1

即使电子邮件地址无效,我的邮件表单仍在发送电子邮件。例如,如果我将电子邮件填写为“bob”,然后点击提交,我的 javascript 验证器会发出警告消息,但电子邮件仍然可以通过。它以 bob@mydomain.com 的形式出现在我的垃圾邮件箱中

如何验证电子邮件地址,并在未验证时阻止提交?

我是 php 新手。

HTML:

 <div id="emailform">
                <h2>Confirm your purchase information</h2>
                <hr>
                <form method="post" name="contactform" action="mail_form.php" id="submit">
                <p>
                <label for='name'>Your Name:</label> <br>
                <input type="text" name="name">
                </p>
                <p>
                <label for='email'>Email Address:</label> <br>
                <input type="text" name="email">
                </p>
                <p>
                <label for='purchasecode'>Purchase Code:</label> <br>
                <input type="text" name="purchasecode">
                </p>
                <p>
                <label for='vendor'>Vendor Name:</label> <br>
                <select name="vendor">
                  <option value="" selected="selected"></option>
                  <option value="Amazon" >Amazon</option>
                  <option value="Barnes&Noble" >Barnes &amp; Noble</option>
                  <option value="Family Christian" >Family Christian</option>
                  <option value="Christianbook" >Christianbook.com</option>
                  <option value="LifeWay" >LifeWay</option>
                  <option value="BAM" >Books-A-Million</option>
                  <option value="Mardel" >Mardel</option>
                </select>
                </p>
                <button type="submit" id="submitbutton" name="submit" value="Submit" class="mainButton">SUBMIT</button><br>
                </form>

<!--            Code for validating the form
                Visit http://www.javascript-coder.com/html-form/javascript-form-validation.phtml
                for details -->
                <script type="text/javascript">
                var frmvalidator  = new Validator("contactform");
                frmvalidator.addValidation("name","req","Please provide your name");
                frmvalidator.addValidation("email","email","Please enter a valid email address");
                frmvalidator.addValidation("vendor","dontselect=000");
                frmvalidator.addValidation("purchasecode","maxlen=50");
                </script>
            </div>

PHP:

<?php
ini_set('display_errors',1);
 error_reporting(E_ALL);

if(!isset($_POST['submit']))
{
  //This page should not be accessed directly. Need to submit the form.
  echo "error; you need to submit the form!";
}
$name = $_POST['name'];
$email = $_POST['email'];
$purchasecode = $_POST['purchasecode'];
$vendor = $_POST['vendor'];


//Validate first
if(empty($_POST['name'])  ||
   empty($_POST['email']) ||
   empty($_POST['purchasecode']) ||
   empty($_POST['vendor']))
{
    echo "All fields are required.";
exit;
}

if(IsInjected($email))
{
    echo "Bad email value!";
    exit;
}

$email_from = $email;
$email_subject = "GDFY Purchase Confirmation";
$email_body = "New purchase confirmation from $name.\n".
    "Here are the details:\n\n Name: $name \n\n Email: $email \n\n Purchase Code: $purchasecode \n\n Vendor: $vendor";

$to = "idc615@gmail.com";//<== update the email address

$headers = "From: $email_from \r\n";
$headers .= "Reply-To: $email_from \r\n";
//Send the email!
mail($to,$email_subject,$email_body,$headers);
//done. redirect to thank-you page.
header('Location: index.html');

// echo "success";


// Function to validate against any email injection attempts
function IsInjected($str)
{
  $injections = array('(\n+)',
              '(\r+)',
              '(\t+)',
              '(%0A+)',
              '(%0D+)',
              '(%08+)',
              '(%09+)'
              );
  $inject = join('|', $injections);
  $inject = "/$inject/i";
  if(preg_match($inject,$str))
    {
    return true;
  }
  else
    {
    return false;
  }
}

?>

Javascript:

  $('#submit').submit(function() { // catch the form's submit event
      $.ajax({ // create an AJAX call...
          data: $(this).serialize(), // get the form data
          type: $(this).attr('method'), // GET or POST
          url: $(this).attr('action'), // the file to call
          success: function(response) { // on success..
              $('#emailform').html("<h2 style='text-align:center;'>Thank you!</h2><hr><p style='text-align:center;'>Thank you for submitting your purchase information.<br>We will send your free gifts soon!</p>"); // update the DIV
          }
      });
      return false; // cancel original event to prevent form submitting
  });
4

