Page 1 of 1

HELP NEEDED - Form validation? Required fields code

Posted: Thu Jul 28, 2005 9:20 am
by DoA
hi guys, ok i've set up a simple (well it took me ages, but its probably simple to you lot) password protected page - http://www.virusuk.net/password

don't worry - its nothing to do with viruses etc. - its a lighting site

the form passes the user-inputted variables to a php script that validates the user id and password and also sends all inputs via e-mail to an e-mail address of choice

as you can see from the page, i've put a notice saying that all fields are required - they aren't - i want a (i'm sure small and simple) peice of php to give a warning message if all fields aren't inputted by the user

anyone help?

the variables are as follows :-

Company Name : $companyName
Name : $real
Username : $username
Password : $password

HELP!!!!

DoA

Posted: Thu Jul 28, 2005 2:10 pm
by titaniumdoughnut
Before proceeding to the verified state you want to do something like this:

Code: Select all

// remove spaces from start and end of strings
$companyName = trim($companyName);
$real = trim($real);
$username = trim($username);
$password = trim($password);

// check length of strings
if(strlen($companyName) <= 3){
$error_companyName = 1;
}

if(strlen($real) <=3){
$error_real = 1;
}

// if username not correct set $error_user = 1
// if password not correct set $error_pass = 1
Then, you can make a script that prints a nice list of which fields are not properly filled out. It can give a tally for how many are incorrect by adding the four error variables together, and it can check each individual one like this:

Code: Select all

if(isset($error_real)){
print("Error: Real name not entered.");
}

Posted: Thu Jul 28, 2005 2:51 pm
by Todd_Z

Code: Select all

$errors = array();

if ( strlen(trim($companyName)) < 3 )
  $errors[] = "Invalid Company Name";

if ( strlen(trim($real)) < 3 )
  $errors[] = "Invalid Real Name";

// etc.....

if ( count($errors) == 0 )
  echo "Valid";
else
  foreach ( $errors as $e )
    echo "<br><span style=\"color: red;\">Error: $e</span>";

Posted: Fri Jul 29, 2005 4:08 am
by DoA
sorry to be a complete noob, but would this go at the start of my validate.php file?

here are all 3 files (index.php - login page, 1.php - successful login page, validate.php - validation &amp; password content page) so you can see entirely whats happening

thanks for the quick replies!!!

Index.php

Code: Select all

<html>
<head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"
keywords="Virus, Virus UK, virus uk light and sound, virus uk light & sound, light and sound, light & sound, login area, login page">
<style type="text/css">

    BODY {scrollbar-3dlight-color:#dedf9f;

           scrollbar-arrow-color:#8eb6d2;

           scrollbar-base-color:#FFFFOO;

           scrollbar-track-color:#FFFFOO;

           scrollbar-darkshadow-color:#cccccc;

           scrollbar-face-color:#99CCFF;

           scrollbar-highlight-color:#eeeeee;

           scrollbar-shadow-color:#008000;

  </style>
    <title>VIRUS UK Login Page</title>
</head>
<body bgcolor="black" text="#cccccc">
<table width="100%" align="center">
<tr><td><center><img src="http://www.virusuk.net/images/virus_uk_banner.gif"></center></td></tr>
<tr><td>&nbsp;</td></tr>
<tr><td><center>VIRUS UK&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Unit 19&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Tundry Way&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Gateshead&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;NE21 5SJ&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Tel / Fax : 0191 414 1199</center></td></tr>
<tr><td>&nbsp;</td></tr>
<tr><td><hr width="60%"></td><tr>
<tr>
    <th valign=top><br><font size="4">Virus UK Private area</font></th>
</tr>
<tr>
    <td>
<p><br><center>This is a private area.</p>
<p>Please log in below to gain access to this area<br><br><font color="red" size="2">Please Note :- All fields MUST be completed, otherwise errors may occur.</font></p>

<?php

//if no cookie is set then display the form
if(!isset($_COOKIE["this_cookie"])){
echo '<div align="center"><br><br><form action="validate.php" method="post">Company Name : <input type=text name="companyName"><br><Br> Name : &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <input type=text name="real"><br><br>';
echo 'Username :&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type="text" name="username"><br><br>';
echo 'Password : &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type="password" name="password"><br><br>';
echo '<input type="submit" value="Login"></form></div>'; 
}else{ 
echo "You are already logged in.<br><br><a href=\"1.php\">Continue</a>"; 
}
?>
    </td></tr>
</table>
<center><BR><BR><hr width="60%">
<BR><BR>This page is managed and maintained by Virus Uk Light & Sound In-House Webmaster - Any questions or comments please feel free to e-mail the webmaster <A href="mailto:webmaster@virusuk.net">webmaster@virusuk.net</a></center>
</body>
</html>

