I have a form than when I submit incorrectly no error is displayed
<form action="emailSubs.php" method="post">
<p>Would you like to subscribe to our newsletter ?</p>
<p>Name: <input type="text" name="name"><br /></p>
<p>E-mail: <input type="text" name="Email"><br /></p>
<p><input type="submit" name="submit"><br /></p>
</form>
<?php
function validateEmail($data, $fieldName) {
global $errorCount;
if(empty($data)) {
echo "\"$fieldName\" is a required
field.<br />\n";
++$errorCount;
$retval = "";
} else { // olny clean up the input if it isn't
// empty
$retval = trim($data);
$retval = stripslashes($retval);
$pattern = "/^[\w-]+(\.[\w-]+)*#" .
"[\w-]+(\.[\w-]+)*" .
"(\[[a-z]]{2,})$/i";
if(preg_match($pattern, $retval) ==0) {
echo "\"$fieldName\" is not a valid E-mail
address.<br />\n";
++$errorCount;
}
}
return ($retval);
}
?>
I think it may be the pattern but am not sure what the problem may be
The problem is that you do not have the two things connected properly...
Leave your form in a separate file from emailSubs.php -
While this is not a necessary step, it will hopefully help you understand the way this works (not to mention it is a much neater / organized way to do it)
<form action="emailSubs.php" method="post">
<p>Would you like to subscribe to our newsletter ?</p>
<p>Name: <input type="text" name="name"><br /></p>
<p>E-mail: <input type="text" name="Email"><br /></p>
<p><input type="submit" name="submit"><br /></p>
</form>
Now, in your emailSubs.php file :
<?php
function validateEmail($data, $fieldName) {
global $errorCount;
if(empty($data)) {
echo "\"$fieldName\" is a required
field.<br />\n";
++$errorCount;
$retval = "";
} else { // olny clean up the input if it isn't
// empty
$retval = trim($data);
$retval = stripslashes($retval);
$pattern = "/^[\w-]+(\.[\w-]+)*#" .
"[\w-]+(\.[\w-]+)*" .
"(\[[a-z]]{2,})$/i";
if(preg_match($pattern, $retval) ==0) {
echo "\"$fieldName\" is not a valid E-mail
address.<br />\n";
++$errorCount;
}
}
return ($retval);
}
?>
But, you aren't done, yet -!
You see, you have to connect the two ---
In your form, you specified method="post" - so, we do this:
<?php
$name = $_POST['name'];
$email = $_POST['email'];
?>
Now, there are plenty of good reasons to not use regexp to validate your form.
This is a good read on that topic.
So, what you might do instead, could look like this:
<?php
if(ctype_alnum($_POST['name']) == true){
$name = $_POST['name'];
} else {
exit("Please enter a valid name");
}
if(filter_var($_POST['email'], FILTER_VALIDATE_EMAIL){
$email = $_POST['email'];
} else {
exit("Please enter a valid email address");
}
?>
And you see? That makes for a much cleaner way to handle your validation.
SO, Full circle, your code didn't display an error because there was nothing to display that error.
I noticed that you have a form, and a function but you don't call the function when the form is submitted. Maybe this is something you are doing outside the scope of the code you included, but just in case, I modified it to be a complete interaction between submission/function call and the form itself. Also, why not use filter_var instead of a regular expression?
