foxclone Posted April 16, 2022 Author Share Posted April 16, 2022 (edited) Here's my code as it currently exists: <?php ini_set('display_errors', 1); ini_set('display_startup_errors', 1); error_reporting(E_ALL); // initialization session_start(); $email_contact = "help@foxclone.com"; $email_website = "webmaster@foxclone.com"; // definition of permitted types/subject/category. use to dynamically build the option list, // pre-selecting any existing choice, and used in the validation logic $permitted_types = ['Questions', 'Report Problem', 'Suggestion', 'Other', 'Website Problem']; $post = []; // array to hold a trimmed working copy of the form data $errors = []; // array to hold user/validation errors // post method form processing if($_SERVER['REQUEST_METHOD'] == 'POST') { // trim all the data at once $post = array_map('trim',$_POST); // if any of the fields are arrays, use a recursive call-back function here instead of php's trim function // inputs: name, email, type/subject/category, message - all required // validate the inputs if($post['name'] === '') { $errors['name'] = 'Name is required.'; } if($post['email'] === '') { $errors['email'] = 'Email is required.'; } else { // while it is true that the following email format validation will produce an error // for an empty value, you should specifically tell the visitor what is wrong with what // they submitted if (false === filter_var($post['email'], FILTER_VALIDATE_EMAIL)) { $errors['email'] = 'The Email Address you entered does not appear to be valid.'; } } if($post['type'] === '') { $errors['type'] = 'You must select a Type/Subject/Category.'; } else { // you will only see the following error due to a programming mistake or someone/something submitting their own values if(!in_array($post['type'],$permitted_types)) { $errors['type'] = 'The selected Type is invalid.'; // you would want to log the occurrence of this here... } } if($post['message'] === '') { $errors['message'] = 'Message is required.'; } else { if(strlen($post['message']) < 10) { $errors['message'] = 'The Message must be at least 10 characters.'; } } // if no errors, use the submitted data if(empty($errors)) { // apply htmlentities() to help prevent cross site scripting when viewing the received email in a browser $formcontent = htmlentities("From: {$post['name']}\r\nEmail: {$post['email']}\r\nSubject: {$post['type']}\r\nMessage: {$post['message']}", ENT_QUOTES); if ($post['type'] === "Website Problem") { $recipient=$email_website; } else { $recipient=$email_contact; } // add $post['email'] as a Reply-to: header if desired, it is one, valid email address at this point $mailheader = "From: $recipient\r\n"; if(!mail($recipient, $post['type'], $formcontent, $mailheader)) { // an error // setup the user error message $errors['mail'] = 'The email could not be sent, the site owner has been notified.'; // system error handling goes here... - datatime, get the last error message, include the mail parameter values... // at this point, all parameters are either an internal value, have been validated they they are just an expected value/format, or have had htmlentities() applied. } // if no errors at this point, success if(empty($errors)) { $_SESSION['success_message'] = "Mail Sent. Thank you {$post['name']}, we will contact you shortly.."; die(header("Refresh:0")); } } } // html document starts here... ?> <?php // display any success message if(!empty($_SESSION['success_message'])) { // for demo purposes, just output it as a paragraph. add any markup/styling you want echo '<p>'; echo htmlentities($_SESSION['success_message'], ENT_QUOTES); echo " - <a href='index.php#home' style='color:#ff0099;'> Return Home</a>"; echo '</p>'; unset($_SESSION['success_message']); } ?> <?php // display any errors if(!empty($errors)) { // for demo purposes, just output them as a paragraph. add any markup/styling you want echo '<p>'; echo implode('<br>',$errors); echo '</p>'; } ?> <?php // (re)display the form here..., re-populating the fields with any existing values return; ?> <?php require_once("header.php");?> <style> input, select { width: 20rem; line-height:30px; border:2px solid #2f496e; padding: 0; margin: 0; height: 30px; -moz-box-sizing: border-box; -webkit-box-sizing: border-box; box-sizing: border-box; font: 500 1rem sans-serif; background: #fff; } .input { text-indent: 3px; } </style> </head> <body> <?PHP require_once("navbar.php"); ?> <!--****************** * CONTACT * *******************--> <div class="head__h1"> Need help? Have a suggestion? Why not send us an email?</div> <div class="subtext"> We'll get back to you soon </div> <div class ="download"> <div class="cont__row" style="background-color: #d9b44a;"> <div class="cont__column"> <form method="POST"> <label>Name</label><br> <input type="text" name="name" value="<?php echo $name;?>"><br> <br> <label>Email</label><br> <input type="email" name="email" value="<?php echo $email;?>"><br> <br> <label>Select a Category</label> <br> <select name="type" id="category" size="1" value="<?php echo $type;?>"> <option value=''> </option> <option value='Questions'>Questions</option> <option value="Report Problem">Report Problem</option> <option value='Suggestion'>Suggestion</option> <option value='Other'>Other</option> <option value="Website Problem"> Website Problem</option> </select> </div> <div class="cont__column"> <label>Message</label><br> <textarea name="message" rows="10" cols="50" style="font: 500 1rem sans-serif"><?php echo $message;?></textarea><br> <br> <div class="button"> <input type="image" id="myimage" src="images/email1.jpg" style="height:40px; width:160px;"/> </form> </div> </div> </div> </div> <?PHP require_once("footer.php"); ?> When I try to open the contact page, I get the following error: Quote Warning: session_start(): Session cannot be started after headers have already been sent in /home/foxclo98/test.foxclone.com/contact.php on line 8 I tried putting a 'session_destroy();' before the session_start() but it said there was no session to destroy. Edited April 16, 2022 by foxclone Quote Link to comment Share on other sites More sharing options...
