Download Source Code

Background

Last time I discussed “Client and Server side validation for Professional Business Registration Form with Google Captcha Integration” first part. In first part I discussed about the professional business registration form live validation by the HTML5-CSS3 and JavaScript. If don’t read it yet then you can check out this first part

Server Side Validation

The server side form validations help keeping the form submission data consistent and it also help in lesser server side errors. Here using PHP I have done the server side validation process. When the form is submitted, the values of each form elements will be stored in the $_POST array. Here I have used the extract($_POST) to get all of the data from the each field.

Actually in this registration form has contains many fields and also I have apply the server side validation for each fields. But here I am only interested to present some field’s validation process.

String Field

For the Business Owner Name field I have checked the three case is as, if the field is empty (as Name field is mandatory) or if the Name string length is greater than 50 or if the Name string is doesn’t match with the predefine Name pattern then an error message will be thrown.

Business Owner input field php validation

Alpha-Numeric Field

As post code can be Alpha-Numeric values. So for the Post Code field I have checked the three case is as, if the field is empty (as this field is mandatory) or if the Name string length is greater than 11 or if the Post Code string is doesn’t match with the predefine Post Code pattern then an error message will be thrown.

Post code php validation

Numeric Field

For the Telephone number it is only allow the numeric value. Telephone number will be enter the validation process when something is enter in this field as this field is not mandatory. So for the Telephone Number field I have checked the two cases is as, if the field string length is greater than 15 or if the Telephone Number string is doesn’t match with the predefine Telephone Number pattern then an error message will be thrown.

Telephone number server side validation

Email Validation

For the Email field I have checked the three case is as, as Email field is mandatory so, if the Email field is empty then an error will be thrown or if the Email character length is greater than 30 or if the field string is doesn’t match with the predefine Email pattern then an error message will be thrown.

Email field server validation

URL Validation

Here web address field will be mandatory when you click the “Do you have web address” radio button is ‘yes’. So when radio button value is yes then Web URL entry field should not be empty, and Web URL length and pattern should be matched with the correct format or else the error will be thrown. If the radio button value is ‘no’ then Web URL field doesn’t not thrown error.

Web url server side validation

Time Validation

To validate the time for the entering time value (User enter a time using time picker), it will check with the date.

Time selecting input field

Social Media

To check the Social media (Facebook, Twitter, GooglePlus) field I have checked the two cases. As this fields are not mandatory so, if string length is greater than 0(that’s means user has been input something in this field) then input string will be compare with the string “facebook.com and if the input string length is greater than 200 then an error message will be thrown.

Social link server side validation

Google Captcha

The Google reCAPTCHA PHP Library provides a simple way to place a CAPTCHA on your PHP website, helping you stop bots and spam from abusing it.

Registration

Sign-Up and Registration you website in the reCAPTCHA url and then they will provide an Site key (Public Key) and Secret key to use for the client and server side.

Client Side Integration

If you want to use the PHP library to display the reCAPTCHA widget, you’ll need to insert this snippet of code inside the

element where the reCAPTCHA widget will be placed to make the CAPTCHA image show up:

Paste this snippet before the closing tag on your HTML template :

Paste this snippet at the end of the

where you want the reCAPTCHA widget to appear:

The following code segment you should place in the

tag,

You should set $publickey by replacing your_public_key with your API public key(Site Key) that you got if before in the registration time.

The require_once function in the example above expects recaptchalib.php to be in the same directory as your form file. If it is in another directory, you must link it appropriately. For example if your recaptchalib.php is in the directory called “captcha” that is on the same level as your form file, the function will look like this: require_once('captcha/recaptchalib.php')

Server Side Integration

When your users submit the form where you integrated reCAPTCHA, you’ll get as part of the payload a string with the name “g-recaptcha-response”. In order to check whether Google has verified that user, send a POST request with these parameters like secret key, response(The value of ‘g-recaptcha-response’.), remoteip(The end user’s ip address).

The following code segment you should be placed at the top of the process.php(form action file) file:

  • recaptcha_check_answer returns an object that represents whether the user successfully completed the challenge.
  • If $resp->is_valid is true then the captcha challenge was correctly completed and you should continue with form processing.
  • If $resp->is_valid is false then the user failed to provide the correct captcha text and you should redisplay the form to allow them another attempt. In this case $resp->error will be an error code that can be provided to recaptcha_get_html. Passing the error code makes the reCAPTCHA control display a message explaining that the user entered the text incorrectly and should try again.

You should set $privatekey by replacing your_private_key with your API public key(Secret Key) that you got if before in the registration time.

Google reCaptcha

Conclusion

In this project, I’m trying to present a real life business registration form with different types of security like client side, server side and Google reCaptcha integration. It is very essential to have the input to your form validated before taking the form submission data for further processing. So you should make sure that you are got the real and proper data from the user not from any robot or spam. Have a good day to you and Happy coding…:)

LEAVE A REPLY