Jump to content

This is driving me nuts! Contact form validation, $error not NULL?

Bollard

By Bollard
in PHP Coding Help

Recommended Posts

Bollard Newbie

Bollard

Posted
Posted

Hello guys, id really appreciate some help. Ive been obsessing over this over the past 2 days.

 

As you can see i have a contact form, with 4 fields, plus reCaptcha. What i want is for each field to be checked against $badwords and $exploits, and then, for example, $error['email'] to be set as NULL or You have an error, for example. Ive been trying so much that i dont know what i can say to explain other than help?!

 

I think what i want is, if all the $error['field']'s are NULL, then the script to say if(is_null($error)) send or dont send the form. But it just doesnt work. Ive tried imploding the array, checking its set, unsetting it, its null, its empty and each time i seem to through up different problems (including most recently, a badword being accepted, and then then page coming back with both Email Sending Failed and Successful, and then the email it sends being blank?!)

 

Anyways, heres the code. I would appreciate so so much if you experts could give me a hand:

 

<?php
//If the form is submitted
if(isset($_POST['submit'])) {

//Start the session
session_start();

//Set blacklists
$badwords = "/(adult|beastial|bestial|blowjob|clit|cum|cunilingus|cunillingus|cunnilingus|cunt|ejaculate|felatio|fellatio|fuck|fuk|fuks|gangbang|gangbanged|gangbangs|hotsex|hardcode|jism|jiz|orgasim|orgasims|orgasm|orgasms|phonesex|phuk|phuq|porn|pussies|pussy|spunk|xxx|viagra|phentermine|tramadol|adipex|advai|alprazolam|ambien|ambian|amoxicillin|antivert|blackjack|backgammon|texas|holdem|poker|carisoprodol|ciara|ciprofloxacin|debt|dating|porn|voyeur)/i";
$exploits = "/(content-type|bcc:|cc:|document.cookie|onclick|onload|javascript)/i";
$bots = "/(Indy|Blaiz|Java|libwww-perl|Python|OutfoxBot|User-Agent|PycURL|AlphaServer|T8Abot|Syntryx|WinHttp|WebBandit|nicebot)/i";

//Check for any bots
if(preg_match($bots, $_SERVER['HTTP_USER_AGENT'])) {
	die("<p>Spam bots are not allowed.</p>");
}

// Check if the user has sent a message in the last sixty seconds
$timeLimit = $_SESSION['lastMailed'] + 60 < time();

if (!$timeLimit) {
	die("<p>Whoah, slow down there! <a href =\"http://dev.company.com/contact/\">Please go back and try it again.</a></p>");
}

//Check to make sure that the name field is not empty, and that it does not contain badwords or exploits
if(trim($_POST['contactname']) == '' ) {
	$error['contactname'] = "- You didn't enter your Full Name.<br>";
} else if (preg_match($badwords, trim($_POST['contactname'])) !== 0 || preg_match($exploits, trim($_POST['contactname'])) !== 0) {
	$error['contactname'] = "- You entered a Full Name which contains unacceptable words.<br>";
} else {
	$name = trim(stripslashes(strip_tags($_POST['contactname'])));
	$error['contactname'] = null;
}

//Check to make sure sure that a valid email address is submitted
if(trim($_POST['email']) == '') {
	$error['email'] = "- You didn't enter your Email address.<br>";
} else if (!preg_match('/([a-z0-9])([-a-z0-9._])+([a-z0-9])\@([a-z0-9])([-a-z0-9_])+([a-z0-9])(\.([a-z0-9])([-a-z0-9_-])([a-z0-9])+)*/i', trim($_POST['email'])) || preg_match($badwords, trim($_POST['email'])) !== 0 || preg_match($exploits, trim($_POST['email'])) !== 0) {
	$error['email'] = "- You didn't enter a valid Email address.<br>";
} else {
	$email = trim(stripslashes(strip_tags($_POST['email'])));
	$error['email'] = null;
}

//Check to make sure that the telephone number field is not empty
if(trim($_POST['telephone']) == '') {
	$error['telephone'] = "- You did not enter your Telephone Number.<br>";
} else if (preg_match($badwords, trim($_POST['telephone'])) !== 0 || preg_match($exploits, trim($_POST['telephone'])) !== 0) {
	$error['telephone'] = "- You entered a Telephone Number which is not valid.<br>";
} else {
	$telephone = trim(stripslashes(strip_tags($_POST['telephone'])));
	$error['telephone'] = null;
}

//Check to make sure comments were entered
if(trim($_POST['message']) == '') {
	$error['message'] = "- You didn't enter a Message.<br>";
} else if (preg_match($badwords, trim($_POST['message'])) !== 0 || preg_match($exploits, trim($_POST['message'])) !== 0) {
	$error['message'] = "- You entered a Message which contains unacceptable words.<br>";
} else {
	$comments = trim(stripslashes(strip_tags($_POST['message'])));
	$error['message'] = null;
}

