Back To Programming / Scripting / Coding Forum

Perl help - validating more than one field

  • deefadog
  • Newbie
  • Newbie
  • No Avatar
  • Joined: May 24, 2004
  • Posts: 13
  • Loc: Wales
  • Status: Offline

Post May 24th, 2004, 7:16 am

Hi all, i am not very fluent with perl and I have search the web for this answer but with no luck. Hope I can explain my self clearly.
I have a form script that I use for several different form on my companies website.

Here is the form:

Code: [ Select ]
# This should be set to the username or alias that runs your
# http://www.server.
$recipient = 'bakery.retail@monoequip.com';

# This should be set to the URL of your home page, or wherever
# you wish users to return.
$homepage = 'http://www.monoequip.com/products/index.htm';
$homepage2 = 'http://www.monoequip.com/products/bretail/brprod.htm';

# This should match the mail program on your system.
$mailprog = '/usr/lib/sendmail';

# Print out a content-type for HTTP/1.0 compatibility
print "Content-type: text/html\n\n";

# Print a title and initial heading
print "";
print "
Thank you
";

# Get the input
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});

# Split the name-value pairs
@pairs = split(/&/, $buffer);

foreach $pair (@pairs)
{
  ($name, $value) = split(/=/, $pair);

  # Un-Webify plus signs and %-encoding
  $value =~ tr/+/ /;
  $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;

  # Stop people from using subsh*ll s to execute commands
  # Not a big deal when using sendmail, but very important
  # when using UCB mail (aka mailx).
  # $value =~ s/~!/ ~!/g;

  # Uncomment for debugging purposes
  # print "Setting $name to $value

";

  $FORM{$name} = $value;
}

# If the fullname is blank, then give a "blank form" response
&blank_response unless $FORM{'1stname'};
&blank_response unless $FORM{'2ndname'};
&blank_response unless $FORM{'companyname'};
&blank_response unless $FORM{'city'};
&blank_response unless $FORM{'country'};
&blank_response unless $FORM{'tel'};

if ($FORM{'water_meters'}) {&mail_to}
else
{if ($FORM{'mixers'}) {&mail_to]
else
  {if ($FORM{'dividers'}) {&mail_to]

&blank_response



# Now send mail to $recipient

sub mail_to
{
open (MAIL, "|$mailprog $recipient") || die "Can't open $mailprog!\n";
print MAIL "Subject: Website request form (Lead Ref:3717WB)\n\n";
print MAIL "Bakery Retail Mail Form\n\n";
print MAIL "Request for info from: $FORM{'1stname'} $FORM{'2ndname'} ($FORM{'companyname'})\n";
print MAIL "------------------------------------------------------------\n";
print MAIL "Address1: $FORM{'add1'}\n";
print MAIL "Address2: $FORM{'add2'}\n";
print MAIL "City: $FORM{'city'}\n";
print MAIL "Country: $FORM{'country'}\n";
print MAIL "Post/Zip Code: $FORM{'postcode'}\n";
print MAIL "Telephone: $FORM{'tel'}\n";
print MAIL "Email: $FORM{'email'}\n\n";
print MAIL "Email: $FORM{'product'}\n\n";
print MAIL "------------------------------------------------------------\n";
print MAIL "$FORM{'water_meters'}\n";
print MAIL "$FORM{'mixers'}\n";
print MAIL "$FORM{'dividers'}\n";
print MAIL "$FORM{'moulders'}\n";
print MAIL "$FORM{'refrigeration'}\n";
print MAIL "$FORM{'provers'}\n";
print MAIL "$FORM{'bread_plants'}\n";
print MAIL "$FORM{'roll_plants'}\n";
print MAIL "$FORM{'rack_deck_ovens'}\n";
print MAIL "$FORM{'bread_slicers'}\n";
print MAIL "$FORM{'depositors'}\n";
print MAIL "$FORM{'cake_decorating'}\n";
print MAIL "$FORM{'doughnut_cookers'}\n";
print MAIL "$FORM{'pastry_brakes'}\n";
print MAIL "$FORM{'ancillary_equip'}\n";
print MAIL "\n------------------------------------------------------------\n";
print MAIL "Server protocol: $ENV{'SERVER_PROTOCOL'}\n";
#print MAIL "Remote host: $ENV{'REMOTE_HOST'}\n";
print MAIL "Remote IP address: $ENV{'REMOTE_ADDR'}\n";
close (MAIL);
}

