Home › Forums › Back End › PHP Contact Form: errors execute for every field rather then individually
- This topic is empty.
-
AuthorPosts
-
February 25, 2015 at 7:05 am #196739
krystyna93
ParticipantHello fellow coders,
I am quite a novice at PHP so be gentle…
I have a PHP contact form, and I would like to validate every field individually when the user clicks the submit btn each time. My if statements are as follows:
// for name if (bla) { if (bla){do this} if (bla) {do this} } else {bla} // for email if (bla) { if (bla){do this} if (bla) {do this} } else {bla} // etc, etcBut when I try to do the if, else if, else if, else if, etc, etc, it says an unexpected ‘{‘ on line …
Why wouldn’t the if, else if, else if, way work to validate each field one by one?
Hope you get the jist.
P.S. If its too hard to understand, I can post an actual snippet of my code if that would be better.
Thanks, your help will be appreciated.
February 25, 2015 at 7:34 am #196740Senff
ParticipantBut when I try to do the if, else if, else if, else if, etc, etc, it says an unexpected ‘{‘ on line …
This should be simply because you’ve forgot a closing bracket somewhere, or forgot a semicolon, or some other character. Can’t tell for sure unless we see the actual code.
(It’s kinda difficult to see what you’re trying to do exactly since all your statements are (bla) and so I’m not sure about the actual structure.)
Alternative: do validation on the front end (with Javascript/jQuery), so that the form won’t even submit before all the validation passes.
February 25, 2015 at 7:50 am #196742ParticipantYes, Senff, you are right. Here is a snippet of my code:
`if(isset($_POST[‘submit’])) {
// check email validation function isEmail($email) { return(preg_match("/^[-_.[:alnum:]]+@((([[:alnum:]]|[[:alnum:]][[:alnum:]-]*[[:alnum:]]).)+(ad|ae|aero|af|ag|ai|al|am|an|ao|aq|ar|arpa|as|at|au|aw|az|ba|bb|bd|be|bf|bg|bh|bi|biz|bj|bm|bn|bo|br|bs|bt|bv|bw|by|bz|ca|cc|cd|cf|cg|ch|ci|ck|cl|cm|cn|co|com|coop|cr|cs|cu|cv|cx|cy|cz|de|dj|dk|dm|do|dz|ec|edu|ee|eg|eh|er|es|et|eu|fi|fj|fk|fm|fo|fr|ga|gb|gd|ge|gf|gh|gi|gl|gm|gn|gov|gp|gq|gr|gs|gt|gu|gw|gy|hk|hm|hn|hr|ht|hu|id|ie|il|in|info|int|io|iq|ir|is|it|jm|jo|jp|ke|kg|kh|ki|km|kn|kp|kr|kw|ky|kz|la|lb|lc|li|lk|lr|ls|lt|lu|lv|ly|ma|mc|md|mg|mh|mil|mk|ml|mm|mn|mo|mp|mq|mr|ms|mt|mu|museum|mv|mw|mx|my|mz|na|name|nc|ne|net|nf|ng|ni|nl|no|np|nr|nt|nu|nz|om|org|pa|pe|pf|pg|ph|pk|pl|pm|pn|pr|pro|ps|pt|pw|py|qa|re|ro|ru|rw|sa|sb|sc|sd|se|sg|sh|si|sj|sk|sl|sm|sn|so|sr|st|su|sv|sy|sz|tc|td|tf|tg|th|tj|tk|tm|tn|to|tp|tr|tt|tv|tw|tz|ua|ug|uk|um|us|uy|uz|va|vc|ve|vg|vi|vn|vu|wf|ws|ye|yt|yu|za|zm|zw)$|(([0-9][0-9]?|[0-1][0-9][0-9]|[2][0-4][0-9]|[2][5][0-5]).){3}([0-9][0-9]?|[0-1][0-9][0-9]|[2][0-4][0-9]|[2][5][0-5]))$/i",$email));} // check each field if (trim($_POST['name'] != "")) { $name = filter_var($_POST['name'], FILTER_SANITIZE_STRING); if (trim($_POST['name'] == "")) { $error .= '<div class="errormsg">Please enter a valid name.</div>'; } if (!preg_match ("/^[a-zA-Z ]*$/",trim ($_POST['name']))) { $error .= '<div class="errormsg">Only letters and whitespace are allowed!</div>'; } } else { $error .= '<div class="errormsg">Please enter your name.</div>'; } if (trim($_POST['email'] != "")) { $email = filter_var($_POST['email'], FILTER_SANITIZE_EMAIL); if (trim($_POST['email'] == "")) { $error .= '<div class="errormsg">Please enter a valid email.</div>'; } if (trim(!isEmail($_POST['email']))) { $error = '<div class="errormsg">You have enter an invalid e-mail address. Please, try again!</div>'; } } else { $error .= '<div class="errormsg">Please enter your email.</div>'; } if (trim($_POST['subject'] != "")) { $subject = filter_var($_POST['subject'], FILTER_SANITIZE_STRING); if (trim($_POST['subject'] == "")) { $error = '<div class="errormsg">Please enter a subject!</div>'; } if(!preg_match ("/^[a-zA-Z ]*$/",trim($subject))) { $error = '<div class="errormsg">Only letters and white space are allowed in the subject!</div>'; } } else { $error .