error = array();
//error data in the variable for each element
$iperror = "IP Address: Please fill out the source/destiantion IP address.";
$porterror = "Port: Please fill out the source/destiantion port.";
$protocolerror = "Protocol: Please fill out the protocol required(i.e. TCP...UDP).";
$apperror = "Application: Please fill out the source/destiantion application.";
$reasonerror = "Description/Reason: Please fill out the reason/description box";
$emailerror = "Email: Please fill out the username/email.";

if (isset($_POST['fr_sd_ip'], $_POST['fr_sd_port'],$_POST['fr_protocol'],$_POST['fr_sd_app'],
	$_POST['fr_reason'], $_POST['fr_email'])){

		//pass POST to variables
		$fr_sd_ip = $_POST['fr_sd_ip']; 
		$fr_sd_port = $_POST['fr_sd_port']; 
		$fr_protocol = $_POST['fr_protocol'];
		$fr_sd_app = $_POST['fr_sd_app']; 
		$fr_reason = $_POST['fr_reason'];
		$fr_email = $_POST['fr_email'];
		
						
	//if the fields are emptyprompt the user
	if (empty($fr_sd_ip) || empty($fr_sd_port) || empty($fr_protocol) || empty($fr_sd_app) || 
		empty($fr_reason) || empty($fr_email)){
			$fieldsrequired = '<strong><b><font style="color:#FF0000">All the fields with \'*\' are required.</font></b></strong>';
	}else{
		
		//check to see if any errors have been created
		
		//validate user input
		//creates an array of error variables and output
		/*$errormessage = array();
		//if statements that will check each element of the form
		if(strlen($name) > 25){
			$errormessage[] = 'Name is too long';
		}else{
			if($name = < 1){
				echo "please enter a name."
			}*/
			
		//Set the restrictions for each field so it may return a error
		
		//IP address					
		if (!filter_var($fr_sd_ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)){
			$error[] = $iperror;
		}
		//Ports		
		//http://stackoverflow.com/questions/6726450/check-for-valid-hostport-combination
		if (!isset($fr_sd_port)){
			$error[] = $porterror;
		}
		//protocol
		if (!isset($fr_protocol)){
			$error[] = $protocolerror;
		}
		//application
		if (!isset($fr_sd_app)){
			$error[] = $apperror;
		}
		//description
		if (!isset($fr_reason)){
			$error[] = $reasonerror;
		}
		//$email_exp = "/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/";
		$email_exp = "/^[A-Za-z0-9.-]+@[A-Za-z.-]+\.[A-Za-z]{2,4}$/";
		//email
		/*if (!preg_match($email_exp, $fr_email)){
			$error[] = $emailerror;
		}*/
		if (filater_var($email, FILTER_VALIDATEEMAIL) === FALSE){
			$error[] = $emailerror; //'Email: Please submit a valid email.';
		}
	}
}
	
	
	//loop to print error messages
	//check if the array is empty if it is continue if not loop & print errors
	if (!empty($error)){
		foreach($error as $errorsoutput){
			//html formatting plus the error message
			$errorsoutput;
			}
		}elseif(isset($_POST['submit'])){
			//complete the registration
			//enter mail function to mail to the firewall request email
			//mail();
			$success = 'Your firewall request form has been submitted.';
			echo $success;
			}

}
	
 ?>
 
 <form action="<?php echo htmlentities($_SERVER["PHP_SELF"]); ?>" method="POST">
<!-- 
 This form is setup to allow the user to request changes to the firewall with requirements needed outlined in the form below. 
Fields needed are: Description, Source/Dest. port,Source/Dest. ip, Source/Dest. Application, Protocol (i.e. TCP, UDP, etc.), Username/Email
-->

<table width="525px">
<tr>
 <td valign="top" size="35%">
  <label for="fr_sd_ip">Source/Dest. IP Address: *</label>
 </td>
 <td valign="top">
  <input  type="text" name="fr_sd_ip" maxlength="30" size="20" 
	value="<?php echo htmlentities($_POST["fr_sd_ip"]) ?>">
 </td>
 <td size="45%">
	<span class="error" style="color:#FF0000">
		<?php /*if (isset($_POST["fr_sd_ip"]) && $errorsoutput == $iperror){echo $errorsoutput;} */?></span>
 </td>
</tr>

<tr>
 <td valign="top">
  <label for="fr_sd_port">Source/Dest. Port: *</label>
 </td>
 <td valign="top">
  <input  type="text" name="fr_sd_port" maxlength="30" size="20" 
	value="<?php echo htmlentities($_POST["fr_sd_port"]) ?>">
 </td>
 <td size="45%">
	<span class="error" style="color:#FF0000">
		<?php /*if (isset($_POST["fr_sd_port"]) && $errorsoutput == $porterror){echo $errorsoutput;}*/ ?></span> 
 </td>
</tr>