# Make the person feel good for writing to us
print "Thank you for sending your request to MONO Bakery Retail!

";
print "Return to our product index page.,

";

# ------------------------------------------------------------
# subroutine blank_response
sub blank_response
{
  print "You do not appear to have entered one of the required fields*. ";
  print "Please press your browser backpage button or return to our product index page to complete required fields.

";
  exit;
}
  1. # This should be set to the username or alias that runs your
  2. # http://www.server.
  3. $recipient = 'bakery.retail@monoequip.com';
  5. # This should be set to the URL of your home page, or wherever
  6. # you wish users to return.
  7. $homepage = 'http://www.monoequip.com/products/index.htm';
  8. $homepage2 = 'http://www.monoequip.com/products/bretail/brprod.htm';
  10. # This should match the mail program on your system.
  11. $mailprog = '/usr/lib/sendmail';
  13. # Print out a content-type for HTTP/1.0 compatibility
  14. print "Content-type: text/html\n\n";
  16. # Print a title and initial heading
  17. print "";
  18. print "
  19. Thank you
  20. ";
  22. # Get the input
  23. read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
  25. # Split the name-value pairs
  26. @pairs = split(/&/, $buffer);
  28. foreach $pair (@pairs)
  29. {
  30.   ($name, $value) = split(/=/, $pair);
  32.   # Un-Webify plus signs and %-encoding
  33.   $value =~ tr/+/ /;
  34.   $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
  36.   # Stop people from using subsh*ll s to execute commands
  37.   # Not a big deal when using sendmail, but very important
  38.   # when using UCB mail (aka mailx).
  39.   # $value =~ s/~!/ ~!/g;
  41.   # Uncomment for debugging purposes
  42.   # print "Setting $name to $value
  44. ";
  46.   $FORM{$name} = $value;
  47. }
  49. # If the fullname is blank, then give a "blank form" response
  50. &blank_response unless $FORM{'1stname'};
  51. &blank_response unless $FORM{'2ndname'};
  52. &blank_response unless $FORM{'companyname'};
  53. &blank_response unless $FORM{'city'};
  54. &blank_response unless $FORM{'country'};
  55. &blank_response unless $FORM{'tel'};
  57. if ($FORM{'water_meters'}) {&mail_to}
  58. else
  59. {if ($FORM{'mixers'}) {&mail_to]
  60. else
  61.   {if ($FORM{'dividers'}) {&mail_to]
  63. &blank_response
  67. # Now send mail to $recipient
  69. sub mail_to
  70. {
  71. open (MAIL, "|$mailprog $recipient") || die "Can't open $mailprog!\n";
  72. print MAIL "Subject: Website request form (Lead Ref:3717WB)\n\n";
  73. print MAIL "Bakery Retail Mail Form\n\n";
  74. print MAIL "Request for info from: $FORM{'1stname'} $FORM{'2ndname'} ($FORM{'companyname'})\n";
  75. print MAIL "------------------------------------------------------------\n";
  76. print MAIL "Address1: $FORM{'add1'}\n";
  77. print MAIL "Address2: $FORM{'add2'}\n";
  78. print MAIL "City: $FORM{'city'}\n";
  79. print MAIL "Country: $FORM{'country'}\n";
  80. print MAIL "Post/Zip Code: $FORM{'postcode'}\n";
  81. print MAIL "Telephone: $FORM{'tel'}\n";
  82. print MAIL "Email: $FORM{'email'}\n\n";
  83. print MAIL "Email: $FORM{'product'}\n\n";
  84. print MAIL "------------------------------------------------------------\n";
  85. print MAIL "$FORM{'water_meters'}\n";
  86. print MAIL "$FORM{'mixers'}\n";
  87. print MAIL "$FORM{'dividers'}\n";
  88. print MAIL "$FORM{'moulders'}\n";
  89. print MAIL "$FORM{'refrigeration'}\n";
  90. print MAIL "$FORM{'provers'}\n";
  91. print MAIL "$FORM{'bread_plants'}\n";
  92. print MAIL "$FORM{'roll_plants'}\n";
  93. print MAIL "$FORM{'rack_deck_ovens'}\n";
  94. print MAIL "$FORM{'bread_slicers'}\n";
  95. print MAIL "$FORM{'depositors'}\n";
  96. print MAIL "$FORM{'cake_decorating'}\n";
  97. print MAIL "$FORM{'doughnut_cookers'}\n";
  98. print MAIL "$FORM{'pastry_brakes'}\n";
  99. print MAIL "$FORM{'ancillary_equip'}\n";
  100. print MAIL "\n------------------------------------------------------------\n";
  101. print MAIL "Server protocol: $ENV{'SERVER_PROTOCOL'}\n";
  102. #print MAIL "Remote host: $ENV{'REMOTE_HOST'}\n";
  103. print MAIL "Remote IP address: $ENV{'REMOTE_ADDR'}\n";
  104. close (MAIL);
  105. }
  107. # Make the person feel good for writing to us
  108. print "Thank you for sending your request to MONO Bakery Retail!
  110. ";
  111. print "Return to our product index page.,
  113. ";
  115. # ------------------------------------------------------------
  116. # subroutine blank_response
  117. sub blank_response
  118. {
  119.   print "You do not appear to have entered one of the required fields*. ";
  120.   print "Please press your browser backpage button or return to our product index page to complete required fields.
  122. ";
  123.   exit;
  124. }