Code (working on my local server):
<?php
function validateEmail($data, $fieldName)
{
global $errorCount;
$errorCount=0;
if(empty($data))
{
echo "\"$fieldName\" is a required
field.<br />\n";
++$errorCount;
$retval = "";
}
else
{
// olny clean up the input if it isn't
// empty
$retval = trim($data);
$retval = stripslashes($retval);
if(!filter_var($_POST['Email'], FILTER_VALIDATE_EMAIL))
{
echo "\"".$_POST['Email']."\" is not a valid E-mail
address.<br />\n";
++$errorCount;
}
}
return ($retval);
}
if(isset($_POST['submit']))
{
$email=validateEmail($_POST['Email'], "Email");
if(empty($errorCount))
{
//create subscription
echo "Subscribed!";
}
}
?>
<form action="test.php" method="post">
<p>Would you like to subscribe to our newsletter ?</p>
<p>Name: <input type="text" name="name" value="<?php echo $_POST['name'];?>"><br /></p>
<p>E-mail: <input type="text" name="Email" value="<?php echo $_POST['Email'];?>"><br /></p>
<p><input type="submit" name="submit"><br /></p>
</form>
Related
In this program when i am clicking submit button the page directly goes on other page 2222.php. The error message not pop up.. I just want hit error message when clicking on submit button...
php_validation.php
<?php
// Initialize variables to null.
$nameError ="";
$emailError ="";
$genderError ="";
$name = $email = $gender ="";
// On submitting form below function will execute.
if(isset($_POST['submit']))
{
if (empty($_POST["name"])) //---------------------------------------------- -------------------------
{
$nameError = "Name is required";
}
else
{
$name = test_input($_POST["name"]);
// check name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$name))
{
$nameError = "Only letters and white space allowed";
}
//-----------------------------------------------------------------------
}
if (empty($_POST["email"])) //---------------------------------------------- -------------------------
{
$emailError = "Email is required";
}
else
{
$email = test_input($_POST["email"]);
// check if e-mail address syntax is valid or not
if (!preg_match("/([\w\-]+\#[\w\-]+\.[\w\-]+)/",$email))
{
$emailError = "Invalid email format";
}
}
//-----------------------------------------------------------------------
if (empty($_POST["gender"]))
{
$genderError = "Gender is required";
}
else
{
$gender = test_input($_POST["gender"]);
}
}
function test_input($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<h2>PHP Form Validation Example</h2>
<p><span class="error">* required field.</span></p>
<form method="post" name="myForm" action="2222.php">
<p>First Name:
<input type="text" name="fname" id="fname" />
<span class="error">* <?php echo $nameError;?></span>
</p>
<br><br>
<p>
Email:
<input type="text" name="email" id="email">
<span class="error">* <?php echo $emailError;?></span>
</p>
<br><br>
<p>
Gender:
<input type="radio" name="gender" value="female">Female
<input type="radio" name="gender" value="male">Male
<span class="error">*<?php echo $genderError;?></span><br><br />
</p>
<input class="submit" type="submit" name="submit" value="Submit" >
</form>
</body>
2222.php
<?php
$name = $_POST['fname'];
$email = $_POST['email'];
$radio = $_POST['gender'];
echo "<h2>Your Input:</h2>";
echo "user name is: ".$name;
echo "<br>";
echo "user email is: ".$email;
echo "<br>";
echo "user is ".$radio;
?>
So I've done a quick code for you :
Here is your "php_validation.php" :
<?php
//Init error var
$nameError = '';
$emailError = '';
$genderError = '';
//Did we have an error ?
if(isset($_GET['error'])){
//Split error return into an array
$errorList = explode('_', $_GET['error']);
//Verify every possible error
if(in_array('name',$errorList)){
$nameError = 'Please enter your name<br>';
}
if(in_array('email',$errorList)){
$emailError = 'Please enter your email<br>';
}
if(in_array('gender',$errorList)){
$genderError = 'Please enter your gender';
}
}
?>
I didnt changed the form
Then this is your "2222.php" :
<?php
$error ='';
function test_input($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
//When we receive data
if(isset($_POST)){
//Verify all possible data and set error
if(!empty($_POST['fname'])){
$name = test_input($_POST['fname']);
}else{
$error .= 'name_';
}
if(!empty($_POST['email'])){
$email = test_input($_POST['email']);
}else{
$error .= 'email_';
}
if(!empty($_POST['gender'])){
$radio = test_input($_POST['gender']);
}else{
$error .= 'gender_';
}
//if we have an error then redirect to form with error
if(!empty($error)){
header("Location:php_validation.php?error=".$error);
}
}
?>
Didnt changed your output on this page either.
