below is a snippet of code that I started with... then I made some changes based on the commented suggestion from stackoverflow user. (Please see below for my progress so far)
ORIGINAL
$valid = true;
// basic validation
$phoneNumber = str_replace( ' ', '', $phoneNumber );
if ( strlen( $phoneNumber ) < 10 || !is_numeric( $phoneNumber ) ) {
$valid = false;
}
$areaCode = substr($phoneNumber, 0, 3);
$prefix = substr($phoneNumber, 3, 3);
$mainPhone = substr($phoneNumber, 3, 7);
// perform the same regex matching:
if ($valid) {
$regex = '/^(?:\([2-9]\d{2}\)\ ?|[2-9]\d{2}(?:\-?|\ ?))/';
$valid = preg_match($regex, $areaCode);
}
if ($valid) {
$regex = '/^(?!\d[1]{2}|[5]{3})([2-9]\d{2})([. -]*)\d{4}$/';
$valid = preg_match($regex, $mainPhone);
}
// perform the original web validation:
if ( $valid ) {
// validate area code
if (
$areaCode == '000' ||
$areaCode == '111' ||
$areaCode == '222' ||
$areaCode == '333' ||
$areaCode == '444' ||
$areaCode == '555' ||
$areaCode == '666' ||
$areaCode == '777' ||
$areaCode == '999' ||
$areaCode == '123' || (is_string($areaCode) && !is_numeric($areaCode))) {
$valid = false;
}
}
if ( $valid ) {
// validate prefix
if ( $prefix == '123' ||
$prefix == '000' ||
$prefix == '111' ||
$prefix == '555' || (is_string($prefix) && !is_numeric($prefix))) {
$valid = false;
}
}
if ( $valid ) {
// validate main phone number
if ( $mainPhone == '2222222' ||
$mainPhone == '3333333' ||
$mainPhone == '4444444' ||
$mainPhone == '6666666' ||
$mainPhone == '7777777' ||
$mainPhone == '8888888' ||
$mainPhone == '9999999' || (is_string($phoneNumber) && !is_numeric($phoneNumber))) {
$valid = false;
}
}
return $valid;
NEW JAVASCRIPT VERSION (SO FAR)
below is a snippet of code that I am converting so far... I still have some PHP stuff in there can you guys help me out to remove/replace what this snippet needs to say to make it work?
function is_numeric(n) {
return !isNaN(parseFloat(n)) && isFinite(n);
}
function phonenumberIsValid(phonenumber)
{
var valid = true;
// basic validation
var phonetest = phonenumber.replace(' ','');
if ( strlen( phonetest ) < 10 || !is_numeric( phonetest ) ) {
valid = false;
}
var areaCode = phonetest.substr(0,3);
var prefix = phonetest.substr(3,3);
var mainPhone = phonetest.substr(3,7);
// perform the same regex matching that LeadMaster does:
if(valid){
valid = areaCode.match('/^(?:\([2-9]\d{2}\)\ ?|[2-9]\d{2}(?:\-?|\ ?))/');
}
if(valid){
valid = mainPhone.match('/^(?!\d[1]{2}|[5]{3})([2-9]\d{2})([. -]*)\d{4}$/');
}
// perform the original web validation:
if(valid){
// validate area code
if (
areaCode == '000' ||
areaCode == '111' ||
areaCode == '222' ||
areaCode == '333' ||
areaCode == '444' ||
areaCode == '555' ||
areaCode == '666' ||
areaCode == '777' ||
areaCode == '999' ||
areaCode == '123' || (!is_numeric(areaCode)) {
valid = false;
}
}
if(valid) {
// validate prefix
if ( prefix == '123' ||
prefix == '000' ||
prefix == '111' ||
prefix == '555' || (!is_numeric(prefix)) {
valid = false;
}
}
if(valid) {
// validate main phone number
if ( mainPhone == '2222222' ||
mainPhone == '3333333' ||
mainPhone == '4444444' ||
mainPhone == '6666666' ||
mainPhone == '7777777' ||
mainPhone == '8888888' ||
mainPhone == '9999999' || (!is_numeric(phoneNumber)) {
valid = false;
}
}
return valid;
}
PregMatch can be replaced with "myString".match so for instance.