As you can see I can validate the name, company etc so the user has to inout that info otherwise they will be told and not allowed to send the form.

But I need to validate that at least one checkbox is clicked (for selecting a product).

i.e print MAIL "$FORM{'dividers'}\n";

We have been getting alot of forms coming in to us wihere the product info is empty and I must get this sorted. Can any one help me out or point me in the right direction.

Thanks, will be most appreaciative

Take care
  • Anonymous
  • Bot
  • No Avatar
  • Joined: 25 Feb 2008
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post May 24th, 2004, 7:16 am

  • Carnix
  • Guru
  • Guru
  • User avatar
  • Joined: Apr 28, 2004
  • Posts: 1099
  • Status: Offline

Post May 24th, 2004, 7:45 am

I suggest using Javascript to do your validation. It's faster, because nothing gets submitted unless it works, so there isn't any client-server interaction going on except for when the data is valid.

in JS, you'd do a checkbox validation something like the following. It's a VERY simple example of how to loop through an array of like-named checkbox elements with JS, but it's not really that complicated. The key is to remember that checkboxes, when there are more than one with the same name, are passed as an array, not as individual elements. In Perl, this means they are much more complicated to parse, because the ENV collection is already an array. So, you have to pull the checkbox element, then treat that element as an array itself... pffffft. Just do your validation on the client... These days, everyone has Javascript.. the 1 person out of 10000 that doesn't can be dealt with on an ad hoc basis.

Code: [ Select ]
<script LANGUAGE="javascript" TYPE="text/javascript">
function is_checked(form_obj){
 for(i=0;(i<form_obj.mychecks.length);i++){
  if(form_obj.mychecks.checked){ return true;}
 }
 return false;
}
</script>