<tr>
 <td valign="top">
  <label for="fr_protocol">Protocol: *</label>
 </td>
 <td valign="top">
  <input  type="text" name="fr_protocol" maxlength="30" size="20" 
	value="<?php echo htmlentities($_POST["fr_protocol"]) ?>">
 </td>
 <td size="45%">
	<span class="error" style="color:#FF0000">
		<?php /*if (isset($_POST["fr_protocol"]) && $errorsoutput == $protocolerror){echo $errorsoutput;}*/ ?></span>
 </td>
</tr>

<tr>
 <td valign="top">
  <label for="fr_sd_app">Application: *</label>
 </td>
 <td valign="top">
  <input  type="text" name="fr_sd_app" maxlength="30" size="20" 
	value="<?php echo htmlentities($_POST["fr_sd_app"]) ?>">
 </td>
 <td size="45%">
	<span class="error" style="color:#FF0000">
		<?php /*if (isset($_POST["fr_sd_app"]) && $errorsoutput == $apperror){echo $errorsoutput;}*/ ?></span>
 </td>
</tr>

<tr>
 <td valign="top">
  <label for="fr_reason">Description/Reason: *</label>
 </td>
 <td valign="top">
  <textarea name="fr_reason" maxlength="500" col="20" rows="8" placeholder="Describe the scenario...">
  <?php echo htmlentities($_POST["fr_reason"]) ?></textarea>
 </td>
 <td size="45%">
  <span class="error" style="color:#FF0000">
	  <?php /*if (isset($_POST["fr_reason"]) && $errorsoutput == $reasonerror){echo $errorsoutput;}*/ ?></span>
 </td>
</tr>

<tr>
 <td valign="top">
  <label for="fr_email">Username/Email: *</label>
 </td>
 <td valign="top">
  <input  type="text" name="fr_email" maxlength="30" size="20" 
	value="<?php echo htmlentities($_POST["fr_email"]) ?>">
 </td>
 <td size="45%">
	<span class="error" style="color:#FF0000">
		<?php /*if (isset($_POST["fr_email"]) && $errorsoutput == $emailerror){echo $errorsoutput;}*/ ?></span>
 </td>
</tr>
</table>

  <input type="submit" value="Email Firewall Request">
 <br /><br />
	<?php
		echo "\nToday is: $date";
	?>
 <br />
<tr>
 <td valign="top">
	 <?php
		echo $fieldsrequired;
		if (isset($errorsoutput)){
			echo $errorsoutput;} ?>
 </td>
</tr>
 </form>
</br>


</body>
</html>

  • I receive no syntax, run time, or execution errors, but the output of the variable for reporting field validation is not working.
  • The form allows me to press submit and it will keep the fields i have entered, but it will not check the fields using the validation i setup.
  • Also it will not display the $errorsoutput variable output on the page.
Link to comment
Share on other sites

Here is a reworked version of what you just posted.  I tested and it works.

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" >
<head>
<title> Firewall Request Form</title>
</head>
<body>
<h2>Firewall Request Form</h2>
<?php
//date for time stamp on page
$date = date("l F j, o g:i:s a");
//variable error array
$error = array();
//error data in the variable for each element
$iperror = "IP Address: Please fill out the source/destiantion IP address.";
$porterror = "Port: Please fill out the source/destiantion port.";
$protocolerror = "Protocol: Please fill out the protocol required(i.e. TCP...UDP).";
$apperror = "Application: Please fill out the source/destiantion application.";
$reasonerror = "Description/Reason: Please fill out the reason/description box";
$emailerror = "Email: Please fill out the username/email.";
 
if (isset($_POST['submit']))
{
	//pass POST to variables
	$fr_sd_ip = $_POST['fr_sd_ip'];
	$fr_sd_port = $_POST['fr_sd_port'];
	$fr_protocol = $_POST['fr_protocol'];
	$fr_sd_app = $_POST['fr_sd_app'];
	$fr_reason = $_POST['fr_reason'];
	$fr_email = $_POST['fr_email'];
	
	if (!filter_var($fr_sd_ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)){
	$error[] = $iperror;
	}
	//Ports
	//http://stackoverflow.com/questions/6726450/check-for-valid-hostport-combination
	if (empty($fr_sd_port)){
	$error[] = $porterror;
	}
	//protocol
	if (empty($fr_protocol)){
	$error[] = $protocolerror;
	}
	//application
	if (empty($fr_sd_app)){
	$error[] = $apperror;
	}
	//description
	if (empty($fr_reason)){
	$error[] = $reasonerror;
	}

	if (filter_var($fr_email, FILTER_VALIDATE_EMAIL) === FALSE){
	$error[] = $emailerror; //'Email: Please submit a valid email.';
	}
	
	if (!empty($error)){
		foreach($error as $errorsoutput){
		//html formatting plus the error message
		echo $errorsoutput.'<br>';
		}
	}
	else{
		$success = 'Your firewall request form has been submitted.';
		echo $success;
	}

