PHP 表单电子邮件验证
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/18616333/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
PHP form email validation
提问by eloist
My mail form is still sending emails even if the email address is not valid. For example, if I fill in the email as "bob", and hit submit, my javascript validator gives a warning message, but the email still goes through. It ends up in my spam box as [email protected]
即使电子邮件地址无效,我的邮件表单仍在发送电子邮件。例如,如果我将电子邮件填写为“bob”,然后点击提交,我的 javascript 验证器会发出警告消息,但电子邮件仍然通过。它最终以 [email protected] 的形式出现在我的垃圾邮件箱中
How can I validate the email address, and prevent submit if it does not validate?
如何验证电子邮件地址,并在未验证时阻止提交?
I am new to php.
我是 php 新手。
HTML:
HTML:
<div id="emailform">
<h2>Confirm your purchase information</h2>
<hr>
<form method="post" name="contactform" action="mail_form.php" id="submit">
<p>
<label for='name'>Your Name:</label> <br>
<input type="text" name="name">
</p>
<p>
<label for='email'>Email Address:</label> <br>
<input type="text" name="email">
</p>
<p>
<label for='purchasecode'>Purchase Code:</label> <br>
<input type="text" name="purchasecode">
</p>
<p>
<label for='vendor'>Vendor Name:</label> <br>
<select name="vendor">
<option value="" selected="selected"></option>
<option value="Amazon" >Amazon</option>
<option value="Barnes&Noble" >Barnes & Noble</option>
<option value="Family Christian" >Family Christian</option>
<option value="Christianbook" >Christianbook.com</option>
<option value="LifeWay" >LifeWay</option>
<option value="BAM" >Books-A-Million</option>
<option value="Mardel" >Mardel</option>
</select>
</p>
<button type="submit" id="submitbutton" name="submit" value="Submit" class="mainButton">SUBMIT</button><br>
</form>
<!-- Code for validating the form
Visit http://www.javascript-coder.com/html-form/javascript-form-validation.phtml
for details -->
<script type="text/javascript">
var frmvalidator = new Validator("contactform");
frmvalidator.addValidation("name","req","Please provide your name");
frmvalidator.addValidation("email","email","Please enter a valid email address");
frmvalidator.addValidation("vendor","dontselect=000");
frmvalidator.addValidation("purchasecode","maxlen=50");
</script>
</div>
PHP:
PHP:
<?php
ini_set('display_errors',1);
error_reporting(E_ALL);
if(!isset($_POST['submit']))
{
//This page should not be accessed directly. Need to submit the form.
echo "error; you need to submit the form!";
}
$name = $_POST['name'];
$email = $_POST['email'];
$purchasecode = $_POST['purchasecode'];
$vendor = $_POST['vendor'];
//Validate first
if(empty($_POST['name']) ||
empty($_POST['email']) ||
empty($_POST['purchasecode']) ||
empty($_POST['vendor']))
{
echo "All fields are required.";
exit;
}
if(IsInjected($email))
{
echo "Bad email value!";
exit;
}
$email_from = $email;
$email_subject = "GDFY Purchase Confirmation";
$email_body = "New purchase confirmation from $name.\n".
"Here are the details:\n\n Name: $name \n\n Email: $email \n\n Purchase Code: $purchasecode \n\n Vendor: $vendor";
$to = "[email protected]";//<== update the email address
$headers = "From: $email_from \r\n";
$headers .= "Reply-To: $email_from \r\n";
//Send the email!
mail($to,$email_subject,$email_body,$headers);
//done. redirect to thank-you page.
header('Location: index.html');
// echo "success";
// Function to validate against any email injection attempts
function IsInjected($str)
{
$injections = array('(\n+)',
'(\r+)',
'(\t+)',
'(%0A+)',
'(%0D+)',
'(%08+)',
'(%09+)'
);
$inject = join('|', $injections);
$inject = "/$inject/i";
if(preg_match($inject,$str))
{
return true;
}
else
{
return false;
}
}
?>
Javascript:
Javascript:
$('#submit').submit(function() { // catch the form's submit event
$.ajax({ // create an AJAX call...
data: $(this).serialize(), // get the form data
type: $(this).attr('method'), // GET or POST
url: $(this).attr('action'), // the file to call
success: function(response) { // on success..
$('#emailform').html("<h2 style='text-align:center;'>Thank you!</h2><hr><p style='text-align:center;'>Thank you for submitting your purchase information.<br>We will send your free gifts soon!</p>"); // update the DIV
}
});
return false; // cancel original event to prevent form submitting
});
回答by Scalpweb
You can use filter_var :
您可以使用 filter_var :
if( filter_var('[email protected]', FILTER_VALIDATE_EMAIL) )
{
Do_stuff();
}
回答by Funk Forty Niner
This is what I use and it works well, using Ajax and jQuery. You're welcome to use it and modify to suit.