1.php

Code: Select all

<? 
        include("validate.php"); 
?> 
<html> 
<head><SCRIPT LANGUAGE="JavaScript">

<!-- Begin
function go(loc) {
window.location.href = loc;
}
//  End -->
</script> 
    <title>Protected page</title> 
</head> 
<body bgcolor="black" text="#cccccc" alink="yellow" vlink="yellow"> 
<table width="400" align="center"> 
<tr> 
    <th valign=top>Virus UK Private Area</th> 
</tr> 
<tr><td><div align="right">&nbsp;&nbsp;&nbsp;&nbsp&nbsp;&nbsp;[<a href="logout.php">Log Out</a>]</td></tr>
<tr><td align="center"><img src="http://www.virusuk.net/images/virus_uk_banner.gif"></td></tr>
<tr><td><br><center>VIRUS UK&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Unit 19&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Tundry Way&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Blaydon&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;NE21 5SJ&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Tel / Fax : 0191 414 1199</center></td></tr>
<tr><td>&nbsp;</td></tr>
<tr><td><hr width="60%"></td><tr>
<tr><td>&nbsp;</td></tr>
<tr><td><center><marquee scrollamout="2" scrolldelay="100" width="75%" bgcolor="black"><font color="yellow">WE ADD NEW ITEMS EVERY WEEK</font></marquee></td></tr>
<tr><td>&nbsp;</td></tr>
<tr><td><b><center><font size="4">Welcome to VIRUS UK</font><br><Br>This page is password protected and intended for our commercial customers only. If you are a retail customer, we invite you to visit - <a href="http://www.lumoslighting.co.uk">Lumos Lighting</a>. This site provides VIRUS UK customers with product net prices and stock availability on request.<br><br>All orders via Fax :: 0191 414 1199.<br><br>Customers who require decorative products, please visit our sister site <a href="http://www.lumoslighting.co.uk">Lumos Lighting</a><br><br><font color="yellow">Please note :- All prices shown include fitting and control gear unless stated.</font><br><br>If you have any other queries, please do not hesitate to contact us.<br><br>Please use the list below to select the product type you require.<br><br><br></center><form name="form">

<table border="1" cellspacing="4" cellpadding="3" align="center">

<tr><td><input type="radio" name="loc" onClick="go('hqi_cdm_rec.php');"> <a href="hqi_cdm_rec.php"><font color="yellow">HQI & CDM Recessed Fittings</font></a></td>

<td><input type="radio" name="loc" onClick="go('hqi_cdm_sur.php');"><a href="hqi_cdm_sur.php"><font color="yellow">HQI Track / Surface Fittings</font></a></td>

<td><input type="radio" name="loc" onClick="go('comp_flour_rec.php');"><a href="comp_flour_rec.php"><font color="yellow">Compact Flourescent Recessed Fittings</font></a></td></tr>

<tr><td><input type="radio" name="loc" onClick="go('comp_flour_sur.php');"><a href="comp_flour_sur.php"><font color="yellow">Compact Flourescent Surface Fittings</font></a></td>

<td><input type="radio" name="loc" onClick="go('low_voltage_rec.php');"><a href="low_voltage_rec.php"><font color="yellow">Low Voltage Recessed Fittings</font></a></td>

<td><input type="radio" name="loc" onClick="go('low_voltage_sur_track.php');"><a href="low_voltage_sur_track.php"><font color="yellow">Low Voltage Surface & Track Fittings</font></a></td></tr>

<tr><td><input type="radio" name="loc" onClick="go('mains_rec.php');"><a href="mains_rec.php"><font color="yellow">Mains Recessed Fittings</font></a></td>

<td><input type="radio" name="loc" onClick="go('mains_sur_track.php');"><a href="mains_sur_track.php"><font color="yellow">Mains Surface & Track Fittings</font></a></td>

<td><input type="radio" name="loc" onClick="go('out_comm.php');"><a href="out_comm.php"><font color="yellow">Outdoor Commercial Fittings</font></a></td></tr>

<tr><td><input type="radio" name="loc" onClick="go('track.php');"><a href="track.php"><font color="yellow">Track</font></a></td>

<td><input type="radio" name="loc" onClick="go('lamps.php');"><a href="lamps.php"><font color="yellow">Lamps</font></a></td>

<td><input type="radio" name="loc" onClick="go('kitchen.php');"><a href="kitchen.php"><font color="yellow">Kitchen Lighting</font></a></font></td></tr>

