I'm working on a coming soon page. On the page I ask users to signup using their email through a form which then emails their emails to me. I'm not sure how to make sure that the data they are putting in the form are emails (to prevent spam). Any help?
Thanks.
Use jquery validate really easy to use http://docs.jquery.com/Plugins/Validation
Client side js is not enough, you should also validate with PHP's filter_var:
<?php
if(filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)){
$from=$_POST['email'];
}else{
$error['email_to']='Email Invalid!';
}
?>
You shouldn't rely on client-side verification to keep spam and other unwanted registrations out. Although you could use jQuery validate to make the site more UI-friendly for the visitors, providing them with a neat message that the email address entered is not valid, and that they should review that field.
But a spam-bot will not care about that validation from jQuery, it will only post the fields given. That's why you need to validate the data on server-side.
There are several ways to validate email addresses with regex, but not all of them is reliable. Check out http://www.linuxjournal.com/article/9585 This article explains alot of this.
user following code as primary step to validate the email input
if(document.getElementById('Email').value=="")
{
document.getElementById('Email_Msg').innerHTML="Please Enter EmailId";
document.getElementById('Email').focus()
return false;
}
else
{
if(document.getElementById('Email').value.match(/^[\w\-\.\+]+\#[a-zA-Z0-9\.\-]+\.[a-zA-Z0-9]{2,4}$/))
{
document.getElementById('Email_Msg').innerHTML="";
}
else
{
document.getElementById('Email_Msg').innerHTML="Enter Valid Email-Id";
return false;
document.getElementById('Email').value="";
}
}
If you want to prevent spam, making sure the email field is filled in with an email field is not enough alone. Consider using a captcha like ReCaptcha
just have a single line validation for your email.
the code may be written like below.
<?php
if(empty($_POST['email']))
{
$error[]="Enter Email ID";
}
else
{
if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
{
$error[]= "Not A Valid Email ID.";
}
}
//pass these errors to display ana error message to user.
foreach($error as $i)
{
$message = $i."<br />";
}
?>
use this code some where in your web page.
<?php
echo $message;
?>
Additionaly Use mail function and mysql database (or other if you are using) to send a mail to verify their email id. you can prevent unwanted users from registering. and also use captcha to prevent flooding to your database.
I think this helps. if any doubts reply here.
Create your own captcha using php gd2 library. It's easy and efficient.
Related
I would like to make a user registration form which only accepts email addresses from my university.
e.g
me#gmail.com, me#yahoo.com, me#live.com = INVALID
me#university.ac.uk = VALID
what types of terms and queries should I start researching to achieve this? I am new to PHP, but from the homework, I've done so far can only find tutorials on how to validate emails based on rejecting invalid inputs, rather than only accepting valid domain extensions such as #university.ac.uk
Hope this makes sense, not trying to get code written for me (although visual explanations are helpful), just asking for a few pointers to help get in the right direction.
i will suggest you regex for email that your requirements.
/^(([^<>()[\]\\.,;:\s#\"]+(\.[^<>()[\]\\.,;:\s#\"]+)*)|(\".+\"))#\buniversity.ac.uk/
Please visits here https://regex101.com/r/KkJeho/9
If you first make sure the address is an email, and then explode() the email, you can check if the server matches:
<?php
$email = "foo#university.ac.uk";
$allowed_servers = array("university.ac.uk", "other_server.maybe");
if (filter_var($email, "FILTER_VALIDATE_EMAIL")) {
$check = explode("#", $email);
if (in_array($check[1], $allowed_servers)) {
// server checks out
} else {
// server doesn't check out
}
} else {
// invalid email address
}
To begin with, requiring domain specific email addresses in a form means you need to utilize it at least server side (the mail addresses submitted needs to be checked againist non conforming user input). In simple words, if someone wants to "play" with your site he could send "bad" requests so that you store the wrong information in your database.
Moreover it's not compulsory but if you want to aid the user you can add client side verification.
