Real Time PHP Form Validation

Question

ello 0 Junior Poster in Training

11 Years Ago

Hi There Guys,

I've found a lot on this subject, but the sheer amount of scripts and suggestions is overwhelming and researching this has confused me more than anything.

I have a fully working contact form, but at the moment it simply checks the users input on submition of the form. What I'm after is a validation process the same as googles sign up.

https://accounts.google.com/SignUp?continue=http%3A%2F%2Fwww.google.co.uk%2F&hl=en

Obviously checks the info as you move through the form, and with javascript disabled does the same but on submission.

That's what I'm trying to achieve with the code below.

PHP:

<?php

if(!$_POST) exit;

// Email address verification, do not edit.
function isEmail($email) { 
    return(preg_match("/^[-_.[:alnum:]]+@((([[:alnum:]]|[[:alnum:]][[:alnum:]-]*[[:alnum:]])\.)+(ad|ae|aero|af|ag|ai|al|am|an|ao|aq|ar|arpa|as|at|au|aw|az|ba|bb|bd|be|bf|bg|bh|bi|biz|bj|bm|bn|bo|br|bs|bt|bv|bw|by|bz|ca|cc|cd|cf|cg|ch|ci|ck|cl|cm|cn|co|com|coop|cr|cs|cu|cv|cx|cy|cz|de|dj|dk|dm|do|dz|ec|edu|ee|eg|eh|er|es|et|eu|fi|fj|fk|fm|fo|fr|ga|gb|gd|ge|gf|gh|gi|gl|gm|gn|gov|gp|gq|gr|gs|gt|gu|gw|gy|hk|hm|hn|hr|ht|hu|id|ie|il|in|info|int|io|iq|ir|is|it|jm|jo|jp|ke|kg|kh|ki|km|kn|kp|kr|kw|ky|kz|la|lb|lc|li|lk|lr|ls|lt|lu|lv|ly|ma|mc|md|mg|mh|mil|mk|ml|mm|mn|mo|mp|mq|mr|ms|mt|mu|museum|mv|mw|mx|my|mz|na|name|nc|ne|net|nf|ng|ni|nl|no|np|nr|nt|nu|nz|om|org|pa|pe|pf|pg|ph|pk|pl|pm|pn|pr|pro|ps|pt|pw|py|qa|re|ro|ru|rw|sa|sb|sc|sd|se|sg|sh|si|sj|sk|sl|sm|sn|so|sr|st|su|sv|sy|sz|tc|td|tf|tg|th|tj|tk|tm|tn|to|tp|tr|tt|tv|tw|tz|ua|ug|uk|um|us|uy|uz|va|vc|ve|vg|vi|vn|vu|wf|ws|ye|yt|yu|za|zm|zw)$|(([0-9][0-9]?|[0-1][0-9][0-9]|[2][0-4][0-9]|[2][5][0-5])\.){3}([0-9][0-9]?|[0-1][0-9][0-9]|[2][0-4][0-9]|[2][5][0-5]))$/i",$email));     
}

if (!defined("PHP_EOL")) define("PHP_EOL", "\r\n");

// Initial Information.
$name     = $_POST['name'];
$message     = $_POST['message'];
$email    = $_POST['email'];
$phone    = $_POST['phone'];
$verify   = $_POST['verify'];

// Initial Information.
if(trim($name) == '') {
    echo '<div class="error_message">Attention! You must enter your full name.</div>';
    exit();
} else if(trim($message) == '') {
    echo '<div class="error_message">Attention! Please enter a message.</div>';
    exit();
} else if(trim($email) == '') {
    echo '<div class="error_message">Attention! Please enter a valid email address.</div>';
    exit();
} else if(!isEmail($email)) {
    echo '<div class="error_message">Attention! You have enter an invalid e-mail address, try again.</div>';
    exit();
} else if(trim($phone) == '') {
    echo '<div class="error_message">Attention! Please enter a phone number.</div>';
    exit();
}

// Verification.
if(!isset($verify) || trim($verify) == '') {
    echo '<div class="error_message">Attention! Please enter the verification number.</div>';
    exit();
} else if(trim($verify) != '4') {
    echo '<div class="error_message">Attention! The verification number you entered is incorrect.</div>';
    exit();  
}

if(get_magic_quotes_gpc()) {
    $comments = stripslashes($comments);
}


// Send to configuration option.
$address = "admin@test.co.uk";


// Subject configuration option.
$e_subject = 'Startup Brief - ' . $businessname . '.';


