hi guys, ok i've set up a simple (well it took me ages, but its probably simple to you lot) password protected page - http://www.virusuk.net/password
don't worry - its nothing to do with viruses etc. - its a lighting site
the form passes the user-inputted variables to a php script that validates the user id and password and also sends all inputs via e-mail to an e-mail address of choice
as you can see from the page, i've put a notice saying that all fields are required - they aren't - i want a (i'm sure small and simple) peice of php to give a warning message if all fields aren't inputted by the user
anyone help?
the variables are as follows :-
Company Name : $companyName
Name : $real
Username : $username
Password : $password
HELP!!!!
DoA
HELP NEEDED - Form validation? Required fields code
Moderator: General Moderators
- titaniumdoughnut
- Forum Commoner
- Posts: 33
- Joined: Wed Jul 13, 2005 2:02 pm
- Location: Manhattan
Before proceeding to the verified state you want to do something like this:
Then, you can make a script that prints a nice list of which fields are not properly filled out. It can give a tally for how many are incorrect by adding the four error variables together, and it can check each individual one like this:
Code: Select all
// remove spaces from start and end of strings
$companyName = trim($companyName);
$real = trim($real);
$username = trim($username);
$password = trim($password);
// check length of strings
if(strlen($companyName) <= 3){
$error_companyName = 1;
}
if(strlen($real) <=3){
$error_real = 1;
}
// if username not correct set $error_user = 1
// if password not correct set $error_pass = 1Code: Select all
if(isset($error_real)){
print("Error: Real name not entered.");
}Code: Select all
$errors = array();
if ( strlen(trim($companyName)) < 3 )
$errors[] = "Invalid Company Name";
if ( strlen(trim($real)) < 3 )
$errors[] = "Invalid Real Name";
// etc.....
if ( count($errors) == 0 )
echo "Valid";
else
foreach ( $errors as $e )
echo "<br><span style=\"color: red;\">Error: $e</span>";sorry to be a complete noob, but would this go at the start of my validate.php file?
here are all 3 files (index.php - login page, 1.php - successful login page, validate.php - validation & password content page) so you can see entirely whats happening
thanks for the quick replies!!!
Index.php
1.php
validate.php
This may not be a very secure way .. an better ways or different ways of achieving what i need?
thanks a load
adam
here are all 3 files (index.php - login page, 1.php - successful login page, validate.php - validation & password content page) so you can see entirely whats happening
thanks for the quick replies!!!
Index.php
Code: Select all
<html>
<head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"
keywords="Virus, Virus UK, virus uk light and sound, virus uk light & sound, light and sound, light & sound, login area, login page">
<style type="text/css">
BODY {scrollbar-3dlight-color:#dedf9f;
scrollbar-arrow-color:#8eb6d2;
scrollbar-base-color:#FFFFOO;
scrollbar-track-color:#FFFFOO;
scrollbar-darkshadow-color:#cccccc;
scrollbar-face-color:#99CCFF;
scrollbar-highlight-color:#eeeeee;
scrollbar-shadow-color:#008000;
</style>
<title>VIRUS UK Login Page</title>
</head>
<body bgcolor="black" text="#cccccc">
<table width="100%" align="center">
<tr><td><center><img src="http://www.virusuk.net/images/virus_uk_banner.gif"></center></td></tr>
<tr><td> </td></tr>
<tr><td><center>VIRUS UK Unit 19 Tundry Way Gateshead NE21 5SJ Tel / Fax : 0191 414 1199</center></td></tr>
<tr><td> </td></tr>
<tr><td><hr width="60%"></td><tr>
<tr>
<th valign=top><br><font size="4">Virus UK Private area</font></th>
</tr>
<tr>
<td>
<p><br><center>This is a private area.</p>
<p>Please log in below to gain access to this area<br><br><font color="red" size="2">Please Note :- All fields MUST be completed, otherwise errors may occur.</font></p>
<?php
//if no cookie is set then display the form
if(!isset($_COOKIE["this_cookie"])){
echo '<div align="center"><br><br><form action="validate.php" method="post">Company Name : <input type=text name="companyName"><br><Br> Name : <input type=text name="real"><br><br>';
echo 'Username : <input type="text" name="username"><br><br>';
echo 'Password : <input type="password" name="password"><br><br>';
echo '<input type="submit" value="Login"></form></div>';
}else{
echo "You are already logged in.<br><br><a href=\"1.php\">Continue</a>";
}
?>
</td></tr>
</table>
<center><BR><BR><hr width="60%">
<BR><BR>This page is managed and maintained by Virus Uk Light & Sound In-House Webmaster - Any questions or comments please feel free to e-mail the webmaster <A href="mailto:webmaster@virusuk.net">webmaster@virusuk.net</a></center>
</body>
</html>1.php
Code: Select all
<?
