Tutorial 3 - Part II -Flying into Formation - page 6
One way to limit the size of your form inputs is to use the 'strlen' function to check the lengths
of the strings in each input. So in your comment.php, after the 'if empty' check, you have the word
'else' in your code. After the word 'else,' there's a bracket - '}'. After that bracket, but before
your 'if eregi' checks, enter the following;
echo '<p>The number of characters in your first name is ' . strlen($first)
. '. </p>';
if (strlen($first) < 26) {
echo ' This is well within the allowable limit for this input.</p>';
} else {
echo ' This is over the allowable limit of 25 characters. If your first name is more than 25
characters long, please leave the
first name input box blank and put a sentence in the comment box stating
what your first name is. To return to the form you just filled out, hit the "back" button
on your browser. Make the necessary changes and resubmit. Thankyou.</p>';
exit;
}
echo '<p>The number of characters in your last name is ' . strlen($last) . '.';
if (strlen($last) < 26) {
echo ' This is well within the allowable limit for this input.</p>';
} else {
echo ' This is over the allowable limit of 25 characters. If your last name is more than 25
characters long, please leave the
last name input box blank and put a sentence in the comment box stating
what your last name is. To return to the form you just filled out, hit the "back" button on
your browser. Make the necessary changes and resubmit. Thankyou.</p>';
exit;
}
echo '<p>The number of characters in your email is ' . strlen($email) . '.';
if (strlen($email) < 51) {
echo ' This is well within the allowable limit for this input.</p>';
} else {
echo ' This is over the allowable limit of 50 characters.
If your email is more than 50 characters long, please leave the email input box blank and put a sentence in the comment box stating what your email is.
To return to the form you just filled out, hit the "back" button on your browser. Make the necessary changes and resubmit. Thankyou.</p>';
exit;
}
echo '<p>The number of characters in your comment is ' . strlen($comment) . '.';
if (strlen($comment) < 881) {
echo ' This is well within the allowable limit for this input.</p>';
} else {
echo 'Because of memory limitations, this form is designed to handle
880 characters or less. You will need to shorten your comment by '
. ((strlen($comment)) - 880) . ' characters so that your comment can
be processed. To return to the form you just filled out, hit the "back"
button on your browser. Make the necessary changes and resubmit. Thankyou.</p>';
exit;
}
|
This may seem like a lot a code, but it really isn't. It is the same
simple code repeated for each input in your form with minor changes for
several inputs. Be careful to note the concatenation - 'space period space'
between different elements like quotes and variables. If you must, you
can take a shortcut and simply copy the above code. Later you can customize
it to your needs. (To copy the above code, highlight it, then hit edit
and copy on your browser. Then paste the code in the appropriate place
- see above- on your comment.php.) Your "comment.php" should now look
like this (click here). And your comment.php
should act like this (click here).
By the way, pay no attention to the wording. The point is to prove that
the lengths of your form inputs are being counted and that you can use
this to stop someone from entering too much infomation in your form inputs.
But why, you ask, do you have to limit the length of your form inputs
if your mail program limits your inputs to 998 characters per line and
you only use one line per input? First, most people don't know about this
limit of 998 characters and this code, if nothing else, will inform them
of a limit. Second, your file, "guests.txt" has no such limitation.
So, technically, you need this code to set a limit for your "guests.txt"
and to set limits if you intend to save your form inputs to a database.
But now, you say, you used "maxsize" to limit the size of your inputs.
Then test your form. Put in more than the "maxsize" for your inputs and
submit your form. Then refresh and view your "guests.txt" and you'll see
how well "maxsize" worked. Not what you expected? Imagine if a mail program
limits your one line of form input as well as "maxsize" does.
O.K., so you do that and now you're done, right? You have a form that emails you its
inputs and/or saves the inputs to a file. And you have designed your form to work in
an imperfect world. You have protection from 'injection.'
You have protection from people accidentally or purposefully wanting to fill up your form
inputs with the library of congress or "War and Peace." You have protection from people sending
you blank forms to email and save. So, yes, your form is pretty much done, but
you might want to clean it up a little.
To clean it up, continue on the next page
- on page 7
