Hi all, I am building a form and require a promotion code field, with a single code to be verified. What is the best and safest way to do this? I've coded this: if (!ereg('123',$values['promo'])) $errors['promo'] = 'Invalid Code!'; PHP: But its buggy as hell! Any suggestions?
Yes, it will be with the final version. At the moment I am using just '123' to test, is there a better way?
if ($_REQUEST[promo]=="123") $promook=true; else $promook=false; if ($promook) {//give discount or whatever you want} else {//do something else} Code (markup):
Well first of all, pick a pattern for all your codes to follow, for example all letters and numbers only of 12 characters in length example 1jf83jKKlo2p Then use a regular expression to match them (You really should be using preg rather than eregi) if(!preg_match('%^[a-z0-9]{12}$%i', $code)) { echo 'INVALID CODE'; }else{ //check if it's in the database here with a simple query } PHP: You will just need a simple database that has your codes in that you can validate against then
Thanks for this - although it doesn't seem to work? I have pasted my PHP below if you can see where I am going wrong?! <?php function VerifyForm(&$values, &$errors) { // Do all necessary form verification if (strlen($values['name']) < 3) $errors['name'] = 'Name too short'; elseif (strlen($values['name']) > 50) $errors['name'] = 'Name too long'; // Email checking if (!ereg('.*@.*\..{2,4}', $values['email'])) $errors['email'] = 'Email address invalid'; if (strlen($values['text']) == 0) $errors['text'] = 'Text required'; // Promo checking if ($_REQUEST[promo]=="123") $promook=true; else $promook=false; return (count($errors) == 0); } function DisplayForm($values, $errors) { ?> <?php } function ProcessForm($values) {$mailto = '$email' ; mail('andwheel@gmail.com', 'NEW EMAIL', $values['text'], "From: \"{$values['name']}\" <{$values['email']}>"); // redirect echo "<html><head><title>Thank you!</title></head><body>Thank you!</body></html>"; } if ($_SERVER['REQUEST_METHOD'] == 'POST'); if (count($errors) > 0) echo "<p>There were some errors in your submitted form, please correct them and try again.</p>"; ?> PHP: Any ideas??
Thanks for this but is it really necessary to use a database to store the single code? The code is only to validate a form, nothing else..
Oh, I see. Well what you have to begin with seems like perfectly valid code, although if it's just one static value then you should only need if ('123' == $values['promo']) { $errors['promo'] = 'Invalid Code!'; } PHP:
Thanks for the code Jay, but it looks like that isn't working?! The form doesn't seem to be doing anything now, you input anything you want, and hit submit - it just clears the form. I can't see anything obvious - although would appreciate any help! <?php function VerifyForm(&$values, &$errors) { // Do all necessary form verification if (strlen($values['name']) < 3) $errors['name'] = 'Name too short'; elseif (strlen($values['name']) > 50) $errors['name'] = 'Name too long'; // Email checking if (!ereg('.*@.*\..{2,4}', $values['email'])) $errors['email'] = 'Email address invalid'; if (strlen($values['text']) == 0) $errors['text'] = 'Text required'; // Promo checking if ('123' == $values['promo']) { $errors['promo'] = 'Invalid Code!'; } return (count($errors) == 0); } function DisplayForm($values, $errors) { } function ProcessForm($values) {$mailto = '$email' ; mail('andwheel@gmail.com', 'NEW EMAIL', $values['text'], "From: \"{$values['name']}\" <{$values['email']}>"); // redirect echo "<html><head><title>Thank you!