I am running a shopping agent website to accept orders from users. One key step is to allow users send me the URL of items they wish to order (from an overseas website called taobao which do not ship to Australia), so I can order for them.
As I was getting many wrong URLs I thought it may be a good idea to add URL validation before users submit the order. I am using Zend framework so I just use the URI checker provided by Zend:
// allow unwise characters in URL, used in user input URL validation
Zend_Uri::setConfig(array('allow_unwise' => true));
// add http:// or https:// if not present
if ( strlen($tblurl[$rowid]) > 7 )
{
if ( ( substr($tblurl[$rowid],0,7) != 'http://' ) && ( substr($tblurl[$rowid],0,7) != 'https:/' ) )
{
$tblurl[$rowid] = 'http://'.$tblurl[$rowid];
}
}
// Check if URL is valid
$isValidURL = Zend_Uri::check($tblurl[$rowid]);
The only pre-processing here is to add http:// or https:// if the users miss that (as "www.chinabuy.com.au" will return invalid but "http://www.chinabuy.com.au" will return valid).
I have received several emails from customers complaining they get the URL validation failed error message. I really don't see where I'm doing wrong and I've been testing this with many different strange looking URLs but it seems the code is working as intended.
Any ideas? My website is https://www.chinabuy.com.au/order so you can test it (just go straight down to order details, type in some URL and click submit. If there is an error message "There must be a valid URL for each item." then it means the validation has failed.
Thanks!
EDIT: As suggested by @ArendE I've updated my code and has put the new code live on my website:
$tblurl[$rowid] = trim($tblurl[$rowid]);
// Check if the url contain the words http:// or https://
if (stripos($tblurl[$rowid],'http://') === false && stripos($tblurl[$rowid],'https://') === false) {
$tblurl[$rowid] = 'http://' . $tblurl[$rowid];
}
$isValidURL = Zend_Uri::check($tblurl[$rowid]);