Captcha + ajax - Page 2

Question

Airshow 416 WiFi Lounge Lizard

12 Years Ago

Do as many checks as you feel are necessary to prevent absent/inappropriate data from messing up your registration process.

If I recall correctly, a check-box's property exists in $_REQUEST if the box is checked, and not if it's unchecked. Therefore test isset($_REQUEST['terms_agree']) .

Airshow

Edited 12 Years Ago by Airshow because: n/a

Airshow 416 WiFi Lounge Lizard

12 Years Ago

We moved away from error_mesg being a string, remember?

These checks need to be constructed to the same pattern as the others. And it will be less confusing name the fields 'email_1' and 'email_2'.

First, construct jQuery objects for 'email_1' and 'email_2' ONCE at the top of $(document).ready(function(){, same as for other fields:

...
	var $email_1 = $("[name='email_1']");
	var $email_2 = $("[name='email_2']");

Inside function validate_form() {

...
		$email_1.removeClass('error')
		$email_2.removeClass('error');
		if($email_1.val()==""){
			error_mesg.push("E-mail?");         
			$email_1.addClass('error');
		}
		if($email_2.val()==""){
			error_mesg.push("Please confirm your email");
			$email_2.addClass('error');
		}
		if($email_1.val() != $email_2.val()){         
			error_mesg.push("E-mail not match");
			$email_1.addClass('error');
			$email_2.addClass('error');
		}

Airshow

Edited 12 Years Ago by Airshow because: n/a

Airshow 416 WiFi Lounge Lizard

12 Years Ago

Sounds like some half-baked nanny-browser thing.

It's not directly caused by anything in the javascript.

There may be a workaround but you would need to research it.

Airshow

Airshow 416 WiFi Lounge Lizard

12 Years Ago

No, you just something better that checking for empty string.

You need to do some research. There are loads good discussions etc about email validation on the web. I would not try to write it myself because other people have done a better job than I could ever hope for. Besides I'm lazy.

Google eg. "javascript email validation"

You will be introduced to the wonderful world of "regular expressions".

Airshow

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

siabenie 0 Junior Poster in Training · Answer 1 · 2011-08-01T17:28:19+00:00

And please remember that this is really only a pre-verification check. You have to reverify the captcha right at the top of processForm.php, otherwise that script would be accessible without verification.
If the test in processForm.php fails, then redirect back to checkForm.php . This won't happen to bona fide users; only hackers who did not use checkForm.php will be redirected.
Airshow

You mean I have to do like this in

processForm.php

<?php
session_start();
require("include/application_top.php");

if(strtolower($_REQUEST['captcha_code']) == strtolower($_SESSION['random_number']))
	{
..
..
      // insert your name , email and text message to your table in db
	  $table_fields = array("name", "tel", "email", "interested", "comment", "email_list");
     $table_name = "present";
..
..	 
	  exit('1');//pass
	  header('Location: thankyou.php');
	}
	else
	{
	    exit('0');//fail
	    header('Location: checkForm.php');
	}

Is this correct way?

Airshow 416 WiFi Lounge Lizard Team Colleague · Answer 2 · 2011-08-01T17:32:47+00:00

In each of the tests, simply push error messages onto the error_mesg array

if($name.val()==="") {
	error_mesg.push("Please enter your name");
	$name.addClass('error');
}
else {
	$name.removeClass('error');
}

The function showErrorMesg (called in various places) displays the message.

You will see that showErrorMesg has two lines of code; your original alert is currently commented out, in favour of a line of jQuery. Simply move the comment marks to the jquery line and your alert will will happen.

Airshow

siabenie 0 Junior Poster in Training · Answer 3 · 2011-08-01T17:43:53+00:00

Yes, I got it now thanks!!:)

But the <br/> is printed on the error message instead of break, this is the sample what I got:

Please enter your name<br/>Please enter tel no<br/>Please enter email<br/>Please accept the terms and conditions<br/>Please enter the image verification

Airshow, is the processForm.php I show you earlier was correct way to do it?

Airshow 416 WiFi Lounge Lizard Team Colleague · Answer 4 · 2011-08-01T17:49:38+00:00

You mean I have to do like this in processForm.php

<?php
session_start();
require("include/application_top.php");

if(strtolower($_REQUEST['captcha_code']) == strtolower($_SESSION['random_number']))
	{
..
..
      // insert your name , email and text message to your table in db
	  $table_fields = array("name", "tel", "email", "interested", "comment", "email_list");
     $table_name = "present";
..
..	 
	  exit('1');//pass
	  header('Location: thankyou.php');
	}
	else
	{
	    exit('0');//fail
	    header('Location: checkForm.php');
	}

Is this correct way?

