Jump to content

Recommended Posts

Ok so i am new to your confusing world however I have realised the benefits of using a contact form instead of an email address however i am receiving blank emails with no sender no content etc when ever the live page is visited i have attached my php code in which i believe the problem lies.... any help would be greatly appreciated! if anyone would care to tell be how to encompass basic validation you would be a saviour ...  ;)

 

<?php

$name = $_POST['Name'];

$email = $_POST['Email'];

$telephone = $_POST['Telephone'];


$type = $_POST['Type'];

$message = $_POST['Message'];

$formcontent=" From: $name \n Type: $type \n Message: $message \n Telephone: $telephone";

$recipient = "enquiries@hqandco.com";

$subject = "Contact Form";

$mailheader = "From: $email \r\n";

mail($recipient, $subject, $formcontent, $mailheader) or die("Error!");

echo "Thank You!";

?>

 

[attachment deleted by admin]

You should check by js if the form filled or not

 

No, you should check that server-side to help preclude spambots. Later, if you want to provide added user convenience, you can add checks with JS.

 

Right now there is no validation at all, and sending the email isn't even conditional on the form having been submitted. All it takes to generate a blank email is to load the script in a browser.

What i don't understand is these are not coming from people hitting the submit button when the form is blank as the site is not currently fully live,  just on the page refresh of the live test site

Where is the form code?

 

Right now there is no validation at all, and sending the email isn't even conditional on the form having been submitted. All it takes to generate a blank email is to load the script in a browser.

 

This is probably the problem then is there any chance of advice on rectifying these errors and a pointer to server side validation ? Many MANY thanks  8)

What i don't understand is these are not coming from people hitting the submit button when the form is blank as the site is not currently fully live,  just on the page refresh of the live test site

Where is the form code?

 

The form code is located in a file called scripts which lies within the root directory of my site, and is mail.php linked to my the HTML5 form / submit button does this answer your question sorry i am trying to learn  :D

No it doesn't.  We asked for the form code.  Having the code to the php script that handles the form is not helpful.  There is nothing in there to explain your problem, although as pointed out by hemo-ali + Maq, you should probably have some checks in there that stop don't perform the mail() function if the required variables are empty.  Clearly the variables ARE empty whether by accident or because something is submitting the form even though there is a problem with it.  We have no way of knowing.

No it doesn't.  We asked for the form code.  Having the code to the php script that handles the form is not helpful.  There is nothing in there to explain your problem, although as pointed out by hemo-ali + Maq, you should probably have some checks in there that stop don't perform the mail() function if the required variables are empty.  Clearly the variables ARE empty whether by accident or because something is submitting the form even though there is a problem with it.  We have no way of knowing.

 

understood (*smack myself on the head for not understanding earlier....) here is the code in which i am using for the form.....

<div id="stylized" class="myform">

<form action="scripts/mail.php" method="post">
    
	  <label for="name">Your Name <required>*</required> </label><input type="text" name="Name" id="Name" placeholder="Joe Bloggs">
                    
	  <label for="email">Your Email <required>*</required> </label><input type="text" name="Email" id="Email" placeholder="Joebloggs@example.com">
                    
      <label for="telephone">Telephone</label><input type="text" name="Telephone" id="Telephone">

          <label for="type">Type</label><select name="Type">
				  <option value="Website Problem" selected>Website Feedback</option>
                      <option value="question" selected>Question</option>
				  <option value="General">General</option>
				</select></p>
                    
	 <label for="messsage">Message <required>*</required></label><textarea name="Message" id="Message" rows="5" cols="25"></textarea></p>
          
	 <label for="btn"> </label>
	 <button type="submit" class="button">Submit</button> <br> <required> * (indicates that the information is required)
			</form>
                

 

So it goes in something like that? (probably VERY wrong  :'() and yes the form worked fine and i received the email when i didn't have that var_dump($_POST); die(); but i do understand its need...

 

 

<?php

var_dump($_POST); die();

$name = $_POST['Name'];

$email = $_POST['Email'];

$telephone = $_POST['Telephone'];


$type = $_POST['Type'];

$message = $_POST['Message'];

$formcontent=" From: $name \n Type: $type \n Message: $message \n Telephone: $telephone";

$recipient = "enquiries@hqandco.com";

$subject = "Contact Form";

$mailheader = "From: $email \r\n";

if($name ==""  ||  $email  =="" || $type  ==""  ||$message  ==""  ){
echo"Fill the fields";
}

else{

mail($recipient, $subject, $formcontent, $mailheader) or die("Error!");

echo "Thank You!";}

?>

I do have some basic php understanding despite my idiocy i understand that due to the echo i am meant to receive the outputs written within the "" however when i add the line that you recommended the die() .... when i submit the form blank i receive

