Validating number and email fields before form is sent

Question

I am new to PHP so sorry if my question seems a bit noobish. I am creating a contact form which is working great but I need to validate two fields; the phone number and the email address, I need it to check that the phone number field has only numbers and is 11 digits long. The email field needs to be "something"@"something"."something".

If possible I would prefer to do it using only html or php (whichever is easiest), I guess that if there is a way to put the validation into the field properties, that would be the easiest way? eg: in here:

<input type="text" name="email" id="email" class="text" form="contact_form" required/>

If that is not possible then maybe in my PHP file which looks like so:

<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Submitting...</title>
</head>
<body>
<?php
$Name = $_POST ['full_name'];
$Email = $_POST['email'];
$Number = $_POST['phone_number'];
$Company = $_POST['company_name'];
$Message = $_POST['message'];
$formcontent="Name: $Name
\n Email: $Email 
\n Number: $Number
\n Company: $Company
\n Message: $Message";
$recipient = "info@vicarage-support.com";
$subject = "Contact";
$mailheader = "From: $Email \r\n";
ini_set("sendmail_from","info@vicarage-support.com");
mail($recipient, $subject, $formcontent, $mailheader) or die("Please try again.");
echo("Form Submitted.");
?>
<script type="text/JavaScript">
<!--
setTimeout("location.href = 'http://www.vicarage-support.com/contact_us.html';",3000);
-->
</script>
</body>
</html>

Thank you in advance.

Answer 1

There are two ways to check form data before submission, i.e. client-side: using JavaScript, and using new (HTML5) HTML attributes for the input element. They can be used together if desired. Neither of them guarantees valid data; client-side checking should be regarded as convenience to the user, not as a way of ensuring data validity (which you need to check server-side, in this case in PHP code).

The HTML way can be exemplified this way:

<input type="email" name="email" id="email" class="text" form="contact_form" 
   required>
<input type="tel" name="tel" id="tel" class="text" form="contact_form" 
   required pattern="\d{11}" label="11 digits">

Using type="email" means that conforming browsers will check the email address format. This is a nontrivial task. Using type="tel" does not impose format restrictions (and the format varies by country and authority), but it may make browsers use a better user interface (such as a numeric keypad in touchscreen devices). The restriction is imposed by the pattern attribute. The value \d{11} means exactly 11 digits. (This is bad usability. I think you should allow spaces, and possibly parentheses and other characters as well, and strip them on the server. It is just too difficult to input an 11-digit number without any grouping. And 11 digits sounds arbitrary.)

There are several approaches to implementing the same in JavaScript. The pattern check is simple, whereas email format checks are very tough, and there are different library routines for it. In general, the check should be fairly permissive, basically just checking that there is an “@” character.

Answer 2

Try adding three variables. First add a $pattern variable, then add two variables and use the switch function.

Sort of like...

<?php



      $what = what you are checking (phone, email, etc)
      $data = the string you want to check

    function isValid( $what, $data ) {

        switch( $what ) {


            case 'Number':
                $pattern = "/^([1]-)?[0-9]{3}-[0-9]{3}-[0-9]{4}$/i";
            break;
             //Change to a valid pattern, or configure it the way you want.

            case 'Email':
                $pattern = "/^[_a-z0-9-]+(.[_a-z0-9-]+)*@[a-z0-9-]+(.[a-z0-9-]+)*(.[a-z]{2,3})$/i";
            break;

            default:
                return false;
            break;

This shows you what you want. Now try to validate it like...

  }

    return preg_match($pattern, $data) ? true : false;

}

$errors = array();

if( isset($_POST['btn_submit']) ) {

    if( !isValid( 'phone', $_POST['Number'] ) ) {
        $errors[] = 'Please enter a valid phone number';        
    }

    if( !isValid( 'email', $_POST['Email'] ) ) {
        $errors[] = 'Please enter a valid email address';       
    }

}

if( !empty($errors) ) {
    foreach( $errors as $e ) echo "$e <br />";
}
?>

As you can see, this will validate your form. You may have to configure it so the $pattern is set ti what you want it to be. This may not be the best way to do so, and I reccomend Javascript, but this is how you could do it with PHP and HTML.

Answer 3

If you want to validate this form before it is submitted, that will have to be done with javascript. However, you should still check in your server side code, as javascript could be disabled, which would render javascript validation useless.

I've used this in the past, worked well for my needs. http://validval.frebsite.nl/