Validation

joma · August 15, 2006

i am trying to come up with a simple solution to prevent robots from adding entries to a few forms in my osc site. I found this little piece of code which origionally compared two password fields and thought it may work??

<script LANGUAGE="JavaScript">

<!-- Begin
function checkPw(form) {
pw1 = '4dfew';
pw2 = form.pw2.value;

if (pw1 != pw2) {
alert ("\nYou did not enter the correct correct VALIDATION KEY")
return false;
}
else return true;
}
// End -->
</script>





<form onSubmit="return checkPw(this)">
<center>
<table border=0>
<tr>
<td>Re-enter:</td><td><input type=text name=pw2 size=10></td>
</tr>
<tr>
<td colspan=2 align=center><input type=submit value="Submit!"></td>
</tr>
</table>
</form>

and this is the file i am trying to insert it into

guestbook_sign.php

<?php
/*
 $Id: guestbook_sign.php,v 1.0 2003/07/15 Exp $

 Guestbook for osC(2.2MS2) v1.0

 osCommerce, Open Source E-Commerce Solutions
 http://www.oscommerce.com

 Copyright (c) 2003 osCommerce

 Released under the GNU General Public License
*/

 require('includes/application_top.php');

 if (GUESTBOOK_SHOW == 'false') {
$navigation->set_snapshot();
tep_redirect(tep_href_link(FILENAME_DEFAULT, '', 'SSL'));
 }

 require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_GUESTBOOK_SIGN);

 if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'process')) {
$gb_name = tep_db_prepare_input($HTTP_POST_VARS['gb_name']);
$gb_email = tep_db_prepare_input($HTTP_POST_VARS['gb_email']);
$gb_url = tep_db_prepare_input($HTTP_POST_VARS['gb_url']);
$gb_location = tep_db_prepare_input($HTTP_POST_VARS['gb_location']);
$gb_text = tep_db_prepare_input($HTTP_POST_VARS['gb_text']);

$error = false;
if (strlen($gb_name) < GUESTBOOK_NAME_MIN_LENGTH) {
  $error = true;

  $messageStack->add('guestbook', JS_GUESTBOOK_NAME);
}
if (strlen($gb_text) < GUESTBOOK_TEXT_MIN_LENGTH) {
  $error = true;

  $messageStack->add('guestbook', JS_GUESTBOOK_TEXT);
}

if (!empty($gb_email)) {
  if (tep_validate_email($gb_email)) {
	//mail to store owner
	tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, EMAIL_OWNER_SUBJECT, $gb_text, $gb_name, $gb_email);

	//mail to visitor
	$email_text = sprintf(EMAIL_VISITOR_GREET, $gb_name);
	$email_text .= EMAIL_VISITOR_MESSAGE;
	tep_mail($gb_name, $gb_email, EMAIL_VISITOR_SUBJECT, $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
  } else {
	$error = true;

	$messageStack->add('guestbook', ENTRY_EMAIL_ADDRESS_CHECK_ERROR);
  }
}

if ($error == false) {
  tep_db_query("insert into " . TABLE_GUESTBOOK . " (visitors_name, visitors_email, visitors_url, visitors_location, date_added) values ('" . tep_db_input($gb_name) . "', '" . tep_db_input($gb_email) . "', '" . tep_db_input($gb_url) . "', '" . tep_db_input($gb_location) . "', now())");
  $insert_id = tep_db_insert_id();

  tep_db_query("insert into " . TABLE_GUESTBOOK_DESCRIPTION . " (entry_id, languages_id, entry_text) values ('" . (int)$insert_id . "', '" . (int)$languages_id . "', '" . tep_db_input($gb_text) . "')");

  tep_redirect(tep_href_link(FILENAME_GUESTBOOK, tep_get_all_get_params(array('action'))));
}
 } elseif (tep_session_is_registered('customer_id')) {
$account_query_one = tep_db_query("select customers_firstname, customers_lastname, customers_email_address from " . TABLE_CUSTOMERS . " where customers_id = '" . (int)$customer_id . "'");
$account_one = tep_db_fetch_array($account_query_one);

$account_query_two = tep_db_query("select a.entry_country_id, b.countries_id, b.countries_name from " . TABLE_ADDRESS_BOOK . " a, " . TABLE_COUNTRIES ." b where a.customers_id = '" . (int)$customer_id . "' and a.entry_country_id = b.countries_id");
$account_two = tep_db_fetch_array($account_query_two);

$account_query_three = tep_db_query("select entry_city from " . TABLE_ADDRESS_BOOK .  " where customers_id = '" . (int)$customer_id . "'");
$account_three = tep_db_fetch_array($account_query_three);

$gb_name = $account_one['customers_firstname'] . ' ' . $account_one['customers_lastname'];
$gb_email = $account_one['customers_email_address'];
$gb_location = $account_three['entry_city'] . ', ' . $account_two['countries_name'];
 }

