SitePoint Sponsor

User Tag List

Results 1 to 14 of 14
  1. #1
    SitePoint Addict clearweb's Avatar
    Join Date
    Dec 2001
    Location
    Southern California
    Posts
    215
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Question PHP Email Form - want at least 1 of 3 fields required

    Hi all,

    I have a PHP email form that has 3 phone number fields (home, work, cell). I want to make it where "at least one phone number is required". I have a contact form page and this posts to a "send.php" page.

    I have tried a couple of things, but can't get it to work. I am a real novice at PHP, so I need help.

    Any suggestions on code to try?

    This is what I have tried, but it doesn't work:

    PHP Code:
    if ($homephone.value=="" && $workphone.value=="" && $cellphone.value==""
    {
         echo 
    "   <h3>At Least One Phone Number must be entered.</h3>";


  2. #2
    Who turned the lights out !! Mandes's Avatar
    Join Date
    May 2005
    Location
    S.W. France
    Posts
    2,496
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    This is really a job for javascript, because the check could then be done before the form is submitted.

    It can be done in PHP but is a bit 'clunky' as you have to submit the form, test the inputs are OK, then redirect back to the form if not.

    If youre intent on using PHP then post your scripts.
    A Little Knowledge Is A Very Dangerous Thing.......
    That Makes Me A Lethal Weapon !!!!!!!!

    Contract PHP Programming

  3. #3
    SitePoint Addict Skookum's Avatar
    Join Date
    Sep 2006
    Location
    Idaho
    Posts
    375
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Try this
    PHP Code:
    if ($homephone.value=="" && $workphone.value=="" && $cellphone.value=="")
    {
         echo 
    "   <h3>At Least One Phone Number must be entered.</h3>";
         exit;

    By adding the exit; it will stop the script from continueing.

    Also try doing this instead
    PHP Code:
    if (empty($homephone.value) && empty($workphone.value) && empty($cellphone.value))
    {
         echo 
    "   <h3>At Least One Phone Number must be entered.</h3>";
         exit;

    I normally break my code like that up into 3 sets of if elseif statements because I normally want to do more things than just check if they are set.

    Hope this helps.

    *edit*
    ps. I agree with mandes you should probably use a JavaScript solution in conjunction with this one to be a little nicer to your users.
    *edit*
    Paranoia is no longer a mental illness it is a way of life - Me

  4. #4
    Who turned the lights out !! Mandes's Avatar
    Join Date
    May 2005
    Location
    S.W. France
    Posts
    2,496
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    $homephone.value
    this isnt a valid PHP variable !!
    A Little Knowledge Is A Very Dangerous Thing.......
    That Makes Me A Lethal Weapon !!!!!!!!

    Contract PHP Programming

  5. #5
    SitePoint Addict clearweb's Avatar
    Join Date
    Dec 2001
    Location
    Southern California
    Posts
    215
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    That second one worked Skookum. Thanks for your help! I appreciate it.

    That was driving me crazy.

  6. #6
    SitePoint Addict Skookum's Avatar
    Join Date
    Sep 2006
    Location
    Idaho
    Posts
    375
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Mandes View Post
    this isnt a valid PHP variable !!
    I was thinking the same thing cause I had never seen it before, but I decided to keep quiet just in case it was something that does exist that I just had never seen.

    And since it is working great.
    Paranoia is no longer a mental illness it is a way of life - Me

  7. #7
    SitePoint Addict clearweb's Avatar
    Join Date
    Dec 2001
    Location
    Southern California
    Posts
    215
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Mandes View Post
    this isnt a valid PHP variable !!
    Thanks Mandes. You are correct - it wasn't working when I had it like that. I removed the ".value" and it worked.

    Good eye!

  8. #8
    Who turned the lights out !! Mandes's Avatar
    Join Date
    May 2005
    Location
    S.W. France
    Posts
    2,496
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    The .value is a valid javascript object but is not used in PHP, for thread completeness, and anyone else wanting to implement the javascript option, here it is.

    Code:
    function validateclient() {
     
    var valid;
    valid = true;
     
    if (document.formname.homephone.value=='') {
    document.forms.formname.homephone.style.backgroundColor = 'red';
    valid = false;
    }
     
    if (document.formname.workphone.value=='') {
    document.forms.formname.workphone.style.backgroundColor = 'red';
    valid = false;
    }
     
    if (document.formname.cellphone.value=='') {
    document.forms.formname.cellphone.style.backgroundColor = 'red';
    valid = false;
    }
    if (valid == false){
    alert ("Please correct the errors in RED")
    }
    return valid;
    }
    A Little Knowledge Is A Very Dangerous Thing.......
    That Makes Me A Lethal Weapon !!!!!!!!

