On Nov 29, 2007, at 10:42 AM, Pete MacKenzie wrote:
Thanks Walt
One way or another my customer wants to store valid addresses for his
future reference. He doesn’t want to collect a load of input
gibberish so the addresses need to check out before allowing the
viewer any further.
Of course. The code I posted would not guarantee that the address was real, just that it “looked like” a real address. It will pass happily on anything in the form of [any alphanumeric character or dot] [an at-sign] [two or more strings separated by at least one dot, the last of which must be between two and six characters in length]. So without any form of email verification, like, say, the system you had to pass through in order to register for this forum, you could collect a lot of example of the type: asdfasdf.asdf @ asdfasdf.asdfasdf.xxx
If you really want to collect real addresses as the barrier to entry, then you need to do something where the instructions for download are sent to the visitor, and you rotate the keys so that they can’t be abused.
You can take this part as seriously as you need to. It really depends a lot on the type of content you are protecting whether you go this far at all. I went a long way in protecting this forum, because the e-mail addresses collected here are like crack to the spam addicts of the world.
I’m happy to be advised about the nature of the storage. A database
on the server? Email return to an info@ address which generates an
auto reply with login details…(although that would probably be a
fixed message and easy to subvert)? I imagine there are a variety of
solutions but simplicity is the essence. The site is being built from
the ground up so I would like to incorporate a solution now rather
than bolt it on later. Does this answer your question…?
Exact implementation would depend a lot on how many contacts you expect to gather. A plain text file on the server somewhere could be written to by a simple PHP process, adding a new line with each address. Your client could FTP that down periodically and look to see if there are any new addresses. Or, that same process could send a simple e-mail to your client after each successful posting. Filter on the subject line (in the Mail application) and you could put all such messages in a new in-box on your computer for safe-keeping. If you are getting thousands of these, then a full-blown database solution would be warranted.
Where would you place your example code in a Freeway document?
If you wanted to make a single page invisible unless someone came to it from your form page and entered a real e-mail address, you could do the following:
-
Make a new page in Freeway, and change the filename of the page to whatever.php.
-
In Page>HTML Markup move to the Before HTML section and add the following code:
<?php
//paste in the function here, minus the start and end php tags
$email = $_POST['email'];
if( ! valid_email($email)){
header('Location: your_form_page.php?error=That+did+not+look+like+a+real+e-mail+address!');
exit;
}
?>
-
Now make “your_form_page.php”. Name the file whatever you want, just be sure to use the same name in your protected page script. On this page, in the same Before HTML part of the page markup dialog, enter this:
<?php $error = (isset($_GET['error'])) ? $_GET['error'] : ''; ?>
Make sure that your form on the form page points to your secure page, using a method of POST, and that your e-mail address field is named email.
Somewhere on the page, add a Markup Item where you want the error message to appear if needed. Paste this into that field: <?=$error?>
-
Test it out. You should be redirected back to the form if you try entering a “bad” address.
Walter
freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options