I try to make a litte php script that will automaticcaly correct a typo when inserting an e-mail address in a form.
if (strpos($_POST["email"], "#hotmail.comm") !== false) {
$_POST["email"] = str_replace('#hotmail.comm', '#hotmail.com', $_POST["email"]);
goto end;
}
if (strpos($_POST["email"], "#homail.com") !== false) {
$_POST["email"] = str_replace('#homail.com', '#hotmail.com', $_POST["email"]);
goto end;
}
end:
When I test this, everything works OK for #homail.com but when I test with #hotmail.comm, the e-mail address has change to #hotmail.commm
Any idea whis this goes wrong with #hotmail.comm ?
Kind regards,
Arie
It looks fine to me, but goto, really? Assign to $_POST? No!
You can write this shorter and better:
$improvements = array('#hotmail.comm' => '#hotmail.com',
'#homail.com' => '#hotmail.com');
$emailAddress = str_replace(array_keys($improvements),
array_values($improvements),
$_POST["email"]);
Obviously the list can be expanded without adding much code. Always try to write easy to maintain code.
#Arie, Please check below code for your solution.
$email = $_POST["email"];
if (strpos($email, "#hotmail.comm") !== false) {
$_POST["email"] = str_replace('#hotmail.comm', '#hotmail.com', $email);
}
if (strpos($email, "#homail.com") !== false) {
$_POST["email"] = str_replace('#homail.com', '#hotmail.com', $email);
}
echo $_POST["email"];die;
Related
I am trying to have users sign up with a desired email. But I dont want them to have to input the '#domain.com', I just want them to input the username, (everything to the left of '#' ). Also, how would I go about making sure that the only characters to the left are lowercase letters, numbers and an underscore? Basically if they enter a capital letter, it should lower it. I do know about strtolower, but just don't quite know how to implement it in my script. I only want my script to be able to validate one domain, in this example 'domain.com'
My script needs these fields populated
$email = ($_POST['email']);
and this checks if it is valid
if(!filter_var($email, FILTER_VALIDATE_EMAIL)){
echo "You have entered an invalid email. Press back and try again.";
$db = null;
exit();
}
So I know I need to do something with the $email variable. Sorry am a bit new to php
You're doing it wrong, as there is a range of characters to the left of the '#' which are valid in email addresses, but this is what you want:
$stub = strtolower($_POST['email']);
$email = $stub . "#domain.com";
if ((preg_match("/[^a-z0-9_]/", $stub)) ||
(filter_var($email, FILTER_VALIDATE_EMAIL) === false) ) {
echo "Invalid email....";
die;
}
See the following:
strtolower: http://php.net/manual/en/function.strtolower.php
strpos: http://php.net/manual/en/function.strpos.php
$email=strtolower($email);
if(strpos($email,'#')){
//Fail
}
Then just validate with filter_var as you have specified.
$email = strtolower('dsfds_09azZdsf');
if (strlen($email) == strlen(preg_replace('#[^a-z_0-9]#i', '', $email)))
{
echo 'valid';
}
else
{
echo 'not valid';
}
I am developing a user registration form and want to validate a user's email address.
However,all the php docs I have read suggest the use of filter_var.
My script validates a valid email as invalid.
Please post a working script or perhaps guide me through my script.
Hers is my script :
<?php
if(isset($_POST['email'])== true && empty($_POST['email'])false)
{
$email = $_POST['email'];
}
if(filter_var($email,FILTER_VALIDATE_EMAIL))
{
echo"valid email";
}
else
{
echo"invalid email";
}
?>
if(isset($_POST['email'])== true && empty($_POST['email'])false)
this should be
if(isset($_POST['email']) && !empty($_POST['email']) )
or as #jack you can use just
if (!empty($_POST['email']))
the empty() does implicit isset()
$email = isset($_POST['email']) ? $_POST['email'] : "";
echo(filter_var($email,FILTER_VALIDATE_EMAIL) ? "valid email" : "invalid email");
if(isset($_POST['email'])== true && empty($_POST['email'])false)
^^^^^^^--redundant ^^^^^---typo?
In your case you shouldn't use filter_var, but filter_input. This is all the code you would need:
if ($email = filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL)) {
// email was submitted and is a valid email
}
This bug might be related to your problem though.
I have a coming soon form at a website where user fills out an email form and it will be emailed to me. However, a spammer has hit the site and is spamming the form with goatse and so on. IP ban isn't helping so I need to stop the form sending it if it contains goatse or something. Here's the mailer.
