Jump to content
Sign in to follow this  
joma

Validation

Recommended Posts

i am trying to come up with a simple solution to prevent robots from adding entries to a few forms in my osc site. I found this little piece of code which origionally compared two password fields and thought it may work??

 

<script LANGUAGE="JavaScript">

<!-- Begin
function checkPw(form) {
pw1 = '4dfew';
pw2 = form.pw2.value;

if (pw1 != pw2) {
alert ("\nYou did not enter the correct correct VALIDATION KEY")
return false;
}
else return true;
}
// End -->
</script>





<form onSubmit="return checkPw(this)">
<center>
<table border=0>
<tr>
<td>Re-enter:</td><td><input type=text name=pw2 size=10></td>
</tr>
<tr>
<td colspan=2 align=center><input type=submit value="Submit!"></td>
</tr>
</table>
</form>

 

and this is the file i am trying to insert it into

 

guestbook_sign.php

 

<?php
/*
 $Id: guestbook_sign.php,v 1.0 2003/07/15 Exp $

 Guestbook for osC(2.2MS2) v1.0

 osCommerce, Open Source E-Commerce Solutions
 http://www.oscommerce.com

 Copyright (c) 2003 osCommerce

 Released under the GNU General Public License
*/

 require('includes/application_top.php');

 if (GUESTBOOK_SHOW == 'false') {
$navigation->set_snapshot();
tep_redirect(tep_href_link(FILENAME_DEFAULT, '', 'SSL'));
 }

 require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_GUESTBOOK_SIGN);

 if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'process')) {
$gb_name = tep_db_prepare_input($HTTP_POST_VARS['gb_name']);
$gb_email = tep_db_prepare_input($HTTP_POST_VARS['gb_email']);
$gb_url = tep_db_prepare_input($HTTP_POST_VARS['gb_url']);
$gb_location = tep_db_prepare_input($HTTP_POST_VARS['gb_location']);
$gb_text = tep_db_prepare_input($HTTP_POST_VARS['gb_text']);

$error = false;
if (strlen($gb_name) < GUESTBOOK_NAME_MIN_LENGTH) {
  $error = true;

  $messageStack->add('guestbook', JS_GUESTBOOK_NAME);
}
if (strlen($gb_text) < GUESTBOOK_TEXT_MIN_LENGTH) {
  $error = true;

  $messageStack->add('guestbook', JS_GUESTBOOK_TEXT);
}

if (!empty($gb_email)) {
  if (tep_validate_email($gb_email)) {
	//mail to store owner
	tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, EMAIL_OWNER_SUBJECT, $gb_text, $gb_name, $gb_email);

	//mail to visitor
	$email_text = sprintf(EMAIL_VISITOR_GREET, $gb_name);
	$email_text .= EMAIL_VISITOR_MESSAGE;
	tep_mail($gb_name, $gb_email, EMAIL_VISITOR_SUBJECT, $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
  } else {
	$error = true;

	$messageStack->add('guestbook', ENTRY_EMAIL_ADDRESS_CHECK_ERROR);
  }
}

if ($error == false) {
  tep_db_query("insert into " . TABLE_GUESTBOOK . " (visitors_name, visitors_email, visitors_url, visitors_location, date_added) values ('" . tep_db_input($gb_name) . "', '" . tep_db_input($gb_email) . "', '" . tep_db_input($gb_url) . "', '" . tep_db_input($gb_location) . "', now())");
  $insert_id = tep_db_insert_id();

  tep_db_query("insert into " . TABLE_GUESTBOOK_DESCRIPTION . " (entry_id, languages_id, entry_text) values ('" . (int)$insert_id . "', '" . (int)$languages_id . "', '" . tep_db_input($gb_text) . "')");

  tep_redirect(tep_href_link(FILENAME_GUESTBOOK, tep_get_all_get_params(array('action'))));
}
 } elseif (tep_session_is_registered('customer_id')) {
$account_query_one = tep_db_query("select customers_firstname, customers_lastname, customers_email_address from " . TABLE_CUSTOMERS . " where customers_id = '" . (int)$customer_id . "'");
$account_one = tep_db_fetch_array($account_query_one);

$account_query_two = tep_db_query("select a.entry_country_id, b.countries_id, b.countries_name from " . TABLE_ADDRESS_BOOK . " a, " . TABLE_COUNTRIES ." b where a.customers_id = '" . (int)$customer_id . "' and a.entry_country_id = b.countries_id");
$account_two = tep_db_fetch_array($account_query_two);

$account_query_three = tep_db_query("select entry_city from " . TABLE_ADDRESS_BOOK .  " where customers_id = '" . (int)$customer_id . "'");
$account_three = tep_db_fetch_array($account_query_three);

$gb_name = $account_one['customers_firstname'] . ' ' . $account_one['customers_lastname'];
$gb_email = $account_one['customers_email_address'];
$gb_location = $account_three['entry_city'] . ', ' . $account_two['countries_name'];
 }

