Member Avatar for kdogg556

Im doing a Contact form for a client and my php is limited. I need to make everything in this required. Here is the code:

<?php
ob_start();
if(empty($_POST)) {
$status = '';
$display_form = true;
} else {
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$pname = $_POST['pname'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$prescrip = $_POST['prescrip'];
$payment = $_POST['payment'];
$card = $_POST['card'];
$shipping = $_POST['shipping'];
$error_list = array();

if(empty($fname)) {
$error_list[] = 'You did not supply your first name';
}
if(empty($lname)) {
$error_list[] = 'You did not supply your last name';
}
if(empty($pname)) {
$error_list[] = 'You did not supply your patient name';
}
if(empty($email)) {
$error_list[] = 'You did not supply your email address';
}
if(empty($phone)) {
$error_list[] = 'You did not supply a phone number';
}
if(empty($prescrip)) {
$error_list[] = 'You did not supply a prescription number';
}
if(empty($payment)) {
$error_list[] = 'You did not supply a payment method';
}
if(empty($shipping)) {
$error_list[] = 'You did not select a shipping method';
}
if(empty($error_list)) {

$email_contents = "The following message was sent to you from your website:\n";
$email_contents .= "First Name: $fname\n";
$email_contents .= "Last Name: $lname\n";
$email_contents .= "Patient Name: $pname\n";
$email_contents .= "Email: $email\n";
$email_contents .= "Phone Number: $phone\n";
$email_contents .= "Prescription Number: $prescrip\n";
$email_contents .= "Payment Type: $payment\n";
$email_contents .= "Payment Card On File: $card\n";
$email_contents .= "Shipping Method: $shipping\n";


$extra_headers = "From: $fname <$email>\n";
$extra_headers .= "Reply-To: $email"; 


mail('scripts@sbhmed.com','Refill Form Submission', $email_contents, $extra_headers );
header('Location: http://www.sbhmed.com/refill_request_confirm.php');
$status = "Thank you $fname. We will be sure to get back to you as soon as possible!";
$display_form = false;
} else {
$status = '<ul>';

foreach($error_list as $error_message) {
$status .= "<li>$error_message</li>";
}
$status .= '</ul>';

$display_form = true;
}
}

ob_flush();
?>

Thanks for your help

Instead of just dumping your code, it's much more helpful to state what you are trying to build, and where you got stuck.

Being more specific about the code would save us lots of time and we can easily help you debug the code..

since ALL fields are required it would be best to validate it with javascript but still have PHP validate just in case the user has javascript turned off.

The way you are validating right now is valid but don't forget to sanitize it. since ALL fields are required you could just do it in a loop.

$required = array(
	'fname' => 'text',
	'lname' => 'text',
	'pname' => 'text',
	'email'	=> 'email',
	'phone' => 'int'
	....etc
);

$post = array();

foreach ( $required as $key => $value ) {
	
	if ( strlen( $_POST[$key] ) == 0 ) {
		$error[] = 'error message';
	}
	
	switch ( $value ) {
		case 'text' :
			$post[$key] = filter_var($_POST[$key], FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_HIGH);
			break;
		case 'float' :
			$post[$key] = floatval($_POST[$key]);
			break;
		case 'email' :
			if ( filter_var ($_POST[$key], FILTER_VALIDATE_EMAIL) === false ) {
				$error[] = 'invalid email';
				continue;
			}
			$post[$key] = filter_var ($_POST[$key], FILTER_SANITIZE_EMAIL);
			
			break;
		case 'int' :
			$post[$key] = intval($_POST[$key]);
			break;
		//etc....
		default :
			break;
	}
	
}

if ( empty($error[]) ) {
	//do more stuff
}

you could also use filter_var_array() instead of the switch case. see http://www.php.net/manual/en/function.filter-var-array.php

To validate on the client side you could use the jquery validator plugin http://docs.jquery.com/Plugins/Validation and also use HTML5 to have the browser validate the form, but HTML5 only works on modern browsers.

ex:

<input type="text" name="fname" required="required" />

see http://blog.mozilla.com/webdev/2011/03/14/html5-form-validation-on-sumo/

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.