Form field validation using php

esteeven · 09-10-2009, 05:48 AM

I am going in circles and banging my poor head against walls. I want to validate a web form using PHP. I spent ages confusing myself with client side scripting and realised until I worked out it is not what I want. My problem is that now I am looking at PHP and everything is mixed up in my brain. I need to point out that PHP is very new to me!! This is what I already have: 1 An html page with my form on it. 2 a php page which emails the contents of the form to me. The above works well. For the sake of clarity, here are my pages (cut down to the essentials where appropriate): My html form

Quote:

first name surname
email &nbsp
home phone

mobile

work phone

I have read and understood your terms and conditions

my php script (regform.php)

Quote:

$receiver = 'me@email'; $subject = 'New registration'; #$message = 'This is a new registration.'; $surname = $_POST['surname']; $firstname = $_POST['firstname']; $address = $_POST['address']; $email = $_POST['email']; $homeph = $_POST['homeph']; $mobileph = $_POST['mobileph']; $workph = $_POST['workph']; $time = $_POST['time']; #from here $oldaddress = $_POST['oldaddress']; $DOB = $_POST['DOB']; $elect = $_POST['elect']; $job = $_POST['job']; $salary = $_POST['salary']; $employer = $_POST['employer']; $benefit = $_POST['benefit']; $smoke = $_POST['smoke']; $claim = $_POST['claim']; $children = $_POST['children']; $children2 = $_POST['children2']; $pets = $_POST['pets']; $pets2 = $_POST['pets2']; $require = $_POST['require']; $terms = $_POST['terms']; $rooms = $_POST['rooms']; $body = "first name:$firstname\n surname:$surname\n DOB:$DOB\n email:$email\n home phone:$homeph\n mobile phone:$mobileph\n work phone:$workph\n address:\n$address\n time at this address:$time\n previous address:$oldaddress\n electoral register:$elect\n employment:$job\n employer:$employer\n salary:$salary\n benefit claim:$benefit\n future benefit:$claim\n children:$children\n ages:$children2\n pets:$pet\n pet type:$pets2\n other requirements:$require\n terms:$terms"; $headers = 'From: email' . "\r\n" . 'Reply-To: email "\r\n" . 'X-Mailer: PHP/' . phpversion(); mail($receiver, $subject, $body, $headers, "From: $firstname $surname \r\n" . "Reply-To: $firstname $surname class="inlineimg" />;

You can see there are many more form fields than I have shown in my example html form above. What I want is that the following fields have to be filled : 1 mobileph 2 email 3 terms (checkbox) I would like the user to be asked to fill the form in properly if any/all of the 3 fields have not been filled in. I imagine I need some php in the html page and some more in the php page. I am certainly not asking any one to do this for me but I am really confused. I have googled and copied and pasted and edited for 6 hours and I am lost. What I want is a very simple and clear example of the code needed. Sorry if I sound as if I can't search properly on Google: in this case I clearly can't!!!

esteeven · 09-10-2009, 06:23 AM

I am probably missing the obvious but I am having real problems posting this!! I am sorry it looks so horrible.

jiml8 · 09-10-2009, 02:15 PM

Your php output is practically unreadable. It appears to be moving variables from a REQUEST into local storage, then building an email using those local variables, then sending the email using the mail() command.

This is stock stuff.

I guess I'm confused; you want to validate and enforce certain fields? And kick it back to them if those fields are not filled in properly?

Like this, generally:

Code:

The name of this script, for our purposes, is myscript.php

<?php

allow_send = 0;
formerror = 0;
if($_REQUEST_METHOD == "POST")
{
$receiver = 'me@email'; $subject = 'New registration'; #$message = 'This is a new registration.'; $surname = $_POST['surname']; $firstname = $_POST['firstname']; $address = $_POST['address']; $email = $_POST['email']; $homeph = $_POST['homeph']; $mobileph = $_POST['mobileph']; $workph = $_POST['workph']; $time = $_POST['time']; #from here $oldaddress = $_POST['oldaddress']; $DOB = $_POST['DOB']; $elect = $_POST['elect']; $job = $_POST['job']; $salary = $_POST['salary']; $employer = $_POST['employer']; $benefit = $_POST['benefit']; $smoke = $_POST['smoke']; $claim = $_POST['claim']; $children = $_POST['children']; $children2 = $_POST['children2']; $pets = $_POST['pets']; $pets2 = $_POST['pets2']; $require = $_POST['require']; $terms = $_POST['terms']; $rooms = $_POST['rooms'];

    validate anything you want to validate, and implement security to prevent your form being used as a spam relay
    if(all_validations_are_passed) 
    {
         formerror = 0;
         allow_send = 1;
         mail(etc);
    }
    else formerror = 1;
}
?>
<html><head></head><body>
<?php
if(allow_send == 1)
{
    echo "the message was sent<br/>";
} else {
?>
<form action = "myscript.php" method="POST">
<?php
if(formerror == 1) {
    echo "there are errors in the form.  Please correct them.<br/>
}

?>
html blah blah, with values put in textboxes etc
<?php } ?>

In such a form, when marking up errors, I'll usually change the fonts on the lines that have the problems into red so that the user can easily see what I want fixed..