kicken Posted April 17, 2022 Share Posted April 17, 2022 You have output before the session_start call. Probably blank lines before your <?php tag. Remember, anything outside of php tags is output sent to the browser, even blank lines/spaces. Quote Link to comment Share on other sites More sharing options...
foxclone Posted April 17, 2022 Author Share Posted April 17, 2022 (edited) @kicken - Thanks for the reply. I've cleaned up the area before the session_start() and still getting the error in three different browsers. There are no blank lines before the <?php. Here's what the code looks like now: <?php session_start(); $email_contact = "help@foxclone.com"; $email_website = "webmaster@foxclone.com"; // definition of permitted types/subject/category. use to dynamically build the option list, // pre-selecting any existing choice, and used in the validation logic $permitted_types = ['Questions', 'Report Problem', 'Suggestion', 'Other', 'Website Problem']; $post = []; // array to hold a trimmed working copy of the form data $errors = []; // array to hold user/validation errors // post method form processing if($_SERVER['REQUEST_METHOD'] == 'POST') { // trim all the data at once $post = array_map('trim',$_POST); // if any of the fields are arrays, use a recursive call-back function here instead of php's trim function // inputs: name, email, type/subject/category, message - all required // validate the inputs if($post['name'] === '') { $errors['name'] = 'Name is required.'; } if($post['email'] === '') { $errors['email'] = 'Email is required.'; } else { // while it is true that the following email format validation will produce an error // for an empty value, you should specifically tell the visitor what is wrong with what // they submitted if (false === filter_var($post['email'], FILTER_VALIDATE_EMAIL)) { $errors['email'] = 'The Email Address you entered does not appear to be valid.'; } } if($post['type'] === '') { $errors['type'] = 'You must select a Type/Subject/Category.'; } else { // you will only see the following error due to a programming mistake or someone/something submitting their own values if(!in_array($post['type'],$permitted_types)) { $errors['type'] = 'The selected Type is invalid.'; // you would want to log the occurrence of this here... } } if($post['message'] === '') { $errors['message'] = 'Message is required.'; } else { if(strlen($post['message']) < 10) { $errors['message'] = 'The Message must be at least 10 characters.'; } } // if no errors, use the submitted data if(empty($errors)) { // apply htmlentities() to help prevent cross site scripting when viewing the received email in a browser $formcontent = htmlentities("From: {$post['name']}\r\nEmail: {$post['email']}\r\nSubject: {$post['type']}\r\nMessage: {$post['message']}", ENT_QUOTES); if ($post['type'] === "Website Problem") { $recipient=$email_website; } else { $recipient=$email_contact; } // add $post['email'] as a Reply-to: header if desired, it is one, valid email address at this point $mailheader = "From: $email\r\n"; if(!mail($recipient, $post['type'], $formcontent, $mailheader)) { // an error // setup the user error message $errors['mail'] = 'The email could not be sent, the site owner has been notified.'; // system error handling goes here... - datatime, get the last error message, include the mail parameter values... // at this point, all parameters are either an internal value, have been validated they they are just an expected value/format, or have had htmlentities() applied. } // if no errors at this point, success if(empty($errors)) { $_SESSION['success_message'] = "Mail Sent. Thank you {$post['name']}, we will contact you shortly.."; die(header("Refresh:0")); } } } // html document starts here... ?> <?php // display any success message if(!empty($_SESSION['success_message'])) { // for demo purposes, just output it as a paragraph. add any markup/styling you want echo '<p>'; echo htmlentities($_SESSION['success_message'], ENT_QUOTES); echo " - <a href='index.php#home' style='color:#ff0099;'> Return Home</a>"; echo '</p>'; unset($_SESSION['success_message']); } ?> <?php // display any errors if(!empty($errors)) { // for demo purposes, just output them as a paragraph. add any markup/styling you want echo '<p>'; echo implode('<br>',$errors); echo '</p>'; } ?> <?php // (re)display the form here..., re-populating the fields with any existing values return; ?> <?php require_once("header.php");?> <style> input, select { width: 20rem; line-height:30px; border:2px solid #2f496e; padding: 0; margin: 0; height: 30px; -moz-box-sizing: border-box; -webkit-box-sizing: border-box; box-sizing: border-box; font: 500 1rem sans-serif; background: #fff; } .input { text-indent: 3px; } </style> </head> <body> <?PHP require_once("navbar.php"); ?> <!--****************** * CONTACT * *******************--> <div class="head__h1"> Need help? Have a suggestion? Why not send us an email?