<tr><td><input type="radio" name="loc" onClick="go('bathroom.php');"><a href="bathroom.php"><font color="yellow">Bathroom Lighting</font></a></td>

<td><input type="radio" name="loc" onClick="go('110v.php');"><a href="110v.php"><font color="yellow">110V</font></a></td>

<td><input type="radio" name="loc" onClick="go('misc.php');"><a href="misc.php"><font color="yellow">Miscellaneous + Special Offers</font></a></font></td></tr>

</table>
</form>
</table>
<center><BR><BR><hr width="60%">
<BR><BR>This page is managed and maintained by Virus Uk Light & Sound In-House Webmaster - Any questions or comments please feel free to e-mail the webmaster <A href="mailto:webmaster@virusuk.net">webmaster@virusuk.net</a></center> 
</body> 
</html>

validate.php

Code: Select all

<?
header("Pragma: ");
header("Cache-Control: ");
header("Expires: Mon, 26 Jul 1980 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
//set global variables
global $username,$password,$companyName,$real;

// EDIT HERE TO SUIT YOUR NEEDS
//set usernames and passwords
//only letters and numbers (no spaces) Known as can contain spaces
$uname[1] = "**removed for privacy reasons***";
$upass[1] = "***removed for privacy reasons***";
$known_as[1] = "Master Demo User";
//additional users can be added
//$uname[2] = "demo2";
//$upass[2] = "demo2";
//$known_as[2] = "demo2";


//sendmail functions
$body = "Someone submitted the following information from our online form.
Company Name: $companyName
Name: $real
Username: $username
Password: $password
";
mail("sales@virusuk.net", "VIRUS UK Login Details", $body);

//the login page
$login_page = "index.php";
//where to go after login
$success_page = "1.php";
//the path to validate.php
$validate_path = "path to validate.php";
//login failed error message
$login_err = '<div align="center">Your User Name or Password was incorrect</b></div>';
//no fields filled in
$empty_err = '<div align="center"><b>You need to login with your User Name and Password</b></div>';
//something entered that wasn't a letter or number error message
$chr_err = '<div align="center"><b>Please retry</b></div>';
// DO NOT EDIT BELOW HERE

//if the form is empty and the cookie isn't set
//then display error message the return to login
   if($username == "" && $password == "" && !isset($_COOKIE["this_cookie"])){
     print($empty_err);
     include($login_page);
     exit();
   }

//if the form is not empty and the cookie isn't set
//then make sure that only letters and numbers are entered
//if there are then display error message the return to login
   if($username != "" || $password != "" && !isset($_COOKIE["this_cookie"])){
     if (preg_match ("/[^a-zA-Z0-9]/", $username.$password)){
       print($chr_err);
       include($login_page);
       exit();
     }
   }

//if the cookie isn't set
if (!isset($_COOKIE["this_cookie"]) ){
$user_count = count($uname);
$user_exists = false;

// check through all the users to see if they exist
for ($i = 1; $i <= $user_count; $i++) {
   if ($uname[$i] == $username && $upass[$i] == $password){
   $user_id=$i;
   //$welcome_name = $known_as[$i];
   $user_exists = true;
   }
}

if(!$user_exists){
     print ($login_err);
     include($login_page);
     exit();
}

//if the login is correct then set the cookie
$cookie_val=crypt($uname[$user_id]);
//set the cookie so it dies when the browser is closed
setcookie ("name", $known_as[$user_id], 0);
setcookie ("this_cookie", $cookie_val, 0);
header("Location: $success_page");
exit();
}

//if a user tries to access validate.php directly and they are logged in
if($REQUEST_URI == $validate_path){
echo "<html>\n<head>\n";
echo "<title>Yor are logged in</title>\n";
echo "</head>\n";
echo "<body bgcolor=\"white\">\n";
echo "You are logged in. <a href=\"".$success_page."\">Continue</a>\n";
echo "</body>\n";
echo "</html>\n";
}
?>

This may not be a very secure way .. an better ways or different ways of achieving what i need?

thanks a load

adam

Posted: Sat Jul 30, 2005 9:32 am
by DoA
^bump^

help solving this problem is still needed

i really apprechiate all the work you guys do - and for free!!

I'm sure i speak on behalf of everyone here - Thanks!!!

Posted: Fri Aug 05, 2005 7:40 am
by DoA
^bump^

still stumped

Posted: Fri Aug 05, 2005 8:01 am
by Devnull
This is the code I wrote for one of my forms, but in my case, all the fields were required, you may want to use it.

Code: Select all

function filled_out($form_vars) {

  foreach ($form_vars as $key => $value)
  {
     if (!isset($key) || ($value == '')) 
        return false;
  } 
  return true;
}