//Check if there are any error
if (!isset ($error['contactname']) && !isset ($error['email']) && !isset ($error['telephone']) && !isset ($error['message'])) {
	$error = null;
}

//If there are no error, send the email
if(!isset($error)) {
	//Recipient email address
	$emailRecipient = '[email protected]'; 
	$emailTo = 'Team <'.$emailRecipient.'>'; 

	//Email subject
	$emailSubject = 'Enquiry';

	//Date
	date_default_timezone_set('Europe/London');
	$date = date('l, d F Y \a\t g:i A', time());

	//Customer callback?
	if ($_POST['checkbox'] == "1") {
		$requestCall = 'Yes';
	} else {
		$requestCall = 'No';
	}

	$callBack = 'Customer requests a call back? <strong>'.$requestCall.'</strong>';

	//Message
	$body = '
	<html>
	<head>
		<title>Enquiry</title>

		<style type="text/css">
		body {
		font-family:"Trebuchet MS", Tahoma, Verdana, Arial, Helvetica, sans-serif;
		color:#333;
		}

		h1 {
		text-align:center;
		font-weight:bold;
		}

		</style>
	</head>
	<body>
		<img src="http://www.company.com/images/logo-email.png" width="250" height="77">
		<h1><b>Attention Team</b></h1>
		<p>You have received an enquiry, below, through your website contact form. The message was sent: <i>'.$date.'</i></p>
		<p>Name: <i>'.$name.'</i></p>
		<p>Email: <i>'.$email.'</i></p>
		<p>Telephone Number: <i>'.$telephone.'</i></p>
		<p>Comments:<br><i>'.$comments.'</i></p>
		<p>Call Back: <i>'.$callBack.'</i></p>
	</body>
	</html>
	';

	//To send HTML mail, the Content-type header must be set
	$headers = 'MIME-Version: 1.0' . "\r\n";
	$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";

	//Additional headers
	$headers .= 'From: Website <'.$emailRecipient.'>' . "\r\n";
	$headers .= 'Reply-To: '.$name.' <'.$email.'>' . "\r\n";
	$headers .= 'Return-Path: '.$name.' <'.$email.'>' . "\r\n";
	$headers .= 'X-Mailer: PHP/'.phpversion().'' . "\r\n";
	$headers .= 'X-Sender: '.$emailRecipient.'' . "\r\n";

	//reCaptcha
	require_once('recaptchalib.php');
	$privatekey = "6LdehwgAAAAAADbZ_RFqFlw3D_Ua8pW_0fMXukzs";
	$resp = recaptcha_check_answer ($privatekey,
		$_SERVER["REMOTE_ADDR"],
		$_POST["recaptcha_challenge_field"],
		$_POST["recaptcha_response_field"]);
	if (!$resp->is_valid) {
		die ("<p>The reCAPTCHA wasn't entered correctly. <a href =\"http://dev.company.com/contact/\">Please go back and try it again.</a></p>");
	}

	//Send the message
	mail($emailTo, $emailSubject, $body, $headers);
	$emailSent = true;

	//Time when the last message was sent
	$_SESSION['lastMailed'] = time();

}
}
?>

 

and the relevant part of the form:

 

<!-- Contact Form Starts -->
		<div id="contact-wrapper">

			<?php
			//If there are any errors
			if(isset($error)) { 
				echo "<h3>Email Sending Failed!</h3>";
				echo "<p>Your message was <strong>not</strong> sent as the following errors have occured:</p>";
				echo "<p>".$error['contactname'] . $error['email'] . $error['telephone'] . $error['message']."</p>";
			}
			?>

			<?php
			//If the email was sent
			if(isset($emailSent) && $emailSent == true) { 
				echo "<h3>Email Successfully Sent!</h3>";
				echo "<p>Thank you <strong>".$name."</strong> for contacting us! Your email was successfully sent and we will be in touch with you soon.</p>";
			}
			?>

			<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>" id="contactform">

			<div>
				<label for="name"><strong>Full Name:</strong></label>
				<input type="text" size="55" name="contactname" id="contactname" value="" class="required">
			</div>

			<div>
				<label for="email"><strong>Email Address:</strong></label>
				<input type="text" size="55" name="email" id="email" value="" class="required email">
			</div>

			<div>
				<label for="telephone"><strong>Telephone Number:</strong></label>
				<input type="text" size="55" name="telephone" id="telephone" value="" class="required">
			</div>

			<div>
				<label for="message"><strong>Message:</strong></label>
				<textarea rows="5" cols="55" name="message" id="message" class="required"></textarea>
			</div>

			<div>
				<span><strong>Do you want us to call to discuss your ideas?</strong></span>
				<input type="checkbox" name="checkbox" id="checkbox" value="1">
			</div>

			<!-- reCaptcha Starts -->
			<?php
				require_once('recaptchalib.php');
				$publickey = "*************"; // you got this from the signup page
				echo recaptcha_get_html($publickey);
			?>
			<!-- reCaptcha Ends -->

			<input type="submit" value="Send Message" name="submit">

			</form>
		</div>
		<!-- Contact Form Ends -->

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.