Jump to content

HTML Form Server Side Validation

flex101

By flex101
in PHP Coding Help

 Share

Recommended Posts

flex101 Newbie

flex101

Posted
Posted

Hi, Im new here, im currently doing a website for a friend, and I have designed using snippets from different pages a contact form. The contact form performs all my needs at the moment and it has client side validation through the use of jquery. However I need to account for when javascript is turned off so that no bogus entries are put through. So I am trying to do the validation thing however I just keep getting a blank page and I dont see where I am going wrong here.

 

Here is the code that works however has no server side validation:

<?php
if(isset($_POST['submit']) || isset( $_POST["submit_x"])) {

$to = ""; //has email address that is getting sent to but im not putting in for obvious reasons lol
$subject = "Art Epona Reply From: " . trim($_POST['name']) . " - " . trim($_POST['enqtype']);
$name = $_POST['name'];
$email = $_POST['email'];
$message = $_POST['message'];
$dropdown  =  $_POST['enqtype'];
$emailfrom = ""; //ditto above

$headers = "From: --\r\n"; //^^
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";

$Body = '<body><center>';
$Body .= '<table width="450" border="1" rules="all" cellpadding="10">';
$Body .= '<center>';
$Body .= '<tr><td bgcolor="#666666"><h1><font face="Georgia, Times New Roman, Times, serif" size="3">New ' . trim($_POST['enqtype'])  . ' from Art Epona Website!</font></h1></td></tr>';
$Body .= '<tr><td bgcolor="#cccccc"><p><font face="Tw Cen MT" color="#000000"><b>' . trim($_POST['name']) . '</b> will like to make a <b> ' . trim($_POST['enqtype']) . '</b>. <br /> Here are the contents of the Enquiry:<br /></font></p>';
$Body .= '<table width="430" border="1" cellpadding="10" rules="all">';
$Body .= '<tr><td width="60" bgcolor="#666666"><font face="Tw Cen MT" color="#000000"><b>Name:</b></font></td>';
$Body .= '<td width="288" bgcolor="#ffffff"><font face="Tw Cen MT" color="#000000">' . trim($_POST['name']) .'</font></td></tr>';
$Body .= '<tr><td width="60" bgcolor="#666666"><font face="Tw Cen MT" color="#000000"><b>Email:</b></font></td>';
$Body .= '<td bgcolor="#ffffff"><font face="Tw Cen MT" color="#000000">' . trim($_POST['email']) .'</font></td></tr>';
$Body .= '<tr><td width="60" bgcolor="#666666"><font face="Tw Cen MT" color="#000000"><b>Message:</b></font></td>';
$Body .= '<td bgcolor="#ffffff"><font face="Tw Cen MT" color="#000000">' . trim($_POST['message']) .'</font></td></tr>';
$Body .= '<tr><td colspan="2" align="center"><font face="Tw Cen MT" color="#000000"><a href="mailto:' . trim($_POST['email']) . '">Click here to reply to the sender</a></font></td></tr>';
$Body .= "</table></td></tr></center></table></center></body></html>";

mail($to, $subject, $Body, $headers);

header('Location: contactthanks.html');

} else {

header('Location: contacterror.html');

}

?>

 

Here is the code that I want to implement, however it is not working:

 

<?php

if(isset($_POST['submit'])) || isset( $_POST["submit_x"])) {

//Check to make sure that the name field is not empty
if(strip_tags($_POST['name']) == '') {
	$hasError = true;
} else {
	$name = strip_tags($_POST['name']);
}

//Check to make sure sure that a valid email address is submitted
if(strip_tags($_POST['email']) == '')  {
	$hasError = true;
} elseif (!eregi("^[A-Z0-9._%-]+@[A-Z0-9._%-]+\.[A-Z]{2,4}$", strip_tags($_POST['email']))) {
	$hasError = true;
} else {
	$email = strip_tags($_POST['email']);
}

//Check to make sure message was entered
if(strip_tags($_POST['message']) == '') {
	$hasError = true;
} else {
		$message = strip_tags($_POST['message']);
	}

if(isset($hasError)) {

header('Location: contacterror.html');}

else {
$to = "";  //^^
$headers = "From: \r\n"; //^^
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";
$emailfrom = ""; //^^
$dropdown  =  $_POST['enqtype'];
$subject = "Art Epona Reply From: " . $name . " - " . $dropdown;


$Body = '<body><center>';
$Body .= '<table width="450" border="1" rules="all" cellpadding="10">';
$Body .= '<center>';
$Body .= '<tr><td bgcolor="#666666"><h1><font face="Georgia, Times New Roman, Times, serif" size="3">New ' . $dropdown  . ' from Art Epona Website!</font></h1></td></tr>';
$Body .= '<tr><td bgcolor="#cccccc"><p><font face="Tw Cen MT" color="#000000"><b>' . $name . '</b> will like to make a <b> ' . $dropdown . '</b>. <br /> Here are the contents of the Enquiry:<br /></font></p>';
$Body .= '<table width="430" border="1" cellpadding="10" rules="all">';
$Body .= '<tr><td width="60" bgcolor="#666666"><font face="Tw Cen MT" color="#000000"><b>Name:</b></font></td>';
$Body .= '<td width="288" bgcolor="#ffffff"><font face="Tw Cen MT" color="#000000">' . $name .'</font></td></tr>';
$Body .= '<tr><td width="60" bgcolor="#666666"><font face="Tw Cen MT" color="#000000"><b>Email:</b></font></td>';
$Body .= '<td bgcolor="#ffffff"><font face="Tw Cen MT" color="#000000">' . $email	.'</font></td></tr>';
$Body .= '<tr><td width="60" bgcolor="#666666"><font face="Tw Cen MT" color="#000000"><b>Message:</b></font></td>';
$Body .= '<td bgcolor="#ffffff"><font face="Tw Cen MT" color="#000000">' . $message .'</font></td></tr>';
$Body .= '<tr><td colspan="2" align="center"><font face="Tw Cen MT" color="#000000"><a href="mailto:' . $email . '">Click here to reply to the sender</a></font></td></tr>';
$Body .= "</table></td></tr></center></table></center></body></html>";

