...

View Full Version : Form validation error / glitch? oO



ShadowIce
01-18-2010, 08:37 PM
After entering the form data correctly, and when I click the 'Go Back To Main Page' link, how can I make it so that it doesn't display the error(s) again?

formvalidation.php:


<?php
session_start();
?>

<?php

function VerifyForm(&$values, &$errors)
{
// Do all necessary form verification

if (strlen($values['name']) < 3)
$errors['name'] = '* Name too short';

elseif (strlen($values['name']) > 50)
$errors['name'] = '* Name too long';

// Needs better checking ;)

if (!ereg('.*@.*\..{2,4}', $values['email']))
$errors['email'] = '* Email address invalid';

if (strlen($values['text']) == 0)
$errors['text'] = '* Text required';

return (count($errors) == 0);

}
function DisplayForm($values, $errors)
{
?>
<html>
<head><title>Yadda yadda</title></head>
<body>
<?php
if (count($errors) > 0)
$fontstart = "<font color=\"#FF0000\">";
$fontend = "</font>";
echo $fontstart."<p>There were some errors in your submitted form, please correct them and try again.</p>".$fontend;
?>
<tr>
<td class="error"><?= $fontstart.$errors['name'].$fontend ?></td><br>
<td class="error"><?= $fontstart.$errors['email'].$fontend ?></td><br>
<td class="error"><?= $fontstart.$errors['text'].$fontend ?></td><br>
</tr>
<form action="<?= $_SERVER['PHP_SELF'] ?>" method="POST">
<table>
<tr>
<td>Name:</td>
<td><input type="text" size="30" name="name" value="<?= htmlentities($values['name']) ?>"/>
</tr>
<tr>
<td>Email:</td>
<td><input type="text" size="30" name="email" value="<?= htmlentities($values['email']) ?>"/>
</tr>
<tr>
<td valign="top">Text:</td>
<td>
<textarea name="text" cols="30" rows="6"><?= htmlentities($values['text']) ?></textarea>
</td>
</tr>
<tr><td colspan="2" align="center"><input type="submit" value="Submit"></tr>
</table>
</form>
</body>
</html><?php
}
function ProcessForm($values)
{
//mail('$adminemail', 'Form test', $values['text'], "From: \"{$values['name']}\" <{$values['email']}>");
// Replace with actual page or redirect :P
echo "<html>\n<head><title>Thank you!</title></head>\n<body>\nThank you!\n<br>\nYour data would have been submitted if this were a real form! =D\n<br>\n<a href=\"./formvalidation.php\">Go Back To Main Page</a>\n<br>\n</body>\n</html>";
}
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
$formValues = $_POST;
$formErrors = array();
if (!VerifyForm($formValues, $formErrors))
DisplayForm($formValues, $formErrors);
else
ProcessForm($formValues);
}
else
DisplayForm(null, null);
?>

Fumigator
01-18-2010, 10:10 PM
My guess is because your if (count($errors) > 0) condition needs squiggly brackets to enclose that entire block of echo statements. Right now, without brackets, only one line of code is run as part of the conditional.

This is why it's a good idea to always use brackets on "if" statements, even if there is only one line of code to run.

ShadowIce
01-18-2010, 10:35 PM
Here's what I have:


<?php

function VerifyForm(&$values, &$errors)
{
// Do all necessary form verification

if (strlen($values['name']) < 3)
$errors['name'] = '* Name too short';

elseif (strlen($values['name']) > 50)
$errors['name'] = '* Name too long';

// Needs better checking <!-- s;) --><img src=\"{SMILIES_PATH}/icon_wink.gif\" alt=\";)\" title=\"Wink\" /><!-- s;) -->

if (!ereg('.*@.*\..{2,4}', $values['email']))
$errors['email'] = '* Email address invalid';

if (strlen($values['text']) == 0)
$errors['text'] = '* Text required';

return (count($errors) == 0);

}
function DisplayForm($values, $errors)
{
?>
<html>
<head><title>Yadda yadda</title></head>
<body>
<?php
if (count($errors) > 0){
$fontstart = "<font color=\"#FF0000\">";
$fontend = "</font>";
echo $fontstart."<p>There were some errors in your submitted form, please correct them and try again.</p>".$fontend;
}
?>
<tr>
<td class="error"><?= $fontstart.$errors['name'].$fontend ?></td><br>
<td class="error"><?= $fontstart.$errors['email'].$fontend ?></td><br>
<td class="error"><?= $fontstart.$errors['text'].$fontend ?></td><br>
</tr>
<form action="<?= $_SERVER['PHP_SELF'] ?>" method="POST">
<table>
<tr>
<td>Name:</td>
<td><input type="text" size="30" name="name" value="<?= htmlentities($values['name']) ?>"/>
</tr>
<tr>
<td>Email:</td>
<td><input type="text" size="30" name="email" value="<?= htmlentities($values['email']) ?>"/>
</tr>
<tr>
<td valign="top">Text:</td>
<td>
<textarea name="text" cols="30" rows="6"><?= htmlentities($values['text']) ?></textarea>
</td>
</tr>
<tr><td colspan="2" align="center"><input type="submit" value="Submit"></tr>
</table>
</form>
</body>
</html><?php
}
function ProcessForm($values)
{
//mail('$adminemail', 'Form test', $values['text'], "From: \"{$values['name']}\" <{$values['email']}>");
// Replace with actual page or redirect <!-- s:P --><img src=\"{SMILIES_PATH}/icon_razz.gif\" alt=\":P\" title=\"Razz\" /><!-- s:P -->
echo "<html>\n<head><title>Thank you!</title></head>\n<body>\nThank you!\n<br>\nYour data would have been submitted if this were a real form! =D\n<br>\n<a href=\"./formvalidation.php\">Go Back To Main Page</a>\n<br>\n</body>\n</html>";
}
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
$formValues = $_POST;
$formErrors = array();
// if (!VerifyForm($formValues, $formErrors))
if (!(VerifyForm($formValues, $formErrors)) || !(array_key_exists('name', $formValues))){
DisplayForm($formValues, $formErrors);
}else{
ProcessForm($formValues);
}
}else{
DisplayForm(null, null);
}
?>

