Google Answers Logo
View Question
 
Q: Validation of email addresses with .php script in Contact forms ( No Answer,   2 Comments )
Question  
Subject: Validation of email addresses with .php script in Contact forms
Category: Computers > Programming
Asked by: paulnonnis-ga
List Price: $5.00
Posted: 20 Oct 2006 04:33 PDT
Expires: 19 Nov 2006 03:33 PST
Question ID: 775312
To whom This May Concern,

I have a fairly straightforward Contact Form here: 
http://www.pictureframe.com.au/picture_frame_contact.html

The HTML code is visible via "View Source" and it will be seen that
"method="post" is used. The name of the relevant .php file with the
script and my email address are ASCII encrypted purely as an anti-spam
measure.

So far so good, the form is working well, I have no problems with it
and the ASCII codings have reduced automated spam.

The only flaw is that this free form which I obtained from the web
does not have a line of code that validates email addresses.

I don't know PHP and so I need someone who does, to edit the script to
validate the email field. I think that this is a fairly standard
matter, ie: to make sure that there is an @, to make sure that the
there's a period, a three letter extension and what have you.

This issue seems to be covered here:
http://www.htmlcenter.com/tutorials/tutorials.cfm/189/PHP

However I have not been able to successfully edit my current form
which is reproduced below:

<!--begin php script-->

<?
/*
    CHFEEDBACK.PHP Feedback Form PHP Script Ver 2.07
    Generated by thesitewizard.com's Feedback Form Wizard.
    Copyright 2000-2006 by Christopher Heng. All rights reserved.
    thesitewizard and thefreecountry are trademarks of Christopher Heng.

    $Id: phpscript.txt,v 1.8 2006/02/28 13:07:11 developer Exp $

    Get the latest version, free, from:
        http://www.thesitewizard.com/wizards/feedbackform.shtml

	You can read the Frequently Asked Questions (FAQ) at:
		http://www.thesitewizard.com/wizards/faq.shtml
	
	I can be contacted at:
		http://www.thesitewizard.com/feedback.php
	Note that I do not normally respond to questions that have
	already been answered in the FAQ, so *please* read the FAQ.

    LICENCE TERMS
    
    1. You may use this script on your website, with or
    without modifications, free of charge.
    
    2. You may NOT distribute or republish this script,
    whether modified or not. The script can only be
    distributed by the author, Christopher Heng.
    
    3. THE SCRIPT AND ITS DOCUMENTATION ARE PROVIDED
    "AS IS", WITHOUT WARRANTY OF ANY KIND, NOT EVEN THE
    IMPLIED WARRANTY OF MECHANTABILITY OR FITNESS FOR A
    PARTICULAR PURPOSE. YOU AGREE TO BEAR ALL RISKS AND
    LIABILITIES ARISING FROM THE USE OF THE SCRIPT,
    ITS DOCUMENTATION AND THE INFORMATION PROVIDED BY THE
    SCRIPTS AND THE DOCUMENTATION.

    If you cannot agree to any of the above conditions, you
    may not use the script. 
    
    Although it is NOT required, I would be most grateful
    if you could also link to thesitewizard.com at:

       http://www.thesitewizard.com/

*/

// ------------- CONFIGURABLE SECTION ------------------------

// $mailto - set to the email address you want the form
// sent to, eg
//$mailto		= "youremailaddress@example.com" ;

$mailto = 'pictureframe@pictureframe.com.au' ;

// $subject - set to the Subject line of the email, eg
//$subject	= "Feedback Form" ;

$subject = "Picture Framing Feedback Form" ;

// the pages to be displayed, eg
//$formurl		= "http://www.example.com/feedback.html" ;
//$errorurl		= "http://www.example.com/error.html" ;
//$thankyouurl	= "http://www.example.com/thankyou.html" ;

$formurl = "http://www.pictureframe.com.au/picture_frame_contact.html" ;
$errorurl = "http://www.pictureframe.com.au/picture_frame_error.html" ;
$thankyouurl = "http://www.pictureframe.com.au/picture_frame_thanks.html" ;

