A customer required
some form validation for their Bed and Breakfast website.
Validation can be done using Javascript but a lot of people have
Javascript turned off or worse bypass the validation to cause
some problems. As PHP (and ASP) work at the server a user cannot bypass the
validation step.
I've written the article because most samples I have seen on the net
only validate one or two fields or over-engineer the process and make it
difficult to see the wood for the trees. I wanted to show how a loop could
be used to form the output data as well the validation. The page is called reservation.php
and the basic form structure starts as follows:
<form method="post" action="reservations.php">
<input name="process" value="1" type="hidden" >
<table>
<tr>
<td align=right>Your E-mail Address:•</td>
<td><input size=30 value="<? echo "$_POST[email]" ?>" name="email"></td>
</tr>
<tr>
<td align=right>Your full name:•</td>
<td><input size=30 value="<? echo "$_POST[yourname]" ?>" name="yourname"></td>
</tr>
|
The form in this case calls itself. This enables the initial
form to be presented with the fields filled for correction
if it fails validation. The first field "process" is a
hidden field and tells the PHP code whether this the page
has been called previously. This will become clear later.
The fields are just entered as normal except for the
value="<? echo "$_POST[yourname]" ?>" part. When the form is
called for the first time these fields are undefined and the
html with output simply as value="". On subsequent calls of
the page the value parameter will have a value.
The validation code
<?
$compulsory = array( "email" => 1, "yourname" => 1,
"address" => 1,
"city" => 1, "state" => 1, "pcode" => 1,
"country" => 0, "phone" => 1, "fax" => 0,
"no_rooms" =>1, "guests" =>1, "nights" => 1,
"montharrive" => 1, "dayarrive" => 1, "monthdepart" =>
1,
"daydepart" => 1, "year" => 1, "body" => 0 );
$titles = array( "email" => "e-mail", "yourname" =>
"name", "address" => "street",
"city" => "suburb", "state" => "state", "pcode" =>
"postcode",
"country" => "country", "phone" => "your phone number",
"fax" => "you fax number",
"no_rooms" => "type of room", "guests" => "number of
guests", "nights" => "length of stay",
"montharrive" => "planned arrival month", "dayarrive" =>
"planned arrival day", "monthdepart" => "planned
depature month",
"daydepart" => "planned departure day", "year" =>
"year", "body" => "Comments"); |
First two arrays are defined. The first defines which fields must be entered and which can
be left blank. The second array converts the field names to
display names.
$message = "";
$mailto = "xxxxx@yyyyy.net.au";
$mailsubj = "Website Form Entry";
$mailbody = "The following information was submitted via
a form on your website:\n\r";
$email = $_POST["email"];
if ($_POST['process'] == 1)
{
$mailhead = "From: $email";
$mailbody .= "If the email address provided ($email)
does not look like a valid email address \n\rthen you
may have to correct it when you reply\n\r" ;
$pattern = '/.*@.*\..*/';
reset ($HTTP_POST_VARS);
|
In our case an email will be sent to the owner of the
accommodation after validation. We then define some mail fields.
We now check if the process element is equal to 1. If it isn't
then this page was not reached from a form submit action.
The First line in this code is the start of the main loop. It
loops through all of the variables
while (list ($key, $val) = each ($HTTP_POST_VARS))
{
if ($key != "process" and $key != "submit" and $key !=
"email")
{ $mailbody .= " $titles[$key] : $val \n\r";}
if ($val == "" and $compulsory["$key"] == 1)
{ $message .= "<tr><td><font color=\"#ff0000\">•</font>
Please enter $titles[$key]</td></tr>\n"; }
}
|
The first if statement builds the text of the mail body. The next "if" statement checks to see if there
was a value present in the field. If not it builds values on the
$message string.
if ($message == "")
{
mail( $mailto, $mailsubj, $mailbody, $mailhead);
header( "location: confirm.php?name=$_POST[yourname]");
} |
If $message is blank then the mail message can be
sent and the confirm.php page can be
displayed. This will stop the execution
of the rest of the page. For the header function to
work this entire script needs to be at
the top of the page.
<? echo "<table> $message <//table>"; ?>
|
If $message has content then the rest of
reservation.php page will be displayed including the section above which
displays the error messages. |
|