'array(5) { ["Name"]=> string(0) "" ["Email"]=> string(0) "" ["Telephone"]=> string(0) "" ["Type"]=> string( "question" ["Message"]=> string(0) "" }'

rather than the appropriate echo or when the form is filled in appropriately i get

'array(5) { ["Name"]=> string(4) "Test" ["Email"]=> string(18) "Test@hotmail.co.uk" ["Telephone"]=> string(0) "" ["Type"]=> string( "question" ["Message"]=> string(5) "hello" }' 

 

rather than the thank you echo .... when this line is not in the mail.php then the echo's display as planned

I would suggest something along the lines of:

 

<?php
if(isset($_POST)) {
$name = (isset($_POST['Name'])) ? strip_tags($_POST['Name']) : NULL; //if name is set, strip html tags, and return it, otherwise set the string as NULL.
$email = (isset($_POST['Email'])) ? strip_tags($_POST['Email']) : NULL; //same as above.
$telephone = (isset($_POST['Telephone'])) ? preg_replace('~[^0-9\-]~','',$_POST['Telephone']) : NULL; //if telephone is set, remove any characters that are not a number, or a dash, othewise set as NULL.
$type = (isset($_POST['Type'])) ? strip_tags($_POST['Type']) : NULL; //strip tags.
$message = (isset($_POST['Message'])) ? strip_tags($_POST['Message']) : NULL; strip tags.
if(empty($name) || empty($email) || empty($message)) { //name, email, and message are required fields, if they are empty, tell the user to go back and fill them in.
	echo 'Please go back and fill in all required lines!';
}
else { //if the fields are NOT empty, proceed with the mailing.
$formcontent=" From: $name \n Type: $type \n Message: $message \n Telephone: $telephone";
$recipient = "enquiries@hqandco.com";
$subject = "Contact Form";
$mailheader = "From: $email \r\n";	

if(mail($recipient, $subject, $formcontent, $mailheader)) { //if mail is sent to the SMTP server successfully, echo 'thank you'.
	echo "Thank You!";
}
else { //otherwise, tell the user it did not go through.
	echo 'There was an error completing your request! Please try again!';
}
}
?>

I would suggest something along the lines of:

 

<?php
if(isset($_POST)) {
$name = (isset($_POST['Name'])) ? strip_tags($_POST['Name']) : NULL; //if name is set, strip html tags, and return it, otherwise set the string as NULL.
$email = (isset($_POST['Email'])) ? strip_tags($_POST['Email']) : NULL; //same as above.
$telephone = (isset($_POST['Telephone'])) ? preg_replace('~[^0-9\-]~','',$_POST['Telephone']) : NULL; //if telephone is set, remove any characters that are not a number, or a dash, othewise set as NULL.
$type = (isset($_POST['Type'])) ? strip_tags($_POST['Type']) : NULL; //strip tags.
$message = (isset($_POST['Message'])) ? strip_tags($_POST['Message']) : NULL; strip tags.
if(empty($name) || empty($email) || empty($message)) { //name, email, and message are required fields, if they are empty, tell the user to go back and fill them in.
	echo 'Please go back and fill in all required lines!';
}
else { //if the fields are NOT empty, proceed with the mailing.
$formcontent=" From: $name \n Type: $type \n Message: $message \n Telephone: $telephone";
$recipient = "enquiries@hqandco.com";
$subject = "Contact Form";
$mailheader = "From: $email \r\n";	

if(mail($recipient, $subject, $formcontent, $mailheader)) { //if mail is sent to the SMTP server successfully, echo 'thank you'.
	echo "Thank You!";
}
else { //otherwise, tell the user it did not go through.
	echo 'There was an error completing your request! Please try again!';
}
}
?>

 

Thank you this code is working well although there is one thing that i have realised during the testing of this script is that the form will say thank you! when you post the form with an email address which does not include an @ however the email will never be received.... (e.g. if you enter TEST as your email address you will still receive the thank you echo however I will never receive the email if you enter TEST@ you will receive both the thank you echo on screen and i will receive the email) how can I ensure that the form will only echo 'thank you' when the email is of the required format e.g. example@test.com / actually being sent to me ?

Replace:

$email = (isset($_POST['Email'])) ? strip_tags($_POST['Email']) : NULL; //same as above.

 

With:

$email = (isset($_POST['Email']) && preg_match('~^([a-zA-Z0-9_\-\.]+)@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.)|(([a-zA-Z0-9\-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$~',$_POST['Email'])) ? $_POST['Email'] : NULL;

 

Test that pattern, as I got it off of the RegEx Library.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.