Nearly:

<?php
session_start();

//Here revalidate ALL form data
$name_OK = ...;
$tel_OK = ...;
$email_OK = ...;
$terms_OK = ...;
$captcha_OK = strtolower($_REQUEST['captcha_code']) != strtolower($_SESSION['random_number']);
if(!$name_OK || !$tel_OK || !$email_OK || !$terms_OK || !$captcha_OK)
{
	header('Location: checkForm.php');
	exit();
}

//here do whatever is required on successful form submission
...

I'm away now. Back this evening.

Airshow

siabenie 0 Junior Poster in Training · Answer 5 · 2011-08-01T20:48:57+00:00

Nearly:

<?php
session_start();

//Here revalidate ALL form data
$name_OK = ...;
$tel_OK = ...;
$email_OK = ...;
$terms_OK = ...;
$captcha_OK = strtolower($_REQUEST['captcha_code']) != strtolower($_SESSION['random_number']);
if(!$name_OK || !$tel_OK || !$email_OK || !$terms_OK || !$captcha_OK)
{
	header('Location: checkForm.php');
	exit();
}

//here do whatever is required on successful form submission
...

I'm away now. Back this evening.

Airshow

Hi Airshow,

I did not get what you mean by ...;

Shall I put it like this:?

$name_OK = $name;
$tel_OK = $tel;
$email_OK = $email;
..
..

And how can we break this error message from printed the <br/>:

Please enter your name<br/>Please enter tel no<br/>Please enter email<br/>Please accept the terms and conditions<br/>Please enter the image verification

..
alert(mesgArray.join("<br/>"));
..
..

Please assist, thank you.

Airshow 416 WiFi Lounge Lizard Team Colleague · Answer 6 · 2011-08-01T22:23:26+00:00

Hi Airshow,
I did not get what you mean by ...;
Shall I put it like this:?
$name_OK = $name;
$tel_OK = $tel;
$email_OK = $email;
..
..

The right hand part of each expression should be a test that returns true or false, in the same way as the line $captcha_code = ....; .

These tests will be php versions of the validations performed client-side by javascript.

And how can we break this error message from printed the <br/>:

Please enter your name<br/>Please enter tel no<br/>Please enter email<br/>Please accept the terms and conditions<br/>Please enter the image verification

alert(mesgArray.join("<br/>"));

Sorry, that's my fault. It should be:

alert(mesgArray.join("\n"));

Airshow

siabenie 0 Junior Poster in Training · Answer 7 · 2011-08-01T22:37:00+00:00

Thanks for clarify them - but I did not understand what you mean by

The right hand part of each expression should be a test that returns true or false, in the same way as the line $captcha_code = ....; .
These tests will be php versions of the validations performed client-side by javascript.
Airshow

Can you please give me an example?

Thanks again.!!

Airshow 416 WiFi Lounge Lizard Team Colleague · Answer 8 · 2011-08-01T22:51:20+00:00

Can you please give me an example?

For name, javascript tests for blank/non-blank

if($name.val()===""){
	//error
}
else {
	//ok
}

So in php, do the same:

$name_OK = $_REQUEST['name'] != "";

Airshow

siabenie 0 Junior Poster in Training · Answer 9 · 2011-08-02T03:33:25+00:00

For name, javascript tests for blank/non-blank
if($name.val()===""){
	//error
}
else {
	//ok
}
So in php, do the same:
$name_OK = $_REQUEST['name'] != "";
Airshow

I see okay thanks - so I have to do these for all the variables that I used? or only those I use for checking error messages?

And - How about to the one for check-box one (terms and conditions)? Do I do the same thing?

Here is snippets what I did; Is this looks correct Airshow?

<?php
session_start();
require("include/application_top.php");

$name_OK = $_REQUEST['name'] != "";
$tel_OK = $_REQUEST['tel'] != "";
$email_OK = $_REQUEST['email'] != "";
$terms_OK = $_REQUEST['terms_agree'] != "";
$captcha_OK = strtolower($_REQUEST['captcha_code']) != strtolower($_SESSION['random_number']);

if(!$name_OK || !$tel_OK || !$email_OK || !$terms_OK || !$captcha_OK)
{
	header('Location: checkForm.php');
	exit();
}
..
..
$table_fields = array("name", "tel", "email", "comment");
$table_name = "present";

