Jump to content

Recommended Posts

Hey guys.

 

I've been having some frustrating issues with my php + contact form recently. I'm quite the noob when it comes to php in general and have only really worked with contact stuff in the past.

 

I have my contact form calling a php send mail file in a php folder on my server. No idea why, but im not even getting validation. I click send, to no avail.

 

I have attached the code for your perusal. I appreciate any help in advance!! Thank you.

 

Form:

 

<form id="contact-form" class="fixed" action="javascript:void(0);">
  <fieldset>
   <p id="formstatus"></p>
   <p>
    <label for="name">Your name: <span class="required">*</span></label><br />
    <input class="text" type="text" id="name" name="name" value="" />
   </p>
   <p>
    <label for="email">Your Email Address: <span class="required">*</span></label><br />
    <input class="text" type="text" id="email" name="email" value="" />
   </p>
   <p>
    <label for="subject">Subject: <span class="required">*</span></label><br />
    <input class="text" type="text" id="subject" name="subject" value=""  />
   </p>
   <p>
    <label for="message">Message: </label><br />
    <textarea id="message" name="message" rows="3" cols="25"></textarea>
   </p>
   <p>
    <input type="submit" name="submit" value="Send!" />
   </p>
  </fieldset>
 </form>

 

PHP file (send.php):

I've hidden the send to email address for obvious reasons.

 

<?php


/////////// Add your own email below //////////////// 


define("WEBMASTER_EMAIL", 'blah@blah.com');

error_reporting (E_ALL ^ E_NOTICE);


//////////////////////////////////////////////////////


function ValidateEmail($email)
{
 $regex = '/([a-z0-9_.-]+)'. # name
 '@'. # at
 '([a-z0-9.-]+){2,255}'. # domain & possibly subdomains
 '.'. # period
 '([a-z]+){2,10}/i'; # domain extension 

 if($email == '') 
  return false;
 else
  $eregi = preg_replace($regex, '', $email);
 return empty($eregi) ? true : false;
}


//////////////////////////////////////////////////////


$post = (!empty($_POST)) ? true : false;

if($post)
{
 $name   = stripslashes($_POST['name']);
 $email   = trim($_POST['email']);
 $subject = trim($_POST['subject']);
 $message = stripslashes($_POST['message']);

 $error = '';

 // Check name
 if(!$name)
  $error .= 'Name required! ';

 // Check email
 if(!$email)
  $error .= 'E-mail required! ';

 if($email && !ValidateEmail($email))
  $error .= 'E-mail address is not valid! ';

 // Check message
 if(!$message)
  $error .= "Please enter your message!";

 if(!$error)
 {
  $mail = mail(WEBMASTER_EMAIL, $subject, $message,
 "From: ".$name." <".$email.">\r\n"
   ."Reply-To: ".$email."\r\n"
   ."X-Mailer: PHP/" . phpversion());

  if($mail)
   echo 'OK';
 }
 else
  echo '<div class="errormsg">'.$error.'</div>';
}


?>

 

and javascript:

 

// -------------------------------------------------------------------------------------------------------
// Form Validation script - used by the Contact Form script
// -------------------------------------------------------------------------------------------------------

function validateMyAjaxInputs() {


 $.validity.start();
 // Validator methods go here:
 $("#name").require();
 $("#email").require().match("email");
 $("#subject").require();


 // End the validation session:
 var result = $.validity.end();
 return result.valid;
}

// -------------------------------------------------------------------------------------------------------
// ClearForm 
// -------------------------------------------------------------------------------------------------------

$.fn.clearForm = function() {
 return this.each(function() {
 var type = this.type, tag = this.tagName.toLowerCase();
 if (tag == 'form')
 return $(':input',this).clearForm();
 if (type == 'text' || type == 'password' || tag == 'textarea')
 this.value = '';
 else if (type == 'checkbox' || type == 'radio')
 this.checked = false;
 else if (tag == 'select')
 this.selectedIndex = -1;
 });
};


$(document).ready(function(){
//////////////////////////////////////////////////////////////////////////////////////////////////////////////

 

I would appreciate any help! Thanks

Link to comment
https://forums.phpfreaks.com/topic/272885-php-mail-call-contact-form-please-help/
Share on other sites

I forgot to include this in the post:

 

// Contact Form 
 // -------------------------------------------------------------------------------------------------------

 $("#contact-form").submit(function () {

  if (validateMyAjaxInputs()) { //  procced only if form has been validated ok with validity
   var str = $(this).serialize();
   $.ajax({
 type: "POST",
 url: "_layout/php/send.php",
 data: str,
 success: function (msg) {
  $("#formstatus").ajaxComplete(function (event, request, settings) {
   if (msg == 'OK') { // Message Sent? Show the 'Thank You' message
    result = '<div class="successmsg">Your message has been sent. Thank you!</div>';
    $('#contact-form').clearForm();
   } else {
    result = msg;
   }
   $(this).html(result);
  });
 }

   });
   return false;
  }
 });

I took a look and things seem to be functioning as expected. It is posting data to a script at /_layout/php/send.php

 

The problem is that for whatever reason, nothing is being returned by this script. It's impossible for someone looking at this from the outside to debug what is actually going on. Typically I'd check error logs and possibly put in some debug statements, but it could be any number of things at this point, none of which seem to be code related.

Even better: Use filter_val () with the VALIDATE_EMAIL flag. The PHP manual contains more information, and examples on this.

 

Also, don't do this:

action="javascript:void(0);"

 

Not only is that bad practice, but that's an old, old hack from the infancy of JS. Set a proper action instead, or leave it blank and have the script post to itself, and use JS itself to prevent the default action. That way the form will work properly even without JS.

 

Your use of stripslashes () is also not only unnecessary, but can also be potentially harmful. There's no need to use that function unless magic quotes is enabled, which they haven't been for over 10 years now (at least not by default). What it can do, however, is enable a malicious user to utilize it in an attack against your site.

 

Speaking of attacks: You also need to validate the subject, as that is a part of the e-mail header. As it stands now it can be used to hijack your mailing script.

Edited by Christian F.
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.