[springhigh]

Hi
On a web entry form, to try stop potential spam and unnecessary cases generated, I would like to check if a required email address field can match those on a list of accepted domains.
Could this be done with a regular expression or with dynaform javascript ?

many thanks

[amosbatto]

I created a programming example to explain how to do this:
https://sourceforge.net/p/pmcommunity/c ... blacklist/

[springhigh]

Thank you so much Amos
Is there a way to check if a specific list of domains is allowed , maybe referencing a text file?
In our case we only want to allow 2 email domains, ( or alternatively a list of specific email address's, approx 50 emails )

[amosbatto]

Thank you so much Amos
Is there a way to check if a specific list of domains is allowed , maybe referencing a text file?
In our case we only want to allow 2 email domains, ( or alternatively a list of specific email address's, approx 50 emails )

The easiest way to handle this is to create a PM Table named PMT_ALLOWED_EMAILS with the list of allowed addresses in an EMAIL field. Then, create a dropdown box in the Dynaform with an SQL query like:

Code: Select all

SELECT EMAIL, CONCAT(NAME, ' <', EMAIL, '>') FROM PMT_ALLOWED_EMAILS

If you just want to check for two domains, then use a regular expression like this:
^[a-zA-Z0-9._\-]+@(mydomain\.com|other\.domain\.com)$

[springhigh]

Hi Amos

I think I may have confused issues.
Basically , all I want to do is have a field for users to type in their email address.
There are 6 users ( unique email address's) allowed to submit this Web entry, so I would like to compare their email typed in to a list of 6 approved emails, but not have these emails publicly visible for everyone to see.
This would also prevent cases being generated unnecessarily by anyone else.
Thanks

[amosbatto]

You can add JavaScript code like this to your Dynaform which is used for Web Entry:

Code: Select all

var formId = $("form").prop("id");
getFormById( formId ).setOnSubmit( function() {
  var email = $("#email").getValue().trim()
  var aAvailableEmails = [
       "bobjones@example.com",
       "sallysmith@example.com",
       "janedoe@acme.com",
       "johnrowe@coyoteproductions.org"
  ];

  if (aAvailableEmails.indexOf(email) == -1) {
     alert("The email address '"+email+"' is not an approved email. Enter another one.");
     return false;
  }
});

See: https://wiki.processmaker.com/3.1/JavaS ... etOnSubmit

Of course, a hacker can still examine the JavaScript code for your Dynaform and get the list of email addresses, but there is nothing that you can do about that if you want to do verification using JavaScript. The other option if you really care about security is to do the verification in the PHP code for the web entry.
See:
https://sourceforge.net/p/pmcommunity/c ... omization/

By the way, you can set up your Apache server to always redirect to https, to stop the man in the middle from reading your traffic.