Perl help - validating more than one field

  • deefadog
  • Newbie
  • Newbie
  • deefadog
  • Posts: 13
  • Loc: Wales

Post 3+ Months Ago

Hi all, i am not very fluent with perl and I have search the web for this answer but with no luck. Hope I can explain my self clearly.
I have a form script that I use for several different form on my companies website.

Here is the form:

Code: [ Select ]
# This should be set to the username or alias that runs your
# http://www.server.
$recipient = 'bakery.retail@monoequip.com';

# This should be set to the URL of your home page, or wherever
# you wish users to return.
$homepage = 'http://www.monoequip.com/products/index.htm';
$homepage2 = 'http://www.monoequip.com/products/bretail/brprod.htm';

# This should match the mail program on your system.
$mailprog = '/usr/lib/sendmail';

# Print out a content-type for HTTP/1.0 compatibility
print "Content-type: text/html\n\n";

# Print a title and initial heading
print "";
print "
Thank you
";

# Get the input
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});

# Split the name-value pairs
@pairs = split(/&/, $buffer);

foreach $pair (@pairs)
{
  ($name, $value) = split(/=/, $pair);

  # Un-Webify plus signs and %-encoding
  $value =~ tr/+/ /;
  $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;

  # Stop people from using subsh*ll s to execute commands
  # Not a big deal when using sendmail, but very important
  # when using UCB mail (aka mailx).
  # $value =~ s/~!/ ~!/g;

  # Uncomment for debugging purposes
  # print "Setting $name to $value

";

  $FORM{$name} = $value;
}

# If the fullname is blank, then give a "blank form" response
&blank_response unless $FORM{'1stname'};
&blank_response unless $FORM{'2ndname'};
&blank_response unless $FORM{'companyname'};
&blank_response unless $FORM{'city'};
&blank_response unless $FORM{'country'};
&blank_response unless $FORM{'tel'};

if ($FORM{'water_meters'}) {&mail_to}
else
{if ($FORM{'mixers'}) {&mail_to]
else
  {if ($FORM{'dividers'}) {&mail_to]

&blank_response



# Now send mail to $recipient

sub mail_to
{
open (MAIL, "|$mailprog $recipient") || die "Can't open $mailprog!\n";
print MAIL "Subject: Website request form (Lead Ref:3717WB)\n\n";
print MAIL "Bakery Retail Mail Form\n\n";
print MAIL "Request for info from: $FORM{'1stname'} $FORM{'2ndname'} ($FORM{'companyname'})\n";
print MAIL "------------------------------------------------------------\n";
print MAIL "Address1: $FORM{'add1'}\n";
print MAIL "Address2: $FORM{'add2'}\n";
print MAIL "City: $FORM{'city'}\n";
print MAIL "Country: $FORM{'country'}\n";
print MAIL "Post/Zip Code: $FORM{'postcode'}\n";
print MAIL "Telephone: $FORM{'tel'}\n";
print MAIL "Email: $FORM{'email'}\n\n";
print MAIL "Email: $FORM{'product'}\n\n";
print MAIL "------------------------------------------------------------\n";
print MAIL "$FORM{'water_meters'}\n";
print MAIL "$FORM{'mixers'}\n";
print MAIL "$FORM{'dividers'}\n";
print MAIL "$FORM{'moulders'}\n";
print MAIL "$FORM{'refrigeration'}\n";
print MAIL "$FORM{'provers'}\n";
print MAIL "$FORM{'bread_plants'}\n";
print MAIL "$FORM{'roll_plants'}\n";
print MAIL "$FORM{'rack_deck_ovens'}\n";
print MAIL "$FORM{'bread_slicers'}\n";
print MAIL "$FORM{'depositors'}\n";
print MAIL "$FORM{'cake_decorating'}\n";
print MAIL "$FORM{'doughnut_cookers'}\n";
print MAIL "$FORM{'pastry_brakes'}\n";
print MAIL "$FORM{'ancillary_equip'}\n";
print MAIL "\n------------------------------------------------------------\n";
print MAIL "Server protocol: $ENV{'SERVER_PROTOCOL'}\n";
#print MAIL "Remote host: $ENV{'REMOTE_HOST'}\n";
print MAIL "Remote IP address: $ENV{'REMOTE_ADDR'}\n";
close (MAIL);
}

# Make the person feel good for writing to us
print "Thank you for sending your request to MONO Bakery Retail!

";
print "Return to our product index page.,

";

# ------------------------------------------------------------
# subroutine blank_response
sub blank_response
{
  print "You do not appear to have entered one of the required fields*. ";
  print "Please press your browser backpage button or return to our product index page to complete required fields.