$uself = 0;

// -------------------- END OF CONFIGURABLE SECTION ---------------



$headersep = (!isset( $uself ) || ($uself == 0)) ? "\r\n" : "\n" ;
$name = $_POST['name'] ;
$email = $_POST['email'] ;
$comments = $_POST['comments'] ;
$http_referrer = getenv( "HTTP_REFERER" );

if (!isset($_POST['email'])) {
	header( "Location: $formurl" );
	exit ;
}
if (empty($name) || empty($email) || empty($comments)) {
   header( "Location: $errorurl" );
   exit ;
}
if ( ereg( "[\r\n]", $name ) || ereg( "[\r\n]", $email ) ) {
	header( "Location: $errorurl" );
	exit ;
}

if (get_magic_quotes_gpc()) {
	$comments = stripslashes( $comments );
}

$messageproper =

	"This message comes from:\n" .
	"$http_referrer\n" .
	"------------------------------------------------------------\n" .
	"Sender's Name: $name\n" .
	"Sender's Email: $email\n" .
	"Sender's Message:\n\n" .
	$comments .
	"\n\n------------------------------------------------------------\n" ;

mail($mailto, $subject, $messageproper,
	"From: \"$name\" <$email>" . $headersep . "Reply-To: \"$name\"
<$email>" . $headersep . "X-Mailer: chfeedback.php 2.07" );
header( "Location: $thankyouurl" );
exit ;

?>

<!--end php script-->

So, can anyone help?

Best Regards,

Paul Nonnis

pictureframe@pictureframe.com.au
Answer  
There is no answer at this time.

Comments  
Subject: Re: Validation of email addresses with .php script in Contact forms
From: augury-ga on 22 Oct 2006 02:07 PDT
 
The following code snippet should validate that the e-mail matches the
criteria for a correct e-mail address. It will then take the domain
(everything past the @) and have your server determine if that domain
accepts e-mail addresses. Beyond that you can not guarantee that an
address is properly setup at that domain.

The relavent changes are the additional of the
check_email_address function and the myCheckDNSRR function.

The check_email_address function is called immediately before your
code sends the e-mail. If it fails the user page is sent to the same
error page you specify.

Here is the code

<!--begin php script-->

<?
/*
    CHFEEDBACK.PHP Feedback Form PHP Script Ver 2.07
    Generated by thesitewizard.com's Feedback Form Wizard.
    Copyright 2000-2006 by Christopher Heng. All rights reserved.
    thesitewizard and thefreecountry are trademarks of Christopher Heng.

    $Id: phpscript.txt,v 1.8 2006/02/28 13:07:11 developer Exp $

    Get the latest version, free, from:
        http://www.thesitewizard.com/wizards/feedbackform.shtml

    You can read the Frequently Asked Questions (FAQ) at:
        http://www.thesitewizard.com/wizards/faq.shtml
    
    I can be contacted at:
        http://www.thesitewizard.com/feedback.php
    Note that I do not normally respond to questions that have
    already been answered in the FAQ, so *please* read the FAQ.

    LICENCE TERMS
    
    1. You may use this script on your website, with or
    without modifications, free of charge.
    
    2. You may NOT distribute or republish this script,
    whether modified or not. The script can only be
    distributed by the author, Christopher Heng.
    
    3. THE SCRIPT AND ITS DOCUMENTATION ARE PROVIDED
    "AS IS", WITHOUT WARRANTY OF ANY KIND, NOT EVEN THE
    IMPLIED WARRANTY OF MECHANTABILITY OR FITNESS FOR A
    PARTICULAR PURPOSE. YOU AGREE TO BEAR ALL RISKS AND
    LIABILITIES ARISING FROM THE USE OF THE SCRIPT,
    ITS DOCUMENTATION AND THE INFORMATION PROVIDED BY THE
    SCRIPTS AND THE DOCUMENTATION.

