E-mail form validation

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
vietboy505
Forum Commoner
Posts: 53
Joined: Wed Feb 22, 2006 9:30 am

E-mail form validation

Post by vietboy505 »

I need help on the e-mail form, can any one help me?

I want the form to check if everything is inputs correct such as an valid e-mail.

If the user choose General, it will send to general email. general@email.com. If the user choose Customer, it will send to Customer e-mail. customer@email.com. Is this have something to do with switch case?

From: Name [General or Customer]
The subject is either : General/Customer question from Name [date()]
The body is Comments, plus a timestamp.

Code: Select all

<form name="email_form" action="<?php echo $PHP_SELF; ?>" method="post">
<input type="hidden" name="require" value="Name,Email,Purpose,Comments">
<table>
<tr>
	<td align="right">Name:</td>
	<td><input name="Name" size="25"></td>
</tr>

<tr>
	<td align="right">E-mail:</td>
	<td><input name="Email" size="25"></td>
</tr>

<tr>
	<td align="right">Purpose:</td>
	<td><select name="Purpose">
	<option value="General">General
	<option value="Customer">Customer
	</select>
	</td>
</tr>

<tr>
	<td align="right">Comments:</td>
	<td><textarea name="Comments" rows="10" cols="40"></textarea>
	</td>
</tr>

<tr>
	<td colspan="2" align="center"><input type="submit" value="Submit" name="email_form">
	<input type="reset" value="Reset" name="reset"></td>
</tr>

</table>
</form>
Thanks alot.
User avatar
neophyte
DevNet Resident
Posts: 1537
Joined: Tue Jan 20, 2004 4:58 pm
Location: Minnesota

Post by neophyte »

Where's your code?
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

To say the least, we've had several discussions on input validation recently with regard to creating emails. Dig them out first.
vietboy505
Forum Commoner
Posts: 53
Joined: Wed Feb 22, 2006 9:30 am

Post by vietboy505 »

i did some digging..
and this what I can do so far..

Code: Select all

<?php

function determineEmail($Purpose)
{
        if($Purpose == "General") {
                $mailTo="Name1 <name1@mail.com>, Name2 <name2@mail.com>";

        } elseif($Purpose == "Customer") {
                $mailTo="Name2 <name2@mail.com>, Name3 <name3@mail.com>";
        } else {
        //proably won't be in here
                $mailTo="name5@mail.com";
        }
}

if(!empty($message)){ // only send if the form has been filled out.
  $mailHeaders="From : $Name [$Email]";
  $mailSubject="$Purpose from $Name";
  $mailBody="Sent by $Name ($Email) on " . date('M j,Y h:i:s') . " \n\n";
  $mailBody.="Message : \n\n $message";
mail($mailTo, $mailSubject, $mailBody, $mailHeaders);
  echo "<b>Your email has been sent!</b><br>";
}


echo('<form name="email_form" method="post">
<input type="hidden" name="require" value="Name,Email,Purpose,Comments">
<table>
<tr>
    <td align="right">Name:</td>
    <td><input name="Name" size="25"></td>
</tr>

<tr>
    <td align="right">E-mail:</td>
    <td><input name="Email" size="25"></td>
</tr>

<tr>
    <td align="right">Purpose:</td>
    <td><select name="Purpose">
    <option value="General">General
<option value="Customer">Customer
    </select>
    </td>
</tr>

<tr>
    <td align="right">Comments:</td>
    <td><textarea name="Comments" rows="10" cols="40"></textarea>
    </td>
</tr>

<tr>
    <td colspan="2" align="center"><input type="submit" value="Submit" name="ema
il_form">
    <input type="reset" value="Reset" name="reset"></td>
</tr>

</table>
</form>');
?>
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Post by John Cartwright »

it is still possible for people to inject headers into your code, since you are never validating the $_POST variables..
vietboy505
Forum Commoner
Posts: 53
Joined: Wed Feb 22, 2006 9:30 am

Post by vietboy505 »

please show me the solution thx :)
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Post by John Cartwright »

a simple search of "validating email" brought up the first result of

viewtopic.php?t=44709&highlight=validating+email

:roll:

Please be more thorough with your searches in the future ;)
vietboy505
Forum Commoner
Posts: 53
Joined: Wed Feb 22, 2006 9:30 am

Post by vietboy505 »

I get the "Invalid Email" right away.

