Hey everyone!!
I am having major spam issues with a PHP form script where they are breaking through by typing whatever they want as a phone number. To combat this, I wanted to add a function to my script that validates a phone number. But, I cannot figure out why it’s presenting me with issues, and could use a second pair of eyes.
I’ve called the function and written out the code to pop up an alert box that tells the user that the phone is invalid, but it doesn’t do that. Instead, the form goes to a blank page after hitting submit. I would like the code to execute by popping up an alert box that says “You must enter a valid phone number” if a user types something like 123456. This way, if a user does that, they cannot send the form email through.
The new sections of the script are highlighted in red. The $phone variable is called in the form HTML as an attribute whose name=“phone”.
<?php
[COLOR="#FF0000"]function phone_valid($phone) {
if (eregi( ? ^[0-9]{3}-[0-9]{3}-[0-9]{4}$ ? , $phone))
{ return TRUE; } else { return FALSE; }
}
[/COLOR]
function check_email_address($email) {
// check that there's one @ symbol, and that the lengths are right
if (!preg_match("/^[^@]{1,64}@[^@]{1,255}$/", $email)) {
// Email invalid because wrong number of characters in one section, or wrong number of @ symbols.
return false;
}
// Split it into sections to make life easier
$email_array = explode("@", $email);
$local_array = explode(".", $email_array[0]);
for ($i = 0; $i < sizeof($local_array); $i++) {
if (!preg_match("/^(([A-Za-z0-9!#$%&'*+\\/=?^_`{|}~-][A-Za-z0-9!#$%&'*+\\/=?^_`{|}~\\.-]{0,63})|(\\"[^(\\\\|\\")]{0,62}\\"))$/", $local_array[$i])) {
return false;
}
}
if (!preg_match("/^\\[?[0-9\\.]+\\]?$/", $email_array[1])) { // Check if domain is IP. If not, it should be valid domain name
$domain_array = explode(".", $email_array[1]);
if (sizeof($domain_array) < 2) {
return false; // Not enough parts to domain
}
for ($i = 0; $i < sizeof($domain_array); $i++) {
if (!preg_match("/^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|([A-Za-z0-9]+))$/", $domain_array[$i])) {
return false;
}
}
}
}
return true;
}
$name = $_POST['name'];
$phone = $_POST['phone'];
$email = $_POST['email'];
$comments = $_POST['comments'];
if( $name == true )
{
$sender = $email;
$receiver = "contactemail@someemail.com";
$client_ip = $_SERVER['REMOTE_ADDR'];
$email_body = "Name: $name \
\
Phone: $phone \
\
Email: $email \
\
Comments: \
\
$comments \
\
IP: $client_ip \
\
Contact Sent from http://websitename.com/";
$newmessage = "Hi $name, \
\
Thank you for your inquiry. We will be in touch with you as quickly as possible. \
\
Please send us an email if you have any additional questions we can answer. Thank you.\
\
Phone: (123) 456-7891 \
\
Company Name \
Company Address \
Company City, Zip Code
\
Website:http://www.websitename.com/ \
\
Your inquiry has been copied below. \
\
--------------------- \
\
Name: $name \
Email: $email \
\
Phone: $phone \
\
Details: \
\
$comments \
\
IP: $client_ip";
$extra = "From: $sender\\r\
" . "Reply-To: $sender \\r\
" . "X-Mailer: PHP/" . phpversion();
$extra2 = "From: $receiver\\r\
" . "Reply-To: $receiver \\r\
";
[COLOR="#FF0000"]if (phone_valid($phone) == false) {
echo "<script type="text/javascript">alert("You need to enter a valid phone number.");</script>";
}[/COLOR]
if(check_email_address($email) == true) {
if( mail( $receiver, "Client email questions", $email_body, $extra ) && mail( $sender, "Website name website inquiry has been received", $newmessage, $extra2 ) )
{
echo header("Location: contact-thank-you.php");
}
} else {
echo header("Location: contact-failed.php");
}
}
?>