}
?>
<form action="" method="POST">
<!--
This form is setup to allow the user to request changes to the firewall with requirements needed outlined in the form below.
Fields needed are: Description, Source/Dest. port,Source/Dest. ip, Source/Dest. Application, Protocol (i.e. TCP, UDP, etc.), Username/Email
-->
 
<table width="525px">
<tr>
<td valign="top" size="35%">
<label for="fr_sd_ip">Source/Dest. IP Address: *</label>
</td>
<td valign="top">
<input type="text" name="fr_sd_ip" maxlength="30" size="20"
value="<?php echo (isset($_POST['fr_sd_ip'])) ? htmlentities($_POST["fr_sd_ip"]) : ''; ?>"/>
</td>
<td size="45%">
<span class="error" style="color:#FF0000">
<?php /*if (isset($_POST["fr_sd_ip"]) && $errorsoutput == $iperror){echo $errorsoutput;} */?></span>
</td>
</tr>
 
<tr>
<td valign="top">
<label for="fr_sd_port">Source/Dest. Port: *</label>
</td>
<td valign="top">
<input type="text" name="fr_sd_port" maxlength="30" size="20"
value="<?php echo (isset($_POST['fr_sd_port'])) ? htmlentities($_POST["fr_sd_port"]) : ''; ?>"/>
</td>
<td size="45%">
<span class="error" style="color:#FF0000">
<?php /*if (isset($_POST["fr_sd_port"]) && $errorsoutput == $porterror){echo $errorsoutput;}*/ ?></span>
</td>
</tr>
 
<tr>
<td valign="top">
<label for="fr_protocol">Protocol: *</label>
</td>
<td valign="top">
<input type="text" name="fr_protocol" maxlength="30" size="20"
value="<?php echo (isset($_POST['fr_protocol'])) ? htmlentities($_POST["fr_protocol"]) : ''; ?>"/>
</td>
<td size="45%">
<span class="error" style="color:#FF0000">
<?php /*if (isset($_POST["fr_protocol"]) && $errorsoutput == $protocolerror){echo $errorsoutput;}*/ ?></span>
</td>
</tr>
 
<tr>
<td valign="top">
<label for="fr_sd_app">Application: *</label>
</td>
<td valign="top">
<input type="text" name="fr_sd_app" maxlength="30" size="20"
value="<?php echo (isset($_POST['fr_sd_app'])) ? htmlentities($_POST["fr_sd_app"]) : ''; ?>"/>
</td>
<td size="45%">
<span class="error" style="color:#FF0000">
<?php /*if (isset($_POST["fr_sd_app"]) && $errorsoutput == $apperror){echo $errorsoutput;}*/ ?></span>
</td>
</tr>
 
<tr>
<td valign="top">
<label for="fr_reason">Description/Reason: *</label>
</td>
<td valign="top">
<textarea name="fr_reason" maxlength="500" col="20" rows="8" placeholder="Describe the scenario...">
<?php echo (isset($_POST['fr_reason'])) ? htmlentities($_POST["fr_reason"]) : ''; ?></textarea>
</td>
<td size="45%">
<span class="error" style="color:#FF0000">
<?php /*if (isset($_POST["fr_reason"]) && $errorsoutput == $reasonerror){echo $errorsoutput;}*/ ?></span>
</td>
</tr>
 
<tr>
<td valign="top">
<label for="fr_email">Username/Email: *</label>
</td>
<td valign="top">
<input type="text" name="fr_email" maxlength="30" size="20"
value="<?php echo (isset($_POST['fr_email'])) ? htmlentities($_POST["fr_email"]) : ''; ?>"/>
</td>
<td size="45%">
<span class="error" style="color:#FF0000">
<?php /*if (isset($_POST["fr_email"]) && $errorsoutput == $emailerror){echo $errorsoutput;}*/ ?></span>
</td>
</tr>
</table>
 
<input type="submit" value="Email Firewall Request" name="submit"/>
<br /><br />
<?php
echo "\nToday is: $date";
?>
<br />
<tr>
<td valign="top">
<?php
/*echo $fieldsrequired;
if (isset($errorsoutput)){
echo $errorsoutput;}*/ ?>
</td>
</tr>
</form>
<br/>
 
 
</body>
</html>
Link to comment
Share on other sites

This is my final code: 

 

It has minimal commenting as i think it is pretty self explanatory. It is not perfect, but for my first page i think it was successful. I know i can add a lot more checks and proper coding or validation, but this works for now. Thanks for the help and this is to help anyone else possibly.