6 回答 6

2

您可以使用 filter_var :

if( filter_var('bob@example.com', FILTER_VALIDATE_EMAIL) )
{
    Do_stuff();
}
于 2013-09-04T14:24:35.497 回答
0

我建议在前端和后端进行过滤。前端用于防止对服务器造成不必要的攻击并提供更有效和及时的反馈,后端用于捕获前端允许通过的任何内容(因为它可以被绕过)

我选择的前端脚本是jQuery Ketchup

在后端,filter_var可以正常工作,如果您使用的是旧版本的 PHP,regex 也可以。

于 2013-09-04T14:29:18.257 回答
0

这是我使用的,它使用 Ajax 和 jQuery 运行良好。欢迎您使用它并进行修改以适应。

包括 HTML 表单和 PHP 处理程序。

HTML 表单

<!DOCTYPE html>

<head>

<script src="//ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js"></script>
<script type="text/javascript">

$(document).ready(function(){

    $('#submit').click(function(){
        $('#success').hide(1);
        $.post("ajax_handler.php", $("#contact").serialize(),  function(response) {
            $('#success').html(response);
            $('#success').show(1000);
        });
        return false;

    });

});
</script>

<style>

html {
/*    height: 100%; */

height:auto;
}
body {
    background:#000;
/*  background: url(bg.png);
    background-repeat:repeat;*/
    margin: 0px;
    padding: 0px;
    height: 100%;
    color: #fff;
    font-family: Proxima, sans-serif;;
}


#empty {
    display:block;
    clear:both;
    height:150px;
    width:auto;
    background:none;
    border:none;
}


#contact ul{
    margin-left:10px;
    list-style:none;
}


#contact ul li{
    margin-left:0px;
    list-style:none;
}

</style>

</head>

<body>

<form id="contact" action="" method="post">
<ul>
    <li>
        <label for="name">Name:</label><br>
        <input id="name" type="text" name="name"  width="250" size="35" required/>
    </li>
    <li>
        <label for="email">Email:</label><br>
        <input id="email" type="text" name="email" width="250" size="35" required/>
    </li>
<br><br>
    <li>
        <label for="message">Message:</label><br>
        <textarea id="message" name="message" rows="6" cols="40" required></textarea>
    </li>
    <li><input type="button" value=" SEND " id="submit" /><input type="reset" value="Reset" name="reset">
<div id="success" style="color: yellow;"></div></li>
</ul>


</form>
</body>

</html>

处理程序(ajax_handler.php)

<?php

if((empty($_POST['name'])) || (empty($_POST['email'])) || (empty($_POST['message']))){

die("<b>ERROR!</b> All fields must be filled.");

}

$name = $_POST['name'];
$email = $_POST['email'];
$message = $_POST['message'];

$name = strtolower($name);
$name = ucwords($name);

$to = 'email@example.com';
$subject = 'Website message from: '.$name;
$message = 'FROM: '.$name." \nEmail: ".$email."\nMessage: \n".$message;
$headers = 'From: your_email@example.com' . "\r\n";

if (filter_var($email, FILTER_VALIDATE_EMAIL)) { 
mail($to, $subject, $message, $headers); 
echo "Thank you! Your email was sent $name.";
echo "<br>";
echo "This is the email you entered: <b>$email</b>";
}else{
// echo var_dump($_POST);
echo "<b>ERROR!</b> Invalid E-mail. Please provide a valid email addres. Example: myEmail@example.com";
echo "<br>";
echo "The email <b>$email</b> you entered, is not valid.";
}

?>
于 2013-09-04T15:04:07.997 回答
0

$email = test_input($_POST["email"]); if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/",$email)) { $emailErr = "Invalid email format"; }

你可以使用这个我已经试过了,它正在工作

于 2014-05-08T09:46:53.613 回答
0 
Javascript validation
<script type="text/javascript">
var a = document.contact_form.txt_phoneno.value;
        if (a!="")
        {
        if(isNaN(a))
        {
        alert("Enter the valid Mobile Number(Like : 9566137117)");
        document.contact_form.txt_phoneno.focus();
        return false;
        }
        if((a.length < 10) || (a.length > 15))
        {
        alert(" Your Mobile Number must be 10 to 15 Digits");
        document.contact_form.txt_phoneno.select();
        return false;
        }
        }
</script>
于 2014-05-08T09:50:06.577 回答
0

试试这个预赛

$email = test_input($_POST["email"]);
if (!preg_match("/^[\w-]+[@]+[a-z]+\.+[a-z]*$/", $email)) {
  return false; 
  //exit;
}
于 2017-07-30T03:07:37.023 回答