<?php
$SPOSTI =$_POST[sposti];
if ($SPOSTI=="")
{
return false;
}
if ($SPOSTI=="goatse.fr")
{
return false;
}
if ($SPOSTI=="http://www.goatse.info/hello.jpg")
{
return false;
}
else
{
$to = "xxx#gmail.com";
$subject = "xxx";
$message = "$_POST[sposti] haluaa tiedon kun kotisivut.name avautuu.
$_POST[ip]";
$from = "$_POST[sposti]";
$headers = "From:" . $from;
mail($to,$subject,$message,$headers);
}
?>
Is there someway to block it from executing the code if the email contains a certain word (goatse in this case)
You need to use exit or die instead of return false which works inside functions/methods:
if ( $SPOSTI =="" || strpos('goatse', $SPOSTI) !== FALSE)
{
exit();
}
strpos() will let you find a substring, but I really recommend a captcha security system as the attacker could simply switch to another annoying word.
Goatse's arn't your problem here, it's the security.
You can use stristr http://php.net/manual/de/function.stristr.php to achive this. I would recommend to using a captcha, since it is more efficient. A popular solution is reCaptcha: https://developers.google.com/recaptcha/docs/php Another, weaker possibility is to add a security question to your form, for instance "What is five plus five in numbers?".
Try the following:
function is_spam($array, $block_pattern){
$block = false;
foreach($array as $k => $v){
if(preg_match('/.*' . $block_pattern . '.*/', $k) ||
preg_match('/.*' . $block_pattern . '.*/', $v)){
$block = true;
break;
}
}
return $block;
}
Usage: is_spam($_POST, 'goatse');
Returns: true if 'goatse' is found in $_POST
The function will search all keys and values of $array for the $block_pattern string and will return true if the pattern is found.
I have a rough php script that sees if a user has filled in the html form input after they have clicked submit. I am having a problem with getting isset() and is_string() to work. If I use isset() the form is emailed even if the form inputs are left blank, is_string() throws an error messages even if the form input are filled in. I have tried !isset() and that still sends blank input. The only thing working is if I use == NULL. At this moment in time I am not going to validate the input as I am trying to understand why this isn't working as I am pretty new to PHP.
$subject = "Feedback from Your Website.";
$email = ($_POST['email']);
$name = ($_POST['name']);
$message = ($_POST['feedback']);
if (isset($_POST["name"]))
{
//send message
mail($subject, $name, $email, $message);
}
else
{
//error message
echo "Please do not miss out any fields";
}
I also tried:
if (isset($_POST["name"], $_POST['email']))
{ }
if (isset($name, $email))
{ }
if (is_string($name || $email))
{ }
But all failed, so far all that's working is:
if ($name == NULL || $email == NULL || $message == NULL)
{ }
Thank you in advance.
Try to use empty(). This function return TRUE if a variabile is empty or non set, FALSE otherwise.
if (empty($_POST["name"]) || empty($_POST["email"]) || empty($_POST["feedback"]))
{
//error message
echo "Please do not miss out any fields";
}
else
{
//send message
mail($subject, $name, $email, $message);
}
is_string($name || $email) is not working because $name || $email is cast to a boolean and a boolean is not a string.
isset() function will return a True value after your form submitting. Actually, your field has been sent to your target file. So your code will send emmial. For what you need, you must use the code below:
if (isset($_POST["name"]) && $_POST["name"] != '') {
// do something
}
isset checks if value is created in the array. It IS going to be there always as the form always have the same fields, empty or not. You need to check their content
isset() returns true because $_POST['email'] has been set. It simply is empty. Since you submit the form all the variables of the form have been set.
You have to write this
if (isset($_POST["email"]) && $_POST["email"] != '')
How about empty( ) you can check the details of the function in te php manual .
This is a two-part question. Help on either (or both) is appreciated!
1) What is the best php method for checking if an email string is a Gmail address
2) How to strip out everything but the username?
Thanks!
list($user, $domain) = explode('#', $email);
if ($domain == 'gmail.com') {
// use gmail
}
echo $user;
// if $email is toto#gmail.com then $user is toto
Dunno about best method, but here is one method for checking a gmail address using stristr.
if (stristr($email, '#gmail.com') !== false) {
echo 'Gmail Address!';
}
As for pulling out the username there are a ton of functions as well, one could be explode:
$username = array_shift(explode('#', $email));
There are many ways to do it, the best depends on your needs.
For Multiple Emails
$expressions =
"/(gmail|googlmail|yahoo|hotmail|aol|msn|live|rediff|outlook|facebook)/";
if (preg_match($expressions, $input_email)) {
throw error
}
if (preg_match("/gmail.com/",$email_address)) {
$email_address = str_replace("#gmail.com","",$email_address);
}