US Phone validation will accept phone numbers with letters

[MaxwellGarceau]

Describe the bug

The regex used to validate phone numbers will accept letters. In addition, it will also accept less than the required amount of digits for each input.

Explanation

1. The function checks for phone numbers with 12 characters (whatever they may be) to pass the length validation check. Letters are not caught here.
2. The regex is matching anywhere between 0 and 3 characters per input field except the last field which is 0-4. This means that phone numbers with a letter in them will still pass validation because the regex will still match 3 digits.

if ( ! preg_match( '/[0-9]{0,3}-[0-9]{0,3}-[0-9]{0,4}/A', $opt_val ) ) {

Solution

Change the regex to

• Lock in the correct amount of characters
• Start to end matching to enforce full string matches

/^[0-9]{3}-[0-9]{3}-[0-9]{4}$/

Steps to Reproduce

1. Change the phone format in the test user Mailchimp account to US format
2. Click the "Update List" button in the Mailchimp admin
3. Submit a form with a phone number that contains a letter

Screenshots, screen recording, code snippet

mailchimp-accepts-phone-number-with-letter.mov

Environment information

No response

WordPress information

No response

Code of Conduct

• I agree to follow this project's Code of Conduct

[MaxwellGarceau]

Related to #104