Contact form not sending full submission data via php

[david891]

I have an HTML contact form that uses javascript for a change function. I have a dropdown for the subject and based on what option the person chooses different fields are displayed. For example if they choose Bug report different fields appear than selecting Add my group. Whenever a user fills out the form not and it gets emailed to me their answers to the questions based on the subject theyve selected dont get emailed to me.

I have included the code below, any help appreciated.

HTML

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js"></script>
<script type="text/javascript">
$(function () {
    $("#select").change(function () {
        if ($(this).val() == "subject1") {
            $("#EVENT").show();
        } else {
            $("#EVENT").hide();
        }
        if ($(this).val() == "subject2") {
            $("#GROUPCLUBS").show();
        } else {
            $("#GROUPCLUBS").hide();
        }
        if ($(this).val() == "subject3") {
            $("#DIRECTORY").show();
        } else {
            $("#DIRECTORY").hide();
        }
        if ($(this).val() == "subject4") {
            $("#BUG").show();
        } else {
            $("#BUG").hide();
        }                     
    });
});
</script>

<form name="contactform" method="post" action="contact.php">
<table width="450px">
<tr>
 <td valign="top">
  <label for="name">Name *</label>
 </td>
 <td valign="top">
  <input  type="text" name="name" maxlength="50" size="30">
 </td>
</tr>
<tr>
 <td valign="top">
  <label for="email">Email Address *</label>
 </td>
 <td valign="top">
  <input  type="text" name="email" maxlength="80" size="30">
 </td>
</tr>

<tr>
 <td valign="top">
<label for="subject">Subject *</label>
</td>
 <td valign="top">

<select name="subject" id="select">
  <option value="">-- select an option --</option>
  <option value="subject1">Add an Event</option>
  <option value="subject2">Add my Group or Club</option>
  <option value="subject3">I want listed in the Business Directory</option>
  <option value="subject4">Submit a Bug Report</option>
  <option value="subject5">Other Questions</option>
</select>

<div id="EVENT" style="display: none">
<label for="EventDate">Event Date</label>
<input type="text" name="eventdate" />
<br>
<label for="EventTime">Event Time</label>
<input type="text" name="eventtime" />
<br>
<label for="EventLocation">Event Location</label>
<input type="text" name="eventlocation" />
<br>
<label for="EventDescription">Event Description</label>
<input type="text" name="eventdescription" />
<br>
<label for="Ticketinfo">Ticket Information</label>
<input type="text" name="eventticketinfo" />
<br>
<label for="ExtraInfo">Extra Info</label>
<input type="text" name="extrainfo" />
<br>
<label for="Website">Website</label>
<input type="text" name="website" />
<br>
<label for="ContactInfo">Contact Info</label>
<input type="text" name="contact" />
</div> 


<div id="GROUPCLUBS" style="display: none">
<label for="ClubDescription">Club Description</label>
<input type="text" name="clubdescription" />
<br>
<label for="Meet">When does the club meet?</label>
<input type="text" name="meeting" />
<br>
<label for="Location">Location</label>
<input type="text" name="location" />
<br>
<label for="Cost">Cost of joining</label>
<input type="text" name="cost" />
<br>
<label for="ExtraInfo">Extra Info</label>
<input type="text" name="extrainfo" />
<br>
<label for="ContactInfo">Contact Info</label>
<input type="text" name="contact" />
</div> 


<div id="DIRECTORY" style="display: none">
<label for="BusinessDescription">Business Description</label>
<input type="text" name="businessdescription" />
<br>
<label for="BusinessLocation">Business Location</label>
<input type="text" name="location" />
<br>
<label for="OpeningHours">Opening Hours</label>
<input type="text" name="openinghours" />
<br>
<label for="Website">Website</label>
<input type="text" name="website" />
<br>
<label for="ContactInfo">Contact Info</label>
<input type="text" name="contact" />
</div> 


<div id="BUG" style="display: none">
<label for="device">Device</label>
<input type="text" name="device" />
<br>
<label for="info"></label>
<strong>Please provide more details in the message box below</strong>
</div> 
</td>
</tr>


<tr>
 <td valign="top">
  <label for="message">Message *</label>
 </td>
 <td valign="top">
  <textarea  name="message" maxlength="1000" cols="25" rows="6"></textarea>
 </td>
</tr>
<tr>
 <td colspan="2" style="text-align:center">
  <input type="submit" value="Submit"> 
 </td>
</tr>
</table>
</form>

PHP

<?php

if(isset($_POST['email'])) {
 
    $email_to = "david@davidsthompson.co.uk";
    $email_subject = "New Contact Form";
 
    function died($error) {
        // your error code can go here
        echo "We are very sorry, but there were error(s) found with the form you submitted. ";
        echo "These errors appear below.<br /><br />";
        echo $error."<br />";
        echo "Please go back and fix these errors.<br /><br />";
        die();
    }
 
 
    // validation expected data exists
    if(!isset($_POST['name']) ||
        !isset($_POST['email']) ||
        !isset($_POST['subject']) ||
        !isset($_POST['message'])) {
        died('We are sorry, but there appears to be a problem with the form you submitted.');       
    }
 
