conditional validation check on 2nd email that isn't required

**?foru** · 05-05-2009, 02:51 AM

PHP Code:


// variable is $friendemail1 and IS required

elseif (!ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$",strtolower($c['friendemail1']))) {

        $error_msg .= "Friend email is not a valid e-mail address. \n";

    }

// variable is $friendemail2 but isn

elseif (!ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$",strtolower($c['friendemail2']))) {

        $error_msg .= "Friend 2 email is not a valid e-mail address. \n";

    }

By default this is checking both, but I'm trying to get it to only run the check on friendemail2 when that field is filled out.

I tried sometihng like
elseif ($friendemail2 != ''; ) (!ereg...
so if field friendemail2 isn't blank run the rest of the check, but couldn't get it to work. Anyone have any suggestions? Thank you.

**thetestingsite** · 05-05-2009, 03:12 AM

Try this:

Code:

// variable is $friendemail1 and IS required
elseif (!ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$",strtolower($c['friendemail1']))) {
        $error_msg .= "Friend email is not a valid e-mail address. \n";
    }
// variable is $friendemail2 but isn
else {
  if ($c['friendemail2'] != '') {
   if (!ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$",strtolower($c['friendemail2']))) {
        $error_msg .= "Friend 2 email is not a valid e-mail address. \n";
   }  
  }
}

Probably not the best way to do it, but it should work unless you already have an else statement after the first one you posted, then it will error out; in which case you should post the full code.

Hope this helps.

**?foru** · 05-05-2009, 04:04 PM

That worked great for the 2 email fields. I thought if I could figure out how to check friendemail2 conditionally that I could follow the pattern for the other 2 I had friendemail3 and friendemail4 (4 friend email fields total, only the 1st is required)

Here is all the relevant validation check code (up to friendemail2)

PHP Code:


if (isset($c['submit'])) {
    if (empty($c['yourname']) || empty($c['youremail']) || empty($c['friendemail1'])) {
        $error_msg .= "Your name and email along with at least one friends email are required fields. \n";
        
    } elseif (strlen($c['yourname']) > 15) {
        $error_msg .= "The name field is limited to 15 characters. \n"; 
        
    } elseif (!ereg("^[A-Za-z' -]", $c['yourname'])) {
        $error_msg .= "The name field must not contain any special characters. \n";
    
    } elseif (!ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$",strtolower($c['youremail']))) {
        $error_msg .= "Your email is not a valid e-mail address. \n";
    }
      // variable is $friendemail1 and IS required
elseif (!ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$",strtolower($c['friendemail1']))) {
        $error_msg .= "Friend email is not a valid e-mail address. \n";
    }
// variable is $friendemail2 but isn't required
else {
  if ($c['friendemail2'] != '') {
   if (!ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$",strtolower($c['friendemail2']))) {
        $error_msg .= "Friend 2 email is not a valid e-mail address. \n";
   }  
  }
}

I'm having a little trouble working in friendemail3 and friendemail4 since there is an initial if then elseif follow after that. I tried to make friendemail4 the else and all the others before it elseif but couldn't get it to work.

**forum_amnesiac** · 05-05-2009, 04:25 PM

See if this works

PHP Code:


if (isset($c['submit'])) {

    if (empty($c['yourname']) || empty($c['youremail']) || empty($c['friendemail1'])) {

        $error_msg .= "Your name and email along with at least one friends email are required fields. \n";

        

    } elseif (strlen($c['yourname']) > 15) {

        $error_msg .= "The name field is limited to 15 characters. \n"; 

        

    } elseif (!ereg("^[A-Za-z' -]", $c['yourname'])) {

        $error_msg .= "The name field must not contain any special characters. \n";

    

    } elseif (!ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$",strtolower($c['youremail']))) {

        $error_msg .= "Your email is not a valid e-mail address. \n";

    }

      // variable is $friendemail1 and IS required

    elseif (!ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$",strtolower($c['friendemail1']))) {