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" >
<head>
	<title> Firewall Request Form</title>
</head>
<body>
	<h2>Firewall Request Form</h2>
<?php
//date for time stamp on page
$date = date("l F j, o g:i:s a");
//variable error array
$error = array();
//error data in the variable for each element
$iperror = '<strong><b><font style="color:#FF0000">IP Address:</font></b></strong> Please fill out the source/destiantion IP address.';
$porterror = '<strong><b><font style="color:#FF0000">Port:</font></b></strong> Please fill out the source/destiantion port.';
$protocolerror = '<strong><b><font style="color:#FF0000">Protocol:</font></b></strong> Please fill out the protocol required(i.e. TCP...UDP).';
$protocolerrorshort = '<strong><b><font style="color:#FF0000">Protocol:</font></b></strong> Protocol too <strong><b><i><font style="color:#FF0000">short.</font></i></b></strong> 
Please fill out the protocol required(i.e. TCP...UDP).';
$protocolerrorlong = '<strong><b><font style="color:#FF0000">Protocol:</font></b></strong> Protocol too <strong><b><i><font style="color:#FF0000">long.</font></i></b></strong> 
Please fill out the protocol required(i.e. TCP...UDP).';
$apperror = '<strong><b><font style="color:#FF0000">Application:</font></b></strong> Please fill out the source/destiantion application.';
$reasonerror = '<strong><b><font style="color:#FF0000">Description/Reason:</font></b></strong> Please fill out the reason/description box';
$emailerror = '<strong><b><font style="color:#FF0000">Email:</font></b></strong> Please fill out the username/email.';
 
if (isset($_POST['submit']))
{
	//pass POST to variables
	$fr_sd_ip = $_POST['fr_sd_ip'];
	$fr_sd_port = $_POST['fr_sd_port'];
	$fr_protocol = $_POST['fr_protocol'];
	$fr_sd_app = $_POST['fr_sd_app'];
	$fr_reason = $_POST['fr_reason'];
	$fr_email = $_POST['fr_email'];
		
	//conditions for errors such as is empty or validation functions
	
	//IP Address validation with exception only for IPV4 validation
	if (!filter_var($fr_sd_ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)){
	$error[] = $iperror;
	}
	//Ports error
	//http://stackoverflow.com/questions/6726450/check-for-valid-hostport-combination
	if (empty($fr_sd_port)){
	$error[] = $porterror;
	}
	//protocol error
	if (empty($fr_protocol)){
	$error[] = $protocolerror;
	}elseif(strlen($fr_protocol)<2){
			$error[] = $protocolerrorshort;
		}elseif(strlen($fr_protocol)>4){
				$error[] = $protocolerrorlong;	
			}
	//application error
	if (empty($fr_sd_app)){
	$error[] = $apperror;
	}
	//description error
	if (empty($fr_reason)){
			$error[] = $reasonerror;
	}
	//email error
	if (filter_var($fr_email, FILTER_VALIDATE_EMAIL) === FALSE){
	$error[] = $emailerror; //'Email: Please submit a valid email.';
	}
	//mail($to, $subject, $mail_body);
		$email_to = "mailto@email.com";
	if (isset($fr_sd_ap)){$subject = $fr_sd_ap;}
	//if (isset($fr_sd_ap)){$headers = "From: " . $fr_email;}
		$mail_body = "From: " . $fr_email . "\n";
		$mail_body .= "\nIP Address: " . $fr_sd_ip . "\n";
		$mail_body .= "\nPort: " . $fr_sd_port . "\n";
		$mail_body .= "\nProtocol: " . $fr_protocol . "\n";
		$mail_body .= "\nSource/Dest. Application: " . $fr_sd_app . "\n";
		$mail_body .= "\nDescription/Reason: " . $fr_reason . "\n";
}