= '<div class="errormsg">Please enter the subject.</div>'; } if(trim($_POST['message'] != "")) { $message = filter_var($_POST['message'], FILTER_SANITIZE_STRING); if (trim($_POST['message'] == "")) { $error = '<div class="errormsg">Please enter your message</div>'; } if (!preg_match ("/^[a-zA-Z ]*$/",trim($message))) { $error = '<div class="errormsg">Only letters and white space are allowed in the message</div>'; } } else { $error .= '<div class="errormsg">Please enter a message.</div>'; } if (trim($_POST['spamcheck'] != "")) { $spamcheck = filter_var($_POST['spamcheck'], FILTER_SANITIZE_NUMBER_INT); if (trim($_POST['message'] == "")) { $error = '<div class="errormsg">Please enter the number for Spam Check!</div>'; } if (trim($spamcheck) != '5') { $error = '<div class="errormsg">Spam Check: The number you entered is not correct! 2 + 3 = ???</div>'; } } else { $error .= '<div class="errormsg">Please enter a number.</div>'; } // if no errors have been detected, send email via PHPMailer if($error == "") { if(get_magic_quotes_gpc()) { $message = stripslashes($message); }`
Oh god, I hope its understandable for you, looks like a bit of a hot mess, lol..
February 25, 2015 at 7:52 am #196744ParticipantQuick glance: I don’t see any missing brackets or typos right away. What is the line that refers to the error message?
February 25, 2015 at 7:55 am #196745ParticipantOk,
it hits me with unexpected ‘{‘ for every loop that begins with the if statement, however this error only occurs when I am trying to implement the ‘else if’, when I change every if statement after the first if for ‘name’… if that makes sense…
February 25, 2015 at 8:09 am #196747ParticipantThat makes sense but I don’t see that in the code. Did you try “else if” or “elseif”?
February 25, 2015 at 8:14 am #196748Participantwell, I didn’t post the changed version here, but I did do ‘else if’ for email to have a look, and that gave me the error…
Im not sure why it wouldn’t let me. I’m quite baffled, as it only allows if statements to execute, rather then following the – if, else if, else if sequence.
February 25, 2015 at 9:49 am #196756ParticipantNo worries, thanks for your help, I will get back to you on this :)
February 26, 2015 at 5:00 am #196834ParticipantOk, so the contact form I am using is quite a few years old now, but I am trying to modify it for PHP v5.4.
It’s still in progress, so little things like the ‘$errors .=’concatenation needs to be changed all to ‘$errors =’, which I have done so now.
I need to change the preg_match for the user input fields, yes they are too prejudice against foreign languages, I need to change that, same goes for the ‘message’ input too, thanks for letting me know.
So, this form I am using, I am not querying a database, so would you think sanitizing the input fields is pointless? Do you think I should just stick with validating the inputs with just preg_match patterns, and is that enough, or should I use strip_tags? You see also, I’m not entirely sure if my sanitizations are even working properly either.
I think I also may have to escape output strings too, what do you think?
And for the magic_quotes_gpc, which I didn’t realise was deprecated, what do you think is a better alternative to use for PHP v5.4 ?
I am still new to validating PHP input and proper standards for deterring security holes for XSS, header exploits, etc…
In your opinion, am I going in the right direction about protecting the form?
So sorry for this late reply…
Thanks :)
Your help is much appreciated!February 26, 2015 at 5:14 am #196835ParticipantHello people,
here is my code finally on pastebin!So as you can see, my if statements work but are displayed for all fields, however, I would like to display validations for each field one at a time when the user clicks send.
Any changes I can make to enable this??? I’m at a loss and wasting time on this due to lack of experience..
Anyone have any ideas?
Thanks :)
-
AuthorPosts
- The forum ‘Back End’ is closed to new topics and replies.