";
  exit;
}
  1. # This should be set to the username or alias that runs your
  2. # http://www.server.
  3. $recipient = 'bakery.retail@monoequip.com';
  4. # This should be set to the URL of your home page, or wherever
  5. # you wish users to return.
  6. $homepage = 'http://www.monoequip.com/products/index.htm';
  7. $homepage2 = 'http://www.monoequip.com/products/bretail/brprod.htm';
  8. # This should match the mail program on your system.
  9. $mailprog = '/usr/lib/sendmail';
  10. # Print out a content-type for HTTP/1.0 compatibility
  11. print "Content-type: text/html\n\n";
  12. # Print a title and initial heading
  13. print "";
  14. print "
  15. Thank you
  16. ";
  17. # Get the input
  18. read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
  19. # Split the name-value pairs
  20. @pairs = split(/&/, $buffer);
  21. foreach $pair (@pairs)
  22. {
  23.   ($name, $value) = split(/=/, $pair);
  24.   # Un-Webify plus signs and %-encoding
  25.   $value =~ tr/+/ /;
  26.   $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
  27.   # Stop people from using subsh*ll s to execute commands
  28.   # Not a big deal when using sendmail, but very important
  29.   # when using UCB mail (aka mailx).
  30.   # $value =~ s/~!/ ~!/g;
  31.   # Uncomment for debugging purposes
  32.   # print "Setting $name to $value
  33. ";
  34.   $FORM{$name} = $value;
  35. }
  36. # If the fullname is blank, then give a "blank form" response
  37. &blank_response unless $FORM{'1stname'};
  38. &blank_response unless $FORM{'2ndname'};
  39. &blank_response unless $FORM{'companyname'};
  40. &blank_response unless $FORM{'city'};
  41. &blank_response unless $FORM{'country'};
  42. &blank_response unless $FORM{'tel'};
  43. if ($FORM{'water_meters'}) {&mail_to}
  44. else
  45. {if ($FORM{'mixers'}) {&mail_to]
  46. else
  47.   {if ($FORM{'dividers'}) {&mail_to]
  48. &blank_response
  49. # Now send mail to $recipient
  50. sub mail_to
  51. {
  52. open (MAIL, "|$mailprog $recipient") || die "Can't open $mailprog!\n";
  53. print MAIL "Subject: Website request form (Lead Ref:3717WB)\n\n";
  54. print MAIL "Bakery Retail Mail Form\n\n";
  55. print MAIL "Request for info from: $FORM{'1stname'} $FORM{'2ndname'} ($FORM{'companyname'})\n";
  56. print MAIL "------------------------------------------------------------\n";
  57. print MAIL "Address1: $FORM{'add1'}\n";
  58. print MAIL "Address2: $FORM{'add2'}\n";
  59. print MAIL "City: $FORM{'city'}\n";
  60. print MAIL "Country: $FORM{'country'}\n";
  61. print MAIL "Post/Zip Code: $FORM{'postcode'}\n";
  62. print MAIL "Telephone: $FORM{'tel'}\n";
  63. print MAIL "Email: $FORM{'email'}\n\n";
  64. print MAIL "Email: $FORM{'product'}\n\n";
  65. print MAIL "------------------------------------------------------------\n";
  66. print MAIL "$FORM{'water_meters'}\n";
  67. print MAIL "$FORM{'mixers'}\n";
  68. print MAIL "$FORM{'dividers'}\n";
  69. print MAIL "$FORM{'moulders'}\n";
  70. print MAIL "$FORM{'refrigeration'}\n";
  71. print MAIL "$FORM{'provers'}\n";
  72. print MAIL "$FORM{'bread_plants'}\n";
  73. print MAIL "$FORM{'roll_plants'}\n";
  74. print MAIL "$FORM{'rack_deck_ovens'}\n";
  75. print MAIL "$FORM{'bread_slicers'}\n";
  76. print MAIL "$FORM{'depositors'}\n";
  77. print MAIL "$FORM{'cake_decorating'}\n";
  78. print MAIL "$FORM{'doughnut_cookers'}\n";
  79. print MAIL "$FORM{'pastry_brakes'}\n";
  80. print MAIL "$FORM{'ancillary_equip'}\n";
  81. print MAIL "\n------------------------------------------------------------\n";
  82. print MAIL "Server protocol: $ENV{'SERVER_PROTOCOL'}\n";
  83. #print MAIL "Remote host: $ENV{'REMOTE_HOST'}\n";
  84. print MAIL "Remote IP address: $ENV{'REMOTE_ADDR'}\n";
  85. close (MAIL);
  86. }
  87. # Make the person feel good for writing to us
  88. print "Thank you for sending your request to MONO Bakery Retail!
  89. ";
  90. print "Return to our product index page.,
  91. ";
  92. # ------------------------------------------------------------
  93. # subroutine blank_response
  94. sub blank_response
  95. {
  96.   print "You do not appear to have entered one of the required fields*. ";
  97.   print "Please press your browser backpage button or return to our product index page to complete required fields.
  98. ";
  99.   exit;
  100. }

As you can see I can validate the name, company etc so the user has to inout that info otherwise they will be told and not allowed to send the form.