 $breadcrumb->add(NAVBAR_TITLE, tep_href_link(FILENAME_GUESTBOOK, tep_get_all_get_params()));
?>
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html <?php echo HTML_PARAMS; ?>>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
<title><?php echo TITLE; ?></title>
<base href="<?php echo (($request_type == 'SSL') ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>">
<link rel="stylesheet" type="text/css" href="stylesheet.css">
<script language="javascript"><!--
function checkForm() {
 var error = 0;
 var error_message = "<?php echo JS_ERROR; ?>";

 var gb_name = document.guestbook_sign.gb_name.value;
 var gb_text = document.guestbook_sign.gb_text.value;

 if (gb_name.length < <?php echo GUESTBOOK_NAME_MIN_LENGTH; ?>) {
error_message = error_message + "<?php echo JS_GUESTBOOK_NAME; ?>";
error = 1;
 }

 if (gb_text.length < <?php echo GUESTBOOK_TEXT_MIN_LENGTH; ?>) {
error_message = error_message + "<?php echo JS_GUESTBOOK_TEXT; ?>";
error = 1;
 }

 if (error == 1) {
alert(error_message);
return false;
 } else {
return true;
 }
}
//--></script>
</head>
<body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0">
<!-- header //-->
<?php require(DIR_WS_INCLUDES . 'header.php'); ?>
<!-- header_eof //-->

<!-- body //-->
<table border="0" width="100%" cellspacing="3" cellpadding="3">
 <tr>
<td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2">
<!-- left_navigation //-->
<?php require(DIR_WS_INCLUDES . 'column_left.php'); ?>
<!-- left_navigation_eof //-->
</table></td>
<!-- body_text //-->
<td width="100%" valign="top"><?php echo tep_draw_form('guestbook_sign', tep_href_link(FILENAME_GUESTBOOK_SIGN, 'action=process'), 'post', 'onSubmit="return checkForm();"'); ?><table border="0" width="100%" cellspacing="0" cellpadding="0">
  <tr>
	<td><table border="0" width="100%" cellspacing="0" cellpadding="0">
	  <tr>
		<td class="pageHeading"><?php echo HEADING_TITLE; ?></td>
		<td class="pageHeading" align="right"><?php echo tep_image(DIR_WS_IMAGES . 'table_background_contact_us.gif', HEADING_TITLE, HEADING_IMAGE_WIDTH, HEADING_IMAGE_HEIGHT); ?></td>
	  </tr>
	</table></td>
  </tr>
  <tr>
	<td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
  </tr>
<?php
 if ($messageStack->size('guestbook') > 0) {
?>
  <tr>
	<td><?php echo $messageStack->output('guestbook'); ?></td>
  </tr>
  <tr>
	<td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
  </tr>
<?php
 }
?>
  <tr>
	<td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox">
	  <tr class="infoBoxContents">
		<td><table border="0" width="100%" cellspacing="2" cellpadding="2">
		  <tr>
			<td class="main" width="30%"><?php echo ENTRY_NAME; ?></td>
			<td class="main"><?php echo tep_draw_input_field('gb_name'); ?></td>
		  </tr>
		  <tr>
			<td class="main"><?php echo ENTRY_EMAIL; ?></td>
			<td class="main"><?php echo tep_draw_input_field('gb_email') . ENTRY_HELP_OPTIONAL; ?></td>
		  </tr>
		  <tr>
			<td class="main"><?php echo ENTRY_URL; ?></td>
			<td class="main"><?php echo tep_draw_input_field('gb_url') . ENTRY_HELP_OPTIONAL . ' <i>Include http://</i>'; ?></td>
		  </tr>
		  <tr>
			<td class="main"><?php echo ENTRY_LOCATION; ?></td>
			<td class="main"><?php echo tep_draw_input_field('gb_location') . ENTRY_HELP_OPTIONAL; ?></td>
		  </tr>
		  <tr>
			<td class="main"><?php echo ENTRY_ENQUIRY; ?></td>
		  </tr>
		  <tr>
			<td colspan="2"><?php echo tep_draw_textarea_field('gb_text', 'soft', 60, 15); ?></td>
		  </tr>
		  <tr>
			<td colspan="2" class="smallText" align="right"><?php echo TEXT_NO_HTML; ?></td>
		  </tr>
		</table></td>
	  </tr>
	</table></td>
  </tr>
  <tr>
	<td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
  </tr>
  <tr>
	<td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox">
	  <tr class="infoBoxContents">
		<td><table border="0" width="100%" cellspacing="0" cellpadding="2">
		  <tr>
			<td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
			<td class="main"><?php echo '<a href="' . tep_href_link(FILENAME_GUESTBOOK, tep_get_all_get_params(array('entry_id', 'action'))) . '">' . tep_image_button('button_back.gif', IMAGE_BUTTON_BACK) . '</a>'; ?></td>
			<td class="main" align="right"><?php echo tep_image_submit('button_continue.gif', IMAGE_BUTTON_CONTINUE); ?></td>
			<td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
		  </tr>
		</table></td>
	  </tr>
	</table></td>
  </tr>

</table></form></td>
<!-- body_text_eof //-->
<td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2">
<!-- right_navigation //-->
<?php require(DIR_WS_INCLUDES . 'column_right.php'); ?>
<!-- right_navigation_eof //-->
</table></td>
 </tr>
</table>
<!-- body_eof //-->

<!-- footer //-->
<?php require(DIR_WS_INCLUDES . 'footer.php'); ?>
<!-- footer_eof //-->
<br>
</body>
</html>
<?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>

if anyone could take 2 mins to help me with this it would be much appriciated and i should be able to manage to use what you have done to run it in the other places i need it

Jack_mcs · August 15, 2006

There is a contribution that asks the visitor to input text shon on the page. This is the common way of doing it. I don't recall the name of it though. Maybe search the contributions for login or something similar.

Jack

Validation

Recommended Posts

joma

Link to comment

Share on other sites

Jack_mcs

Link to comment

Share on other sites

Join the conversation

Browse

Activity