<html>
<form METHOD="post" NAME="myform" onSubmit="return is_checked(this);">
<input TYPE="checkbox" NAME="mychecks" VALUE="one"><br>
<input TYPE="checkbox" NAME="mychecks" VALUE="two"><br>
<input TYPE="checkbox" NAME="mychecks" VALUE="three"><br>
<input TYPE="submit" NAME="submit">
</form>
</html>
  1. <script LANGUAGE="javascript" TYPE="text/javascript">
  2. function is_checked(form_obj){
  3.  for(i=0;(i<form_obj.mychecks.length);i++){
  4.   if(form_obj.mychecks.checked){ return true;}
  5.  }
  6.  return false;
  7. }
  8. </script>
  10. <html>
  11. <form METHOD="post" NAME="myform" onSubmit="return is_checked(this);">
  12. <input TYPE="checkbox" NAME="mychecks" VALUE="one"><br>
  13. <input TYPE="checkbox" NAME="mychecks" VALUE="two"><br>
  14. <input TYPE="checkbox" NAME="mychecks" VALUE="three"><br>
  15. <input TYPE="submit" NAME="submit">
  16. </form>
  17. </html>
  • rtm223
  • Mastermind
  • Mastermind
  • User avatar
  • Joined: Mar 24, 2004
  • Posts: 1855
  • Loc: Uk
  • Status: Offline

Post May 24th, 2004, 7:52 am

Carnix wrote:
I suggest using Javascript to do your validation. It's faster, because nothing gets submitted unless it works, so there isn't any client-server interaction going on except for when the data is valid.


until someone sends uploads a form with javascript turned off...

Or the start typing get vars into the url bar

I definately agree js is better for both the server and the user, but if you <b><i>need</i></b> to have the data validated or any reason, it's a bit risky.

Not having a go carnix :wink:
CSS website design tutorials
  • Carnix
  • Guru
  • Guru
  • User avatar
  • Joined: Apr 28, 2004
  • Posts: 1099
  • Status: Offline

Post May 24th, 2004, 8:10 am

Carnix wrote:
Not having a go carnix :wink:

It's all good., this is a forum afterall =]
Quote:
fo·rum ( P ) (fôrm, fr-)
- A public meeting place for open discussion.
- A medium of open discussion or voicing of ideas, such as a newspaper or a radio or television program.
- A public meeting or presentation involving a discussion usually among experts and often including audience participation.


Anyway, you're quite right about folks without JavaScript turn on, or who try to fiddle with the query string (you can only accept data via POST to get around that... legit users aren't going to bother spoofing POST data anyway). However, that's going to be an extremely few number of people (like 5 :) ), and if they're smart enough to disable JS, which as far as I know, is on by default in every major browser, then they should be smart enough to fill out required data since they are trying to order something after all... I don't know, maybe I'm giving too much credit to the human masses, but it seems to me the VAST majority of people who would submit an order without actually selecting a product to buy wouldn't know a querystring if it bit them on the ass, and wouldn't know how to disable JavaScript if their life depended on it...
.c
  • this213
  • Guru
  • Guru
  • User avatar
  • Joined: Mar 01, 2004
  • Posts: 1242
  • Loc: ./
  • Status: Offline

Post May 24th, 2004, 4:33 pm

I usually use a combination of both JS and perl for form validation. Make the fields you need to have required via JavaScript, then re-check them in your script. After all, how hard is it to say
if ($ENV{'variable'} eq 'something_not_right') { &trash_the_form; } ?

As to the script you posted: In the first place, you should have wrapped it in code tags [\code][\/code] (remove the \'s), second, you should replace this:
Code: [ Select ]
# If the fullname is blank, then give a "blank form" response
&blank_response unless $FORM{'1stname'};
&blank_response unless $FORM{'2ndname'};
&blank_response unless $FORM{'companyname'};
&blank_response unless $FORM{'city'};
&blank_response unless $FORM{'country'};
&blank_response unless $FORM{'tel'};

if ($FORM{'water_meters'}) {&mail_to}
else
{if ($FORM{'mixers'}) {&mail_to]
else
{if ($FORM{'dividers'}) {&mail_to]

