Form Validation Script
Summary of tests
|
Other Form Validation Example.
Link: feedback.html
CODE for form (feedback.html):
<HTML>
<HEAD>
<TITLE>Vinyl Dealers: feedback</TITLE>
</HEAD>
<TITLE>Vinyl Dealers: feedback</TITLE>
</HEAD>
<BODY>
<H2>Feedback</H2>
<BR>
<FORM Action=send_feedback.php Method=POST>
Your name: <INPUT Type=TEXT Name=user Size=40 Maxlength=40><BR>
Your email: <INPUT Type=TEXT Name=email Size=40 Maxlength=40><BR>
<BR>
Can we keep you updated with news about our site? <INPUT Type=RADIO Name=spam Value=1 Checked>Yes <INPUT Type=RADIO Name=spam Value=0>No<BR>
<BR>
Comments:<BR>
<TEXTAREA Name=comments Rows=10 Cols=60></TEXTAREA><BR>
<INPUT Type=SUBMIT Value=submit>
</FORM>
</BODY>
<H2>Feedback</H2>
<BR>
<FORM Action=send_feedback.php Method=POST>
Your name: <INPUT Type=TEXT Name=user Size=40 Maxlength=40><BR>
Your email: <INPUT Type=TEXT Name=email Size=40 Maxlength=40><BR>
<BR>
Can we keep you updated with news about our site? <INPUT Type=RADIO Name=spam Value=1 Checked>Yes <INPUT Type=RADIO Name=spam Value=0>No<BR>
<BR>
Comments:<BR>
<TEXTAREA Name=comments Rows=10 Cols=60></TEXTAREA><BR>
<INPUT Type=SUBMIT Value=submit>
</FORM>
</BODY>
</HTML>
CODE for validation page (send_feedback.php)
<HTML>
<HEAD>
<TITLE>We appreciate your feedback</TITLE>
</HEAD>
<HEAD>
<TITLE>We appreciate your feedback</TITLE>
</HEAD>
<BODY>
<?
// check to make sure none of the variables are empty
if (!$user || !$email || !$comments) {
?>
<H2>Whoops</H2>
<BR>
Please fill in all fields.
<BR>
<A href=”feedback.html” mce_href=”feedback.html”>Click here to go back to the feedback page.</A>
<?
exit;
}
<?
// check to make sure none of the variables are empty
if (!$user || !$email || !$comments) {
?>
<H2>Whoops</H2>
<BR>
Please fill in all fields.
<BR>
<A href=”feedback.html” mce_href=”feedback.html”>Click here to go back to the feedback page.</A>
<?
exit;
}
// check for a valid email address format
if (!eregi(“^[a-z0-9_]+@[a-z0-9-]+.[a-z0-9-.]+$”, $email)) {
?>
<H2>Whoops</H2>
<BR>
Please enter a valid address.
<BR>
<A href=”feedback.html” mce_href=”feedback.html”>Click here to go back to the feedback page.</A>
<?
exit;
}
if (!eregi(“^[a-z0-9_]+@[a-z0-9-]+.[a-z0-9-.]+$”, $email)) {
?>
<H2>Whoops</H2>
<BR>
Please enter a valid address.
<BR>
<A href=”feedback.html” mce_href=”feedback.html”>Click here to go back to the feedback page.</A>
<?
exit;
}
// escape any characters that could cause problems
$user = addslashes($user);
$email = addslashes($email);
$comments = addslashes($comments);
$user = addslashes($user);
$email = addslashes($email);
$comments = addslashes($comments);
// connect to the database and select ‘vinyldealers’
$db = mysql_connect(“localhost”);
mysql_select_db(“vinyldealers”, $db);
$db = mysql_connect(“localhost”);
mysql_select_db(“vinyldealers”, $db);
// add the user input to the ‘feedback’ table as a new record
$addfeedback = “INSERT INTO feedback (user, email, spam, comments)
VALUES (‘”.$user.”‘, ‘”.$email.”‘, ‘”.$spam.”‘, ‘”.$comments.”‘)”;
$result = mysql_query($addfeedback);
?>
<H2>Thank you</H2>
<BR>
We have added your comments to our database.
</BODY>
</HTML>
$addfeedback = “INSERT INTO feedback (user, email, spam, comments)
VALUES (‘”.$user.”‘, ‘”.$email.”‘, ‘”.$spam.”‘, ‘”.$comments.”‘)”;
$result = mysql_query($addfeedback);
?>
<H2>Thank you</H2>
<BR>
We have added your comments to our database.
</BODY>
</HTML>