     
 
    $name = $_POST['name']; // required
    $email_from = $_POST['email']; // required
    $subject = $_POST['subject']; // required 
    $message = $_POST['message']; // required 
 
    $error_message = "";
    $email_exp = '/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/';
 
  
    $string_exp = "/^[A-Za-z .'-]+$/";
 
  if(!preg_match($string_exp,$name)) {
    $error_message .= 'The Name you entered does not appear to be valid.<br />';
  }
 
  if(!preg_match($email_exp,$email_from)) {
    $error_message .= 'The Email Address you entered does not appear to be valid.<br />';
  }
  
    if(strlen($subject) < 2) {
    $error_message .= 'The Subject you entered does not appear to be valid.<br />';
  }
 
 
  if(strlen($message) < 2) {
    $error_message .= 'The Message you entered does not appear to be valid.<br />';
  }
 
  if(strlen($error_message) > 0) {
    died($error_message);
  }
 
    $email_message = "Form details below.\n\n";
 
     
    function clean_string($string) {
      $bad = array("content-type","bcc:","to:","cc:","href");
      return str_replace($bad,"",$string);
    }
 
     
 
    $email_message .= "Name: ".clean_string($name)."\n";
    $email_message .= "Email: ".clean_string($email_from)."\n";
    $email_message .= "Subject: ".clean_string($subject)."\n";
    $email_message .= "Message: ".clean_string($message)."\n";
 
// create email headers
$headers = 'From: '.$email_from."\r\n".
'Reply-To: '.$email_from."\r\n" .
'X-Mailer: PHP/' . phpversion();
mail($email_to, $email_subject, $email_message, $headers);  
?>
 
<!-- include your own success html here -->
 
Thank you for contacting us. We will be in touch with you very soon.
 
<?php
 
}
?>

 

 

[requinix]

All those form fields... You have to add some code to get their values. PHP isn't doing anything magical when it comes to building that email.

You see how it's currently getting the name, and email, and all that? You need more like that for the new fields.

[mac_gyver]

before you go beating on a keyboard adding bespoke code to handle each form field, there are some functional/user things you need to fix first. then, since you have a number form fields to process, you should be dynamically processing them, not writing out lines and lines of code that have to be changed any time you need to fix a common problem or make a change to how the code works.

some problems -

1) the name of each form field must be unique (you will only receive the data from the last same-named field) and since there are selectable sections, the name should also uniquely identify the section and field within that section.

2) all the <label></label> tags need a corresponding id='...' attribute in the form field they correspond to. there's only one form field with an id attribute now and it doesn't match the for='...' attribute in its label.

3) if they are not already on the same page, both the form processing code and the form should be on the same page. this will let you display any validation errors when you re-display the form and you also need to repopulate the form field values with any previously submitted data so that the visitor doesn't need to keep selecting/reentering data, which will increase the possibility of typo mistakes.

4) except perhaps during testing when you are entering your own email address, these emails are NOT being sent from the email address that someone enters in the form. they are being sent from the mail server at your web host (even if the receiving mail server is the same one.) the From: email address must either have a domain name the directly corresponds to the sending mail server or there must be an SPF DNS zone record at the domain name being put into the From: email address that indicates your sending mail server is authorized to send email for that domain name. short-answer: the From: email address should be the same as the To: email address and you only put the entered email address into a Reply-to: mail header, after validating that it is only and exactly one correctly formatted email address.

5) all submitted values that get put into the email message need to have htmlentities() applied to them to prevent any injected css/javascript from being operated on when the message is read. even though you are not intentionally creating a html email (now), email clients can be configured to treat all emails as html. also apply htmlentities() to any data values that you output on the web page to the visitor.

6) you also need to test for errors from the mail() (or even better, one of the php mailer classes) and report success or failure of the attempt to send the email.

7) you should use an array to hold the validation errors. this will let you store each error with the corresponding field as a key. this will let you test at any point of there is or is not an error with any field and it will also let you display the errors next to the corresponding field.

as to the php code you have now, one of the points of programming is to NOT develop carpal tunnel syndrome. if you find yourself writing out discrete variables, copying variables to other variables, and writing/repeating lines of code that only differ in the piece of input data they operate on, you need to find a different way of processing the data. btw - the clean_string() function in the code now is pointless, ridiculous copy/pasted code from the web.  get rid if it.

the way to process a set of data like this is to create a data structure (array) that defines the expected form fields, what validation tests to preform on each one, and if they are required or not. you would then loop over this defining data structure and validate each input in turn. at the end of the validation logic, you would just test if the array holding the validation errors is empty or not. if it is empty, you know all the data is valid and you can use it as input to the email logic. this kind of dynamic processing will also help simplify or eliminate logic for the different sections/subject. you can just have a field in the defining data structure with the corresponding subject value, then use the selected subject value to only operate on fields having the corresponding value.

the form processing code will then just end up needing to do -

1) detect that a post method form was submitted

2) validate the input data

3) if there are no validation errors, use the input data

4) if there are validation errors, display then when you re-display the form and also repopulate the form field values.