</title></head><body>Thank you!</body></html>"; } if ($_SERVER['REQUEST_METHOD'] == 'POST'); if (count($errors) > 0) echo "<p>There were some errors in your submitted form, please correct them and try again.</p>"; ?> <html> <head> <title>test me</title> <style> #box{ width:500px; height:230px; border:1px solid #CCC; padding:25px 5px 5px 5px;} TD.error { color: red; font-weight: bold; } body,td,th { font-family:"Lucida Grande",Tahoma,sans-serif; font-size: 16px; } .privacy{font-family:"Lucida Grande",Tahoma,sans-serif; font-size:10px;} p{border:1px solid #ccc; background-color:#FFE00B; padding:10px 10px 10px 10px;} .buttons a, .buttons button{ margin:0 7px 0 0; background-color:#f5f5f5; border:1px solid #0C0; border-top:1px solid #0C0; border-left:1px solid #0C0; font-family:"Lucida Grande",Tahoma,sans-serif; font-size:20px; line-height:100%; text-decoration:none; font-weight:bold; color:#565656; cursor:pointer; padding:5px 10px 6px 7px; /* Links */ } .buttons button{ width:auto; overflow:visible; padding:4px 10px 3px 7px; /* IE6 */ } .buttons button[type]{ padding:5px 10px 5px 7px; /* Firefox */ button.positive, .buttons a.positive{ color:#529214; } .buttons a.positive:hover, button.positive:hover{ background-color:#E6EFC2; border:1px solid #C6D880; color:#529214; } .buttons a.positive:active{ background-color:#529214; border:1px solid #529214; color:#fff; } </style> </head> <body> <div align="center"> <form action="<?= $_SERVER['PHP_SELF'] ?>" method="POST"> <br><br><div id="box"><table> <tr> <td>Full Name:</td> <td><input type="text" size="30" name="name" value="<?= htmlentities($values['name']) ?>" style="padding:5px; border:1px solid #CCCCCC; width:291px; height:35px; font-family:Verdana, Arial, Helvetica, sans-serif;font-size:16px;"/> <td class="error"><?= $errors['name'] ?></td> </tr> <tr> <td>Email Address:</td> <td><input type="text" size="30" name="email" value="<?= htmlentities($values['email']) ?>" style="padding:5px; border:1px solid #CCCCCC; width:291px; height:35px;font-family:Verdana, Arial, Helvetica, sans-serif; font-size:16px;"/> <td class="error"><?= $errors['email'] ?></td> </tr> <tr> <td>Promotional Code:</td> <td><input type="text" size="30" name="promo" value="<?= htmlentities($values['promo']) ?>" style="padding:5px; border:1px solid #CCCCCC; width:291px; height:35px;font-family:Verdana, Arial, Helvetica, sans-serif; font-size:16px;"/> <td class="error"><?= $errors['promo'] ?></td> </tr> <tr><td colspan="2" align="center"></tr> </table> <br/> <span class="privacy">We respect your privacy and will not send you any unnecessary emails. <br>By clicking 'submit' you agree to have read our <a href="link">terms and condtions</a>.</span><br><br> <div class="buttons"> <button name="submit" type="submit" class="positive" id="submit"> <img src="apply2.png" alt=""/> Submit </button></div> <br> </span><br><br> </div> </form> </body> </html> </div> PHP:
I think you're complicating things. Try this: <?php $name = $_POST['name']; $email = $_POST['email']; $text = $_POST['text']; $promo = $_POST['promo']; if($_POST) { // Do all necessary form verification if (strlen($name) < 3) { $errors['name'] = 'Name too short'; } elseif (strlen($name) > 50) { $errors['name'] = 'Name too long'; } // Email checking if (!ereg('.*@.*\..{2,4}', $email)) { $errors['email'] = 'Email address invalid'; } if (strlen($text) == 0) { $errors['text'] = 'Text required'; } // Promo checking if ($promo != '123') { $errors['promo'] = 'Invalid Code!'; } } if (count($errors) < 1) { $mailto = $email; mail('andwheel@gmail.com', 'NEW EMAIL', $text, "From: \"{$name}\" <{$email}>"); // redirect echo "<html><head><title>Thank you!