</div> <div class="subtext"> We'll get back to you soon </div> <div class ="download"> <div class="cont__row" style="background-color: #d9b44a;"> <div class="cont__column"> <form method="POST"> <label>Name</label><br> <input type="text" name="name" value="<?php echo $name;?>"><br> <br> <label>Email</label><br> <input type="email" name="email" value="<?php echo $email;?>"><br> <br> <label>Select a Category</label> <br> <select name="type" id="category" size="1" value="<?php echo $type;?>"> <option value=''> </option> <option value='Questions'>Questions</option> <option value="Report Problem">Report Problem</option> <option value='Suggestion'>Suggestion</option> <option value='Other'>Other</option> <option value="Website Problem"> Website Problem</option> </select> </div> <div class="cont__column"> <label>Message</label><br> <textarea name="message" rows="10" cols="50" style="font: 500 1rem sans-serif"><?php echo $message;?></textarea><br> <br> <div class="button"> <input type="image" id="myimage" src="images/email1.jpg" style="height:40px; width:160px;"/> </form> </div> </div> </div> </div> <?PHP require_once("footer.php"); ?> Note: I've got error reporting in my php.ini, so don't have it in the code. Edited April 17, 2022 by foxclone Quote Link to comment Share on other sites More sharing options...
foxclone Posted April 17, 2022 Author Share Posted April 17, 2022 Rebooted my machine then went back to the website. Now when I open the contacts page, I get a blank page with no errors. Quote Link to comment Share on other sites More sharing options...
foxclone Posted April 17, 2022 Author Share Posted April 17, 2022 Getting the same thing on local server. Quote Link to comment Share on other sites More sharing options...
foxclone Posted April 17, 2022 Author Share Posted April 17, 2022 I reloaded the original code and now getting a new problem. When I open the contact page, the fields are showing the errors that result from having a blank field. Image can be seen at https://i.imgur.com/Csya9c1.png. Here's the current code: <?php // initialization session_start(); $email_contact = "help@foxclone.com"; $email_website = "webmaster@foxclone.com"; // definition of permitted types/subject/category. use to dynamically build the option list, // pre-selecting any existing choice, and used in the validation logic $permitted_types = ['Questions', 'Report Problem', 'Suggestion', 'Other', 'Website Problem']; $post = []; // array to hold a trimmed working copy of the form data $errors = []; // array to hold user/validation errors // post method form processing if($_SERVER['REQUEST_METHOD'] == 'POST') { // trim all the data at once $post = array_map('trim',$_POST); // if any of the fields are arrays, use a recursive call-back function here instead of php's trim function // inputs: name, email, type/subject/category, message - all required // validate the inputs if($post['name'] === '') { $errors['name'] = 'Name is required.'; } if($post['email'] === '') { $errors['email'] = 'Email is required.'; } else { // while it is true that the following email format validation will produce an error // for an empty value, you should specifically tell the visitor what is wrong with what // they submitted if (false === filter_var($post['email'], FILTER_VALIDATE_EMAIL)) { $errors['email'] = 'The Email Address you entered does not appear to be valid.'; } } if($post['type'] === '') { $errors['type'] = 'You must select a Type/Subject/Category.'; } else { // you will only see the following error due to a programming mistake or someone/something submitting their own values if(!in_array($post['type'],$permitted_types)) { $errors['type'] = 'The selected Type is invalid.'; // you would want to log the occurrence of this here... } } if($post['message'] === '') { $errors['message'] = 'Message is required.'; } else { if(strlen($post['message']) < 10) { $errors['message'] = 'The Message must be at least 10 characters.'; } } // if no errors, use the submitted data if(empty($errors)) { // apply htmlentities() to help prevent cross site scripting when viewing the received email in a browser $formcontent = htmlentities("From: {$post['name']}\r\nEmail: {$post['email']}\r\nSubject: {$post['type']}\r\nMessage: {$post['message']}", ENT_QUOTES); if ($post['type'] === "Website Problem") { $recipient=$email_website; } else { $recipient=$email_contact; } // add $post['email'] as a Reply-to: header if desired, it is one, valid email address at this point $mailheader = "From: $email\r\n"; if(!mail($recipient, $post['type'], $formcontent, $mailheader)) { // an error // setup the user error message $errors['mail'] = 'The email could not be sent, the site owner has been notified.'; // system error handling goes here... - datatime, get the last error message, include the mail parameter values... // at this point, all parameters are either an internal value, have been validated they they are just an expected // value/format, or have had htmlentities() applied. } // if no errors at this point, success if(empty($errors)) { $_SESSION['success_message'] = "Mail Sent. Thank you {$post['name']}, we will contact you shortly.."; die(header("Refresh:0")); } } } // html document starts here... ?