Solved

Requird fields in PHP file

Posted on 2007-03-31
9
414 Views
Last Modified: 2007-04-06
Here is the PHP file I use to get contact info of users who visit my site. I want to make name and address1 as required fields. what should I do for that.

<?php
$name = $_POST['name'];
$sname = $_POST['spousename'];
$ad1 = $_POST['Address1'];
$ad2 = $_POST['Address2'];
$city = $_POST['city'];
$state = $_POST['state'];
$zip = $_POST['zip'];
$email = $_POST['email'];
$phone = $_POST['phone'];


$message = "Name: $name\n";
$message .= "Spouse Name: $spousename\n";
$message .= "Address1: $address1\n";
$message .= "Address2: $address2\n";
$message .= "City: $city\n";
$message .= "State: $state\n";
$message .= "Zip: $zip\n";
$message .= "Email: $email\n";
$message .= "Phone: $phone\n";

if (!mail('myemailid@yahoo.com','From Website',$message)) die('Mail Failed!');
header("Location: http://www.yahoo.com");
exit();
?>  

Thank You
0
Comment
Question by:pratikshahse
  • 4
  • 2
  • 2
  • +1
9 Comments
 
LVL 29

Accepted Solution

by:
rdivilbiss earned 500 total points
Comment Utility
$errorMsg = '';
$name = $_POST['name'];
if ($name=="") {
   errorMsg .= "Then name is required.
}
$sname = $_POST['spousename'];
$ad1 = $_POST['Address1'];
if ($ad1=="") {
   errorMsg .= "Then address is required.
}

$ad2 = $_POST['Address2'];
$city = $_POST['city'];
$state = $_POST['state'];
$zip = $_POST['zip'];
$email = $_POST['email'];
$phone = $_POST['phone'];

if ($errorMsg=='') {
    $message = "Name: $name\n";
    $message .= "Spouse Name: $spousename\n";
    $message .= "Address1: $address1\n";
    $message .= "Address2: $address2\n";
    $message .= "City: $city\n";
    $message .= "State: $state\n";
    $message .= "Zip: $zip\n";
    $message .= "Email: $email\n";
    $message .= "Phone: $phone\n";

    if (!mail('myemailid@yahoo.com','From Website',$message)) die('Mail Failed!');
    header("Location: http://www.yahoo.com");
    exit();
} else {
    echo $errorMsg . "<a href=\"prevpage\">Go Back</a>";
}

where prevpage id the href to the form page.
0
 
LVL 4

Expert Comment

by:mukhtar2t
Comment Utility
You can use javascript on your form that checks for name and address1 before sending back to your server so if the user does not fill the field he can not submit the form
add this attribute to your form tag
onsubmit="return check_required()"
so if the check required function returns false the form will not submit

and add this function to your head section
function check_required()
{
if(!document.getElementByID('name'))
{
  alert('name field is required');
  document.getElementByID('name').focus();
  return false;
}

if(!document.getElementByID('address1'))
{
  alert('address1 field is required');
  document.getElementByID('name').focus();
  return false;
}
return true;
}

Notice that javascript may not be active on all your clients computers
0
 
LVL 29

Expert Comment

by:rdivilbiss
Comment Utility
@mukhtar2t, JavaScript can only be used as a user convenience, and is never nor should it ever be suggested as a replacement for server side validation.

It is easily bypassed. Only server side validation can be reliable.
0
 
LVL 4

Expert Comment

by:mukhtar2t
Comment Utility
You are right,
It just an additional user convenience to let the code more effectivety.
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 
LVL 15

Expert Comment

by:JakobA
Comment Utility
The typical vay to do this is to have the form submit to the same php file that generated the page. then expand the code in the page so it can also handle the submitted form.

Then you check in post data if the submit button was pressed.

If it was not you just display the page with the form empty (as your old page did).

If the submitbutton was pressed you check the posted data for validity, are det required fields filled out, is the zipcode in the proper format, etc and build an errormessage the way rdivilbiss show abowe.

and then you redraw the page with that error message added (usually red so the user notice there have been a change) and with the data entered prefilled into the fields of the form for the user to change as needed.

Use a schema something like this:

-----------------   start of page.php ---------------
<?php

if( $_POST['submitbutton'] ] {
        // validate posted date
        if( <the data is valid> ) {
                // code to use the date
                header("Location: http://www.yoursite.com/thank_you_page.php");
                                    // Redirect to next page
                exit;             //and stop this one
        }else{
                $refilldata = true;
        }
}

?>
<!--  and here you put the 'old page' but change the fields in the form so they kan reshow the users data -->

<form action="{$_SERVER['PHP_SELF']}" ... >

<input type='text' name='field1' value="<? echo ($refilldata) ? $_POST['field1'] : "" ?>">

...

<input type='submit' name='ubmitbutton' value='send it' ... >

</form>
0
 
LVL 29

Expert Comment

by:rdivilbiss
Comment Utility
For an example I suppose this is fine but you might want to point out the XSS vulnerabilities, in $_SERVER['PHP_SELF'] and <input type='text' name='field1' value="<? echo ($refilldata) ? $_POST['field1'] : "" ?>">.