include("validate.php");
?>
<html>
<head><SCRIPT LANGUAGE="JavaScript">
<!-- Begin
function go(loc) {
window.location.href = loc;
}
// End -->
</script>
<title>Protected page</title>
</head>
<body bgcolor="black" text="#cccccc" alink="yellow" vlink="yellow">
<table width="400" align="center">
<tr>
<th valign=top>Virus UK Private Area</th>
</tr>
<tr><td><div align="right">   [<a href="logout.php">Log Out</a>]</td></tr>
<tr><td align="center"><img src="http://www.virusuk.net/images/virus_uk_banner.gif"></td></tr>
<tr><td><br><center>VIRUS UK Unit 19 Tundry Way Blaydon NE21 5SJ Tel / Fax : 0191 414 1199</center></td></tr>
<tr><td> </td></tr>
<tr><td><hr width="60%"></td><tr>
<tr><td> </td></tr>
<tr><td><center><marquee scrollamout="2" scrolldelay="100" width="75%" bgcolor="black"><font color="yellow">WE ADD NEW ITEMS EVERY WEEK</font></marquee></td></tr>
<tr><td> </td></tr>
<tr><td><b><center><font size="4">Welcome to VIRUS UK</font><br><Br>This page is password protected and intended for our commercial customers only. If you are a retail customer, we invite you to visit - <a href="http://www.lumoslighting.co.uk">Lumos Lighting</a>. This site provides VIRUS UK customers with product net prices and stock availability on request.<br><br>All orders via Fax :: 0191 414 1199.<br><br>Customers who require decorative products, please visit our sister site <a href="http://www.lumoslighting.co.uk">Lumos Lighting</a><br><br><font color="yellow">Please note :- All prices shown include fitting and control gear unless stated.</font><br><br>If you have any other queries, please do not hesitate to contact us.<br><br>Please use the list below to select the product type you require.<br><br><br></center><form name="form">
<table border="1" cellspacing="4" cellpadding="3" align="center">
<tr><td><input type="radio" name="loc" onClick="go('hqi_cdm_rec.php');"> <a href="hqi_cdm_rec.php"><font color="yellow">HQI & CDM Recessed Fittings</font></a></td>
<td><input type="radio" name="loc" onClick="go('hqi_cdm_sur.php');"><a href="hqi_cdm_sur.php"><font color="yellow">HQI Track / Surface Fittings</font></a></td>
<td><input type="radio" name="loc" onClick="go('comp_flour_rec.php');"><a href="comp_flour_rec.php"><font color="yellow">Compact Flourescent Recessed Fittings</font></a></td></tr>
<tr><td><input type="radio" name="loc" onClick="go('comp_flour_sur.php');"><a href="comp_flour_sur.php"><font color="yellow">Compact Flourescent Surface Fittings</font></a></td>
<td><input type="radio" name="loc" onClick="go('low_voltage_rec.php');"><a href="low_voltage_rec.php"><font color="yellow">Low Voltage Recessed Fittings</font></a></td>
<td><input type="radio" name="loc" onClick="go('low_voltage_sur_track.php');"><a href="low_voltage_sur_track.php"><font color="yellow">Low Voltage Surface & Track Fittings</font></a></td></tr>
<tr><td><input type="radio" name="loc" onClick="go('mains_rec.php');"><a href="mains_rec.php"><font color="yellow">Mains Recessed Fittings</font></a></td>
<td><input type="radio" name="loc" onClick="go('mains_sur_track.php');"><a href="mains_sur_track.php"><font color="yellow">Mains Surface & Track Fittings</font></a></td>
<td><input type="radio" name="loc" onClick="go('out_comm.php');"><a href="out_comm.php"><font color="yellow">Outdoor Commercial Fittings</font></a></td></tr>
<tr><td><input type="radio" name="loc" onClick="go('track.php');"><a href="track.php"><font color="yellow">Track</font></a></td>
<td><input type="radio" name="loc" onClick="go('lamps.php');"><a href="lamps.php"><font color="yellow">Lamps</font></a></td>
<td><input type="radio" name="loc" onClick="go('kitchen.php');"><a href="kitchen.php"><font color="yellow">Kitchen Lighting</font></a></font></td></tr>
<tr><td><input type="radio" name="loc" onClick="go('bathroom.php');"><a href="bathroom.php"><font color="yellow">Bathroom Lighting</font></a></td>
<td><input type="radio" name="loc" onClick="go('110v.php');"><a href="110v.php"><font color="yellow">110V</font></a></td>
<td><input type="radio" name="loc" onClick="go('misc.php');"><a href="misc.php"><font color="yellow">Miscellaneous + Special Offers</font></a></font></td></tr>
</table>
</form>
</table>
<center><BR><BR><hr width="60%">
<BR><BR>This page is managed and maintained by Virus Uk Light & Sound In-House Webmaster - Any questions or comments please feel free to e-mail the webmaster <A href="mailto:webmaster@virusuk.net">webmaster@virusuk.net</a></center>
</body>
</html>validate.php
Code: Select all
<?