 $breadcrumb->add(NAVBAR_TITLE, tep_href_link(FILENAME_GUESTBOOK, tep_get_all_get_params()));
?>
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html <?php echo HTML_PARAMS; ?>>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
<title><?php echo TITLE; ?></title>
<base href="<?php echo (($request_type == 'SSL') ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>">
<link rel="stylesheet" type="text/css" href="stylesheet.css">
<script language="javascript"><!--
function checkForm() {
 var error = 0;
 var error_message = "<?php echo JS_ERROR; ?>";

 var gb_name = document.guestbook_sign.gb_name.value;
 var gb_text = document.guestbook_sign.gb_text.value;

 if (gb_name.length < <?php echo GUESTBOOK_NAME_MIN_LENGTH; ?>) {
error_message = error_message + "<?php echo JS_GUESTBOOK_NAME; ?>";
error = 1;
 }

 if (gb_text.length < <?php echo GUESTBOOK_TEXT_MIN_LENGTH; ?>) {
error_message = error_message + "<?php echo JS_GUESTBOOK_TEXT; ?>";
error = 1;
 }

 if (error == 1) {
alert(error_message);
return false;
 } else {
return true;
 }
}
//--></script>
</head>
<body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0">
<!-- header //-->
<?php require(DIR_WS_INCLUDES . 'header.php'); ?>
<!-- header_eof //-->

<!-- body //-->
<table border="0" width="100%" cellspacing="3" cellpadding="3">
 <tr>
<td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2">
<!-- left_navigation //-->
<?php require(DIR_WS_INCLUDES . 'column_left.php'); ?>
<!-- left_navigation_eof //-->
</table></td>
<!-- body_text //-->
<td width="100%" valign="top"><?php echo tep_draw_form('guestbook_sign', tep_href_link(FILENAME_GUESTBOOK_SIGN, 'action=process'), 'post', 'onSubmit="return checkForm();"'); ?><table border="0" width="100%" cellspacing="0" cellpadding="0">
  <tr>
	<td><table border="0" width="100%" cellspacing="0" cellpadding="0">
	  <tr>
		<td class="pageHeading"><?php echo HEADING_TITLE; ?></td>
		<td class="pageHeading" align="right"><?php echo tep_image(DIR_WS_IMAGES . 'table_background_contact_us.gif', HEADING_TITLE, HEADING_IMAGE_WIDTH, HEADING_IMAGE_HEIGHT); ?></td>
	  </tr>
	</table></td>
  </tr>
  <tr>
	<td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
  </tr>
<?php
 if ($messageStack->size('guestbook') > 0) {
?>
  <tr>
	<td><?php echo $messageStack->output('guestbook'); ?></td>
  </tr>
  <tr>
	<td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
  </tr>
<?php
 }
?>
  <tr>
	<td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox">
	  <tr class="infoBoxContents">
		<td><table border="0" width="100%" cellspacing="2" cellpadding="2">
		  <tr>
			<td class="main" width="30%"><?php echo ENTRY_NAME; ?></td>
			<td class="main"><?php echo tep_draw_input_field('gb_name'); ?></td>
		  </tr>
		  <tr>
			<td class="main"><?php echo ENTRY_EMAIL; ?></td>
			<td class="main"><?php echo tep_draw_input_field('gb_email') . ENTRY_HELP_OPTIONAL; ?></td>
		  </tr>
		  <tr>
			<td class="main"><?php echo ENTRY_URL; ?></td>
			<td class="main"><?php echo tep_draw_input_field('gb_url') . ENTRY_HELP_OPTIONAL . ' <i>Include http://</i>'; ?></td>
		  </tr>
		  <tr>
			<td class="main"><?php echo ENTRY_LOCATION; ?></td>
			<td class="main"><?php echo tep_draw_input_field('gb_location') . ENTRY_HELP_OPTIONAL; ?></td>
		  </tr>
		  <tr>
			<td class="main"><?php echo ENTRY_ENQUIRY; ?></td>
		  </tr>
		  <tr>
			<td colspan="2"><?php echo tep_draw_textarea_field('gb_text', 'soft', 60, 15); ?></td>
		  </tr>
		  <tr>
			<td colspan="2" class="smallText" align="right"><?php echo TEXT_NO_HTML; ?></td>
		  </tr>
		</table></td>
	  </tr>
	</table></td>
  </tr>
  <tr>
	<td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
  </tr>
  <tr>
	<td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox">
	  <tr class="infoBoxContents">
		<td><table border="0" width="100%" cellspacing="0" cellpadding="2">
		  <tr>
			<td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
			<td class="main"><?php echo '<a href="' . tep_href_link(FILENAME_GUESTBOOK, tep_get_all_get_params(array('entry_id', 'action'))) . '">' . tep_image_button('button_back.gif', IMAGE_BUTTON_BACK) . '</a>'; ?></td>
			<td class="main" align="right"><?php echo tep_image_submit('button_continue.gif', IMAGE_BUTTON_CONTINUE); ?></td>
			<td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
		  </tr>
		</table></td>
	  </tr>
	</table></td>
  </tr>

</table></form></td>
<!-- body_text_eof //-->
<td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2">
<!-- right_navigation //-->
<?php require(DIR_WS_INCLUDES . 'column_right.php'); ?>
<!-- right_navigation_eof //-->
</table></td>
 </tr>
</table>
<!-- body_eof //-->

<!-- footer //-->
<?php require(DIR_WS_INCLUDES . 'footer.php'); ?>
<!-- footer_eof //-->
<br>
</body>
</html>
<?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>

 

if anyone could take 2 mins to help me with this it would be much appriciated and i should be able to manage to use what you have done to run it in the other places i need it

Share this post


Link to post
Share on other sites

There is a contribution that asks the visitor to input text shon on the page. This is the common way of doing it. I don't recall the name of it though. Maybe search the contributions for login or something similar.

 

Jack

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×