form validaiton

jrthor2 09 Aug, 2010
I have the below function in my validation:


function validateDollarAmount($string) {
		if (preg_match('@^\$?([0-9,.]+)$@', $string)) {
			// satisfies basic monetary requirements.  check decimal
			if (strpos($string, ".") !== false) {
				$bits = explode(".", $string, 2);
	 
				// decimal must be two numeric digits and be at the end of the string
				$pos = strlen($string) - strpos($string, ".");
	 
				if (strlen($bits[1]) != 2 || !preg_match('@[0-9]{2}@', $bits[1]) || $pos != 3) {
					return false;
				}
			}
	 
			// check the comma placement - must always have three numbers after it to be sane
			if (strpos($string, ",") !== false) {
				// we only want to deal with the left side of the decimal if there is one
				if (strpos($string, ".") !== false) {
					// only check for commas before decimal
					$bits = explode(".", $string);
					$test = $bits[0];
				} else {
					$test = $string;
				}
	 
				$offset = 0;
	 
				// loop the string, checking the position of the commas
				while ($offset < strlen($test)) {
					if ($pos = strpos($test, ",", $offset)) {
						// we want the position from the right
						$reverse = strlen($test) - $pos;
	 
						// comma must fall in a position divisible by four to be valid
						if ($reverse % 4 !== 0) {
							return false;
						}
	 
						$offset = $pos + 1;
					} else {
						break;
					}
				}
			}
	 
			return true;
		}
	 
		return false;
	}

}

if (strlen(trim($_POST['commitment_amount'])) > 0 ) {	
		if (!validateDollarAmount($_POST['commitment_amount'])) {
			$session->set('err_commitment_amount', 'Please enter a valid dollar amount (Ex. 20.00)', md5('chronoerror'));	
			$err_cnt++;
		}
	}

When I am calling the function for validation, it never returns false, it is allowing all values (even when the value in invalid, like 2,00.0). How can I get this to work?

Thanks
GreyHead 10 Aug, 2010
Hi jrthor2,

Where are you using this code? In server-side validation? Or in an On Submit box? Or somewhere else?

Bob
jrthor2 10 Aug, 2010
server side validation
GreyHead 11 Aug, 2010
Hi jrthor2 ,

Server-side validation code needs to return an error message if there is a problem or nothing if the validation passes. Your code doesn't return a message (and false will equate to nothing here).

<?php 
if ( strlen(trim($_POST['commitment_amount'])) <= 0 ) { 
	return 'Please enter an amount';
} elseif ( !preg_match('@^[+-]?[0-9]{1,3}(?:,?[0-9]{3})*\.[0-9]{2}$@', $string) ) {
	return 'Please enter an amount in the form 999,999.00';
}
?>


Bob
jrthor2 12 Aug, 2010
I am returning something if the validation fails. Why can't I call the function I have created using the code I posted above, seen here:


    if (strlen(trim($_POST['commitment_amount'])) > 0 ) {   
          if (!validateDollarAmount($_POST['commitment_amount'])) {
             $session->set('err_commitment_amount', 'Please enter a valid dollar amount (Ex. 20.00)', md5('chronoerror'));   
             $err_cnt++;
          }
       }

This code is saying, if I have something greater than 0 in the "commitment_amount" field, then call my function to validate the data entered. I'm basically doing the same thing with validating email addresses entered, as seen here:

function my_validate_email($email) {
         if (!ereg('^[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+'.'@'.'[-!#$%&\'*+\\/0-9=?A-Z^_`a-z{|}~]+\.'.'[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+$', $email)) {       
           return 0;
         } else {
           return 1;
         }
    }

if (!my_validate_email($_POST['email_address'])) {
        $session->set('err_email_address', 'The email address you entered is invalid', md5('chronoerror'));		
		$err_cnt++;
    }

Thanks
GreyHead 12 Aug, 2010
Hi jrthor2,

I'm sorry, I hadn't realise that you were doing something completely different with the validation.

If you have the same structure working for another validation then I guess that there is either a logical error or a coding error in your code for the validating the number.

Bob
jrthor2 12 Aug, 2010
This is the same code I have used on this form when I did not use joomla and it worked fine.
GreyHead 14 Aug, 2010
Hi jrthor2,

Fantastic that it worked before, sorry it doesn't seem to work here. I guess that you'll need to debug it.

Bob
jrthor2 16 Aug, 2010

Hi jrthor2 ,

Server-side validation code needs to return an error message if there is a problem or nothing if the validation passes. Your code doesn't return a message (and false will equate to nothing here).

