Forums

ChronoForms v8 is now WordPress ready, ChronoMails is out

The JED needs volunteers!

Server Side Validation from a file

Nu
Nuvelle 30 Sep, 2013
Hi!

I have 3+ forms that do different jobs but all run through the same code in a "Custom Server Side validation" event to stop certain words from being used (swear words, SEO and advertisments)

It is getting annoying having to update every single forms code every time a new way to get around the blocks is found.

Is there a way to have one set of code used for all the forms?

Is there a function I can use to point at a file I create with the current code from the forms in so there is only one location with the "badwords" and response messages in?

Thanks🙂
Gr
GreyHead 30 Sep, 2013
Hi nuvelle,

You can include that part of the code into the box:
<?php
include (JPATH_SITE.'/components/com_chronoforms/includes/some_file_name.php');
?>

Bob
Nu
Nuvelle 17 Feb, 2014
Hi, sorry to bring up and old post!

I finally got round to implimenting the above.

The code 

<?php
include (JPATH_SITE.'/components/com_chronoforms/includes/badwords.php');
?>


is in a "custom server side validation" with the fail being an event loop with an error message.

I created the file badwords.php and put it in /components/com_chronoforms/includes/ (I had to make the includes folder)

The file contains code as such: 

$ban_array_seo = array(
'seo',
'search engine',
'optimisation',
'optimise'
);
$input_array = array (
'input_name',
'input_email',
'input_query'
);
$isvalid = true;
foreach ( $ban_array_seo as $v ) {
  foreach ( $input_array as $vv ) {
    if ( stripos($form->data[$vv], $v) !== false ) {
      $form->validation_errors[$vv] = 'We do not require any SEO services.';
      return false;
    }
  }
}


Plus longer arrays with swear words and different error messages.


When i sumbit a message with the words in as a test, it goes through fine, where as before when the 2nd set of code was in the server side validation it stopped the message as expected.

IS there a step I am missing, or has the code required changed?

We are using ChronoForms V4 RC3.0 on Joomla Joomla! 2.5.18

Thanks & Regards,
Tom
Gr
GreyHead 17 Feb, 2014
Hi Nuvelle,

What you have there looks good to me. Please add a little debug code like echo 'xxx'; to each box to see if the code is being included and run.

Bob
Nu
Nuvelle 17 Feb, 2014
Ok this is strange...

If the captcha fails AND there is a badword, both will flag up. If the captcha is correct and there is a badword, no flag!
Data Array: 

Array
(
    [chronoform] => contactus
    [event] => submit
    [format] => html
    [Itemid] => 361
    [option] => com_content
    [view] => article
    [id] => 194
    [input_type] => website
    [input_name] => Tom SEO Abbott
    [input_email] => t.abbott@nuvellesecurity.co.uk
    [input_query] => fuck SEO
    [chrono_verification] => A8bei
    [input_submit] => Submit
)
Validation Errors: 
Array
(
    [input_query] => Forms with offensive words are blocked!
)
Debug Data
Core Captcha
Passed the core captcha check!
Email info
Email sent successfully
From: (Contact form from PGL website) webteam@...
Reply to: (Tom SEO Abbott) t.abbott@...
To: webteam@...
Subject: Contact form from PGL website
Email sent successfully
From: (Contact Form) webteam@...
Reply to: (Tom SEO Abbott) t.abbott@...
To: webteam@...
Subject: PRIVATE COPY OF FORM - General Contact Form
Email body
 Form submitted from PGL Website. 

Name: Tom SEO Abbott
Email: t.abbott@...
IP: ...


Type of query: Provincial Web Team,
Message:
fuck SEO
 COPY OF Form submitted from PGL Website. 

Name: Tom SEO Abbott
Email: t.abbott@...
IP: ...


Type of query: Provincial Web Team,
Message:
fuck SEO
Gr
GreyHead 17 Feb, 2014
Hi Pagano,

That sounds like a problem with the way that the events are structured. By all means email or PM me the site URL, the form name, and a SuperAdmin login and I'll take a quick look.

Bob
Nu
Nuvelle 17 Feb, 2014
PM Sent🙂
Gr
GreyHead 17 Feb, 2014
Answer
Hi Nuvelle,

I worked it out I think.

The problem is that with the included file the return false only ends the inclusion, it doesn't return out of the event.

So in the included file make sure you only have $isvalid = true; once near the beginning. then replace return false; with $isvalid = false;

Back in the form Event after the include line add 
return $isvalid;
that should do the trick.

Bob

PS You also don't need to repeat the definition of $input_array, once at the beginning is enough.
Nu
Nuvelle 17 Feb, 2014
Perfect, thank you!!
Nu
Nuvelle 17 Feb, 2014
Just for info incase anyone else needs a similar feature:

file /components/com_chronoforms/includes/badwords.php contains:

Just update the first array with your own field names 

<?php
$input_array = array (
'input_name',
'input_email',
'input_query'
);
$isvalid = true;

$ban_array_swear = array(
'bastard',
'bitch',
'coon',
'cunt',
'f u c k',
'faggot',
'fuck',
'goatse',
'hardcore',
'hentai',
'incest',
'lemon party',
'nig nog',
'nigga',
'nigger',
'prick',
'pussy',
'queer',
'rape',
'shit',
'slut',
'tub girl',
'tubgirl',
'twat',
'wanker',
'YHDCA',
'whore'
);

foreach ( $ban_array_swear as $v ) {
  foreach ( $input_array as $vv ) {
    if ( stripos($form->data[$vv], $v) !== false ) {
      $form->validation_errors[$vv] = 'Forms with offensive words are blocked!';
      $isvalid = false;
    }
  }
}

$ban_array_seo = array(
'seo',
'search engine',
'optimisation',
'optimise'
);

foreach ( $ban_array_seo as $v ) {
  foreach ( $input_array as $vv ) {
    if ( stripos($form->data[$vv], $v) !== false ) {
      $form->validation_errors[$vv] = 'We do not require any SEO services.';
      $isvalid = false;
    }
  }
}

$ban_array_no = array(
'sialkot',
'Fair Goods Traders',
'Bhatti',
'Abu',
'Mabaad',
'hoodregalia',
'hoodhood',
'Saba'
);
foreach ( $ban_array_no as $v ) {
  foreach ( $input_array as $vv ) {
    if ( stripos($form->data[$vv], $v) !== false ) {
      $form->validation_errors[$vv] = 'We do not require your services.';
      $isvalid = false;
    }
  }
}
?>


Then a custom server side validation containing the following with an on fail "event loop": 

<?php
include (JPATH_SITE.'/components/com_chronoforms/includes/badwords.php');
return $isvalid;
?>



HUGE thanks to GreyHead!!
This topic is locked and no more replies can be posted.