</title></head><body>Thank you!</body></html>"; } else if (count($errors) > 0) { echo "<p>There were some errors in your submitted form, please correct them and try again.</p>"; } ?> <html> <head> <title>test me</title> <style> #box { width:500px; height:230px; border:1px solid #CCC; padding:25px 5px 5px 5px; } TD.error { color: red; font-weight: bold; } body,td,th { font-family:"Lucida Grande",Tahoma,sans-serif; font-size: 16px; } .privacy { font-family:"Lucida Grande",Tahoma,sans-serif; font-size:10px; } p { border:1px solid #ccc; background-color:#FFE00B; padding:10px 10px 10px 10px; } .buttons a, .buttons button { margin:0 7px 0 0; background-color:#f5f5f5; border:1px solid #0C0; border-top:1px solid #0C0; border-left:1px solid #0C0; font-family:"Lucida Grande",Tahoma,sans-serif; font-size:20px; line-height:100%; text-decoration:none; font-weight:bold; color:#565656; cursor:pointer; padding:5px 10px 6px 7px; /* Links */ } .buttons button { width:auto; overflow:visible; padding:4px 10px 3px 7px; /* IE6 */ } .buttons button[type] { padding:5px 10px 5px 7px; /* Firefox */ button.positive, .buttons a.positive { color:#529214; } .buttons a.positive:hover, button.positive:hover { background-color:#E6EFC2; border:1px solid #C6D880; color:#529214; } .buttons a.positive:active { background-color:#529214; border:1px solid #529214; color:#ffffff; } </style> </head> <body> <div align="center"> <form action="<?= $_SERVER['PHP_SELF'] ?>" method="POST"> <br /><br /> <div id="box"> <table> <tr> <td>Full Name:</td> <td><input type="text" size="30" name="name" value="<?= htmlentities($name) ?>" style="padding:5px; border:1px solid #CCCCCC; width:291px; height:35px; font-family:Verdana, Arial, Helvetica, sans-serif;font-size:16px;"/> <td class="error"><?=$errors['name'] ?></td> </tr> <tr> <td>Email Address:</td> <td><input type="text" size="30" name="email" value="<?= htmlentities($email) ?>" style="padding:5px; border:1px solid #CCCCCC; width:291px; height:35px;font-family:Verdana, Arial, Helvetica, sans-serif; font-size:16px;"/> <td class="error"><?= $errors['email'] ?></td> </tr> <tr> <td>Promotional Code:</td> <td><input type="text" size="30" name="promo" value="<?= htmlentities($promo) ?>" style="padding:5px; border:1px solid #CCCCCC; width:291px; height:35px;font-family:Verdana, Arial, Helvetica, sans-serif; font-size:16px;"/> <td class="error"><?= $errors['promo'] ?></td> </tr> <tr> <td>Text:</td> <td><input type="text" size="30" name="text" value="<?= htmlentities($text) ?>" style="padding:5px; border:1px solid #CCCCCC; width:291px; height:60px;font-family:Verdana, Arial, Helvetica, sans-serif; font-size:16px;"/> <td class="error"><?= $errors['text'] ?></td> </tr> <tr><td colspan="2" align="center"></tr> </table> <br /> <span class="privacy">We respect your privacy and will not send you any unnecessary emails. <br>By clicking 'submit' you agree to have read our <a href="link">terms and condtions</a>.</span><br /><br /> <div class="buttons"> <button name="submit" type="submit" class="positive" id="submit"> <img src="apply2.png" alt=""/> Submit </button></div> <br /> </span><br /><br /> </div> </div> </form> </body> </html> PHP:
That is working much better - thank you! What did you change? Also - the only problem that remains is the 'thankyou' message is there at the start of the form, in fact this should only display when you hit submit. Why is that?
