0

I have a contact.php page working on my live website, but even when the visitor enters incomplete text into the name, email, or message fields, the form sees them as correct and shows a success message.

How can I specify things like name must be at least 6 letters, email must have the @ symbol and a proper .com, .org, etc. ending; and message must be at least 20 letters long.

PHP SCRIPT

<?php

if ($_POST['submit']) {

  if (!$_POST['firstname']) {
    $error="<br/>- Please enter your first name";
  }
  
  if (!$_POST['lastname']) {
    $error="<br/>- Please enter your last name";
  }

  if (!$_POST['email']) {
    $error.="<br/>- Please enter your email";
  }
  if (!$_POST['message']) {
    $error.="<br/>- Please enter a message";
  }
  if (!$_POST['check']) {
    $error.="<br/>- Please confirm you are human";
  }
  
  if ($error) {
    $result='<div class="alert alert-danger" role="alert">
    <strong>Whoops, there is an error</strong>. Please correct the following: '.$error.'</div>';
  } else {
    mail("myname@mywebsite.com", 
   "Contact message", 
    "Name: ".$_POST['name']."
    Email: ".$_POST['name']."
    Message: ".$_POST['message']);
    
    {
    $result='<div class="alert alert-success" role="alert">Thank you, I\'ll be in touch shortly. </div>';
    }
  }
}
?>

#HTML CODE#

  <form method="post" role="form">
            <div class="row">
            <div class="col-md-3"></div>
                  <div class="contact-icon">
                      <i class="fas fa-user"></i>
                  </div>

                  <div class="form-inline">
                    <div class="col-md-9 form-group">
                          <label for="name">your name</label>
                          <span class="fieldSpan">
                          <input type="text" 
                          name="name" 
                          id="input-field-name"
                          class="form-control" 
                          placeholder="your name" 
                          value="<?php echo $_POST['name']; ?>"> 
                    </div>
                </div>
            </div>

        <div class="row">
        <div class="col-md-3"></div>
              <div class="contact-icon">
                <i class="fas fa-envelope"></i>
              </div>

              <div class="form-inline">
              <div class="col-md-9 form-group">
                      <label for="email">your email address</label>
                      <span class="fieldSpan">
                      <input type="email" 
                      name="email" 
                      id="input-field-email"
                      class="form-control" 
                      placeholder="yourname@website.com" 
                      value="<?php echo $_POST['email']; ?>">
                  </div>
                </div>
         </div>

        <div class="row">
        <div class="col-md-3"></div>
              <div class="contact-icon">
                  <i class="fas fa-pencil-alt"></i>
              </div>
        
              <div class="form-inline">
                 <div class="col-md-9 form-group">
                        <label for="message">your message</label>
                        <span class="fieldSpan vertical-align:top">
                        <textarea name="message" 
                        rows="5" 
                        id="input-field-message"
                        class="form-control" 
                        placeholder="your message">
                        <?php echo $_POST['message']; ?></textarea>
                        <br>
                        <br>
                    </div>
                    </div>
              </div>
        </div>
 

              <div class="col-md-12">
                 <div class="checkbox">
                    <label>
                        <input type="checkbox" 
                        name="check"> 
                        Check this box if you're human.
                      </label>
                  </div>
              </div>
        </div>

      <div class="col-md-3"></div>
      <div class="row">
          <div class="col-md-9">
              <input type="submit" 
              name="submit" 
              class="btn btn-secondary" 
              value="send message"/>
            </div> 
        </div>

     </form>
      
     </div>
      </div>
    </div>
  </section>
  

 <!-- ----------- SCRIPTS------------ -->

    <script src="https://code.jquery.com/jquery-3.3.1.slim.min.js" integrity="sha384-q8i/X+965DzO0rT7abK41JStQIAqVgRVzpbzo5smXKp4YfRvH+8abtTE1Pi6jizo" crossorigin="anonymous"></script>

<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js" integrity="sha384-ZMP7rVo3mIykV+2+9J3UJ46jBk0WLaUAdn689aCwoqbBJiSnjAK/l8WvCWPIPm49" crossorigin="anonymous"></script>

<script src="https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js" integrity="sha384-ChfqqxuZUCnJSK3+MXmPNIyE6ZbWh2IMqE241rYiqJxyMiZ6OW/JmZQ5stwEULTy" crossorigin="anonymous"></script>
Community
  • 1
  • 1
Angie G
  • 15
  • 3
  • 1
    not every ones name is over 6 letters long –  Dec 17 '18 at 21:06
  • @tim - not even her own :-). As for the form - you need to search a bit about form validation ( and sanitation ). depending on your whole app framework you could find many ways of doing that including dedicated libraries or plugins, in JS, or php, ( or both ) . Ajaxed or not .. – Obmerk Kronen Dec 18 '18 at 01:08
  • I really prefer is people put their first and last names in (like normal people), thus my need for a certain letter length. Don't even get me started on separate first name and last name fields, I'll figure that out after everything else is working right. :) – Angie G Dec 18 '18 at 20:36

2 Answers2

0

https://www.w3schools.com/php/php_form_url_email.asp

Hey! This has the answer you are looking for. It is a concept called input validation, and each language has its own way of dealing with it.

Below is an excerpt from that link that validates a few desired fields.

<?php
// define variables and set to empty values
$nameErr = $emailErr = $genderErr = $websiteErr = "";
$name = $email = $gender = $comment = $website = "";

if ($_SERVER["REQUEST_METHOD"] == "POST") {
  if (empty($_POST["name"])) {
    $nameErr = "Name is required";
  } else {
    $name = test_input($_POST["name"]);
    // check if name only contains letters and whitespace
    if (!preg_match("/^[a-zA-Z ]*$/",$name)) {
      $nameErr = "Only letters and white space allowed"; 
    }
  }

  if (empty($_POST["email"])) {
    $emailErr = "Email is required";
  } else {
    $email = test_input($_POST["email"]);
    // check if e-mail address is well-formed
    if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
      $emailErr = "Invalid email format"; 
    }
  }

  if (empty($_POST["website"])) {
    $website = "";
  } else {
    $website = test_input($_POST["website"]);
    // check if URL address syntax is valid (this regular expression also allows dashes in the URL)
    if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&@#\/%?=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]/i",$website)) {
      $websiteErr = "Invalid URL"; 
    }
  }

  if (empty($_POST["comment"])) {
    $comment = "";
  } else {
    $comment = test_input($_POST["comment"]);
  }

  if (empty($_POST["gender"])) {
    $genderErr = "Gender is required";
  } else {
    $gender = test_input($_POST["gender"]);
  }
}
?>

You can take control of what type of validation you require through things like checking to see that the length of the name field is greater than or equal to 6 in an if statement, after ensuring that the field is not empty.

dillon.harless
  • 427
  • 4
  • 16
0

You can do that directly using html features.

The minimum lenght feature was answered in this post: minlength If you use de email input element in html the browser will validate automatically.

gogoz
  • 23
  • 9
  • I checked the comments and found what you mean, THANK YOU! (I actually did look for the same problem here before I posted the question, sorry.) – Angie G Dec 18 '18 at 00:17