    If you cannot agree to any of the above conditions, you
    may not use the script. 
    
    Although it is NOT required, I would be most grateful
    if you could also link to thesitewizard.com at:

       http://www.thesitewizard.com/

*/

// ------------- CONFIGURABLE SECTION ------------------------

// $mailto - set to the email address you want the form
// sent to, eg
//$mailto        = "youremailaddress@example.com" ;

$mailto = 'pictureframe@pictureframe.com.au' ;

// $subject - set to the Subject line of the email, eg
//$subject    = "Feedback Form" ;

$subject = "Picture Framing Feedback Form" ;

// the pages to be displayed, eg
//$formurl        = "http://www.example.com/feedback.html" ;
//$errorurl        = "http://www.example.com/error.html" ;
//$thankyouurl    = "http://www.example.com/thankyou.html" ;

$formurl = "http://www.pictureframe.com.au/picture_frame_contact.html" ;
$errorurl = "http://www.pictureframe.com.au/picture_frame_error.html" ;
$thankyouurl = "http://www.pictureframe.com.au/picture_frame_thanks.html" ;

$uself = 0;

// -------------------- END OF CONFIGURABLE SECTION ---------------



$headersep = (!isset( $uself ) || ($uself == 0)) ? "\r\n" : "\n" ;
$name = $_POST['name'] ;
$email = $_POST['email'] ;
$comments = $_POST['comments'] ;
$http_referrer = getenv( "HTTP_REFERER" );

if (!isset($_POST['email'])) {
    header( "Location: $formurl" );
    exit ;
}
if (empty($name) || empty($email) || empty($comments)) {
   header( "Location: $errorurl" );
   exit ;
}
if ( ereg( "[\r\n]", $name ) || ereg( "[\r\n]", $email ) ) {
    header( "Location: $errorurl" );
    exit ;
}

if (get_magic_quotes_gpc()) {
    $comments = stripslashes( $comments );
}

$messageproper =

    "This message comes from:\n" .
    "$http_referrer\n" .
    "------------------------------------------------------------\n" .
    "Sender's Name: $name\n" .
    "Sender's Email: $email\n" .
    "Sender's Message:\n\n" .
    $comments .
    "\n\n------------------------------------------------------------\n" ;


if(check_email_address($mailto)){    
    mail($mailto, $subject, $messageproper,
        "From: \"$name\" <$email>" . $headersep . "Reply-To: \"$name\"
    <$email>" . $headersep . "X-Mailer: chfeedback.php 2.07" );
    header( "Location: $thankyouurl" );
}
else{
    header( "Location: $errorurl" ); 
}
exit ;

function check_email_address($email) {
  // First, we check that there's one @ symbol, and that the lengths are right
  if (!ereg("^[^@]{1,64}@[^@]{1,255}$", $email)) {
    // Email invalid because wrong number of characters in one
section, or wrong number of @ symbols.
    return false;
  }
  // Split it into sections to make life easier
  $email_array = explode("@", $email);
  $local_array = explode(".", $email_array[0]);
  for ($i = 0; $i < sizeof($local_array); $i++) {
     if (!ereg("^(([A-Za-z0-9!#$%&'*+/=?^_`{|}~-][A-Za-z0-9!#$%&'*+/=?^_`{|}~\.-]{0,63})|(\"[^(\\|\")]{0,62}\"))$",
$local_array[$i])) {
      return false;
    }
  }  
  if (!ereg("^\[?[0-9\.]+\]?$", $email_array[1])) { // Check if domain
is IP. If not, it should be valid domain name
    $domain_array = explode(".", $email_array[1]);
    if (sizeof($domain_array) < 2) {
        return false; // Not enough parts to domain
    }
    for ($i = 0; $i < sizeof($domain_array); $i++) {
      if (!ereg("^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|([A-Za-z0-9]+))$",
$domain_array[$i])) {
        return false;
      }
    }
  }
  $emailInfo = split('@', $email);     
  return myCheckDNSRR($emailInfo[1], 'MX');
}

function myCheckDNSRR($hostName, $recType = '')
{
    if(!empty($hostName)) {
        if( $recType == '' ) $recType = "MX";
        exec("nslookup -type=$recType $hostName", $result);
        // check each line to find the one that starts with the host
        // name. If it exists then the function succeeded.
        foreach ($result as $line) {
            if(eregi("^$hostName",$line)) {
                return true;
            }
        }
        // otherwise there was no mail handler for the domain
        return false;
    }
    return false;
}  
?>
<!--end php script-->


