Forums

The forums ran from 2008-2020 and are now closed and viewable here as an archive.

Home Forums Back End PHP Contact Form: errors execute for every field rather then individually

  • This topic is empty.
Viewing 10 posts - 1 through 10 (of 10 total)
  • Author
    Posts
  • #196739
    krystyna93
    Participant

    Hello fellow coders,

    I am quite a novice at PHP so be gentle…

    I have a PHP contact form, and I would like to validate every field individually when the user clicks the submit btn each time. My if statements are as follows:

    // for name
    if (bla) {
      if (bla){do this}
      if (bla) {do this}
    }
    else {bla}
    
    // for email
    if (bla) {
      if (bla){do this}
      if (bla) {do this}
    }
    else {bla}
    
    // etc, etc
    

    But when I try to do the if, else if, else if, else if, etc, etc, it says an unexpected ‘{‘ on line …

    Why wouldn’t the if, else if, else if, way work to validate each field one by one?

    Hope you get the jist.

    P.S. If its too hard to understand, I can post an actual snippet of my code if that would be better.

    Thanks, your help will be appreciated.

    #196740
    Senff
    Participant

    But when I try to do the if, else if, else if, else if, etc, etc, it says an unexpected ‘{‘ on line …

    This should be simply because you’ve forgot a closing bracket somewhere, or forgot a semicolon, or some other character. Can’t tell for sure unless we see the actual code.

    (It’s kinda difficult to see what you’re trying to do exactly since all your statements are (bla) and so I’m not sure about the actual structure.)

    Alternative: do validation on the front end (with Javascript/jQuery), so that the form won’t even submit before all the validation passes.

    #196742
    krystyna93
    Participant

    Yes, Senff, you are right. Here is a snippet of my code:

    `if(isset($_POST[‘submit’])) {

                // check email validation       
                function isEmail($email) { return(preg_match("/^[-_.[:alnum:]][email protected]((([[:alnum:]]|[[:alnum:]][[:alnum:]-]*[[:alnum:]]).)+(ad|ae|aero|af|ag|ai|al|am|an|ao|aq|ar|arpa|as|at|au|aw|az|ba|bb|bd|be|bf|bg|bh|bi|biz|bj|bm|bn|bo|br|bs|bt|bv|bw|by|bz|ca|cc|cd|cf|cg|ch|ci|ck|cl|cm|cn|co|com|coop|cr|cs|cu|cv|cx|cy|cz|de|dj|dk|dm|do|dz|ec|edu|ee|eg|eh|er|es|et|eu|fi|fj|fk|fm|fo|fr|ga|gb|gd|ge|gf|gh|gi|gl|gm|gn|gov|gp|gq|gr|gs|gt|gu|gw|gy|hk|hm|hn|hr|ht|hu|id|ie|il|in|info|int|io|iq|ir|is|it|jm|jo|jp|ke|kg|kh|ki|km|kn|kp|kr|kw|ky|kz|la|lb|lc|li|lk|lr|ls|lt|lu|lv|ly|ma|mc|md|mg|mh|mil|mk|ml|mm|mn|mo|mp|mq|mr|ms|mt|mu|museum|mv|mw|mx|my|mz|na|name|nc|ne|net|nf|ng|ni|nl|no|np|nr|nt|nu|nz|om|org|pa|pe|pf|pg|ph|pk|pl|pm|pn|pr|pro|ps|pt|pw|py|qa|re|ro|ru|rw|sa|sb|sc|sd|se|sg|sh|si|sj|sk|sl|sm|sn|so|sr|st|su|sv|sy|sz|tc|td|tf|tg|th|tj|tk|tm|tn|to|tp|tr|tt|tv|tw|tz|ua|ug|uk|um|us|uy|uz|va|vc|ve|vg|vi|vn|vu|wf|ws|ye|yt|yu|za|zm|zw)$|(([0-9][0-9]?|[0-1][0-9][0-9]|[2][0-4][0-9]|[2][5][0-5]).){3}([0-9][0-9]?|[0-1][0-9][0-9]|[2][0-4][0-9]|[2][5][0-5]))$/i",$email));}
    
                // check each field 
                if (trim($_POST['name'] != "")) {
                    $name = filter_var($_POST['name'], FILTER_SANITIZE_STRING);
                    if (trim($_POST['name'] == "")) {
                        $error .= '<div class="errormsg">Please enter a valid name.</div>';
                    }
                    if (!preg_match ("/^[a-zA-Z ]*$/",trim ($_POST['name']))) {
                        $error .= '<div class="errormsg">Only letters and whitespace are allowed!</div>';
                    }
                }   
                else {
                    $error .= '<div class="errormsg">Please enter your name.</div>';
                }
    