&blank_response
  1. # If the fullname is blank, then give a "blank form" response
  2. &blank_response unless $FORM{'1stname'};
  3. &blank_response unless $FORM{'2ndname'};
  4. &blank_response unless $FORM{'companyname'};
  5. &blank_response unless $FORM{'city'};
  6. &blank_response unless $FORM{'country'};
  7. &blank_response unless $FORM{'tel'};
  9. if ($FORM{'water_meters'}) {&mail_to}
  10. else
  11. {if ($FORM{'mixers'}) {&mail_to]
  12. else
  13. {if ($FORM{'dividers'}) {&mail_to]
  15. &blank_response

with this:
Code: [ Select ]
# Put your "must have's" here {
unless($FORM{'1stname'}&&$FORM{'2ndname'}&&$FORM{'companyname'}
    &&$FORM{'city'}&&$FORM{'country'}&&$FORM{'tel'}) {
    &blank_response;
} else {

# Put you "have to have one of's" here {
    unless($FORM{'dividers'}||$FORM{'water_meters'}||$FORM{'mixers'}) {
        &blank_response;
    } else {
         &mail_to;
    }
}
  1. # Put your "must have's" here {
  2. unless($FORM{'1stname'}&&$FORM{'2ndname'}&&$FORM{'companyname'}
  3.     &&$FORM{'city'}&&$FORM{'country'}&&$FORM{'tel'}) {
  4.     &blank_response;
  5. } else {
  7. # Put you "have to have one of's" here {
  8.     unless($FORM{'dividers'}||$FORM{'water_meters'}||$FORM{'mixers'}) {
  9.         &blank_response;
  10.     } else {
  11.          &mail_to;
  12.     }
  13. }

And at least that will get you started in the right direction.

hth
This
  • rtm223
  • Mastermind
  • Mastermind
  • User avatar
  • Joined: Mar 24, 2004
  • Posts: 1855
  • Loc: Uk
  • Status: Offline

Post May 25th, 2004, 1:03 am

At Carnix:
Even if you use post, people can still feasable make a mock up of your form to post their own data :lol: I think it's best to always consider any variable coming from the user as a potential threat.

Quote:
I don't know, maybe I'm giving too much credit to the human masses

Never give ANY credit to human masses.

I have been thinking along the same lines as this213. Make a server-side script to validate the form data, and then a reduced javascript version - that way the user does not have to keep on refreshing the page because they are dumb and made loads of errors.

BTW carnix, the supposed stat for people with javascript off is between 6-10%, not 1 in 10,000 - most of which are on business networks where the sys admid has kindly disabled it for them. In which case they probably don't know how to turn it back on.
CSS website design tutorials
  • deefadog
  • Newbie
  • Newbie
  • No Avatar
  • Joined: May 24, 2004
  • Posts: 13
  • Loc: Wales
  • Status: Offline

Post May 25th, 2004, 1:13 am

Thanks for the replys! I Understand the JS, but I took over this website from someone else and there are loads of forms, and I have not got the time or man power to get this website how i would like, i would love to add CS as well but, o well, it pays the bills :)

this213 - Thanks for your kind reply, I'll put it to work ASAP and let you know how it goes.

Thanks again, great place here (why have I not heard/found of this place before, d'oh)
  • deefadog
  • Newbie
  • Newbie
  • No Avatar
  • Joined: May 24, 2004
  • Posts: 13
  • Loc: Wales
  • Status: Offline

Post May 25th, 2004, 8:22 am

Yep worked like a charm.

Thankyou again

take care
  • plumloopy
  • Newbie
  • Newbie
  • No Avatar
  • Joined: Jun 11, 2004
  • Posts: 5
  • Status: Offline

Post June 14th, 2004, 11:49 am

I'm having a similar problem, but with a different solution? :(

My scenario is listed here: http://www.ozzu.com/programming-forum/require-least-one-checkbox-long-list-using-formmail-t26563.html

Page 1 of 1

Post Information

  • Total Posts in this topic: 9 posts
  • Users browsing this forum: No registered users and 195 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
cron
 

© 2011 Unmelted, LLC. Ozzu® is a registered trademark of Unmelted, LLC.