    Contract PHP Programming

  9. #9
    SitePoint Addict clearweb's Avatar
    Join Date
    Dec 2001
    Location
    Southern California
    Posts
    215
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Mandes View Post
    The .value is a valid javascript object but is not used in PHP, for thread completeness, and anyone else wanting to implement the javascript option, here it is.
    So would you implement the javascript option into the page that your actual form is on? This will catch it before it posts to the "send.php" page?

  10. #10
    Who turned the lights out !! Mandes's Avatar
    Join Date
    May 2005
    Location
    S.W. France
    Posts
    2,496
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Yes the javascript would run as an onClick parameter of the submit button on the form.
    A Little Knowledge Is A Very Dangerous Thing.......
    That Makes Me A Lethal Weapon !!!!!!!!

    Contract PHP Programming

  11. #11
    SitePoint Evangelist superuser2's Avatar
    Join Date
    Aug 2006
    Posts
    598
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Mandes
    This is really a job for javascript, because the check could then be done before the form is submitted.

    It can be done in PHP but is a bit 'clunky' as you have to submit the form, test the inputs are OK, then redirect back to the form if not.

    If youre intent on using PHP then post your scripts.
    It should be done in both places, php and javascript. Otherwise, I turn off javascript and can send 100,000,000 blank emails to your account, causing massive stress on your server and an overflow in your email account. If I make them different enough, you'll have to sort through them all manually. If you're using something with little storage, I may even put you over quota.

    Moral of the story: Filter on the client side, but always, always check it on the server side.

  12. #12
    SitePoint Addict Skookum's Avatar
    Join Date
    Sep 2006
    Location
    Idaho
    Posts
    375
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by superuser2 View Post
    It should be done in both places, php and javascript. Otherwise, I turn off javascript and can send 100,000,000 blank emails to your account, causing massive stress on your server and an overflow in your email account. If I make them different enough, you'll have to sort through them all manually. If you're using something with little storage, I may even put you over quota.

    Moral of the story: Filter on the client side, but always, always check it on the server side.
    Along these lines I also do a timeout too with sessions to make sure the user doesn't flood my server with e-mails.
    something like this
    PHP Code:
    if($_SESSION['SessSemName'] == $_GET['SemName']){
    $SpamGuard = (time() - $_SESSION['TimeOut']);
    }
    else{
    $_SESSION['SessSemName'] = $_GET['SemName'];
    $_SESSION['TimeOut'] = time();
    $SpamGuard 301;
    }

    if(
    $_SESSION['SessSemName'] == $_GET['SemName'] && $SpamGuard <= 300){
        Echo 
    "<b><br><br>We are sorry but it appears you have already submitted a request for more information or to register for this event in the last 5 minutes<br><br>";
        Echo 
    "Please wait for at least 5 minutes before submitting the same request<br><br>Thank you</b><br>";
        exit;
    }

    *
    email code stuff*

    $_SESSION['TimeOut'] = time(); 
    It's not perfect but it does it's job.

    Which reminds me I need to turn this into a function and clean it up a little bit. Yay more work for me
    Paranoia is no longer a mental illness it is a way of life - Me

  13. #13
    SitePoint Evangelist superuser2's Avatar
    Join Date
    Aug 2006
    Posts
    598
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Skookum
    Along these lines I also do a timeout too with sessions to make sure the user doesn't flood my server with e-mails.
    That's a good idea, I like those flood control scripts. However, if someone were setting up a php script to do it, it would have a different session each time (fsockopen doesn't keep cookies). There's no foolproof way to do it, but flood control will stop a less advanced attacker from just clicking the submit button repeatedly.

  14. #14
    SitePoint Addict Skookum's Avatar
    Join Date
    Sep 2006
    Location
    Idaho
    Posts
    375
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by superuser2 View Post
    That's a good idea, I like those flood control scripts. However, if someone were setting up a php script to do it, it would have a different session each time (fsockopen doesn't keep cookies). There's no foolproof way to do it, but flood control will stop a less advanced attacker from just clicking the submit button repeatedly.
    Hmmm that's a good point. Another possible option would be to set a server side cookie, or a DB option that keeps track of IP addresses. Of course someone using Tor or a similar service would probably be able to work around it.

    I'll have to think about that and see if I can come up with a decent option.

    Now that I think about it I believe Tor publishes their IP list that they use so it wouldn't be too hard to create a IP flood list from that.....I think.

    Thanks for the input, I had not thought of that, but then again I hadn't tried to make this script fool proof yet.
    Paranoia is no longer a mental illness it is a way of life - Me


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •