Check input field and return error...

[ArrudaC]

Hi all.

 

I have a working webform. It neither provides security nor does it provide data validation.

 

At the moment, it's data validation I am looking to achieve.

 

I have seen a few youtube videos and bellow is the resulting code (additions to working code);

<?php

$error_message = "";
$title = "";
$fname = "";
$lname = "";
$qtype = "";
$formes = "";

if(isset($_POST['submit'])){
$title = $_POST['title'];	
$fname = $_POST['lname'];
$lname = $_POST['lname'];
$qtype = $_POST['qtype'];
$formes = $_POST['formes'];

if(empty($title)|| empty($fname)|| empty($lname)|| empty($qtype)|| empty($formes)){
	$error_message = "* All fields are required!";
}
}

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>FormTest</title>

	<link href="css/FW2.css" rel="stylesheet" type="text/css" />

 	
</head>
<body>
<div id="formwraper"><!--div form start-->
    	<form id="form" name="form" action="thankyou.php" method="post">
        	<select id="title" name="title">
            	<option value="" disabled="disabled" selected="selected">Title...</option>
        		<option value="Mr">Mr</option>
        	    <option value="Mrs">Mrs</option>
        	    <option value="Ms">Ms</option>
        	    <option value="Miss">Miss</option>
      	    </select>
        	<input id="fname" name="fname" placeholder="First name..." />
        	<input id="lname" name="lname" placeholder="Last name..." />
            <select id="qtype" name="qtype">
            	<option value="" disabled="disabled" selected="selected">Query type...</option>
        		<option value="Feedback">Feedback</option>
        	    <option value="Website">Website</option>
        	    <option value="Complaint">Complaint</option>
        	    <option value="Other">Other</option>
      	    </select>
        	<input id="email" name="email" placeholder="Your email..." />
            <textarea id="formes" name="formes" placeholder="Your message here. We value your privacy."></textarea>
            <p id="errmes"><?php echo $error_message; ?></p>
            <input class="formbtn" name="subform" type="submit" value="Send" />
            <input class="formbtn" name="resform" type="reset" value="Clear" />
  </form>
    </div><!--div form end-->
</body>

From what I have seen on one of the videos, it would be great to have the error message being displayed on the form itself, in an available area, hence the id=errmes which will be controlled by CSS for correct positioning.

 

The issue I am now facing is that the form still works and sends the data across but regardless of validation so, in other words, my changes to the code have resulted in nothing.

 

What am I doing wrong here?

 

Any help much appreciated.

 

Bellow is the code for the thankyou page.

<?php
$to = $_REQUEST['qtype'];
$from = $_REQUEST['email'];
$title = $_REQUEST['title'];
$fname = $_REQUEST['fname'];
$lname = $_REQUEST['lname'];
$message = $_REQUEST["formes"];

$headers = "From: $from";
$subject = "Web Contact Data.";

$date = date("j F Y");
$time = date("g:i A");

$fields = array ();
$fields{"fname"} = "First Name";
$fields{"lname"} = "Last Name";
$fields{"email"} = "E-Mail";
$fields{"qtype"} = "Querie Type";
$fields{"formes"} = "Customer's message";

$headers2 = "From: noreply@test.co.uk";
$subject2 = "$fname, we have received your query.";
$autoreply = "Dear $title $lname, $firnam,


Thank you for contacting us. 

We will get back to you as soon as possible, usually within 6 hours. 

If you have any more questions, please consult our website at www.test.co.uk.

Here is a copy of your message:
-------------------------------------------------------------------------------
$message
-------------------------------------------------------------------------------

Have you got this e-mail by mistake? If so, please do let us know by e-mailing us at general@test.co.uk.

This is an unmonitored mail box. Please do not reply to this e-mail.

kind regards, 
Customer Care Dep.
Date: $date
Time: $time";

$body ="We have received the following information:\n\n"; foreach($fields as $a => $b){ $body .= sprintf("%20s: %s\n",$b,$_REQUEST[$a],$date);}
$body .= $date;
$body .= $time;

switch($_REQUEST['qtype']) {
    case 'Feedback':
        $to = 'feedback@test.co.uk';
        break;
 
    case 'Website':
        $to = 'website@test.com';
        break;
 
    case 'Complaint':
        $to = complaint@test.co.uk';
        break;
 
    case 'Other':
        $to = 'other@test.co.uk';
        break;
}


$send = mail($to, $subject, $body, $headers);
$send2 = mail($from, $subject2, $autoreply, $headers2);

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>FormTest</title>

	<link href="css/FW2.css" rel="stylesheet" type="text/css" />

 	
</head>
<body>
	<div id="thankswraper"><!--div form start-->
   	   <p> </p>
   	   <p> </p>
    	 <p><img src="pics/invio-email.png" width="88" height="78" /></p>
    	 <p> </p>
    	 <p> </p>
    	 <p>Hello <?php print stripslashes($_REQUEST['title']. " " . $_REQUEST['fname']. " ". $_REQUEST['lname']); ?>. 
    	   <br />
    	   <br />
      Your message was successfully sent. </p>
  	     </p>
<p> </p>
          <p>We will do our best to reply within 1 working day.<br />
            <br />
      Thank you for contacting us.           
      <p id="goback"><a href="index.php">Go back</a><br />
    </div><!--div form end-->
</body>

Many thanks.

 

Albert

[requinix]

Your form is sending the data to the thank you page. For validation to work the form must be sending the data to the page where the validation is running. So

a) Make your form page do the validation (which it's doing now) as well as process the form

b) Make your form go to the thank you page (which it's doing now) and have the thank you page do the validation

 

(a) is easier because (b) means that you have to find a way to shuffle the data from the thank you page to the form in case of problems.

[ArrudaC]

HI requinix.

 

As I have mentioned I am not a coder and all that I have achieved was by finding some code and try to change it to suit my needs, sorry.

 

I always thought that the php code to send the form data was ment to be in the thank you page.

 

I'll give it a nother go and have all the php code in the form page.

 

Many thanks.

 

Regards,

Albert

[ArrudaC]

Hi.

 

After adding all the pho code to the form page (index.php), the data entered no longer gets sent over by email.

 

The thankyou page still shows up and it catches the forms field title-fname-lname, but no email.

 

Below is a copy of my form page now;

<?php

$to = $_REQUEST['qtype'];
$from = $_REQUEST['email'];
$title = $_REQUEST['title'];
$fname = $_REQUEST['fname'];
$lname = $_REQUEST['lname'];
$message = $_REQUEST["formes"];

$error_message = "";
$title = "";
$fname = "";
$lname = "";
$qtype = "";
$formes = "";

if(isset($_POST['submit'])){
$title = $_POST['title'];	
$fname = $_POST['lname'];
$lname = $_POST['lname'];
$qtype = $_POST['qtype'];
$formes = $_POST['formes'];

if(empty($title)|| empty($fname)|| empty($lname)|| empty($qtype)|| empty($formes)){
	$error_message = "* All fields are required!";
}
}

$headers = "From: $from";
$subject = "Web Contact Data.";

$date = date("j F Y");
$time = date("g:i A");

$fields = array ();
$fields{"fname"} = "First Name";
$fields{"lname"} = "Last Name";
$fields{"email"} = "E-Mail";
$fields{"qtype"} = "Querie Type";
$fields{"formes"} = "Customer's message";

$headers2 = "From: noreply@test.co.uk";
$subject2 = "$fname, we have received your query.";
$autoreply = "Dear $title $lname, $firnam,


Thank you for contacting us. 

We will get back to you as soon as possible, usually within 6 hours. 

If you have any more questions, please consult our website at www.test.co.uk.

Here is a copy of your message:
-------------------------------------------------------------------------------
$message
-------------------------------------------------------------------------------

Have you got this e-mail by mistake? If so, please do let us know by e-mailing us at general@test.co.uk.
This is an unmonitored mail box. Please do not reply to this e-mail.

kind regards, 
Customer Care Dep.
Date: $date
Time: $time";

$body ="We have received the following information:\n\n"; foreach($fields as $a => $b){ $body .= sprintf("%20s: %s\n",$b,$_REQUEST[$a],$date);}
$body .= $date;
$body .= $time;

switch($_REQUEST['qtype']) {
    case 'Feedback':
        $to = 'feedback@test.co.uk';
        break;
 
    case 'Website':
        $to = 'website@test.co.uk';
        break;
 
    case 'Complaint':
        $to = 'complaints@test.co.uk';
        break;
 
    case 'Other':
        $to = 'other@test.co.uk';
        break;
}


$send = mail($to, $subject, $body, $headers);
$send2 = mail($from, $subject2, $autoreply, $headers2);

?>


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>FormTest</title>

	<link href="css/FW2.css" rel="stylesheet" type="text/css" />

 	
</head>
<body>
<div id="formwraper"><!--div form start-->
    	<form id="form" name="form" action="thankyou.php" method="post">
        	<select id="title" name="title">
            	<option value="" disabled="disabled" selected="selected">Title...</option>
        		<option value="Mr">Mr</option>
        	    <option value="Mrs">Mrs</option>
        	    <option value="Ms">Ms</option>
        	    <option value="Miss">Miss</option>
      	    </select>
        	<input id="fname" name="fname" placeholder="First name..." />
        	<input id="lname" name="lname" placeholder="Last name..." />
            <select id="qtype" name="qtype">
            	<option value="" disabled="disabled" selected="selected">Query type...</option>
        		<option value="Feedback">Feedback</option>
        	    <option value="Website">Website</option>
        	    <option value="Complaint">Complaint</option>
        	    <option value="Other">Other</option>
      	    </select>
        	<input id="email" name="email" placeholder="Your email..." />
            <textarea id="formes" name="formes" placeholder="Your message here. We value your privacy."></textarea>
            <p id="errmes"><?php echo $error_message; ?></p>
            <input class="formbtn" name="subform" type="submit" value="Send" />
            <input class="formbtn" name="resform" type="reset" value="Clear" />
  </form>
    </div><!--div form end-->
</body>

Below is a copy of the thankyou page code.

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>FormTest</title>

	<link href="css/FW2.css" rel="stylesheet" type="text/css" />

 	
</head>
<body>
	<div id="thankswraper"><!--div form start-->
   	   <p> </p>
   	   <p> </p>
    	 <p><img src="pics/invio-email.png" width="88" height="78" /></p>
    	 <p> </p>
    	 <p> </p>
    	 <p>Hello <?php print stripslashes($_REQUEST['title']. " " . $_REQUEST['fname']. " ". $_REQUEST['lname']); ?>. 
    	   <br />
    	   <br />
      Your message was successfully sent. </p>
  	     </p>
<p> </p>
          <p>We will do our best to reply within 1 working day.<br />
            <br />
      Thank you for contacting us.           
      <p id="goback"><a href="index.php">Go back</a><br />
    </div><!--div form end-->
</body>

What am I doing wrong please?

 

Anyone?

 

Kind regards,

Albert

[maxxd]

The action parameter of your form is still 'thankyou.php', so the form is still pointing to that page. Remove the 'action="thankyou.php"' part of the opening form tag and it should start behaving as you expect.