if ($valid) {
$regex = '/^(?:\([2-9]\d{2}\)\ ?|[2-9]\d{2}(?:\-?|\ ?))/';
$valid = preg_match($regex, $areaCode);
}
would become
if(valid){
valid = areaCode.match('/^(?:\([2-9]\d{2}\)\ ?|[2-9]\d{2}(?:\-?|\ ?))/');
}
and
str_replace("search","replace",$myString)
becomes
myString.replace("search","replace")
In fact most of this can be worked out yourself by typing things like "str_replace javascript" into google and looking for the previous stack overflow answer :)
Related
When doing php validation should I First do the filter sanitizing/validating or is it okay to do it as part of an if statement see the examples below
First Example
$vvalidation = 0;
if (isset($_POST['db9_name']) && $_POST['db9_name'] != ''){
$name = $_POST['db9_name'];
if (filter_var($name, FILTER_SANITIZE_STRING === null)){
$vvalidation++;
}
} else{
$vvalidation++;
}
Second Example
$vvalidation = 0;
if (isset($_POST['db9_name']) && $_POST['db9_name'] != ''){
$name = $_POST['db9_name'];
$vname = filter_var($name, FILTER_SANITIZE_STRING);
if ($vname === null)){
$vvalidation++;
}
} else{
$vvalidation++;
}
and for email ?
example 1
if (isset($_POST['txtemail']) && $_POST['txtemail'] !== '') {
$vEmail = strtolower(strip_tags(trim($_POST['txtemail'])));
$vEmail = str_replace(' ', '', $vEmail);
if (filter_var($vEmail, FILTER_SANITIZE_EMAIL) === null) {
$vValidation++;
} elseif (filter_var($vEmail, FILTER_VALIDATE_EMAIL) === null) {
$vValidation++;
}
} else {
$vValidation++;
}
example 2
if (isset($_POST['txtemail']) && $_POST['txtemail'] !== '') {
$vEmail = strtolower(strip_tags(trim($_POST['txtemail'])));
$vEmail = str_replace(' ', '', $vEmail);
$email = (filter_var($vEmail, FILTER_SANITIZE_EMAIL);
$email .= (filter_var($vEmail, FILTER_VALIDATE_EMAIL);
if (email === null){
$vValidation++;
} else {
$vValidation++;
}
or does it not really matter?
I am doing custom search for table. I have three search parameters: from, to and status. I have used eval() to filter result according to received parameter. Below is my code:
$search = ($from != "" || $to != "" || $status != "" );
if ($search) {
if ($from != '') {
$condition[] = '$from == $res["from_number"]';
}
if ($to != '') {
$condition[] = '$to == $res["to_number"]';
}
if ($status != '') {
$condition[] = '$status == $log["status"]';
}
$search = "if(" . implode(' && ', $condition) . '){ return false; } else { return true; }';
}
After getting the conditions I am using eval
if (eval($search)) {
}
My problem is I don't want to use eval(). It may cause security issues. Ladder if else is not possible, it would be very lengthy. Any other solution?
e.g. If i have passed value for status then i want check like
if($status == $log["status"]) {
}
if i have passed to & from number then it should be like:
if($from == $res["from_number"] && $to == $res["to_number"]) {
}
Don't use eval - it is potentially dangerous and not recommended to use.
Your code can be like this:
$result = false;
if ($from != "" || $to != "" || $status != "") {
if ($from != '' && $from != $res["from_number"]) $result = true;
if ($to != '' && $to != $res["to_number"]) $result = true;
if ($status != '' && $status != $log["status"]) $result = true;
}
if ($result) {
// ........
}
I trying to create a function that matches the first number in a string to a state. For example if the user inputs a number that starts with 3, and the state 'vic', then the form should not present any errors. However no matter what is entered the function always returns true. Any help would be appreciated.
