Form Validation

[NickG21]

In this form im looking to validate the first few text fields, two for text, one for an e-mail address and one for just numbers. Below is my code and errors.  If anyone can give me a little help i'd appreciate it.  Thank You
-------form------
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
</head>
<style>
    .basictext {
        font-family: Times New Roman, Arial, Helvetica, sans-serif;
        font-size: 14px; color:#000066;
    }
    .errortext {
        font-family: Times New Roman, Arial, Helvetica, sans-serif;
        font-size: 14px; color:#C00000; font-weight: bold;
    }
</style>
<body>
        <form method="post" action="validate.php" onSubmit="return checkCheckBox(this)">
   
  <? if ($message != "") {
        print '<span class="errortext">'.
            $message."<span>
\n";
    }
    ?> 
<!-- form content -->       
        <table class="qForm"> 
            <tr>
              <td colspan="2" class="header">Contact Information</td>
            </tr>
            <tr>
              <td class="left"><a>Company Name:</td>

              <td><input type=text name="CompanyName" size="28" class="basictext" value="<?print $CompName;?>">

            </tr>
            <tr>
              <td class="left"><a>Your Name :</td>
              <td><input type=text name="YourName" size="28" class="basictext" value="<?print $name; ?>"></td>
            </tr>
            <tr>
              <td class="left"><a>Your Email Address:</td>

              <td><input type=text name="YourEmailAddress" size="28" class=<?print $text; ?>"></td><br/>
            </tr>
            <tr>
              <td class="left"><a>Your List Name or Domain Name:</td>
              <td><input type=text name="ListDomainName" size="28" value="<? print $domain; ?>">
</td>
            </tr>
        </table>
        <table class="qForm">

            <tr>
              <td class="header">Customer Verification Information</td>
            </tr>
            <tr>
              <td ><p class="specialnote"><strong>To verify the authenticity of
your request</strong>, please supply your username and password or the
last 6 digits of the credit card we have on file.  If you do not have
this information please choose "resend the owners manual" and we will
resend this information to the account owner.</p></td>
            </tr>
            <tr>

              <td style="padding: 0 0 0 20px; font-weight: bold; color:
#96855E;">Option 1: Username and Password </td>
            </tr>
        </table>
        <table class="qForm">
            <tr>
              <td class="left">Username:</td>
              <td><input name="Username" class="<? print $text; ?>">
</td>
            </tr>

            <tr>
              <td class="left">Password:</td>
              <td><input name="Password" class="<? print $text; ?>">
</td>
            </tr>
        </table>
        <table class="qForm">
            <tr>
              <td style="padding: 0 0 0.5em 20px; font-weight: bold; color: #96855E;">

                  Option 2: Last 6 Digits of Credit Card Number 
                    <input name="Credit Card Number" maxlength="6" size="6">
              </td>
            </tr>
            <tr>
              <td><input type="hidden" name="process" value="1"></td>
              <td><input type="submit" name="Submit" value="Submit"></td>
              <td><input type="reset" name="reset" Value="Reset"></td>
              <input type="hidden" name="formsubmit" value="1">
            </tr>
            </table>
        </form>
      </body>
  </html>


----php----<?php
extract($_POST);
function check_field1($CompanyName)
{
if(!preg_match("/[^a-zA-Z\.\-\Ä\ä\Ö\ö\Ü\ü\]+$/s",$CompanyName))
    return TRUE;
  else
    return FALSE;
}

function check_field2($YourName)
{
if(!preg_match("/[^a-zA-Z\.\-\Ä\ä\Ö\ö\Ü\ü\]+$/s",$YourName))
    return TRUE;
  else
    return FALSE;
}

function check_field3($YourEmailAddress)
{
if ($_POST['process'] == 1)
{
      $pattern = '/.*@.*\..*/';
        $email  = $_POST['YourEmailAddress'];
    }
}

$error=0;

if(check_field1($CompanyName))
{
echo "Text Only In This Field";
$error++;
}
if(check_field2(YourName))
{
echo "Text Only In This Field";
$error++;
}
if (preg_match($pattern, $_POST['YourEmailAddress']) > 0)
{
            // Here's where you would store
            // the data in a database...
            header(
              "location: thanks.html?&username=$urlname");
        }
        $message    = "Please enter a valid email address.";
        $username  = $_POST['name'];
$error++;


if($error == 0)
{
echo
"Thank You For Your Information";
}
?>

[c4onastick]

Ok, lets have a look see here. (One aside, wrap your code in code tags [its the little '#' button in the reply poster], makes it much easier to read)

[quote]if(!preg_match("/[^a-zA-Z\.\-\Ä\ä\Ö\ö\Ü\ü\]+$/s",$CompanyName))
    return TRUE;[/quote]

This -> [^...] is a negated character class, so essentially your doing a double negative here with the '!preg_match(...)'. I'd just do:[code]if(preg_match('/[^-0-9]+/', $CompanyName))[/code]Or:[code]if(!preg_match('/[a-zA-Z]+/', $CompanyName))[/code](I think all you're looking for here is no numbers, right?)

Same thing with $YourName.

As far as validating email addresses, that can really be a pain (if you want to get uber specific on what is and isn't allowed in an email address). The problem I see with your's is the over use of '.*', this can get you into trouble, since '.' can match anything, including a literal '.' (the separator between example and com in [example.com]) and it can match the '@', the other important separator your trying to distinguish here.

I'd make it a little more specific:[code]if(preg_match('/[-A-Za-z0-9_.]+@[-A-Za-z0-9_.]+\.[a-z]{2,4}/', $email))
...[/code]This definately isn't bullet proof by any stretch, but it should weed out mostly anything that doesn't look like an email address. Depending on what sort of validation you need, you may need to expand on that to make sure that only acceptable suffixes (.com, .net, .edu, ... etc) are matched via alternation at the end there.

The Domain name is similar to the email, but it looks like you're also accepting a 'List Name'. I don't know what that is, but it may not be possible to check for that AND the domain name at the same time.

I'm not seeing any of the errors you're talking about in your post here, post those and we'll help you track down the specifics as well.

[NickG21]

[code]Warning: preg_match(): Compilation failed: missing terminating ] for character class at offset 28 in /home/web/www.netatlantic.com/test/nickgirard/validate.php on line 5
Text Only In This Field
Warning: preg_match(): Compilation failed: missing terminating ] for character class at offset 28 in /home/web/www.netatlantic.com/test/nickgirard/validate.php on line 13
Text Only In This Field
Warning: preg_match(): Empty regular expression in /home/web/www.netatlantic.com/test/nickgirard/validate.php on line 40[/code]

Thank you for your response, these were the errors I forgot to paste it

[c4onastick]

[quote author=NickG21 link=topic=119432.msg489138#msg489138 date=1166645441]
Thank you for your response, these were the errors I forgot to paste it
[/quote]
No problem, glad to help. I wasn't about to start counting lines there, but I think the first two errors are referring to the '-' in your character class. Usually, (just one of those little funny quirks you have to follow) if you need a dash ('-') in your character class, you put it as the first character, since otherwise it has special meaning like in 'a-z' (means any character from a to z). The last error is probably because you define $pattern here:
[quote]if ($_POST['process'] == 1)
  {
      $pattern = '/.*@.*\..*/';
        $email  = $_POST['YourEmailAddress'];
    }[/quote]
If this doesn't evaluate to true (meaning $_POST['process'] is anything other than 1) $pattern will be undefined.