But I need to validate that at least one checkbox is clicked (for selecting a product).

i.e print MAIL "$FORM{'dividers'}\n";

We have been getting alot of forms coming in to us wihere the product info is empty and I must get this sorted. Can any one help me out or point me in the right direction.

Thanks, will be most appreaciative

Take care
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • Carnix
  • Guru
  • Guru
  • User avatar
  • Posts: 1098

Post 3+ Months Ago

I suggest using Javascript to do your validation. It's faster, because nothing gets submitted unless it works, so there isn't any client-server interaction going on except for when the data is valid.

in JS, you'd do a checkbox validation something like the following. It's a VERY simple example of how to loop through an array of like-named checkbox elements with JS, but it's not really that complicated. The key is to remember that checkboxes, when there are more than one with the same name, are passed as an array, not as individual elements. In Perl, this means they are much more complicated to parse, because the ENV collection is already an array. So, you have to pull the checkbox element, then treat that element as an array itself... pffffft. Just do your validation on the client... These days, everyone has Javascript.. the 1 person out of 10000 that doesn't can be dealt with on an ad hoc basis.

Code: [ Select ]
<script LANGUAGE="javascript" TYPE="text/javascript">
function is_checked(form_obj){
 for(i=0;(i<form_obj.mychecks.length);i++){
  if(form_obj.mychecks.checked){ return true;}
 }
 return false;
}
</script>

<html>
<form METHOD="post" NAME="myform" onSubmit="return is_checked(this);">
<input TYPE="checkbox" NAME="mychecks" VALUE="one"><br>
<input TYPE="checkbox" NAME="mychecks" VALUE="two"><br>
<input TYPE="checkbox" NAME="mychecks" VALUE="three"><br>
<input TYPE="submit" NAME="submit">
</form>
</html>
  1. <script LANGUAGE="javascript" TYPE="text/javascript">
  2. function is_checked(form_obj){
  3.  for(i=0;(i<form_obj.mychecks.length);i++){
  4.   if(form_obj.mychecks.checked){ return true;}
  5.  }
  6.  return false;
  7. }
  8. </script>
  9. <html>
  10. <form METHOD="post" NAME="myform" onSubmit="return is_checked(this);">
  11. <input TYPE="checkbox" NAME="mychecks" VALUE="one"><br>
  12. <input TYPE="checkbox" NAME="mychecks" VALUE="two"><br>
  13. <input TYPE="checkbox" NAME="mychecks" VALUE="three"><br>
  14. <input TYPE="submit" NAME="submit">
  15. </form>
  16. </html>
  • rtm223
  • Mastermind
  • Mastermind
  • User avatar
  • Posts: 1855
  • Loc: Uk

Post 3+ Months Ago

Carnix wrote:
I suggest using Javascript to do your validation. It's faster, because nothing gets submitted unless it works, so there isn't any client-server interaction going on except for when the data is valid.


until someone sends uploads a form with javascript turned off...

Or the start typing get vars into the url bar

I definately agree js is better for both the server and the user, but if you <b><i>need</i></b> to have the data validated or any reason, it's a bit risky.

Not having a go carnix :wink:
  • Carnix
  • Guru
  • Guru
  • User avatar
  • Posts: 1098

Post 3+ Months Ago

Carnix wrote:
Not having a go carnix :wink:

It's all good., this is a forum afterall =]
Quote:
fo·rum ( P ) (fôrm, fr-)
- A public meeting place for open discussion.
- A medium of open discussion or voicing of ideas, such as a newspaper or a radio or television program.
- A public meeting or presentation involving a discussion usually among experts and often including audience participation.


Anyway, you're quite right about folks without JavaScript turn on, or who try to fiddle with the query string (you can only accept data via POST to get around that... legit users aren't going to bother spoofing POST data anyway). However, that's going to be an extremely few number of people (like 5 :) ), and if they're smart enough to disable JS, which as far as I know, is on by default in every major browser, then they should be smart enough to fill out required data since they are trying to order something after all... I don't know, maybe I'm giving too much credit to the human masses, but it seems to me the VAST majority of people who would submit an order without actually selecting a product to buy wouldn't know a querystring if it bit them on the ass, and wouldn't know how to disable JavaScript if their life depended on it...
.c
  • this213
  • Guru
  • Guru
  • User avatar
  • Posts: 1260
  • Loc: ./

Post 3+ Months Ago

I usually use a combination of both JS and perl for form validation. Make the fields you need to have required via JavaScript, then re-check them in your script. After all, how hard is it to say
if ($ENV{'variable'} eq 'something_not_right') { &trash_the_form; } ?