<!--begin php script-->

<?
/*
    CHFEEDBACK.PHP Feedback Form PHP Script Ver 2.07
    Generated by thesitewizard.com's Feedback Form Wizard.
    Copyright 2000-2006 by Christopher Heng. All rights reserved.
    thesitewizard and thefreecountry are trademarks of Christopher Heng.

    $Id: phpscript.txt,v 1.8 2006/02/28 13:07:11 developer Exp $

    Get the latest version, free, from:
        http://www.thesitewizard.com/wizards/feedbackform.shtml

    You can read the Frequently Asked Questions (FAQ) at:
        http://www.thesitewizard.com/wizards/faq.shtml
    
    I can be contacted at:
        http://www.thesitewizard.com/feedback.php
    Note that I do not normally respond to questions that have
    already been answered in the FAQ, so *please* read the FAQ.

    LICENCE TERMS
    
    1. You may use this script on your website, with or
    without modifications, free of charge.
    
    2. You may NOT distribute or republish this script,
    whether modified or not. The script can only be
    distributed by the author, Christopher Heng.
    
    3. THE SCRIPT AND ITS DOCUMENTATION ARE PROVIDED
    "AS IS", WITHOUT WARRANTY OF ANY KIND, NOT EVEN THE
    IMPLIED WARRANTY OF MECHANTABILITY OR FITNESS FOR A
    PARTICULAR PURPOSE. YOU AGREE TO BEAR ALL RISKS AND
    LIABILITIES ARISING FROM THE USE OF THE SCRIPT,
    ITS DOCUMENTATION AND THE INFORMATION PROVIDED BY THE
    SCRIPTS AND THE DOCUMENTATION.

    If you cannot agree to any of the above conditions, you
    may not use the script. 
    
    Although it is NOT required, I would be most grateful
    if you could also link to thesitewizard.com at:

       http://www.thesitewizard.com/

*/

// ------------- CONFIGURABLE SECTION ------------------------

// $mailto - set to the email address you want the form
// sent to, eg
//$mailto        = "youremailaddress@example.com" ;

$mailto = 'pictureframe@pictureframe.com.au' ;

// $subject - set to the Subject line of the email, eg
//$subject    = "Feedback Form" ;

$subject = "Picture Framing Feedback Form" ;

// the pages to be displayed, eg
//$formurl        = "http://www.example.com/feedback.html" ;
//$errorurl        = "http://www.example.com/error.html" ;
//$thankyouurl    = "http://www.example.com/thankyou.html" ;

$formurl = "http://www.pictureframe.com.au/picture_frame_contact.html" ;
$errorurl = "http://www.pictureframe.com.au/picture_frame_error.html" ;
$thankyouurl = "http://www.pictureframe.com.au/picture_frame_thanks.html" ;

$uself = 0;

// -------------------- END OF CONFIGURABLE SECTION ---------------



$headersep = (!isset( $uself ) || ($uself == 0)) ? "\r\n" : "\n" ;
$name = $_POST['name'] ;
$email = $_POST['email'] ;
$comments = $_POST['comments'] ;
$http_referrer = getenv( "HTTP_REFERER" );

if (!isset($_POST['email'])) {
    header( "Location: $formurl" );
    exit ;
}
if (empty($name) || empty($email) || empty($comments)) {
   header( "Location: $errorurl" );
   exit ;
}
if ( ereg( "[\r\n]", $name ) || ereg( "[\r\n]", $email ) ) {
    header( "Location: $errorurl" );
    exit ;
}