So as I said previously when you here is what happend when you click the submit button :
Submit Click
Form sent to 2222.php as $_POST and you're redirected to this page
There is no way that could be working if your form is posting on an other page than the one where the check is made.
Since your form's action is "2222.php", on click the submit button will automatically redirect you to 2222.php before doing anything.
If you want to check what you've received by your form, you can do it in your "2222.php", then redirect it with the error message to php_validation.php
You could do one of the following things:
Do all the checking in Javascript "onClick" function
Do Ajax call "onClick" to a handler page, get the validation message from that page.
Do the validation on "2222.php" page
action back to the same page (since you are doing some validation here) and redirect after validation on "2222.php" page
Now depends only on you which fits your program.
If you want to stay on the same page you could submit the form to an iframe, as the results of the processing script would be displayed in the iframe itself.
Example:
files:
file-with-form.php
form-submit-processing-file.php
Code examples:
file-with-form.php
<!DOCTYPE html>
<html>
<head>
<title>[Your page title]</title>
</head>
<body>
<h2>PHP Form Validation Example</h2>
<p><span class="error">* required field.</span></p>
<!-- Form -->
<form action="[path-to-form-submit-process]" method="[GET|POST]"
target="form-processor">
<div>
<label>First Name:
<input type="text" name="fname" id="fname" />
<span class="error">* <?php echo $nameError ?></span>
</label>
</div>
<div>
<label>Email:
<input type="text" name="email" id="email">
<span class="error">* <?php echo $emailError ?></span>
</label>
</div>
<div>
<label>Gender:
<p><input type="radio" name="gender" value="female"> Female</p>
<p><input type="radio" name="gender" value="male"> Male</p>
<p><span class="error">*<?php echo $genderError ?></span></p>
</label>
<input class="submit" type="submit" name="submit" value="Submit" >
</div>
</form>
<!-- The iframe to submit the form to -->
<iframe name="form-processor" id="form-processor"
src="[path-to-form-submit-process]"></iframe>
<!--
NOTE: The error message spans are left there just because you had them
in your code, those will not work here at this point, actually depending
on your php configuration will most probably throw errors/warnings,
because such variables were not defined at all...
-->
</body>
</html>
As:
[path-to-form-submit-process] - a placeholder to be replaced with the URL to the file/ Controller -> Action that would process the passed form data
[*] - placeholders that should be replaced with the values for your case
form-submit-processing-file.php
<?php
# Processing the form fields and displaying the messages
$post = $_POST;
# Preprocessing the passed data
// Here you would filter out data from the $_POST superglobal variable
# Validating the passed data
// Check if the data entries, e.g.
// Flag for error risen - does not let the process to be completed
$invalidFormData = false;
$messages = [];
function addErrorMessage($message, &$messages, &$errorFlag)
{
$errorFlag = true;
$errorMessageTemplate = '<p class="error-message">{message}</p>';
array_push($messages, str_replace('{message}', $message,
$errorMessageTemplate));
}
// Validating the email
$email = array_key_exists('email', $post)
? $post['email']
: null;
if (filter_var($email, FILTER_VALIDATE_EMAIL) === false) {
// Raising the flag for an error on validation
addErrorMessage("$email is not a valid email address", $messages, $invalidFormData);
}
// ........
// validation of rest of fields
// ........
$internalError = false;
# Some business logic after the validation, recording more messages etc.
try {
// ........