As to the script you posted: In the first place, you should have wrapped it in code tags [\code][\/code] (remove the \'s), second, you should replace this:
Code: [ Select ]
# If the fullname is blank, then give a "blank form" response
&blank_response unless $FORM{'1stname'};
&blank_response unless $FORM{'2ndname'};
&blank_response unless $FORM{'companyname'};
&blank_response unless $FORM{'city'};
&blank_response unless $FORM{'country'};
&blank_response unless $FORM{'tel'};

if ($FORM{'water_meters'}) {&mail_to}
else
{if ($FORM{'mixers'}) {&mail_to]
else
{if ($FORM{'dividers'}) {&mail_to]

&blank_response
  1. # If the fullname is blank, then give a "blank form" response
  2. &blank_response unless $FORM{'1stname'};
  3. &blank_response unless $FORM{'2ndname'};
  4. &blank_response unless $FORM{'companyname'};
  5. &blank_response unless $FORM{'city'};
  6. &blank_response unless $FORM{'country'};
  7. &blank_response unless $FORM{'tel'};
  8. if ($FORM{'water_meters'}) {&mail_to}
  9. else
  10. {if ($FORM{'mixers'}) {&mail_to]
  11. else
  12. {if ($FORM{'dividers'}) {&mail_to]
  13. &blank_response

with this:
Code: [ Select ]
# Put your "must have's" here {
unless($FORM{'1stname'}&&$FORM{'2ndname'}&&$FORM{'companyname'}
    &&$FORM{'city'}&&$FORM{'country'}&&$FORM{'tel'}) {
    &blank_response;
} else {

# Put you "have to have one of's" here {
    unless($FORM{'dividers'}||$FORM{'water_meters'}||$FORM{'mixers'}) {
        &blank_response;
    } else {
         &mail_to;
    }
}
  1. # Put your "must have's" here {
  2. unless($FORM{'1stname'}&&$FORM{'2ndname'}&&$FORM{'companyname'}
  3.     &&$FORM{'city'}&&$FORM{'country'}&&$FORM{'tel'}) {
  4.     &blank_response;
  5. } else {
  6. # Put you "have to have one of's" here {
  7.     unless($FORM{'dividers'}||$FORM{'water_meters'}||$FORM{'mixers'}) {
  8.         &blank_response;
  9.     } else {
  10.          &mail_to;
  11.     }
  12. }

And at least that will get you started in the right direction.

hth
This
  • rtm223
  • Mastermind
  • Mastermind
  • User avatar
  • Posts: 1855
  • Loc: Uk

Post 3+ Months Ago

At Carnix:
Even if you use post, people can still feasable make a mock up of your form to post their own data :lol: I think it's best to always consider any variable coming from the user as a potential threat.

Quote:
I don't know, maybe I'm giving too much credit to the human masses

Never give ANY credit to human masses.

I have been thinking along the same lines as this213. Make a server-side script to validate the form data, and then a reduced javascript version - that way the user does not have to keep on refreshing the page because they are dumb and made loads of errors.

BTW carnix, the supposed stat for people with javascript off is between 6-10%, not 1 in 10,000 - most of which are on business networks where the sys admid has kindly disabled it for them. In which case they probably don't know how to turn it back on.
  • deefadog
  • Newbie
  • Newbie
  • deefadog
  • Posts: 13
  • Loc: Wales

Post 3+ Months Ago

Thanks for the replys! I Understand the JS, but I took over this website from someone else and there are loads of forms, and I have not got the time or man power to get this website how i would like, i would love to add CS as well but, o well, it pays the bills :)

this213 - Thanks for your kind reply, I'll put it to work ASAP and let you know how it goes.

Thanks again, great place here (why have I not heard/found of this place before, d'oh)
  • deefadog
  • Newbie
  • Newbie
  • deefadog
  • Posts: 13
  • Loc: Wales

Post 3+ Months Ago

Yep worked like a charm.

Thankyou again

take care
  • plumloopy
  • Newbie
  • Newbie
  • plumloopy
  • Posts: 5

Post 3+ Months Ago

I'm having a similar problem, but with a different solution? :(

My scenario is listed here: http://www.ozzu.com/programming-forum/require-least-one-checkbox-long-list-using-formmail-t26563.html

Post Information

  • Total Posts in this topic: 9 posts
  • Users browsing this forum: No registered users and 97 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.