ShadowIce
01-18-2010, 11:50 PM
Case: Closed! =D I fixed the problem! =D

JAY6390
01-19-2010, 03:28 AM
Be aware that eregi is deprecated as of PHP 5.3.0 ShadowIce, and completely removed from of PHP 6. You should use the preg duplicate functions instead for them. However for email checking you can use


if (filter_var($values['email'], FILTER_VALIDATE_EMAIL))
$errors['email'] = '* Email address invalid';

Fou-Lu
01-19-2010, 02:00 PM
Be aware that eregi is deprecated as of PHP 5.3.0 ShadowIce, and completely removed from of PHP 6. You should use the preg duplicate functions instead for them. However for email checking you can use


if (filter_var($values['email'], FILTER_VALIDATE_EMAIL))
$errors['email'] = '* Email address invalid';

Preg equivalents should definitely be in use, but I would not recommend using the filter_* methods at this time. As it sits, these are full of bugs; the email validation alone accepts invalid data for its filters.
For example:


print filter_var('1@1', FILTER_VALIDATE_EMAIL); // 1@1

1@1 is not a valid email address.

JAY6390
01-19-2010, 02:08 PM
Isn't that because you could locally have a machine with the address "1" like you have "localhost" and so on. I do understand what you mean though

Fou-Lu
01-19-2010, 02:46 PM
Isn't that because you could locally have a machine with the address "1" like you have "localhost" and so on. I do understand what you mean though

I'm on the fence, I'm going through the RFC's for mail exchange. My original interpretation was the local-part could not start with a number, but it appears that this is not the case. I need to go through the 1035 which should define the breakdown of the domain-part, but so far it appears that this has to be a valid MX record. I'll post back what I find.

JAY6390
01-19-2010, 02:52 PM
Ah OK cool

Fou-Lu
01-19-2010, 03:21 PM
Ok, according to 1035:


<domain> ::= <subdomain> | " "

<subdomain> ::= <label> | <subdomain> "." <label>

<label> ::= <letter> [ [ <ldh-str> ] <let-dig> ]

<ldh-str> ::= <let-dig-hyp> | <let-dig-hyp> <ldh-str>

<let-dig-hyp> ::= <let-dig> | "-"

<let-dig> ::= <letter> | <digit>

<letter> ::= any one of the 52 alphabetic characters A through Z in
upper case and a through z in lower case

<digit> ::= any one of the ten digits 0 through 9

Note that while upper and lower case letters are allowed in domain
names, no significance is attached to the case. That is, two names with
the same spelling but different case are to be treated as if identical.

The labels must follow the rules for ARPANET host names. They must
start with a letter, end with a letter or digit, and have as interior
characters only letters, digits, and hyphen. There are also some
restrictions on the length. Labels must be 63 characters or less.

It appears that the domain name itself must start with a letter. However, rfc822 (how far back to I have to go >.<) define the original domain-ref option for you're domain. This appears to be the host address with the format [10.2.5.246] for example. Best I can tell, its actually indicating that the brackets are required for the host, so I would presume that would be myuser@[10.14.82.241], but I'm afraid I've never done this in the past and cannot confirm if this is the case, and although I've been putting a lot of work into my ubermailer, I am definitely no mail exchange expert. I can check with our exchange admin to see if he has a better idea, but he's pretty young so its a good possibility he won't know.

To the point, if the above holds true and my interpretation is correct, than the filter_var is incorrect in how it parses the domain section of the email. Sadly I haven't had the time to completely scower the RFC's involved (though I tell you, they are PACKED with tons of useless info lol [like technically a 'to' address is not required in you're emails]), but I'll be looking over all of these anyway as I get more into my mailer.

JAY6390
01-19-2010, 03:25 PM
haha OK well nice research anyway :) I guess it might be worth asking those at php.net or submit a bug report and see what they say. I suppose either way it's not a great way of checking the average EMAIL address with a tld every time

Fou-Lu
01-19-2010, 03:51 PM
haha OK well nice research anyway :) I guess it might be worth asking those at php.net or submit a bug report and see what they say. I suppose either way it's not a great way of checking the average EMAIL address with a tld every time

I don't waste my time with the bug reports anymore. Here is a report I filed about a year ago showing how to decay the scope of extended / interfaced methods. Essentially, interface (though they are literally the greatest element in OOP ever) are technically useless in PHP. So instead of the fatal error being tossed at link time, you'll end up with intermittent errors since its tossed at runtime instead (it should be tossing at link time, forbidding the actual construction of the object definition). They said its the way its supposed to work, so I don't bother with filing reports anymore, since that is clearly incorrect OO usage.

http://bugs.php.net/bug.php?id=48376
I have the runtime files I used somewhere when I found this bug if you wanted to see how it actually runs. I'd need to wait until I get home from work though.

JAY6390
01-19-2010, 06:35 PM
Nah it's cool. I've just read the bug report and can see what you mean. Very strange they've left it as it is tbh



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum