how to create missing fields message for a form

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
twistbrain
Forum Newbie
Posts: 5
Joined: Thu Jan 30, 2003 10:11 am

how to create missing fields message for a form

Post by twistbrain »

hi i have the following script:

<?php
if ($REQUEST_METHOD == "POST") {

$realname = strip_tags($realname);
$email = strip_tags($email);
$feedback = strip_tags($feedback);

$sendto = "jeroen_pfeil@hotmail.com";
$subject = "GroundX.nl Medewerkers Contact";
$message = "$realname, $email\n\n$feedback";

mail($sendto, $subject, $message);

}

?>

<html>
<head>
<title>contact</title>
<meta name="author" value="Jeroen Pfeil">
<meta name="contact">
</head>
<body bgcolor="#cccccc">
<div align="left">
<h2>Helpen op groundX.nl</h2>
<p><font size="2" face="Arial,Arial Narrow,Geneva,Swiss,SunSans-Regular">Wij zoeken naar medewerkers. Kun je overweg met phpp, html of grafische programma's en zou je best wel willen meehelpen aan deze site! stuur dan nu een berichtje!</font></p>
<font size="2" face="Courier New,Courier,Monaco">ps. voor re-previewers is het een pr&eacute; om over goede nederlandse taalbeheersing te beschikken.</font></div>
<p>
<hr size=1 noshade></p>

<?
// if submitted form display sent message
if ($REQUEST_METHOD=="POST") {
echo("<P><b>je hebt dit verzonden:</b></p>\n");
echo("<blockquote><pre>\n");
echo("$message");
echo("</pre></blockquote>");
echo("<p><b>HEEL GRAPPIG...kappen nou!</b></p>\n");
}
// if not display form
else {
?>
<!-- *** START HTML FORM -->
<form action="<? echo("$script_name"); ?>" METHOD="POST">
<table cellpadding=4 cellspacing=0 border=0>
<tr><td><b>Naam: </b></td><td><input type="text" name="realname" size=25></td></tr>
<tr><td><b>Email:</b></td><td><input type="text" name="email" size=25></td></tr>
<tr><td colspan=2><b>over jezelf:</b><br>
<textarea name="feedback" rows=4 cols=40 wrap=physical></textarea>
</td></tr>
<tr><td colspan=2 align=right><input type="submit" value="verstuur"></td></tr>
</table>
</form>
<!-- *** END HTML FORM -->

<? } ?>

i need to know how to add a protection against not-filled fields, so if a field is missing that the mail wont be send and a message appears for the sender.
User avatar
redcircle
Forum Commoner
Posts: 43
Joined: Fri Jan 31, 2003 8:47 pm
Location: michigan, usa

Post by redcircle »

if(!$realname) $error = 'Must enter realname<br>'."\n";
if(!$email) = $error.='Must enter email<br>'."\n";
if(!$feedback) = $error.='Cannot send blank message<br>'."\n";

if(isset($error)) echo $error;
User avatar
lazy_yogi
Forum Contributor
Posts: 243
Joined: Fri Jan 24, 2003 3:27 am

Post by lazy_yogi »

Just a note : with php4.2 and onwards, you need to change

Code: Select all

if(!$realname) $error = 'Must enter realname<br>'."\n";
to

Code: Select all

if(!$_POST&#1111;'realname']) $error = 'Must enter realname<br>'."\n";
and similar for the others.
User avatar
redcircle
Forum Commoner
Posts: 43
Joined: Fri Jan 31, 2003 8:47 pm
Location: michigan, usa

Post by redcircle »

that is only if register_globals is turned off.
Little Spy
Forum Commoner
Posts: 31
Joined: Thu Oct 10, 2002 8:18 pm
Contact:

Post by Little Spy »

something i dont think a lot of php programers notice is that register_globals is enabled on 99% of webservers
User avatar
Stoker
Forum Regular
Posts: 782
Joined: Thu Jan 23, 2003 9:45 pm
Location: SWNY
Contact:

Post by Stoker »

it is enabled on 99% of the servers because there are so many scripts out there that don't use superglobals at all..

The new superglobals was introduced in version 4.1.0 and by default register_globals turned off in version 4.2.0, All for the purpose of security, so many amateur and very insecure scripts out there..

So I think that any programmer should in fact think about it as being disabled, but still explicit assign any used variable in case it is not..
If you want to be backwards compatible (pre 4.1.0) you can use $HTML_POST_VARS and such for now, but eventually they may go away as well (version 5?).
User avatar
redcircle
Forum Commoner
Posts: 43
Joined: Fri Jan 31, 2003 8:47 pm
Location: michigan, usa

Post by redcircle »

People should keep thier softwares updated so it shouldn't be a problem anyways.
User avatar
twigletmac
Her Royal Site Adminness
Posts: 5371
Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK

Post by twigletmac »

lazy_yogi wrote:Just a note : with php4.2 and onwards, you need to change

Code: Select all

if(!$realname) $error = 'Must enter realname&lt;br&gt;'."\n";
to

Code: Select all

if(!$_POST&#1111;'realname']) $error = 'Must enter realname&lt;br&gt;'."\n";
and similar for the others.
Just want to add that if error reporting is at its highest level, both of these would give an error, for testing if a variable is set or empty (equal to zero or an empty string) it is much, much better to use functions such as isset() and empty() instead:

Code: Select all

if(!isset($_POST['realname'])) {
    $error = 'Must enter realname<br>'."\n";
}
or

Code: Select all

if(empty($_POST['realname'])) {
    $error = 'Must enter realname<br>'."\n";
}
depending on your needs.

Mac
User avatar
twigletmac
Her Royal Site Adminness
Posts: 5371
Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK

Post by twigletmac »

Little Spy wrote:something i dont think a lot of php programers notice is that register_globals is enabled on 99% of webservers
which is all well and good although aside from the insecure script malarky (insecure scripts can be written using the superglobals too) there is the fact that register_globals is deprecated. This means that in later versions of PHP it will not be available and will in effect be permanently off so new scripts should definitely be written with that in mind and older scripts should be updated.

The other thing is that a lot of hosts are upgrading their versions of PHP and using the default settings so that register_globals is off - considering the increasing number of posts in this forum along the lines of 'host upgraded PHP now my scripts don't work', this is happening more frequently and a percentage of those are not going to turn it back on citing security concerns.

Mac
Post Reply