|
Return CGI Library
Return Form Handling
The mail2 gadget supports the ability to check the contents of an input field. For example, you can check that a visitor specified
something that looks like a 'real' e-mail address.
This is done by adding an extra field for each field that you want to check. The name of the extra field has "format-" prefixed to the
name of the field that you want to check. The contents of this extra field describe the format of the variable that you are checking.
The currently supported formats are:
"EMAIL" - This checks to make sure that the field looks like a valid e-e-mail address.
The system expects e-mail addresses to look like: name@some.domain where the name, some, and domain fields must be present.
These fields may not contain spaces, commas, or @ symbols. The fields may contain periods (as in first.last@sub.subdomain.example.com).
Also, there are expected to be 2 or 3 characters after the last period. (top level domains are currently 2 and 3 characters long.
e.g. .CA .US .COM .EDU)
Also, the IP address format name@[1.2.3.4] is supported.
ex.:
<input type="hidden" name="format-mail" value="EMAIL" />
"CCNUM-[vmacdej]" - This special format supports credit card numbers (so should be used only on the secure server ;-).
(Note: use a POST method when handling credit card numbers to keep the card numbers out of the access logs.)
The trailing letters signify what cards you will accept and have the following meanings:
- v = Visa
- m = Mastercard
- a = American Express
- c = Carte Blanche / Diners Club
- d = Discover
- e = EnRoute
- j = JCB
This example purposely disabled to discourage plain-text credit card number transmissions.
<form action="/cgi-bin/mail2" method="post">
<!-- get would log card #-->
<input type="hidden" name="REPLY" value="/gadgets/mail2/formatOK.tpl" />
<input type="hidden" name="format-test" value="CCNUM-v" />
Give me a VISA card #: <input type="text" name="test" /> <br />
</form>
"REGEXP-expression" - This format allows you to insert your own PERL regular expression to match your input... while this doesn't
permit calculations, it is very powerful. The preceding EMAIL format is a single regular expression ;-). Yell for help if you don't
know PERL. [ The value you specify here gets used in a m/$expression/ statement. ] If you want to use double quotes in your format, you
will have to specify double quote characters as " to avoid confusing the browsers.
Ex.
<input type="hidden" name="format-test
value="REGEXP-"" />
"REGEXPI-expression" - This is the same as the above, but is does a case insensitive check. [ m/$expression/i for PERL readers.]
Ex.
<input type="hidden" name="format-test"
value="REGEXPI-^tom$">
Error Handling:
While you don't (currently) have much control over the error messages, you CAN make the pages fit in with the website by specifying a
page header and a page footer. These are done by specifying head and footer file names in your form with the ERRORFTR and ERRORHDR
variables. The file names are relative to the top of your virtual server.
The forms above have done this using the following two lines:
<input type="hidden" name="ERRORFTR" value="/gadgets/mail2/format.errftr" />
<input type="hidden" name="ERRORHDR" value="/gadgets/mail2/format.errhdr" />
Notes:
Specifying a format check for a field does not make the field a mandatory field
(see mandatory.html
for how to do that). If a field is empty, the format check will be skipped, to force the check make the field MANDATORY.
| 