I removed your functions. They weren't needed and you weren't using them right. You never called them. This should fix the "Thank You" message from showing up until you press submit. <?php $name = $_POST['name']; $email = $_POST['email']; $text = $_POST['text']; $promo = $_POST['promo']; if($_POST) { /* Do all necessary form verification */ if (strlen($name) < 3) { $errors['name'] = 'Name too short'; } elseif (strlen($name) > 50) { $errors['name'] = 'Name too long'; } /* Email checking */ if (!ereg('.*@.*\..{2,4}', $email)) { $errors['email'] = 'Email address invalid'; } if (strlen($text) == 0) { $errors['text'] = 'Text required'; } /* Promo checking */ if ($promo != '123') { $errors['promo'] = 'Invalid Code!'; } } if (count($errors) == 0 && $_POST) { $mailto = $email; mail('andwheel@gmail.com', 'NEW EMAIL', $text, "From: \"{$name}\" <{$email}>"); /* redirect */ echo "<html><head><title>Thank you!</title></head><body>Thank you!</body></html>"; } else if (count($errors) > 0) { echo "<p>There were some errors in your submitted form, please correct them and try again.</p>"; } ?> <html> <head> <title>test me</title> <style> #box { width:500px; height:230px; border:1px solid #CCC; padding:25px 5px 5px 5px; } TD.error { color: red; font-weight: bold; } body,td,th { font-family:"Lucida Grande",Tahoma,sans-serif; font-size: 16px; } .privacy { font-family:"Lucida Grande",Tahoma,sans-serif; font-size:10px; } p { border:1px solid #ccc; background-color:#FFE00B; padding:10px 10px 10px 10px; } .buttons a, .buttons button { margin:0 7px 0 0; background-color:#f5f5f5; border:1px solid #0C0; border-top:1px solid #0C0; border-left:1px solid #0C0; font-family:"Lucida Grande",Tahoma,sans-serif; font-size:20px; line-height:100%; text-decoration:none; font-weight:bold; color:#565656; cursor:pointer; padding:5px 10px 6px 7px; /* Links */ } .buttons button { width:auto; overflow:visible; padding:4px 10px 3px 7px; /* IE6 */ } .buttons button[type] { padding:5px 10px 5px 7px; /* Firefox */ button.positive, .buttons a.positive { color:#529214; } .buttons a.positive:hover, button.positive:hover { background-color:#E6EFC2; border:1px solid #C6D880; color:#529214; } .buttons a.positive:active { background-color:#529214; border:1px solid #529214; color:#ffffff; } </style> </head> <body> <div align="center"> <form action="<?= $_SERVER['PHP_SELF'] ?>" method="POST"> <br /><br /> <div id="box"> <table> <tr> <td>Full Name:</td> <td><input type="text" size="30" name="name" value="<?= htmlentities($name) ?>" style="padding:5px; border:1px solid #CCCCCC; width:291px; height:35px; font-family:Verdana, Arial, Helvetica, sans-serif;font-size:16px;"/> <td class="error"><?=$errors['name'] ?></td> </tr> <tr> <td>Email Address:</td> <td><input type="text" size="30" name="email" value="<?= htmlentities($email) ?>" style="padding:5px; border:1px solid #CCCCCC; width:291px; height:35px;font-family:Verdana, Arial, Helvetica, sans-serif; font-size:16px;"/> <td class="error"><?= $errors['email'] ?></td> </tr> <tr> <td>Promotional Code:</td> <td><input type="text" size="30" name="promo" value="<?= htmlentities($promo) ?>" style="padding:5px; border:1px solid #CCCCCC; width:291px; height:35px;font-family:Verdana, Arial, Helvetica, sans-serif; font-size:16px;"/> <td class="error"><?= $errors['promo'] ?></td> </tr> <tr> <td>Text:</td> <td><input type="text" size="30" name="text" value="<?= htmlentities($text) ?>" style="padding:5px; border:1px solid #CCCCCC; width:291px; height:60px;font-family:Verdana, Arial, Helvetica, sans-serif; font-size:16px;"/> <td class="error"><?= $errors['text'] ?></td> </tr> <tr><td colspan="2" align="center"></tr> </table> <br /> <span class="privacy">We respect your privacy and will not send you any unnecessary emails. <br>By clicking 'submit' you agree to have read our <a href="link">terms and condtions</a>.</span><br /><br /> <div class="buttons"> <button name="submit" type="submit" class="positive" id="submit"> <img src="apply2.png" alt=""/> Submit </button></div> <br /> </span><br /><br /> </div> </div> </form> </body> </html> PHP:
Perfect, thank you very much! I also changed the Thank You note over to a Location URL, and that works fine. One more thing - at the moment its hard coded to deliver to the gmail address, how can I insert the registered '$email' address without breaking everything?! Ideally, it will need to BCC to another two emails aswell. Any ideas?
Are you wanting to send a copy to the registered '$email' address they put in and then use Bcc to email the Gmail address and another email address?
I would check out http://php.net/manual/en/function.mail.php and search for "Additional headers". You can also check out http://www.google.com/search?hl=en&source=hp&q=PHP+Mail+BCC. Try it and if you have problems, post here.