....
....
if(isset($_POST['name'])){
  
  $connection = mysql_connect (DB_SERVER, DB_USER, DB_PASS) or
	die ('I cannot connect to the database because: ' . mysql_error());
  mysql_select_db (DB_NAME, $connection);
..
..
..}
  mysql_query ($query, $connection)
	or die(mysql_error()."\n<br />This is the query:\n<br />".$query);
  ..
  ..
  ..
  mail($notification_to, $notification_subject, $notification_body, $notification_headers);
  
  header ("Location: thankyou.php");
  
}
?>

S

siabenie 0 Junior Poster in Training · Answer 10 · 2011-08-02T04:05:27+00:00

Do as many checks as you feel are necessary to prevent absent/inappropriate data from messing up your registration process.
If I recall correctly, a check-box's property exists in $_REQUEST if the box is checked, and not if it's unchecked. Therefore test isset($_REQUEST['terms_agree']) .
Airshow

Ok - so you saying it should be done like this, am I correct?

..

$terms_OK = isset($_REQUEST['terms_agree']);
..

One question about the JS: If I was thinking to add an extra email address for different form NOT on this but for other purposed where people always have two emails to confirm e.g: where if both fields are empty then show error message - and if both of the email is not match show error message.

Here is snippets for the form:

..
..
<tr>        
  <td>E-mail</td>        
  <td ><input name="email" type="text" size="40" value="<?php echo $_SESSION["email"];?>" />     
  <td>      
</tr>      

<tr>
  <td>E-mail Confirmation</td>
  <td><input name="email_1" type="text" size="40" value="<?php echo $_SESSION["email_1"];?>" />     
  <td>      
</tr>
..

And here for the JS version for if the fields are empty which works fine:

..
$('[name=email]').parent().removeClass('error');       if($('[name=email]').val()==""){         
error_num++;         
error_mesg += "E-mail。\n";         
$('[name=email]').parent().addClass('error');       }

$('[name=email_1]').parent().removeClass('error');       if($('[name=email_1]').val()==""){         
error_num++;         
error_mesg += "Please confirm your email\n";         $('[name=email_1]').parent().addClass('error');       }

And here for the error message if both emails are not match - but it did not work.

..
$('[name=email]').parent().removeClass('error') && $('[name=email_1]').parent().removeClass('error');    
if($('[name=email != name=email_1]').val()){         
error_num++;         
error_mesg += "E-mail not match\n";         $('[name=email]').parent().addClass('error') && $('[name=email_1]').parent().addClass('error');       } 
..
..

Can you please assist me what is the correct way of doing this as I am using jQuery.

siabenie 0 Junior Poster in Training · Answer 11 · 2011-08-02T05:40:32+00:00

Airshow, I think I have sorted the jQuery bit thanks a lot for all your help! I just need to play with the code and test them.

Really appreicated your kind help! Nice people! Credit to you!
Cheers matey!

siabenie 0 Junior Poster in Training · Answer 12 · 2011-08-02T12:41:07+00:00

The right hand part of each expression should be a test that returns true or false, in the same way as the line $captcha_code = ....; .
These tests will be php versions of the validations performed client-side by javascript.
Airshow

Hi Airshow,

I like to ask you about the processForm.php - How can we check that the validations on the processForm is okay? Just out of interest..

Thanks

siabenie 0 Junior Poster in Training · Answer 13 · 2011-08-02T15:19:31+00:00

We moved away from error_mesg being a string, remember?
These checks need to be constructed to the same pattern as the others. And it will be less confusing name the fields 'email_1' and 'email_2'.
Airshow

Yes I do remember we swap to different way of dealing it - Airshow, question; when I entered a wrong secure image: I got an error message which is correct, but there is a little checkbox there saying "[]Prevent this page from creating additional dialogues"

What is that suppose to mean?

Thanks

EDIT: When I clicked the checked box all the pop up error messages not showing but still giving me highlighted error. Where is that line on our JS code?

siabenie 0 Junior Poster in Training · Answer 14 · 2011-08-02T16:29:05+00:00

Sounds like some half-baked nanny-browser thing.
It's not directly caused by anything in the javascript.
There may be a workaround but you would need to research it.
Airshow

LOL - Ok well it's not a big issue I am just curious - By the way, I wonder How can we do a function for email so that a valid format (yourmeail@here.com) of email been entered if not valid then an error message pop up?

Do I have to create a different page for that or? Any idea?

siabenie 0 Junior Poster in Training · Answer 15 · 2011-08-02T19:02:00+00:00

No, you just something better that checking for empty string.
You need to do some research. There are loads good discussions etc about email validation on the web. I would not try to write it myself because other people have done a better job than I could ever hope for. Besides I'm lazy.
Google eg. "javascript email validation"
You will be introduced to the wonderful world of "regular expressions".
Airshow

Hmm "regular expressions"? Ok will look into it.!

Thanks Airshow.