<?php 
if ( strlen(trim($_POST['commitment_amount'])) <= 0 ) { 
	return 'Please enter an amount';
} elseif ( !preg_match('@^[+-]?[0-9]{1,3}(?:,?[0-9]{3})*\.[0-9]{2}$@', $string) ) {
	return 'Please enter an amount in the form 999,999.00';
}
?>


Bob


This code doesn't seemt to work either, it let me enter an amount of 500.000 (which is not a valid dollar amount).
GreyHead 16 Aug, 2010
Hi jrthor2,

Just tested and it rejects 500.000 here - needed a little debugging though.
<?php
$amount = JRequest::getString('commitment_amount', 0, 'post');
$amount = trim($amount);
if ( $amount <= 0 ) {
   return 'Please enter an amount';
} elseif ( !preg_match('@^[+-]?[0-9]{1,3}(?:,?[0-9]{3})*\.[0-9]{2}$@', $amount) ) {
   return 'Please enter an amount in the form 999,999.00';
}
?>

Bob
jrthor2 16 Aug, 2010
Ok, maybe I'm missing something, but it still didn't work for me with your code. Below is the entire validation logic I have in the "Server side validation code" box on the validation tab for my form. Enable Server Side Validation is set to "Yes" as well

<?php
    function my_validate_email($email) {
         if (!ereg('^[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+'.'@'.'[-!#$%&\'*+\\/0-9=?A-Z^_`a-z{|}~]+\.'.'[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+$', $email)) {       
           return 0;
         } else {
           return 1;
         }
    }
function validateDollarAmount($string) {
		if (preg_match('@^\$?([0-9,.]+)$@', $string)) {
			// satisfies basic monetary requirements.  check decimal
			if (strpos($string, ".") !== false) {
				$bits = explode(".", $string, 2);
	 
				// decimal must be two numeric digits and be at the end of the string
				$pos = strlen($string) - strpos($string, ".");
	 
				if (strlen($bits[1]) != 2 || !preg_match('@[0-9]{2}@', $bits[1]) || $pos != 3) {
					return 0;
				}
			}
	 
			// check the comma placement - must always have three numbers after it to be sane
			if (strpos($string, ",") !== false) {
				// we only want to deal with the left side of the decimal if there is one
				if (strpos($string, ".") !== false) {
					// only check for commas before decimal
					$bits = explode(".", $string);
					$test = $bits[0];
				} else {
					$test = $string;
				}
	 
				$offset = 0;
	 
				// loop the string, checking the position of the commas
				while ($offset < strlen($test)) {
					if ($pos = strpos($test, ",", $offset)) {
						// we want the position from the right
						$reverse = strlen($test) - $pos;
	 
						// comma must fall in a position divisible by four to be valid
						if ($reverse % 4 !== 0) {
							return 0;
						}
	 
						$offset = $pos + 1;
					} else {
						break;
					}
				}
			}
	 
			return 1;
		}
	 
		return 1;
	}

}
$session =& JFactory::getSession();
    $err_cnt = 0;
    //verify first_name
    if (!strlen(trim($_POST['first_name']))) {
                $session->set('err_first_name', 'Please enter your First Name', md5('chronoerror'));
		$err_cnt++;
    }
    //verify last_name
    if (!strlen(trim($_POST['last_name']))) {
                $session->set('err_last_name', 'Please enter your Last name', md5('chronoerror'));  
		$err_cnt++;
    }
    //verify address
    if (!strlen(trim($_POST['address']))) {
                $session->set('err_address', 'Please enter your Address', md5('chronoerror'));		
		$err_cnt++;
    }
	if (!strlen(trim($_POST['city']))) {
		$session->set('err_city','Please enter a city', md5('chronoerror'));		    
		$err_cnt++;
	}
	if (!strlen(trim($_POST['state']))) {
        $session->set('err_state','Please select a state', md5('chronoerror'));		
    	$err_cnt++;
	}    
	if (!preg_match("/^([0-9]{5})(-[0-9]{4})?$/i",$_POST['zip_code'])) {
                $session->set('err_zip_code','Please enter a valid zip code', md5('chronoerror'));		
    	$err_cnt++;
	}
	//verify email
    if (!strlen(trim($_POST['email_address']))) {
        $session->set('err_email_address', 'Please enter your email address', md5('chronoerror'));		  
		$err_cnt++;
	}
    if (!my_validate_email($_POST['email_address'])) {
        $session->set('err_email_address', 'The email address you entered is invalid', md5('chronoerror'));		
		$err_cnt++;
    }    