} catch (Exception $e) {
$internalError = true;
}
# Stop execution on internal error
if ($internalError === true)
{
?>
<h2>Sorry, there's an error on our side... we'll do all in our
powers to fix it right away!</h2>
<?php
exit;
}
# Displaying the results
if ($invalidFormData === true) {
// Building errors message
$messagesHeading = '<h2>There were problems submitting your data. :/</h2>';
} else {
$messagesHeading = '<h2>Your data was successfully submitted! Yay!</h2>';
}
// Placing the heading in front of other messages
array_unshift($messages, $messagesHeading);
// Displaying the messages:
echo implode('', $messages);
However I believe this should be done via an AJAX call insted.
Also there are a lot of bad practices in this case, so I would suggest checking out some design patterns and architectures as MVC for instance and consider using a framework like Symfony/Laravel/CodeIgniter... There are a lot of tools that will make your life easier :)
I have been racking my brain to understand why there are slashes ("/") in every one of by textboxes on my page when I run this php script. Everything on the page works fine. I have tried everything but they're just there. Here my whole code below. Thanks for any help!
function validateInput($data, $fieldName){
global $error;
if (empty($data)){
echo "\"$fieldName\" is a required field.<br />\n";
++$error;
$retval = "";
} else if (!preg_match('/[^A-Za-z]/', $data) == 0){
echo "\"$fieldName\" can only contain letters.<br />\n";
++$error;
$retval = "";
} else {
$retval = trim($stripslashes($data));
}
return ($retval);
}
function validateAddress($data, $fieldName){
global $error;
if (empty($data)){
echo "\"$fieldName\" is a required field.<br />\n";
++$error;
$retval = "";
} else if (!preg_match('/[^0-9A-Za-z]/', $data)){
echo "\"$fieldName\" can only contain letters or numbers.<br />\n";
++$error;
$retval = "";
} else {
$retval = trim(stripslashes($data));
}
return ($retval);
}
function validateNumber($data, $fieldName){
global $error;
if (empty($data)){
echo "\"$fieldName\" is a required field.<br />\n";
++$error;
$retval = "";
} else if (!is_numeric($data)){
echo "\"$fieldName\" must contain only numbers.<br />";
++$error;
$retval = "";
} else if (strlen($data) != 10){
echo "\"$fieldName\" must be 10 numbers long.<br />";
++$error;
$retval = "";
} else {
$retval = trim(stripslashes($data));
}
return ($retval);
}
function validateEmail($data, $fieldName){
global $error;
if (empty($data)){
echo "\"$fieldName\" is a required field.<br />\n";
++$error;
$retval = "";
} else {
$retval = trim(stripslashes($input));
$pattern = "/^[\w-]+(\.[\w-]+)*#" .
"[\w-]+(\.[\w-]+)*" .
"(\.[a-z]{2,})$/i";
if (preg_match($pattern, $retval) == 0){
echo "\"$fieldName\" is not a valid email address.<br />\n";
++$error;
}
}
return($retval);
}
function displayForm($name, $email, $address, $phone){
include("header.html");
?>
<div class="center">
<form name="contact_us" action="contact_us.php" method="post">
<p>Your Name: <input type="text" name="name" value=<?php echo $name; ?> /></p>
<p>Your Email: <input type="text" name="email" value=<?php echo $email; ?> /></p>
<p>Your Address: <input type="text" name="address" value=<?php echo $address; ?> /></p>
<p>Your Phone Number: <input type="text" name="phone" value=<?php echo $phone;?> /></p>
<p><input type="submit" name="Submit" value="Send" />
<input type="reset" value="Clear"/>
</form>
</div>
<?php
include("footer.html");
}
$showForm = TRUE;
$error = 0;
$name = "";
$email = "";
$address = "";
$phone = "";
if (isset($_POST['Submit'])){
$name = validateInput($_POST['name'], "Name");
$email = validateEmail($_POST['email'], "Email");
$address = validateAddress($_POST['address'], "Address");
$phone = validateNumber($_POST['phone'], "Phone");
if ($error == 0)
$showForm = FALSE;
else
$showForm = TRUE;
}
if ($showForm == TRUE){
if ($error > 0)
echo "<p>Please re-enter the form information below.<br/>\n";
displayForm($name, $email, $address, $phone);
} else {
echo "Your contact information has been recorded. Thank you!";
}
?>
You have to quote your value attributes in these lines:
<input type="text" name="name" value=<?php echo $name; ?> />
If $name is empty, which is true by default, your code reduces to
<input type="text" name="name" value=/ >
So your input boxes are filled with a / by default. To fix this error (and avoid other possible errors), quote your $name:
<input type="text" name="name" value="<?php echo htmlspecialchars($name); ?>" />
Notice that I also called htmlspecialchars to prevent XSS.