// Email body configuration option. 
$e_body = "Message" . PHP_EOL . PHP_EOL;
$e_content = 
"Message" . PHP_EOL . PHP_EOL . 
"Name \n" . $name . PHP_EOL . PHP_EOL .
"phone \n" . $phone . PHP_EOL . PHP_EOL .
"Email \n" . $email . PHP_EOL . PHP_EOL .
"Message \n" . $message . PHP_EOL . PHP_EOL .
$e_reply = "You can contact $name via email, $email or via phone $phone";


$msg = wordwrap( $e_body . $e_content . $e_reply, 70 );

$headers = "From: $email" . PHP_EOL;
$headers .= "Reply-To: $email" . PHP_EOL;
$headers .= "MIME-Version: 1.0" . PHP_EOL;
$headers .= "Content-type: text/plain; charset=utf-8" . PHP_EOL;
$headers .= "Content-Transfer-Encoding: quoted-printable" . PHP_EOL;

if(mail($address, $e_subject, $msg, $headers)) {
    echo "<fieldset>";           
    echo "<div id='success_page'>";
    echo "<h1>Email Sent Successfully.</h1>";
    echo "<p>Thank you <strong>$name</strong>, your message has been submitted to us.</p>";
    echo "</div>";
    echo "</fieldset>"; 
} else {      
    echo 'ERROR!';

}

// Autoresponce

/* Prepare autoresponder subject */
$respond_subject = "Thank you for contacting us!";

/* Prepare autoresponder message */
$respond_message = "Hello!";

/* Send the message using mail() function */
mail($email, $respond_subject, $respond_message);
?>

HTML Form Example:

<form method="post" action="/includes/php/forms/contact/validation/contact.php" name="contactform" id="contactform" class="contact-form">
  <h2 class="form-title">Initial Information</h2>
  <fieldset>
    <!-- full-name -->
    <label name="first" class="left">Your Full Name</label>
    <p class="right required">*</p>
    <input name="name" id="name" type="text" value="">
    <!-- /full-name --> 
  </fieldset>
  <input class="form-submit" id="submit" value="Submit" type="submit">
</form>

As I say, I've seen so many ways of doing this, I'm really confused as to which way would be bes suited for my existing code. Any suggestions of links to tutorials would be greatly appreciated.

Thanks.

php

5 Contributors
9 Replies
2K Views
19 Hours Discussion Span
Latest Post 11 Years Ago Latest Post by veedeoo

pritaeas 2,194 ¯\_(ツ)_/¯

11 Years Ago

Since there are so many scripts out there to help you, try to make a list first of the things you absolutely require. Another item is the flow. Do you want just client-side validation, or do you want to use AJAX (in some way), so you can reuse some of your PHP code?

pritaeas 2,194 ¯\_(ツ)_/¯

11 Years Ago

Yes, it is always better to add server-side checks for when Javascript is disabled (usually for malicious reasons).

pritaeas 2,194 ¯\_(ツ)_/¯

11 Years Ago

You are right. You can do client-side validation with Javascript, and server-side validation with PHP. They do not have to be aware of each other.

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

ello 0 Junior Poster in Training · Answer 1 · 2012-11-19T11:07:55+00:00

Cheers. Ideally I'd like it to check the details live, but then obviously have the php as a fallback if javascript is disabled. I'm guessing that'd be the best option?

ello 0 Junior Poster in Training · Answer 2 · 2012-11-19T11:27:51+00:00

So I'm right in thinking that the PHP and any Javascript / Ajax don't necessary have to be linked? I could have a simple live Javascript validation, then the php as a simple backup?

I was a little confused as to whether they had to be linked or not?

ello 0 Junior Poster in Training · Answer 3 · 2012-11-19T11:35:45+00:00

Fantastic, that makes it a hell of a lot clearer / easier.

Cheers Pritaeas, appreciate the advice.

diafol · Answer 4 · 2012-11-19T16:13:10+00:00

You can do both separately or you can use ajax-like validation. This could be useful when doing say a username check on sign-up. The php code used here should be able to be run via ajax (usually an 'echo data' to pass the reins back to js) or in response to a traditional form submission if js turned off, with possible redirects. You wouldn't need this type of 'real-time server-side validation' on all fields though, or you may hear the server creaking.

dean8710 -3 Junior Poster in Training · Answer 5 · 2012-11-20T04:30:05+00:00

use jvalidate plugin

http://www.jsvalidate.com/

veedeoo 474 Junior Poster Featured Poster · Answer 6 · 2012-11-20T06:12:26+00:00

on the php side, you can use the php built-in validate filters and sanitize filters..

$sanitized_email = filter_var($email, FILTER_SANITIZE_EMAIL);

     ## validate email by boolean response
     if (!filter_var($sanitized_email, FILTER_VALIDATE_EMAIL)){

       ## email is a valid one 

     }

if you want to explore these amazing filters, you can read more about them here.