if (get_magic_quotes_gpc()) {
    $comments = stripslashes( $comments );
}

$messageproper =

    "This message comes from:\n" .
    "$http_referrer\n" .
    "------------------------------------------------------------\n" .
    "Sender's Name: $name\n" .
    "Sender's Email: $email\n" .
    "Sender's Message:\n\n" .
    $comments .
    "\n\n------------------------------------------------------------\n" ;


if(check_email_address($mailto)){    
    mail($mailto, $subject, $messageproper,
        "From: \"$name\" <$email>" . $headersep . "Reply-To: \"$name\"
    <$email>" . $headersep . "X-Mailer: chfeedback.php 2.07" );
    header( "Location: $thankyouurl" );
}
else{
    echo "Invalid E-mail Address";
}
exit ;

function check_email_address($email) {
  // First, we check that there's one @ symbol, and that the lengths are right
  if (!ereg("^[^@]{1,64}@[^@]{1,255}$", $email)) {
    // Email invalid because wrong number of characters in one
section, or wrong number of @ symbols.
    return false;
  }
  // Split it into sections to make life easier
  $email_array = explode("@", $email);
  $local_array = explode(".", $email_array[0]);
  for ($i = 0; $i < sizeof($local_array); $i++) {
     if (!ereg("^(([A-Za-z0-9!#$%&'*+/=?^_`{|}~-][A-Za-z0-9!#$%&'*+/=?^_`{|}~\.-]{0,63})|(\"[^(\\|\")]{0,62}\"))$",
$local_array[$i])) {
      return false;
    }
  }  
  if (!ereg("^\[?[0-9\.]+\]?$", $email_array[1])) { // Check if domain
is IP. If not, it should be valid domain name
    $domain_array = explode(".", $email_array[1]);
    if (sizeof($domain_array) < 2) {
        return false; // Not enough parts to domain
    }
    for ($i = 0; $i < sizeof($domain_array); $i++) {
      if (!ereg("^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|([A-Za-z0-9]+))$",
$domain_array[$i])) {
        return false;
      }
    }
  }
  $emailInfo = split('@', $email);     
  return myCheckDNSRR($emailInfo[1], 'MX');
}

function myCheckDNSRR($hostName, $recType = '')
{
    if(!empty($hostName)) {
        if( $recType == '' ) $recType = "MX";
        exec("nslookup -type=$recType $hostName", $result);
        // check each line to find the one that starts with the host
        // name. If it exists then the function succeeded.
        foreach ($result as $line) {
            if(eregi("^$hostName",$line)) {
                return true;
            }
        }
        // otherwise there was no mail handler for the domain
        return false;
    }
    return false;
}  
?>
<!--end php script-->
Subject: Re: Validation of email addresses with .php script in Contact forms
From: paulnonnis-ga on 01 Nov 2006 21:45 PST
 
Dear augury-ga,

Just got around to editing the file now. I cut and pasted the whole
code from beginning to end, as it is, uploaded it and tested it.

The form wouldn't work and the error message below loads:

Parse error: syntax error, unexpected ',' in
/home/pictu348/public_html/19761950.php on line 128

I've now reloaded the old file,

Can you fixc the code so that it'll work?

Best Regards,

Paul Nonnis

pictureframe@pictureframe.com.au

Important Disclaimer: Answers and comments provided on Google Answers are general information, and are not intended to substitute for informed professional medical, psychiatric, psychological, tax, legal, investment, accounting, or other professional advice. Google does not endorse, and expressly disclaims liability for any product, manufacturer, distributor, service or service provider mentioned or any opinion expressed in answers or comments. Please read carefully the Google Answers Terms of Service.

If you feel that you have found inappropriate content, please let us know by emailing us at answers-support@google.com with the question ID listed above. Thank you.
Search Google Answers for
Google Answers  


Google Home - Answers FAQ - Terms of Service - Privacy Policy