header("Pragma: ");
header("Cache-Control: ");
header("Expires: Mon, 26 Jul 1980 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
//set global variables
global $username,$password,$companyName,$real;
// EDIT HERE TO SUIT YOUR NEEDS
//set usernames and passwords
//only letters and numbers (no spaces) Known as can contain spaces
$uname[1] = "**removed for privacy reasons***";
$upass[1] = "***removed for privacy reasons***";
$known_as[1] = "Master Demo User";
//additional users can be added
//$uname[2] = "demo2";
//$upass[2] = "demo2";
//$known_as[2] = "demo2";
//sendmail functions
$body = "Someone submitted the following information from our online form.
Company Name: $companyName
Name: $real
Username: $username
Password: $password
";
mail("sales@virusuk.net", "VIRUS UK Login Details", $body);
//the login page
$login_page = "index.php";
//where to go after login
$success_page = "1.php";
//the path to validate.php
$validate_path = "path to validate.php";
//login failed error message
$login_err = '<div align="center">Your User Name or Password was incorrect</b></div>';
//no fields filled in
$empty_err = '<div align="center"><b>You need to login with your User Name and Password</b></div>';
//something entered that wasn't a letter or number error message
$chr_err = '<div align="center"><b>Please retry</b></div>';
// DO NOT EDIT BELOW HERE
//if the form is empty and the cookie isn't set
//then display error message the return to login
if($username == "" && $password == "" && !isset($_COOKIE["this_cookie"])){
print($empty_err);
include($login_page);
exit();
}
//if the form is not empty and the cookie isn't set
//then make sure that only letters and numbers are entered
//if there are then display error message the return to login
if($username != "" || $password != "" && !isset($_COOKIE["this_cookie"])){
if (preg_match ("/[^a-zA-Z0-9]/", $username.$password)){
print($chr_err);
include($login_page);
exit();
}
}
//if the cookie isn't set
if (!isset($_COOKIE["this_cookie"]) ){
$user_count = count($uname);
$user_exists = false;
// check through all the users to see if they exist
for ($i = 1; $i <= $user_count; $i++) {
if ($uname[$i] == $username && $upass[$i] == $password){
$user_id=$i;
//$welcome_name = $known_as[$i];
$user_exists = true;
}
}
if(!$user_exists){
print ($login_err);
include($login_page);
exit();
}
//if the login is correct then set the cookie
$cookie_val=crypt($uname[$user_id]);
//set the cookie so it dies when the browser is closed
setcookie ("name", $known_as[$user_id], 0);
setcookie ("this_cookie", $cookie_val, 0);
header("Location: $success_page");
exit();
}
//if a user tries to access validate.php directly and they are logged in
if($REQUEST_URI == $validate_path){
echo "<html>\n<head>\n";
echo "<title>Yor are logged in</title>\n";
echo "</head>\n";
echo "<body bgcolor=\"white\">\n";
echo "You are logged in. <a href=\"".$success_page."\">Continue</a>\n";
echo "</body>\n";
echo "</html>\n";
}
?>This may not be a very secure way .. an better ways or different ways of achieving what i need?
thanks a load
adam
This is the code I wrote for one of my forms, but in my case, all the fields were required, you may want to use it.
Code: Select all
function filled_out($form_vars) {
foreach ($form_vars as $key => $value)
{
if (!isset($key) || ($value == ''))
return false;
}
return true;
}