这就是我使用的,它使用 Ajax 和 jQuery 运行良好。欢迎您使用它并进行修改以适应。
Both HTML form and PHP handler are included.
包括 HTML 表单和 PHP 处理程序。
HTML form
HTML 表单
<!DOCTYPE html>
<head>
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js"></script>
<script type="text/javascript">
$(document).ready(function(){
$('#submit').click(function(){
$('#success').hide(1);
$.post("ajax_handler.php", $("#contact").serialize(), function(response) {
$('#success').html(response);
$('#success').show(1000);
});
return false;
});
});
</script>
<style>
html {
/* height: 100%; */
height:auto;
}
body {
background:#000;
/* background: url(bg.png);
background-repeat:repeat;*/
margin: 0px;
padding: 0px;
height: 100%;
color: #fff;
font-family: Proxima, sans-serif;;
}
#empty {
display:block;
clear:both;
height:150px;
width:auto;
background:none;
border:none;
}
#contact ul{
margin-left:10px;
list-style:none;
}
#contact ul li{
margin-left:0px;
list-style:none;
}
</style>
</head>
<body>
<form id="contact" action="" method="post">
<ul>
<li>
<label for="name">Name:</label><br>
<input id="name" type="text" name="name" width="250" size="35" required/>
</li>
<li>
<label for="email">Email:</label><br>
<input id="email" type="text" name="email" width="250" size="35" required/>
</li>
<br><br>
<li>
<label for="message">Message:</label><br>
<textarea id="message" name="message" rows="6" cols="40" required></textarea>
</li>
<li><input type="button" value=" SEND " id="submit" /><input type="reset" value="Reset" name="reset">
<div id="success" style="color: yellow;"></div></li>
</ul>
</form>
</body>
</html>
Handler (ajax_handler.php)
处理程序(ajax_handler.php)
<?php
if((empty($_POST['name'])) || (empty($_POST['email'])) || (empty($_POST['message']))){
die("<b>ERROR!</b> All fields must be filled.");
}
$name = $_POST['name'];
$email = $_POST['email'];
$message = $_POST['message'];
$name = strtolower($name);
$name = ucwords($name);
$to = '[email protected]';
$subject = 'Website message from: '.$name;
$message = 'FROM: '.$name." \nEmail: ".$email."\nMessage: \n".$message;
$headers = 'From: [email protected]' . "\r\n";
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
mail($to, $subject, $message, $headers);
echo "Thank you! Your email was sent $name.";
echo "<br>";
echo "This is the email you entered: <b>$email</b>";
}else{
// echo var_dump($_POST);
echo "<b>ERROR!</b> Invalid E-mail. Please provide a valid email addres. Example: [email protected]";
echo "<br>";
echo "The email <b>$email</b> you entered, is not valid.";
}
?>
回答by gihansalith
$email = test_input($_POST["email"]);
if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/",$email)) {
$emailErr = "Invalid email format";
}
$email = test_input($_POST["email"]);
if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/",$email)) {
$emailErr = "Invalid email format";
}
you can use this Ihave tried just onw it's working
你可以使用这个我刚刚试过它正在工作
回答by dev4092
Javascript validation
<script type="text/javascript">
var a = document.contact_form.txt_phoneno.value;
if (a!="")
{
if(isNaN(a))
{
alert("Enter the valid Mobile Number(Like : 9566137117)");
document.contact_form.txt_phoneno.focus();
return false;
}
if((a.length < 10) || (a.length > 15))
{
alert(" Your Mobile Number must be 10 to 15 Digits");
document.contact_form.txt_phoneno.select();
return false;
}
}
</script>
回答by antelove
try this preg match
试试这个预赛
$email = test_input($_POST["email"]);
if (!preg_match("/^[\w-]+[@]+[a-z]+\.+[a-z]*$/", $email)) {
return false;
//exit;
}
回答by bpeterson76
I'd recommend filtering on both front and back end. Front end to prevent unnecessary hits to the server and to provide more effective and prompt feedback, and back end to catch anything that the Front-end lets through (since it can be bypassed)
我建议在前端和后端都进行过滤。前端防止对服务器造成不必要的攻击并提供更有效和及时的反馈,后端捕获前端允许通过的任何内容(因为它可以被绕过)
My script of choice for the front end is jQuery Ketchup
我选择的前端脚本是jQuery Ketchup
On the back-end, filter_varworks fine, as does regex if you're working with an older version of PHP.
在后端,filter_var工作正常,如果您使用的是旧版本的 PHP,则 regex 也是如此。