Code: Select all

<?php

function determineEmail($Purpose)
{
	if($Purpose == "General") {
		$mailTo="Name1 <name1@mail.com>, Name2 <name2@mail.com>";

	} elseif($Purpose == "Customer") {
		$mailTo="Name2 <name2@mail.com>, Name3 <name3@mail.com>";
	} else {
	//proably won't be in here
		$mailTo="name5@mail.com";
	}
}

if(!preg_match("/^([0-9a-zA-Z]([-.w]*[0-9a-zA-Z])*@([0-9a-zA-Z][-w]
*[0-9a-zA-Z].)+[a-zA-Z]{2,9})$/",$_POST["Email"])) {
//email address is invalid
die("Invalid Email");
} 

if(!empty($message)){ // only send if the form has been filled out. 
  $mailHeaders="From : $Name [$Email]";  
  $mailSubject="$Purpose from $Name";  
  $mailBody="Sent by $Name ($Email) on " . date('M j,Y h:i:s') . " \n\n";  
  $mailBody.="Message : \n\n $message";  

  mail($mailTo, $mailSubject, $mailBody, $mailHeaders); 
  echo "<b>Your email has been sent!</b><br>";  
}


echo('<form name="email_form" method="post">
<input type="hidden" name="require" value="Name,Email,Purpose,Comments">
<table>
<tr>
    <td align="right">Name:</td>
    <td><input name="Name" size="25"></td>
</tr>

<tr>
    <td align="right">E-mail:</td>
    <td><input name="Email" size="25"></td>
</tr>

<tr>
    <td align="right">Purpose:</td>
    <td><select name="Purpose">
    <option value="General">General
    <option value="Customer">Customer
    </select>
    </td>
</tr>

<tr>
    <td align="right">Comments:</td>
    <td><textarea name="Comments" rows="10" cols="40"></textarea>
    </td>
</tr>

<tr>
    <td colspan="2" align="center"><input type="submit" value="Submit" name="email_form">
    <input type="reset" value="Reset" name="reset"></td>
</tr>

</table>
</form>');
?>
User avatar
Benjamin
Site Administrator
Posts: 6935
Joined: Sun May 19, 2002 10:24 pm

Post by Benjamin »

This will validate Emails.

Code: Select all

function check_email_address($email) {
  // First, we check that there's one @ symbol, and that the lengths are right
  if (!ereg("^[^@]{1,64}@[^@]{1,255}$", $email)) {
    // Email invalid because wrong number of characters in one section, or wrong number of @ symbols.
    return false;
  }
  // Split it into sections to make life easier
  $email_array = explode("@", $email);
  $local_array = explode(".", $email_array[0]);
  for ($i = 0; $i < sizeof($local_array); $i++) {
     if (!ereg("^(([A-Za-z0-9!#$%&'*+/=?^_`{|}~-][A-Za-z0-9!#$%&'*+/=?^_`{|}~\.-]{0,63})|(\"[^(\\|\")]{0,62}\"))$", $local_array[$i])) {
      return false;
    }
  }  
  if (!ereg("^\[?[0-9\.]+\]?$", $email_array[1])) { // Check if domain is IP. If not, it should be valid domain name
    $domain_array = explode(".", $email_array[1]);
    if (sizeof($domain_array) < 2) {
        return false; // Not enough parts to domain
    }
    for ($i = 0; $i < sizeof($domain_array); $i++) {
      if (!ereg("^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|([A-Za-z0-9]+))$", $domain_array[$i])) {
        return false;
      }
    }
  }
  return true;
}

if (check_email_address($email)) {
  echo $email . ' is a valid email address.';
} else {
  echo $email . ' is not a valid email address.';
}
Roja
Tutorials Group
Posts: 2692
Joined: Sun Jan 04, 2004 10:30 pm

Post by Roja »

agtlewis wrote:This will validate Emails.
Not to nitpick, but there are valid emails (according to the RFC) that will not accept as valid.

Thats why I generally link to the ValidateEmail function.

Longer, but its more accurate. (Its taken from the definitive regex for email validation.. see the source code for more info).

However, I suspect thats not the only problem here..
Post Reply