PHP runs addslashes() on all GET, POST, and COOKIE data by default.
I have created a PHP form to take 4 text fields name, email, username and password and have set validation for these. I have my code currently validating correctly and displaying messages if the code validates or not.
However, I would like for it to keep the correctly validated fields filled when submitted and those that failed validation to be empty with an error message detailing why.
So far I have the following code, the main form.php:
<?php
$self = htmlentities($_SERVER['PHP_SELF']);
?>
<form action="<?php echo $self; ?>" method="post">
<fieldset>
<p>You must fill in every field</p>
<legend>Personal details</legend>
<?php
include 'personaldetails.php';
include 'logindetails.php';
?>
<div>
<input type="submit" name="" value="Register" />
</div>
</fieldset>
</form>
<?php
$firstname = validate_fname();
$emailad = validate_email();
$username = validate_username();
$pword = validate_pw();
?>
My functions.php code is as follows:
<?php
function validate_fname() {
if (!empty($_POST['fname'])) {
$form_is_submitted = true;
$trimmed = trim($_POST['fname']);
if (strlen($trimmed)<=150 && preg_match('/\\s/', $trimmed)) {
$fname = htmlentities($_POST['fname']);
echo "<p>You entered full name: $fname</p>";
} else {
echo "<p>Full name must be no more than 150 characters and must contain one space.</p>";
} }
}
function validate_email() {
if (!empty($_POST['email'])) {
$form_is_submitted = true;
$trimmed = trim($_POST['email']);
if (filter_var($trimmed, FILTER_VALIDATE_EMAIL)) {
$clean['email'] = $_POST['email'];
$email = htmlentities($_POST['email']);
echo "<p>You entered email: $email</p>";
} else {
echo "<p>Incorrect email entered!</p>";
} }
}
function validate_username() {
if (!empty($_POST['uname'])) {
$form_is_submitted = true;
$trimmed = trim($_POST['uname']);
if (strlen($trimmed)>=5 && strlen($trimmed) <=10) {
$uname = htmlentities($_POST['uname']);
echo "<p>You entered username: $uname</p>";
} else {
echo "<p>Username must be of length 5-10 characters!</p>";
} }
}
function validate_pw() {
if (!empty($_POST['pw'])) {
$form_is_submitted = true;
$trimmed = trim($_POST['pw']);
if (strlen($trimmed)>=8 && strlen($trimmed) <=10) {
$pword = htmlentities($_POST['pw']);
echo "<p>You entered password: $pword</p>";
} else {
echo "<p>Password must be of length 8-10 characters!</p>";
} }
}
?>
How can I ensure that when submit is pressed that it will retain valid inputs and empty invalid ones returning error messages.
Preferably I would also like there to be an alternate else condition for initial if(!empty). I had this initially but found it would start the form with an error message.
Lastly, how could I record the valid information into an external file to use for checking login details after signing up via this form?
Any help is greatly appreciated.
Try using a separate variable for errors, and not output error messages to the input field.
