Questions and discussion about developing processes and programming in PHP, JavaScript, web services & REST API.

Moderator: amosbatto

Forum rules: Please search to see if a question has already asked before creating a new topic. Please don't post the same question in multiple forums.
By springhigh
#815515
Hi
On a web entry form, to try stop potential spam and unnecessary cases generated, I would like to check if a required email address field can match those on a list of accepted domains.
Could this be done with a regular expression or with dynaform javascript ?

many thanks
By springhigh
#815528
Thank you so much Amos
Is there a way to check if a specific list of domains is allowed , maybe referencing a text file?
In our case we only want to allow 2 email domains, ( or alternatively a list of specific email address's, approx 50 emails )
User avatar
By amosbatto
#815589
springhigh wrote:Thank you so much Amos
Is there a way to check if a specific list of domains is allowed , maybe referencing a text file?
In our case we only want to allow 2 email domains, ( or alternatively a list of specific email address's, approx 50 emails )
The easiest way to handle this is to create a PM Table named PMT_ALLOWED_EMAILS with the list of allowed addresses in an EMAIL field. Then, create a dropdown box in the Dynaform with an SQL query like:
Code: Select all
SELECT EMAIL, CONCAT(NAME, ' <', EMAIL, '>') FROM PMT_ALLOWED_EMAILS
If you just want to check for two domains, then use a regular expression like this:
^[a-zA-Z0-9._\-][email protected](mydomain\.com|other\.domain\.com)$
By springhigh
#815639
Hi Amos

I think I may have confused issues.
Basically , all I want to do is have a field for users to type in their email address.
There are 6 users ( unique email address's) allowed to submit this Web entry, so I would like to compare their email typed in to a list of 6 approved emails, but not have these emails publicly visible for everyone to see.
This would also prevent cases being generated unnecessarily by anyone else.
Thanks
User avatar
By amosbatto
#815671
You can add JavaScript code like this to your Dynaform which is used for Web Entry:
Code: Select all
var formId = $("form").prop("id");
getFormById( formId ).setOnSubmit( function() {
  var email = $("#email").getValue().trim()
  var aAvailableEmails = [
       "[email protected]",
       "[email protected]",
       "[email protected]",
       "[email protected]"
  ];

  if (aAvailableEmails.indexOf(email) == -1) {
     alert("The email address '"+email+"' is not an approved email. Enter another one.");
     return false;
  }
});
See: https://wiki.processmaker.com/3.1/JavaS ... etOnSubmit

Of course, a hacker can still examine the JavaScript code for your Dynaform and get the list of email addresses, but there is nothing that you can do about that if you want to do verification using JavaScript. The other option if you really care about security is to do the verification in the PHP code for the web entry.
See:
https://sourceforge.net/p/pmcommunity/c ... omization/

By the way, you can set up your Apache server to always redirect to https, to stop the man in the middle from reading your traffic.

Nowadays this is one of the most common issues of […]

What version of MySQL are you using? If you are […]

I finally found some time to test this. What ver[…]

Hi! We try to use comminity edition for trial. If[…]