        $error_msg .= "Friend email is not a valid e-mail address. \n";

    }

// variable is $friendemail2 but isn't required

    elseif ($c['friendemail2'] != '') {

           if (!ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$",strtolower($c['friendemail2']))) {

        $error_msg .= "Friend 2 email is not a valid e-mail address. \n";

           }  

      }

    elseif ($c['friendemail3'] != '') {

           if (!ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$",strtolower($c['friendemail3']))) {

        $error_msg .= "Friend 3 email is not a valid e-mail address. \n";

           }  

      }

    else {

          if ($c['friendemail4'] != '') {

               if (!ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$",strtolower($c['friendemail4']))) {

            $error_msg .= "Friend 4 email is not a valid e-mail address. \n";

               }

        }

      }

}

**?foru** · 05-05-2009, 06:23 PM

Thank you for the reply. I received an unexpected } on line 173 which is the last } in the validation code. I commented it out to test, but it only checked the first 2 email addresses.

**?foru** · 05-06-2009, 03:34 AM

This is weird that the above doesn't work, because I just wrote this for something else. Although it doesn't have the extra if's in it...it's generally the same principle. (if elseif elseif else)

PHP Code:


<?php if (isset($_GET['page']) && $_GET['page'] == 'specialpage') { 

include("includes/specialpage.php"); }



elseif (isset($_GET['page']) && $_GET['page'] == 'somethingelse') { 

include("includes/somethingelse.php"); }



elseif (isset($_GET['page']) && $_GET['page'] == 'uniquepage') { 

include("includes/uniquepage.php"); } 



else { $target = isset($_GET['page'])?$_GET['page']:'index';

if ( file_exists('./includes/' . $target . '.php') ) include './includes/' . $target . '.php'; if ( !file_exists('./includes/' . $target . '.php') ) include './includes/404.php'; } ?>

Would posting the full code of the referral form help to spot something? Thank you

**forum_amnesiac** · 05-06-2009, 04:45 AM

Yep post the full code, or a link to it

**?foru** · 05-06-2009, 05:39 AM

I posted the code prior to any changes. Around line 43 is where the changes are being attempted.

PHP Code:


<?php 
function clean($data) {
    $data = trim(stripslashes(strip_tags($data)));
    return $data;
}

$exploits = "/(content-type|bcc:|cc:|document.cookie|onclick|onload|url=|url|link=|link|http:|https:)/i";
$profanity = "/(curse|words|here)/i";
$spamwords = "/(viagra||blackjack|backgammon|texas|holdem|meds|freemeds|poker|cialis|ciara|ciprofloxacin|debt|dating)/i";
$bots = "/(Indy|Blaiz|Java|libwww-perl|Python|OutfoxBot|User-Agent|PycURL|AlphaServer)/i";

if (preg_match($bots, $_SERVER['HTTP_USER_AGENT'])) {
    exit("<p>Known spam bots are not allowed.</p>");
}
foreach ($_POST as $key => $val) {
    $c[$key] = clean($val);

    if (preg_match($exploits, $val)) {
        exit("<table><tr><td style='color: #FFFFFF; padding: 5px; font: normal 11px Arial, sans-serif; background-color: #4A494D; border-top: 1px solid #000000; border-left: 1px solid #000000; border-right: 1px solid #2B2F38; border-bottom: 1px solid #2B2F38;'><strong>ERROR:</strong>Exploits/malicious scripting attributes aren't allowed.<br><br>Click your back browser button to submit the appropriate content.</td></tr></table>");
    } elseif (preg_match($profanity, $val) || preg_match($spamwords, $val)) {
        exit("<table><tr><td style='color: #FFFFFF; padding: 5px; font: normal 11px Arial, sans-serif; background-color: #4A494D; border-top: 1px solid #000000; border-left: 1px solid #000000; border-right: 1px solid #2B2F38; border-bottom: 1px solid #2B2F38;'><strong>ERROR:</strong><p>That kind of language isn't allowed through this form.<br><br>Click your back browser button to submit the appropriate content.</p></td></tr></table>");
    }
}