mail($to, $subject, $Body, $headers);

header('Location: contactthanks.html');
}


} else {
header('Location: contacterror.html');
}

?>

 

I dont see where I am going wrong (well obviously since i am nooby lol :P) but yeah if anyone has a solution, ill gladly accept it pleeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeease :D and also if an explanation could be given too because i am still in the learning process lol

 

Thanks in advance

 

Felix :)

Link to comment
https://forums.phpfreaks.com/topic/178273-html-form-server-side-validation/
Share on other sites
MadTechie Regular Member

MadTechie

Posted
Posted

Okay I have taken your first code and added some basic error checking, I have kept it simple so it should make sense

 

<?php
if(isset($_POST['submit']) || isset( $_POST["submit_x"])) {
$name = $_POST['name'];
$email = $_POST['email'];
$message = $_POST['message'];
$dropdown  =  $_POST['enqtype'];

//*******************************************************************************//
//Validate
$hasError = false;
//check all have data
if(empty($name)) $hasError = true;
if(empty($email)) $hasError = true;
if(empty($message)) $hasError = true;

//check email syntax
if (!preg_match('/^[A-Z0-9._%-]+@[A-Z0-9._%-]+\.[A-Z]{2,4}$/m', $email))$hasError = true;

//any errors goto error page
if(isset($hasError)) header('Location: contacterror.html');
   //*******************************************************************************//
   
$to = ""; //has email address that is getting sent to but im not putting in for obvious reasons lol
$subject = "Art Epona Reply From: " . trim($_POST['name']) . " - " . trim($_POST['enqtype']);
$emailfrom = ""; //ditto above

$headers = "From: --\r\n"; //^^
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";

$Body = '<body><center>';
$Body .= '<table width="450" border="1" rules="all" cellpadding="10">';
$Body .= '<center>';
$Body .= '<tr><td bgcolor="#666666"><h1><font face="Georgia, Times New Roman, Times, serif" size="3">New ' . trim($_POST['enqtype'])  . ' from Art Epona Website!</font></h1></td></tr>';
$Body .= '<tr><td bgcolor="#cccccc"><p><font face="Tw Cen MT" color="#000000"><b>' . trim($_POST['name']) . '</b> will like to make a <b> ' . trim($_POST['enqtype']) . '</b>. <br /> Here are the contents of the Enquiry:<br /></font></p>';
$Body .= '<table width="430" border="1" cellpadding="10" rules="all">';
$Body .= '<tr><td width="60" bgcolor="#666666"><font face="Tw Cen MT" color="#000000"><b>Name:</b></font></td>';
$Body .= '<td width="288" bgcolor="#ffffff"><font face="Tw Cen MT" color="#000000">' . trim($_POST['name']) .'</font></td></tr>';
$Body .= '<tr><td width="60" bgcolor="#666666"><font face="Tw Cen MT" color="#000000"><b>Email:</b></font></td>';
$Body .= '<td bgcolor="#ffffff"><font face="Tw Cen MT" color="#000000">' . trim($_POST['email']) .'</font></td></tr>';
$Body .= '<tr><td width="60" bgcolor="#666666"><font face="Tw Cen MT" color="#000000"><b>Message:</b></font></td>';
$Body .= '<td bgcolor="#ffffff"><font face="Tw Cen MT" color="#000000">' . trim($_POST['message']) .'</font></td></tr>';
$Body .= '<tr><td colspan="2" align="center"><font face="Tw Cen MT" color="#000000"><a href="mailto:' . trim($_POST['email']) . '">Click here to reply to the sender</a></font></td></tr>';
$Body .= "</table></td></tr></center></table></center></body></html>";

mail($to, $subject, $Body, $headers);

header('Location: contactthanks.html');
} else {
header('Location: contacterror.html');
}

?>

 

mikesta707 Member

mikesta707

Posted
Posted

since you already defined $hasError to false before any validation, this may not be what you want:

if(isset($hasError)) header('Location: contacterror.html');

 

since regardless of whether or not there was an error, $hasError is always set

 

perhaps you meant this

if ($hasError){
header('Location: contacterror.html');
}

flex101 Newbie

flex101

Posted
  • Author
Posted

Hi guys, thanks for the quick reply, I have put in your solution however, it always goes to the thanks page regardless of me not typing in a name or typing in a bogus message, i put in mikesta's solution but that meant that everything always went to the error page. I tried putting in an else statement after mikesta's fix but that didnt work either.. confused

 

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.