$state = array('Please Select', 'VIC', 'NSW', 'QLD', 'NT', 'WA', 'SA', 'TAS', 'ACT'); //In the form this is a drop down menu
$selected_key = $_POST['state'];
$postcode = $_POST["postcode"]; //The full number entered by the user
$errMsg .= validatePS($postcode, $selected_key);
function validatePS($ps, $state) {
$errMsg ="";
$digit = $ps[0]; //Takes the first number from full postcode
$valid = false;
if (($digit == 3) or ($digit == 8) && ($state == 'vic'))
{
$post = true;
}
if (($digit == 1) or ($digit == 2) && ($state == 'nsw'))
{
$post = true;
}
if (($digit == 4) or ($digit == 9) && ($state == 'qld'))
{
$post = true;
}
if ($valid == false) {
$errMsg .= "<p>Match the correct postcode to state</p>";
}
return $errMsg;
}
if ($errMsg !=""){
echo "<p>Please correct the following errors...</p>"; //Prints out errors
echo "<p>$errMsg</p>";
}
You have two "flag" variables - $post which you are updating and $valid which you rely on. If you reduce them to one variable, you should get the behavior you want:
function validatePS($ps, $state) {
$errMsg ="";
$digit = $ps[0]; //Takes the first number from full postcode
$valid = false;
if (($digit == 3) or ($digit == 8) && ($state == 'vic'))
{
$valid = true;
}
if (($digit == 1) or ($digit == 2) && ($state == 'nsw'))
{
$valid = true;
}
if (($digit == 4) or ($digit == 9) && ($state == 'qld'))
{
$valid = true;
}
if ($valid == false) {
$errMsg .= "<p>Match the correct postcode to state</p>";
}
return $errMsg;
}
Note that you could clean up this code considerably by using logical operators instead of multiple if statements:
function validatePS($ps, $state) {
$errMsg ="";
$digit = $ps[0]; //Takes the first number from full postcode
$valid = false;
if ((($digit == 3) or ($digit == 8) && ($state == 'vic')) ||
(($digit == 1) or ($digit == 2) && ($state == 'nsw')) ||
(($digit == 4) or ($digit == 9) && ($state == 'qld'))) {
$errMsg .= "<p>Match the correct postcode to state</p>";
}
return $errMsg;
}
I have this if statment here and its not working
if(
($division->id == 1 || $division->id == 2) &&
in_array('member1', $memberships) ||
in_array('member2', $memberships) ||
in_array('member3', $memberships) ||
in_array('member4', $memberships) ||
($division->id != 1 || $division->id != 2)
&& in_array('member5', $memberships))
{
return FALSE;
} else {
return TRUE;
}
What I am trying to do is say if $division is 1 or 2 and if member1, member2, member3, member4 are in the array $memberships return false, if $division is not 1 or 2 and member5 is in the array return false, everything else return true.
This is not working because member5 is in the array and $division is 1, which should return true, but it returns false.
PS - member1-5 are just names I am using for here as they actually are personal information in my array.
What Am i doing wrong?
I'd do this as a series of different 'if' statements, to avoid you going around the bend trying to work it out.
I've created this piece of code according to your statement...
What I am trying to do is say if $division is 1 or 2 and if member1,
member2, member3, member4 are in the array $memberships return false,
if $division is not 1 or 2 and member5 is in the array return false,
everything else return true.
I think I've got the logic right, I'm about to double check it:
if ($division->id == 1 || $division->id == 2)
{
if (in_array("member_2", $memberships) || in_array("member_3", $memberships) || in_array('member_3', $memberships) || in_array('member_4', $memberships))
{
return false;
}
else
{
return true;
}
}
else
{
if (in_array("member_5", $memberships))
{
return false;
}
else
{
return true;
}
}
These are the logical groupings, 1 per line. Use parenthesis to adjust how php evaluates it if this isnt what you want.
($division->id == 1 || $division->id == 2) && in_array('member1', $memberships)
|| in_array('member2', $memberships)
|| in_array('member3', $memberships)
|| in_array('member4', $memberships)
|| ($division->id != 1 || $division->id != 2) && in_array('member5', $memberships))
Try:
if(
(($division->id == 1 || $division->id == 2) &&
(in_array('member1', $memberships) ||
in_array('member2', $memberships) ||
in_array('member3', $memberships) ||
in_array('member4', $memberships))) ||
(($division->id != 1 || $division->id != 2)
&& in_array('member5', $memberships)))
{
return FALSE;
} else {
return TRUE;
}
Less lines of code does not always mean it's better, break it down and make it readable, for example:
$output = true;
if($division->id == 1 || $division->id == 2)
{
if(in_array("member_2", $memberships) || in_array("member_3", $memberships) || in_array('member_4', $memberships))
{
$output = false;
}
}
else
{
if (in_array("member_5", $memberships))
{
$output = false;
}
}
return $output;
It is not checking is that the mentioned field is there or not. Both of the version
First Version:
$error = array();
$field_sets = array('username','password','fullname','repeatpass','email');
foreach($field_sets as $fieldname){
if (!isset($_POST[$fieldname]) || (empty($_POST[$fieldname]) && $_POST[$fieldname] != 0)) {
$error[] = $fieldname;
}
}
Second Version:
(in the includes file)
function check_required_fields ($required_array){
$error = array();
foreach($required_array as $fieldname){
if (!isset($_POST[$fieldname]) || (empty($_POST[$fieldname]) && $_POST[$fieldname] != 0)) {
$error[] = $fieldname;
}
}
return $error;
}
In the Source File:
$error = array();
$required_field = array('username','password','fullname','repeatpass','email');
$error = array_merge($error , check_required_fields($required_field , $_POST));
I found the problem. I accidentally put && in the logic. It should be || instead of &&.
if (!isset($_POST[$fieldname]) || (empty($_POST[$fieldname]) || $_POST[$fieldname] != 0))