$show_form = true;
$error_msg = NULL;

if (isset($c['submit'])) {
    if (empty($c['yourname']) || empty($c['youremail']) || empty($c['friendemail1'])) {
        $error_msg .= "Your name and email along with at least one friends email are required fields. \n";
        
    } elseif (strlen($c['yourname']) > 15) {
        $error_msg .= "The name field is limited to 15 characters. \n"; 
        
    } elseif (!ereg("^[A-Za-z' -]", $c['yourname'])) {
        $error_msg .= "The name field must not contain any special characters. \n";
    
    } elseif (!ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$",strtolower($c['youremail']))) {
        $error_msg .= "Your email is not a valid e-mail address. \n";
    }
    elseif (!ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$",strtolower($c['friendemail1']))) {
        $error_msg .= "Friend email is not a valid e-mail address. \n";
    }
########### trying to add additional friendemail checks above this ######################
#########################################################################################
    if ($error_msg == NULL) {
        $show_form = false;

        if (!empty($c['url']) && !ereg("^(http|https)", $c['url'])) {
            $c['url'] = "http://" . $c['url'];
        }
        $admin_subject = "A site recommendation has been sent";
        $admin_message = "".$yourname." @ ".$youremail." has recommended your site to \n ".$friendemail1."\n ".$friendemail2."\n".$friendemail3."\n".$friendemail4.""; 
        $subject = "A friend thought you might be interested in this site.";
//////// Change top email message line here
        $message = "Hello, \n Your friend ".$yourname." thought you might be interested in this site and wanted you to take a look at http://example.com \n"; 
        $message .= "\n Thank you, \n example.com";

        if (strstr($_SERVER['SERVER_SOFTWARE'], "Win")) {
            $headers   = "From: $youremail \n";
            $headers  .= "Reply-To: $youremail";
        } else {
            $headers   = "From: $yourname <$youremail> \n";
            $headers  .= "Reply-To: $youremail";
        }
// email the admin to let them know that someone recommended their site
if (mail('admin@example.com',$admin_subject,$admin_message,$headers)) {
################################################################################
// email submitted addresses
        if (mail($friendemail1,$subject,$message,$headers)) {
            echo "<table><tr><td style='color: #FFFFFF; padding: 5px; font: normal 11px Arial, sans-serif; background-color: #4A494D; border-top: 1px solid #000000; border-left: 1px solid #000000; border-right: 1px solid #2B2F38; border-bottom: 1px solid #2B2F38;'>Thank you for recommending this site.</td></tr></table><br><table><tr><td style='color: #FFFFFF; padding: 5px; font: normal 11px Arial, sans-serif; background-color: #4A494D; border-top: 1px solid #000000; border-left: 1px solid #000000; border-right: 1px solid #2B2F38; border-bottom: 1px solid #2B2F38;'><strong>SUCCESS: </strong><br>The site recommendation was successfully sent to your friend @ ".$friendemail1."</td></tr></table>";
        if (mail($friendemail2,$subject,$message,$headers)) {
            echo "<table><tr><td style='color: #FFFFFF; padding: 5px; font: normal 11px Arial, sans-serif; background-color: #4A494D; border-top: 1px solid #000000; border-left: 1px solid #000000; border-right: 1px solid #2B2F38; border-bottom: 1px solid #2B2F38;'><strong>SUCCESS: </strong><br>The site recommendation was successfully sent to your friend @ ".$friendemail2."</td></tr></table>";
        if (mail($friendemail3,$subject,$message,$headers)) {
            echo "<table><tr><td style='color: #FFFFFF; padding: 5px; font: normal 11px Arial, sans-serif; background-color: #4A494D; border-top: 1px solid #000000; border-left: 1px solid #000000; border-right: 1px solid #2B2F38; border-bottom: 1px solid #2B2F38;'><strong>SUCCESS: </strong><br>The site recommendation was successfully sent to your friend @ ".$friendemail3."</td></tr></table>";
        if (mail($friendemail4,$subject,$message,$headers)) {
            echo "<table><tr><td style='color: #FFFFFF; padding: 5px; font: normal 11px Arial, sans-serif; background-color: #4A494D; border-top: 1px solid #000000; border-left: 1px solid #000000; border-right: 1px solid #2B2F38; border-bottom: 1px solid #2B2F38;'><strong>SUCCESS: </strong><br>The site recommendation was successfully sent to your friend @ ".$friendemail4."</td></tr></table>";
        }
        }
        }
        } 
        }else {
            echo "<table><tr><td style='color: #FFFFFF; padding: 5px; font: normal 11px Arial, sans-serif; background-color: #4A494D; border-top: 1px solid #000000; border-left: 1px solid #000000; border-right: 1px solid #2B2F38; border-bottom: 1px solid #2B2F38;'><strong>FAILURE: </strong><br>The site recommendation could not be sent this time.  Please try again later.</td></tr></table>";
        }
    }
}
if (!isset($c['submit']) || $show_form == true) {
    function get_data($var) {
        global $c;
        if (isset($c[$var])) {
            echo $c[$var];
        }
    }