You could use global variables for this, but I'm not fond of them.
login.php
<?php
$firstname = '';
$password = '';
$username = '';
$emailadd = '';
$response = '';
include_once('loginprocess.php');
include_once('includes/header.php);
//Header stuff
?>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"], ENT_QUOTES, "utf-8");?>" method="post">
<fieldset>
<p>Please enter your username and password</p>
<legend>Login</legend>
<div>
<label for="fullname">Full Name</label>
<input type="text" name="fname" id="fullname" value="<?php echo $firstname ?>" />
</div>
<div>
<label for="emailad">Email address</label>
<input type="text" name="email" id="emailad" value="<?php echo $emailadd; ?>"/>
</div>
<div>
<label for="username">Username (between 5-10 characters)</label>
<input type="text" name="uname" id="username" value='<?php echo $username; ?>' />
</div>
<div>
<label for="password">Password (between 8-10 characters)</label>
<input type="text" name="pw" id="password" value="<?php echo $password; ?>" />
</div>
<div>
<input type="submit" name="" value="Submit" />
</div>
</fieldset>
</form>
<?php
//Output the $reponse variable, if your validation functions run, then it
// will contain a string, if not, then it will be empty.
if($response != ''){
print $response;
}
?>
//Footer stuff
loginprocess.php
//No need for header stuff, because it's loaded with login.php
if($_SERVER['REQUEST_METHOD'] == 'POST'){//Will only run if a post request was made.
//Here we concatenate the return values of your validation functions.
$response .= validate_fname();
$response .= validate_email();
$response .= validate_username();
$response .= validate_pw();
}
//...or footer stuff.
functions.php
function validate_fname() {
//Note the use of global...
global $firstname;
if (!empty($_POST['fname'])) {
$form_is_submitted = true;
$trimmed = trim($_POST['fname']);
if(strlen($trimmed)<=150 && preg_match('/\\s/', $trimmed)){
$fname = htmlentities($_POST['fname']);
//..and the setting of the global.
$firstname = $fname;
//Change all your 'echo' to 'return' in other functions.
return"<p>You entered full name: $fname</p>";
} else {
return "<p>Full name must be no more than 150 characters and must contain one space.</p>";
}
}
}
I wouldn't suggest using includes for small things like forms, I find it tends to make a mess of things quite quickly. Keep all your 'display' code in one file, and use includes for functions (like you have) and split files only when the scope has changed. i.e your functions.php file deals with validation at the moment, but you might want to make a new include later that deals with the actual login or registration process.
Look at http://www.php.net/manual/en/language.operators.string.php to find out about concatenating.
here is my code. I am not sure why after i input the first and last name the second page does not show the proper text.. The form is suppose to take in first name and last name into a text box.. Then on the next page when person submits it should validate that the proper type of data was input, and then print out text if it was not, or print out text if it was successful.
<body>
<h2 style="text-align:center">Scholarship Form</h2>
<form name="scholarship" action="process_Scholarship.php" method="post">
<p>First Name:
<input type="text" name="fName" />
</p>
<p>Last Name:
<input type="text" name="lName" />
</p>
<p>
<input type="reset" value="Clear Form" />
<input type="submit" name="Submit" value="Send Form" />
</form>
my second form
<body>
<?php
$firstName = validateInput($_POST['fName'],"First name");
$lastName = validateInput($_POST['lName'],"Last name");
if ($errorCount>0)
echo <br>"Please use the \"Back\" button to re-enter the data.<br />\n";
else
echo "Thank you for fi lling out the scholarship form, " . $firstName . " " . $lastName . ".";
function displayRequired($fieldName)
{
echo "The field \"$fieldName\" is required.<br />n";
}
function validateInput($data, $fieldName)
{
global $errorCount;
if (empty($data))
{
displayRequired($fieldName);
++$errorCount;
$retval = "";
}
else
{
$retval = trim($data);
$retval = stripslashes($retval);
}
return($retval);
}
$errorCount = 0;
?>
</body>
I want to preface this question with the fact that I am a student and this is my first PHP class. So, the following question might be a bit novice...
Okay so the point of this program was for me to filter results from a form through regular expressions along with clean up the text area content...