                if (trim($_POST['email'] != "")) {
                    $email = filter_var($_POST['email'], FILTER_SANITIZE_EMAIL);
                    if (trim($_POST['email'] == "")) {
                        $error .= '<div class="errormsg">Please enter a valid email.</div>';
                    }
                    if (trim(!isEmail($_POST['email']))) {
                            $error = '<div class="errormsg">You have enter an invalid e-mail address. Please, try again!</div>';
                    }
                }   
                else {
                    $error .= '<div class="errormsg">Please enter your email.</div>';
                }
    
                if (trim($_POST['subject'] != "")) {
                    $subject = filter_var($_POST['subject'], FILTER_SANITIZE_STRING);
                    if (trim($_POST['subject'] == "")) {
                        $error = '<div class="errormsg">Please enter a subject!</div>';
                    }
                    if(!preg_match ("/^[a-zA-Z ]*$/",trim($subject))) {
                        $error = '<div class="errormsg">Only letters and white space are allowed in the subject!</div>';
                    }
                }   
                else {
                    $error .= '<div class="errormsg">Please enter the subject.</div>';
                }
    
                if(trim($_POST['message'] != "")) {
                    $message = filter_var($_POST['message'], FILTER_SANITIZE_STRING);
                    if (trim($_POST['message'] == "")) {
                        $error = '<div class="errormsg">Please enter your message</div>';
                    }
                    if  (!preg_match ("/^[a-zA-Z ]*$/",trim($message))) {
                        $error = '<div class="errormsg">Only letters and white space are allowed in the message</div>';
                    }
                }   
                else {
                    $error .= '<div class="errormsg">Please enter a message.</div>';
                }
    
                if (trim($_POST['spamcheck'] != "")) {
                    $spamcheck = filter_var($_POST['spamcheck'], FILTER_SANITIZE_NUMBER_INT);
                    if (trim($_POST['message'] == "")) {
                        $error = '<div class="errormsg">Please enter the number for Spam Check!</div>';
                    }
                    if (trim($spamcheck) != '5') {
                        $error = '<div class="errormsg">Spam Check: The number you entered is not correct! 2 + 3 = ???</div>';
                    }
                }   
                else {
                    $error .= '<div class="errormsg">Please enter a number.</div>';
                }
    
                // if no errors have been detected, send email via PHPMailer
                if($error == "") {
                    if(get_magic_quotes_gpc()) {
                        $message = stripslashes($message);
                    }
    

    `

    Oh god, I hope its understandable for you, looks like a bit of a hot mess, lol..

    #196744
    Senff
    Participant

    Quick glance: I don’t see any missing brackets or typos right away. What is the line that refers to the error message?

    #196745
    krystyna93
    Participant

    Ok,

    it hits me with unexpected ‘{‘ for every loop that begins with the if statement, however this error only occurs when I am trying to implement the ‘else if’, when I change every if statement after the first if for ‘name’… if that makes sense…

    #196747
    Senff
    Participant

    That makes sense but I don’t see that in the code. Did you try “else if” or “elseif”?

    #196748
    krystyna93
    Participant

    well, I didn’t post the changed version here, but I did do ‘else if’ for email to have a look, and that gave me the error…

    Im not sure why it wouldn’t let me. I’m quite baffled, as it only allows if statements to execute, rather then following the – if, else if, else if sequence.

    #196756
    krystyna93
    Participant

    No worries, thanks for your help, I will get back to you on this :)

    #196834
    krystyna93
    Participant

    Ok, so the contact form I am using is quite a few years old now, but I am trying to modify it for PHP v5.4.

    It’s still in progress, so little things like the ‘$errors .=’concatenation needs to be changed all to ‘$errors =’, which I have done so now.

    I need to change the preg_match for the user input fields, yes they are too prejudice against foreign languages, I need to change that, same goes for the ‘message’ input too, thanks for letting me know.

    So, this form I am using, I am not querying a database, so would you think sanitizing the input fields is pointless? Do you think I should just stick with validating the inputs with just preg_match patterns, and is that enough, or should I use strip_tags? You see also, I’m not entirely sure if my sanitizations are even working properly either.

    I think I also may have to escape output strings too, what do you think?

    And for the magic_quotes_gpc, which I didn’t realise was deprecated, what do you think is a better alternative to use for PHP v5.4 ?

    I am still new to validating PHP input and proper standards for deterring security holes for XSS, header exploits, etc…

    In your opinion, am I going in the right direction about protecting the form?

    So sorry for this late reply…

    Thanks :)
    Your help is much appreciated!

    #196835
    krystyna93
    Participant

    Hello people,
    here is my code finally on pastebin!

    http://pastebin.com/S29C0axL

    So as you can see, my if statements work but are displayed for all fields, however, I would like to display validations for each field one at a time when the user clicks send.

    Any changes I can make to enable this??? I’m at a loss and wasting time on this due to lack of experience..

    Anyone have any ideas?

    Thanks :)

Viewing 10 posts - 1 through 10 (of 10 total)
  • The forum ‘Back End’ is closed to new topics and replies.