    if ($error_msg != NULL) { // show error messages
        echo "<table><tr><td style='color: #FFFFFF; padding: 5px; font: normal 11px Arial, sans-serif; background-color: #4A494D; border-top: 1px solid #000000; border-left: 1px solid #000000; border-right: 1px solid #2B2F38; border-bottom: 1px solid #2B2F38;'><strong>ERROR: </strong><p>";
        echo nl2br($error_msg) . "</p></td></tr></table>";
    }
?>             <!-- $class = ''; if (!empty($error_msg['yourname']))... JUST CHECKS THE REQUIRED FIELDS AND SHOWS THE ERROR CLASS IF BLANK -->
               <form action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="post"><table width="430" height="19" border="0" cellpadding="5" cellspacing="0"><tr><td width="212" valign="top"><label>Your Name&nbsp;*<br>
               <input name="yourname" type="text" <?php $class = ''; if (!empty($error_msg['yourname'])) {$class = 'class="req"';} if (!empty($c["yourname"])) {$class = '';} print "{$class}"; ?> id="yourname" value="<?php get_data("yourname"); ?>" size="30"></label></td><td width="218"><label>Your Email&nbsp;*<br>
              <input name="youremail" type="text" <?php $class = ''; if (!empty($error_msg['youremail'])) {$class = 'class="req"';} if (!empty($c["youremail"])) {$class = '';} print "{$class}"; ?> id="email" value="<?php get_data("youremail"); ?>" size="30"></label></td></tr><tr><td valign="top"><label>Friend's Email&nbsp;*<br>
              <input name="friendemail1" type="text" <?php $class = ''; if (!empty($error_msg['friendemail1'])) {$class = 'class="req"';} if (!empty($c["friendemail1"])) {$class = '';} print "{$class}"; ?> id="friendemail1" value="<?php get_data("friendemail1"); ?>" size="30"></label></td><td><label>Friend's Email&nbsp;(2)<br>
              <input name="friendemail2" type="text" id="friendemail2" value="<?php get_data("friendemail2"); ?>" size="30"></label></td></tr><tr><td valign="top">Friend's Email&nbsp;(3)<br>
              <input name="friendemail3" type="text" id="friendemail3" value="<?php get_data("friendemail3"); ?>" size="30"></td><td>Friend's Email&nbsp;(4)<br>
              <input name="friendemail4" type="text" id="friendemail4" value="<?php get_data("friendemail4"); ?>" size="30"></td></tr></table><br></label>
              <input type="submit" name="submit" id="submit" class="btn" value="Send">All fields marked with an * are required.</form>
<?php
}
?>

I appreciate it.

**forum_amnesiac** · 05-06-2009, 08:58 AM

Try this, it worked when I tested it.