As far as server side code is concerned you can use regular expressions to validate input. See here and here
Additionally, client side code can be used to assist the user in order to submit the form properly. You have more choices for this:
HTML5 regex
Javascript regex
I am trying to check email which is actually existed or not via php script and I found a solution that can really solve it.
I came across from this article https://gist.github.com/sureshdsk/9c599d757e90b0215e55 .
Please check complete code there, and let me show only my problem pane.
//(Lower-most lines of the project)
$email="asadbksdhskhdksjfhk#gmail.com"; //email to test
$check =verifyEmail($email, 'youremail#gmail.com'); //your email is just used for smtp requests
if($check=="valid"){
echo "success";
}else{
echo "fail";
}
Everything is OK by changing target email and host email, it shows "success".
But I want this php script to be processed by sending data and don't want it to be static.
So I changed ..
$email="asadbksdhskhdksjfhk#gmail.com"; //email to test
to
$email=$_REQUEST['email'];
and try sending email as data like this .
http://www.samplesample.com/check_email_exists.php?email="test#gmail.com"
But not working as the other scripts in my hosting do. By echoing email, it shows blank(null).
Please kindly suggest for my problem. Thank you for reading and thinking about it.I am new to web programming,php .
Use FILTER_VALIDATE_EMAIL to validate email in php.
Try this code,
//http://www.samplesample.com/check_email_exists.php?email=test#gmail.com
$email=$_REQUEST['email'];
if (!filter_var($email, FILTER_VALIDATE_EMAIL) === false) {
echo("$email is a valid email address");
} else {
echo("$email is not a valid email address");
}
There's a plug-in class recommended via another answer which checks if the Email Address is valid using SMTP, that should free up all the complicated parts of developing the logic to test it.
I added validation on email input, but it is not working, why?
the error is that when I give input as example#yah.oo.com; not showing any error messages, why?
my code is
else if(!filter_var($email,FILTER_VALIDATE_EMAIL))
{
echo "email is not valid";
return false;
}
I also used preg_match function but the same problem occurs,
can any one tell me why it is not showing any validation message.
As of my knowledge, that an email address only contains one dot(.) is it
The validation is correct - your understanding is wrong. An email address of joe.soap#example.co.uk (two dots) is valid, as is joe.soap#email.example.co.uk (three dots), etc.
The only reliable way to validate an email address is to send a message to it.
You can make one yourself like the one below;
function checkEmail($email){
return eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*#[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email);
}
I have a PHP contact form that sends the form data to me only when the user supplies a valid return email address (the email is formatted correctly, it just isn't a valid working email.) I'm not able to see any of the other data they provided, i.e., name, phone number, or comment. It just never gets to me. Is this how things normally work? Does the email system actually check a validly formatted email address can actually send/receive email?
Well, you could verify it's a proper email like this:
$result = filter_var($email, FILTER_VALIDATE_EMAIL);
if ($result == TRUE) {
//is an email
} else {
//not an email
}
filter_var()
validation filters
I currently have a registration script on my website that requires the email to be from a specific domain.
So for this example, we will say that the user needs to signup using a #gmail.com email.
$gmail = 'gmail.com';
$emailCheck = strpos($_POST['email'],$gmail);
I then check to make sure the users form submitted email contains gmail.com before proceeding.
if($emailCheck === false) {
$err[]='Only #gmail.com email addresses are currently accepted.';
}
I only then proceed to continue with the registeration using a check to see if any $err[] have occured.
if(!count($err)) {
// INSERT IN DB, ETC. //
}
The issue I'm having is that if a user fills out user#yahoo.com the script provides and error. If the user provides user#gmail.com it works as it should. But if the user just inputs the first part of the email leaving out #gmail.com it also works, running the SQL query and inputing the values into the DB.
Any help would be greatly appreciated!
$input=trim($_POST['email']);
if (preg_match("/^\S+#gmail\.com$/i", $input) {
// INSERT IN DB, ETC. //
}
else {
$err[]='Only valid <your_login>#gmail.com email addresses are currently accepted.';
}