Results 1 to 2 of 2

Thread: what's wrong with this validation code?

  1. Jun 16th, 2008, 07:42 PM #1
    sridharao
    sridharao is offline

    Thread Starter
    Lively Member sridharao's Avatar
    Join Date
    Feb 2007
    Posts
    106

    what's wrong with this validation code?

    I have the following code being used for validating a form:


    PHP Code:
    if (isset($_POST['AddEntry'])) {
            $emai stripslashes($_POST['YourEmail']);
            $namm stripslashes($_POST['YourName']);
            $commt = ($_POST['YourComment']);
        if (!    preg_match("/[A-Za-z]*/"$namm)) {
          die (    '<p align="center">Sorry, Please enter text without any symbols or special characters.</p>');  //THIS ISN'T WORKING
            }else{
              $nam $namm;
       }
        if (!    eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$",$emai)){
            die (    '<p align="center">There is something wrong with your email ID, please check it.</p>');
        }
        list(    $userName$mailDomain) = split("@"$emai);
        if (!    myCheckDNSRR($mailDomain"MX")) {
            die (    '<p align="center">Sorry, this email ID failed validation. Please provide correct email ID.</p>');
        }    
        if (!    preg_match("/[A-Za-z]*/"$commt)) {
          die (    '<p align="center">Sorry, Please enter text without any symbols or special characters.</p>');
        }else{
              $comt $commt;
       } 
    this is the function to check dnserror:
    PHP Code:
    function myCheckDNSRR($hostName$recType ''){
        if(!empty(    $hostName)) {
            if(     $recType == '' $recType "MX";
                    exec("nslookup -type=$recType $hostName"$result);
                foreach (    $result as $line) {
                    if(    eregi("^$hostName",$line)) {
                        return     true;
                    }
                }
            return     false;
        }
    return     false;

    I found this script on the net for windows based servers, this script is failing despite providing a valid domain name.
    Reply With Quote Reply With Quote
  2. Jun 16th, 2008, 08:15 PM #2
    penagate
    penagate is offline
    I'm about to be a PowerPoster!
    Join Date
    Jan 2005
    Location
    Everywhere
    Posts
    13,647

    Re: what's wrong with this validation code?

    I suggest that you don't validate the domain name — it is expensive and prone to failure. It is especially inadvisable in reusable scripts since email addresses need not actually contain a fully-qualified domain name or one which is verifiable using nslookup. For example, mail servers may be able to derive some meaning from particular email addresses even if the domain part of the address is not listed in any local MX record cache or accesible DNS.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules


Click Here to Expand Forum to Full Width