There was also an error in your code for the 'spam' array, I kept being told that I was using bad language, I've corrected that as well

Put all of this into the top section of your code replacing everything down to,
'########### trying to add additional friendemail checks above this ######################', in the code you posted.

PHP Code:




function clean($data) {

    $data = trim(stripslashes(strip_tags($data)));

    return $data;

}



$exploits = "/(content-type|bcc:|cc:|document.cookie|onclick|onload|url=|url|link=|link|http:|https:)/i";

$profanity = "/(curse|words|here)/i";

$spamwords = "/(viagra|blackjack|backgammon|texas|holdem|meds|freemeds|poker|cialis|ciara|ciprofloxacin|debt|dating)/i";

$bots = "/(Indy|Blaiz|Java|libwww-perl|Python|OutfoxBot|User-Agent|PycURL|AlphaServer)/i";



if (preg_match($bots, $_SERVER['HTTP_USER_AGENT'])) {

    exit("<p>Known spam bots are not allowed.</p>");

}

foreach ($_POST as $key => $val) {

    $c[$key] = clean($val);



    if (preg_match($exploits, $val)) {

        exit("<table><tr><td style='color: #FFFFFF; padding: 5px; font: normal 11px Arial, sans-serif; background-color: #4A494D; border-top: 1px solid #000000; border-left: 1px solid #000000; border-right: 1px solid #2B2F38; border-bottom: 1px solid #2B2F38;'><strong>ERROR:</strong>Exploits/malicious scripting attributes aren't allowed.<br><br>Click your back browser button to submit the appropriate content.</td></tr></table>");

    } elseif (preg_match($profanity, $val) || preg_match($spamwords, $val)) {

        exit("<table><tr><td style='color: #FFFFFF; padding: 5px; font: normal 11px Arial, sans-serif; background-color: #4A494D; border-top: 1px solid #000000; border-left: 1px solid #000000; border-right: 1px solid #2B2F38; border-bottom: 1px solid #2B2F38;'><strong>ERROR:</strong><p>That kind of language isn't allowed through this form.<br><br>Click your back browser button to submit the appropriate content.</p></td></tr></table>");

    }

}



$show_form = true;

$error_msg = NULL;



if (isset($c['submit'])) {

    if (empty($c['yourname']) || empty($c['youremail']) || empty($c['friendemail1'])) {

        $error_msg .= "Your name and email along with at least one friends email are required fields. \n";

    }

    elseif (strlen($c['yourname']) > 15) {

        $error_msg .= "The name field is limited to 15 characters. \n"; 

    } 

    elseif (!ereg("^[A-Za-z' -]", $c['yourname'])) {

        $error_msg .= "The name field must not contain any special characters. \n";

    }

    elseif (!ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$",strtolower($c['youremail']))) {

        $error_msg .= "Your email is not a valid e-mail address. \n";

    }

     // variable is $friendemail1 and IS required

    elseif (!ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$",strtolower($c['friendemail1']))) {

        $error_msg .= "Friend 1 email is not a valid e-mail address. \n";

    }

    // variable is $friendemail2 but isn't required

    elseif ($c['friendemail2'] != '' && !ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$",strtolower($c['friendemail2']))) {

         $error_msg .= "Friend 2 email is not a valid e-mail address. \n";

       }  

    elseif ($c['friendemail3'] != '' && !ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$",strtolower($c['friendemail3']))) {

        $error_msg .= "Friend 3 email is not a valid e-mail address. \n";

    }

        

    else {

          if ($c['friendemail4'] != '' && !ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$",strtolower($c['friendemail4']))) {

            $error_msg .= "Friend 4 email is not a valid e-mail address. \n";

           }  

      }

**?foru** · 05-06-2009, 07:27 PM

Thank you very much, this now works as intended.

It looks like the key to making it work was elseif ($c['friendemail2'] != '' && !ereg... since 2 and beyond aren't required, but still need to be checked if filled in.