Validation of contact form fields

A good chap suggested that I validate the contact form on my site with the suggestion below:

"...On the Contact us page: The form sends data to the server even when there's invalid/empty fields. I know you have set the blue "Some information is missing." text but (you probably know what I'm gonna say) validate each field on the client side first, give specific warnings of each field, never submit to server invalid forms, keep your server validation too for double protection..."

Im not exactly sure where to start. Anyone have any ideas?

Many thanks!!!

 

I think the good chap is talking about Javascript.

Javascript runs on the client and you can pop up alert boxes if you detect any errors.

I haven't really done this myself (I've changed a few scripts but that was a long time ago).

As usual, w3schools is a good starting point http://www.w3schools.com/jS/js_form_validation.asp.

 

cool...thanks! ill have a look at the w3

 

There is no reason that you have to do this... You absolutely have to validate the data server-side anyway, i guess it just reduces the work that the server has to do and makes things just a little bit easier for the user at the front-end. But unless you have a huge amount of requests, you have to ask yourself if it is worth the extra effort, assuming that a lot of the requests will be valid anyway.

 

good point. we currently do not get a ton of requests, but hopefully that will change in the future

Thanks again!

 

You don't see too much javascript validation nowadays. I really wouldn't bother with it.

 

Do something like this (in the programming language that you're using)

if (strlen($_GET['field1']) == 0 || strlen($_GET['field2]) == 0)
{
   $valid = false;
}

if (valid == true)
{
  // mail() code here
}
else
{
   // echo "your form is not sent".
}

Code (markup):

Hope it helps. Of course, "field1" and "field2" should be replaced with the id you gave to the input fields.

<input id="field1" name="field1" ........

Code (markup):

 

Thank you very much for the tip! I'll give it a try

 

It is important to validate email address: Create a function that would check if @ and . (dot) symbols are present. To prevent spamming you could create a function that would check if explicit words are present, specially in "notes" field.

 

Seeing as the site runs in .Net then just use the .Net validators as you can place these on the page to run clientside and then with a single line do the serverside validation as it uses the same control. See http://www.asp101.com/lessons/validation.asp for the main .Net validators

 

@Astaroth - thnak you very much for the tip. I'll look into those val..cheers!