if ((trim($_POST['commitment']) == "I'm interested in tithing")) {
  $amount = JRequest::getString('commitment_amount', 0, 'post');
  $amount = trim($amount);
  if ( $amount <= 0 ) {
    return 'Please enter an amount';
    $session->set('err_commitment_amount', 'Please enter a commitment amount', md5('chronoerror'));		
    $err_cnt++;
  } elseif ( !preg_match('@^[+-]?[0-9]{1,3}(?:,?[0-9]{3})*\.[0-9]{2}$@', $amount) ) {
    $session->set('err_commitment_amount', 'Please enter a valid dollar amount (Ex. 20.00)', md5('chronoerror'));		
    $err_cnt++;
  }
}

    if ((trim($_POST['lector_lay_assistant_8_00']) == 'T') || (trim($_POST['lector_lay_assistant_9_45']) == 'T') || (trim($_POST['lector_lay_assistant_10_45']) == 'T')) {
		if (!strlen(trim($_POST['lector_lay_assistant_info']))) {
			$session->set('err_lector_lay_assistant_info', 'Please enter the Lector/Lay Assistant names', md5('chronoerror'));
		 	$err_cnt++;	
		}		 
	 }	
    if ((trim($_POST['usher_8_00']) == 'T') || (trim($_POST['usher_10_45']) == 'T')) {
		if (!strlen(trim($_POST['usher_info']))) {			
			$session->set('err_usher_info', 'Please enter the Usher names', md5('chronoerror'));
		 	$err_cnt++;	
		}		 
	 }
    if ((trim($_POST['choir']) == 'Yes')) {
		if (!strlen(trim($_POST['choir_info']))) {
			$session->set('err_choir_info', 'Please enter the Choir names', md5('chronoerror'));
		 	$err_cnt++;	
		}		 
	 }
    if ((trim($_POST['nursery_10_45']) == 'T')) {
		if (!strlen(trim($_POST['nursery_info']))) {
			$session->set('err_nursery_info', 'Please enter the Nursery names', md5('chronoerror'));
		 	$err_cnt++;	
		}		 
	 }
    if ((trim($_POST['altar_guild_8_00']) == 'T') || (trim($_POST['altar_guild_10_45']) == 'T')) {
		if (!strlen(trim($_POST['altar_guild_info']))) {
			$session->set('err_altar_guild_info', 'Please enter the Altar Guild names', md5('chronoerror'));
		 	$err_cnt++;	
		}		 
	 }
    if ((trim($_POST['other']) == 'T')) {
		if (!strlen(trim($_POST['more_info_info']))) {
			$session->set('err_more_info_info', 'Please enter other ministries you\'re interested in', md5('chronoerror'));
		 	$err_cnt++;	
		}		 
	 }	
	
    if ($err_cnt > 0) {
          return 'Please fix the below errors';
       } else {
          //return true;
       }
    ?>

and my form code for this particular field looks like this:

<label for="commitment_amount" class="left">Commitment Amount:<br />(Ex. 20.00)</label>
							<input type="text" name="commitment_amount" id="commitment_amount" class="field" title="Please enter your commitment amount" />
							<?
								if ($errCond = $session->get('err_commitment_amount', false, md5('chronoerror'))) {
								  echo '<br /><div class="error">' . $errCond . '</div>';
								}
								$session->clear('err_commitment_amount', md5('chronoerror'));
							?>

Thanks!!!!
jrthor2 16 Aug, 2010
Ok, i found my issue, I had a extra } after my validateDollarAmount function. Now, I have an issue when I get an error on my form, where I have email address, and I actually put an email in, but when my errors display, for this field, it displays the below:


 <script language='JavaScript' type='text/javascript'>  <!--  var prefix = 'mailto:';  var suffix = '';  var attribs = '';  var path = 'hr' + 'ef' + '=';  var addy64950 = 'test' + '@';  addy64950 = addy64950 + 'test' + '.' + 'net';  document.write( '<a ' + path + '\'' + prefix + addy64950 + suffix + '\'' + attribs + '>' );  document.write( addy64950 );  document.write( '<\/a>' );  //-->  </script><script language='JavaScript' type='text/javascript'>  <!--  document.write( '<span style=\'display: none;\'>' );  //-->  </script>This e-mail address is being protected from spambots. You need JavaScript enabled to view it.  <script language='JavaScript' type='text/javascript'>  <!--  document.write( '</' );  document.write( 'span>' );  //-->  </script>

what is all this for and how do I fix this?

Thanks!
GreyHead 16 Aug, 2010
Hi jrthor2,

You have the Email Cloaking plugin turned on and it's trying to protect the email address in the ChronoForms Validation code.

Turn the plugin off to check. If you need it, change the plugins order so that the Email Cloaking plugin runs before the ChronoForms plugin.

Bob
jrthor2 16 Aug, 2010
Thanks, that was it!!!!
This topic is locked and no more replies can be posted.