Well as of right now, all works fine except for the strip_tags bit. I have it set to allow the tags <b> and <p>, and when I enter regular text into the text area, it returns perfectly. If I enter something such as <b>lucky</b> you, all that is returned is 'b'.
I'll post my code. If anyone can give me a hand, I'd love it. At this point I'm overly frustrated. I've studied the examples my instructor supplied (mine is almost identical) and I've looked throught the PHP.net manual and from what I read it should work...
The working code is at http://www.lampbusters.com/~beckalyce/prog3b.php
<?php
if ( $_SERVER['REQUEST_METHOD'] == 'GET' )
{
echo <<<STARTHTML
<div class="content"><h1>Site Sign Up</h1>
<h3>Enter Information</h3>
<hr />
<form method="post" action="$_SERVER[PHP_SELF]">
<p>Full Name: <input type="text" name="fullName" size="30" /></p>
<p>Password: <input type="password" name="password" size="30" maxlength="12" /></p>
<p>Email: <input type="text" name="email" size="30"/></p>
<p>Tell us about yourself:<br />
<textarea name="aboutYou" rows="5" cols="40"></textarea><br />
<input type="submit" name="submitted" value="submit" /> <input type="reset" /></p>
</form></div>
STARTHTML;
}
elseif ( $_SERVER['REQUEST_METHOD'] == 'POST')
{
$errors = array();
$dirtyName = $_POST['fullName'];
$filterName = '/(\w+ ?){1,4}/';
if (preg_match($filterName, $dirtyName, $matchName))
{
$cleanedName = ucwords(strtolower(trim(strip_tags(stripslashes($matchName[0])))));
}
else
{
$errors[] = "Enter a valid name. <br />";
}
$dirtyPass = $_POST['password'];
$filterPass = '/[a-zA-Z0-91##$%^&*]{8,12}/';
if (preg_match($filterPass, $dirtyPass, $matchPass))
{
$cleanedPass = $matchPass[0];
}
else
{
$errors[] = "Enter a valid password. <br />";
}
$dirtyEmail = $_POST['email'];
$filterEmail = '/^(?:\w+[.+-_]?){1,4}(?:\w+)#(?:\w+\.){1,3}\w{2,4}/';
if (preg_match($filterEmail, $dirtyEmail, $matchEmail))
{
$cleanedEmail = $matchEmail[0];
}
else
{
$errors[] = "Enter a valid email address. <br />";
}
$dirtyText = $_POST['aboutYou'];
$filterText = '/((\w+)[ ."\'?!,-]{0,3})+/';
if (preg_match($filterText, $dirtyText, $matchText))
{
$validText = $matchText[0];
$ignore = '<b><p>';
$notags = strip_tags($validText,$ignore);
$cleanedText = preg_replace('/fuck|shit|ass|bitch|android/i',"*****",$notags);
}
else
{
$errors[] = "Enter information about yourself. <br />";
}
if (count($errors) == 0)
{
echo <<<STARTHTML2
<div class="content"><h1>Site Sign Up</h1>
<h3>Verify your information</h3>
<hr />
Name: <span class="choices"> $cleanedName <br /></span>
Password: <span class="choices">$cleanedPass <br /></span>
Email: <span class="choices">$cleanedEmail <br /></span>
About you: <span class="choices">$cleanedText <br /></span>
STARTHTML2;
}
else
{
echo "<div class=\"content\">Please correct the following errors:<br />\n";
$errnum = 1;
foreach ($errors as $inderr)
{
echo "$errnum. $inderr";
$errnum++;
}
}
echo '<br />Back to Form';
echo '</div>';
echo '<p style="text-align: center">' . date('l, F d, Y') . '</p>';
}
?>
It doesn't look like your regular expression allows for the < and > characters, also, if it was meant to match the entire text, it should start with ^ and end with $, otherwise it will just match on a small section of the input as best it can according to the pattern which is likely what happened to simply return 'b' in $match[0] when supplying <b>TextHere