?>
<form action="" method="POST">
<!--
This form is setup to allow the user to request changes to the firewall with requirements needed outlined in the form below.
Fields needed are: Description, Source/Dest. port,Source/Dest. ip, Source/Dest. Application, Protocol (i.e. TCP, UDP, etc.), Username/Email
-->
<fieldset>
	<table width="525px">
		<tr>
			<td valign="top" size="35%">
				<label for="fr_sd_ip">Source/Dest. IP Address: *</label>
			</td>
			<td valign="top">
				<input type="text" name="fr_sd_ip" maxlength="30" size="20"
				value="<?php echo (isset($_POST['fr_sd_ip'])) ? htmlentities($_POST["fr_sd_ip"]) : ''; ?>"/>
			</td>
			<td size="45%">
				<span class="error" style="color:#FF0000"></span>
			</td>
		</tr>
 
		<tr>
			<td valign="top">
				<label for="fr_sd_port">Source/Dest. Port: *</label>
			</td>
			<td valign="top">
				<input type="text" name="fr_sd_port" maxlength="6" size="20"
				value="<?php echo (isset($_POST['fr_sd_port'])) ? htmlentities($_POST["fr_sd_port"]) : ''; ?>"/>
			</td>
			<td size="45%">
				<span class="error" style="color:#FF0000"></span>
			</td>
		</tr>
 
		<tr>
			<td valign="top">
				<label for="fr_protocol">Protocol: *</label>
			</td>
			<td valign="top">
				<input type="text" name="fr_protocol" maxlength="4" size="20"
				value="<?php echo (isset($_POST['fr_protocol'])) ? htmlentities($_POST["fr_protocol"]) : ''; ?>"/>
			</td>
			<td size="45%">
				<span class="error" style="color:#FF0000"></span>
			</td>
		</tr>
 
		<tr>
			<td valign="top">
				<label for="fr_sd_app">Application: *</label>
			</td>
			<td valign="top">
				<input type="text" name="fr_sd_app" maxlength="30" size="20"
				value="<?php echo (isset($_POST['fr_sd_app'])) ? htmlentities($_POST["fr_sd_app"]) : ''; ?>"/>
			</td>
			<td size="45%">
				<span class="error" style="color:#FF0000"></span>
			</td>
		</tr>
 
		<tr>
			<td valign="top">
				<label for="fr_reason">Description/Reason: *</label>
			</td>
			<td valign="top">
				<textarea name="fr_reason" maxlength="500" col="20" rows="8" placeholder="Describe the scenario...">
				<?php echo (isset($_POST['fr_reason'])) ? htmlentities($_POST["fr_reason"]) : ''; ?></textarea>
			</td>
			<td size="45%">
				<span class="error" style="color:#FF0000"></span>
			</td>
		</tr>
 
		<tr>
			<td valign="top">
				<label for="fr_email">Username/Email: *</label>
			</td>
			<td valign="top">
				<input type="text" name="fr_email" maxlength="30" size="20"
				value="<?php echo (isset($_POST['fr_email'])) ? htmlentities($_POST["fr_email"]) : ''; ?>"/>
			</td>
			<td size="45%">
				<span class="error" style="color:#FF0000"></span>
			</td>
		</tr>
	</table>
</fieldset>
<br />
	<input type="submit" value="Email Firewall Request" name="submit" onsubmit="<?php 
		if (empty($error)){
			//produce success message
			$success = '<i><u>Status: Your firewall request form has been submitted.</u></i>';
			echo $success;}?>"/>
	<input type="reset" value="Clear Form" name="reset"/>
<br /><br />
	<?php
		echo "\nToday is: $date";
	?>
<br />
<br />
<tr>
	<td valign="top">
<?php

	//if the fields are empty prompt the user with "[All fields required]"
	if (empty($fr_sd_ip) && empty($fr_sd_port) && empty($fr_protocol) && empty($fr_sd_app) && 
		empty($fr_reason) && empty($fr_email)){
			$fieldsrequired = '<strong><b><font style="color:#FF0000">All the fields with \'*\' are required.</font></b></strong><br />';
			echo $fieldsrequired;
	}
	// if the error variable is not empty loop through the errors and display them
	if (!empty($error)){
		foreach($error as $errorsoutput){
		//html formatting plus the error message using the '.' (period symbol)
		echo $errorsoutput.'<br>';
		}
	}else{		
		//mail function
		@mail($email_to,$subject,$mail_body);
		//if mail() returns 1 or true print $success variable
		if (@mail($email_to,$subject,$mail_body)){
			//produce success message
			$success = '<i><u>Status: Your firewall request form has been submitted.</u></i>';
			echo $success;}
		}
?>
	</td>
</tr>
</form>
<br/>
</body>
</html>
 
Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.