I'm all for simplifying examples, but failure to mention XSS is irresponsible.

Filter your input before re-writing it to a inputs value and understand that $_SERVER['PHP_SELF'] can be manipulated by a malicious user.
0
 

Author Comment

by:pratikshahse
Comment Utility
rdivilbiss, i am trying to use your code but it does not work. when i hit submit it takes me to page not found error. This happens even when i fill out the required fields and also when i leave them blank.

here is the php i am using.

<?php
$errorMsg = '';
$name = $_POST['name'];
{
   errorMsg .= "Then name is required.
}

$sname = $_POST['spousename'];
$ad1 = $_POST['Address1'];
$ad2 = $_POST['Address2'];
$city = $_POST['city'];
$state = $_POST['state'];
$zip = $_POST['zip'];
$email = $_POST['email'];
$phone = $_POST['phone'];


if ($errorMsg=='') {
    $message = "Name: $name\n";
    $message .= "Spouse Name: $spousename\n";
    $message .= "Address1: $address1\n";
    $message .= "Address2: $address2\n";
    $message .= "City: $city\n";
    $message .= "State: $state\n";
    $message .= "Zip: $zip\n";
    $message .= "Email: $email\n";
    $message .= "Phone: $phone\n";

    if (!mail('myemailid@yahoo.com','From Website',$message)) die('Mail Failed!');
    header("Location: http://www.yahoo.com");
    exit();
}
else {
    echo $errorMsg . "<a href=\"new_member.htm\">Go Back</a>";
}

?>  
0
 
LVL 29

Expert Comment

by:rdivilbiss
Comment Utility
>>when i hit submit it takes me to page not found error

There is no submit in my code...

Save my code to formhandler.php and in your form page set the form tag's action to formhandler.php

Read this: http://www.cafesong.com/ert/form_article/index.php
0
 

Author Comment

by:pratikshahse
Comment Utility
ok here is my html and below that is the file thats given by you. when i click on submit it just takes me to a blank page and does not do anything. it does not throw me an error when i dont put any information in and also it does not e mail me when i put all the information in. Please let me know what am i missing

<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>Please enter the requested infor</title>
</head>

<body bgcolor="#FFCC99">
<form action="formhandler.php" method="POST">
<p>Please enter the requested information.
</p>

<table style="width:240px" border="0">
  <tr>
    <td style="width:62px">Name:</td>
    <td><input name="name" size="30"></td>
  </tr>
  <tr>
    <td style="width:62px">Spouse Name:</td>
    <td><input name="spousename" size="30"></td>
  </tr>
  <tr>
    <td style="width:62px">Address1:</td>
    <td><input name="Address1" size="30"></td>
  </tr>
<tr>
    <td style="width:62px">Address2:</td>
    <td><input name="Address2" size="30"></td>
  </tr>
<tr>
    <td style="width:62px">City:</td>
    <td><input name="city" size="30"></td>
  </tr>
<tr>
    <td style="width:62px">State:</td>
    <td><input name="state" size="5"></td>
  </tr>
<tr>
    <td style="width:62px">Zip:</td>
    <td><input name="zip" size="11"></td>
  </tr>

  <tr>
    <td>Email:</td>
    <td><input name="email" size = "30"></td>
  </tr>
  <tr>
    <td>Phone:</td>
    <td><input name="phone" size="16"></td>
  </tr>

</table>
<br>
&nbsp;</br>
  <input type="submit" value="Send">
  <input type="reset" value="Clear the form">

</form>
</body>
</html>



PHP

<?php
$errorMsg = '';
$name = $_POST['name'];
if ($name=="") {
   errorMsg .= "Then name is required.
}
$sname = $_POST['spousename'];
$ad1 = $_POST['Address1'];
if ($ad1=="") {
   errorMsg .= "Then address is required.
}

$ad2 = $_POST['Address2'];
$city = $_POST['city'];
$state = $_POST['state'];
$zip = $_POST['zip'];
$email = $_POST['email'];
$phone = $_POST['phone'];

if ($errorMsg=='') {
    $message = "Name: $name\n";
    $message .= "Spouse Name: $spousename\n";
    $message .= "Address1: $address1\n";
    $message .= "Address2: $address2\n";
    $message .= "City: $city\n";
    $message .= "State: $state\n";
    $message .= "Zip: $zip\n";
    $message .= "Email: $email\n";
    $message .= "Phone: $phone\n";

    if (!mail('myemailid@yahoo.com','From Website',$message)) die('Mail Failed!');
    header("Location: http://www.yahoo.com");
    exit();
} else {
    echo $errorMsg . "<a href=\"prevpage\">Go Back</a>";
}
?>
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Consider the following scenario: You are working on a website and make something great - something that lets the server work with information submitted by your users. This could be anything, from a simple guestbook to a e-Money solution. But what…
Foreword (July, 2015) Since I first wrote this article, years ago, a great many more people have begun using the internet.  They are coming online from every part of the globe, learning, reading, shopping and spending money at an ever-increasing ra…
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now