> <?php // display any success message if(!empty($_SESSION['success_message'])) { // for demo purposes, just output it as a paragraph. add any markup/styling you want echo '<p>'; echo htmlentities($_SESSION['success_message'], ENT_QUOTES); echo " - <a href='index.php#home' style='color:#ff0099;'> Return Home</a>"; echo '</p>'; unset($_SESSION['success_message']); } ?> <?php // display any errors if(!empty($errors)) { // for demo purposes, just output them as a paragraph. add any markup/styling you want echo '<p>'; echo implode('<br>',$errors); echo '</p>'; } ?> <?php // (re)display the form here..., re-populating the fields with any existing values ?> <?php require_once("header.php");?> <style> input, select { width: 20rem; line-height:30px; border:2px solid #2f496e; padding: 0; margin: 0; height: 30px; -moz-box-sizing: border-box; -webkit-box-sizing: border-box; box-sizing: border-box; font: 500 1rem sans-serif; background: #fff; } .input { text-indent: 3px; } </style> </head> <body> <?PHP require_once("navbar.php"); ?> <!--****************** * CONTACT * *******************--> <div class="head__h1"> Need help? Have a suggestion? Why not send us an email?</div> <div class="subtext"> We'll get back to you soon </div> <div class ="download"> <div class="cont__row" style="background-color: #d9b44a;"> <div class="cont__column"> <form method="POST"> <label>Name</label><br> <input type="text" name="name" value="<?php echo $name;?>"><br> <br> <label>Email</label><br> <input type="email" name="email" value="<?php echo $email;?>"><br> <br> <label>Select a Category</label> <br> <select name="type" id="category" size="1" value="<?php echo $type;?>"> <option value=''> </option> <option value='Questions'>Questions</option> <option value="Report Problem">Report Problem</option> <option value='Suggestion'>Suggestion</option> <option value='Other'>Other</option> <option value="Website Problem"> Website Problem</option> </select> </div> <div class="cont__column"> <label>Message</label><br> <textarea name="message" rows="10" cols="50" style="font: 500 1rem sans-serif"><?php echo $message;?></textarea><br> <br> <div class="button"> <input type="image" id="myimage" src="images/email1.jpg" style="height:40px; width:160px;"/> </form> </div> </div> </div> </div> <?PHP require_once("footer.php"); ?> Â Â Quote Link to comment Share on other sites More sharing options...
mac_gyver Posted April 17, 2022 Share Posted April 17, 2022 wouldn't those Warnings indicate that the variables don't exist at the time they are being echoed? i recommend using php's Null Coalescing Operator to prevent those errors -  https://www.php.net/manual/en/language.operators.comparison.php#language.operators.comparison.coalesce <?php echo $var ?? ''; // echo the variable if it exists, or an empty string ?> next, one of the points made was to apply htmlentities to external, unknown, dynamic values when used in a html context - <?php echo htmlentities($var ?? '',ENT_QUOTES); ?> lastly, if you look at what the code is doing, especially the part that you know works, i.e. the email specific code, you will see what the variable names actually are. Quote Link to comment Share on other sites More sharing options...
foxclone Posted April 17, 2022 Author Share Posted April 17, 2022 (edited) @mac_gyver If I clear the error messages in each field and fill in the appropriate data, it sends the email. It's like it's processing the post php before the html. After sending the email, the following errors appear: Warning: Undefined variable $email in /home/foxclo98/test.foxclone.com/contact.php on line 85 Warning: Cannot modify header information - headers already sent by (output started at /home/foxclo98/test.foxclone.com/contact.php:85) in /home/foxclo98/test.foxclone.com/contact.php on line 103 Edited April 17, 2022 by foxclone Quote Link to comment Share on other sites More sharing options...
mac_gyver Posted April 17, 2022 Share Posted April 17, 2022 53 minutes ago, foxclone said: Warning: Undefined variable $email in /home/foxclo98/test.foxclone.com/contact.php on line 85 2 hours ago, foxclone said: $mailheader = "From: $email\r\n"; that error is due to the above line of code, which is something that you changed in the code. when you got that error message, did you even look at the code to try and find out what's causing the problem? at this point, you are making changes to the code that are introducing errors that didn't exist before and are not even attempting to find and fix your own problems. 59 minutes ago, foxclone said: Warning: Cannot modify header information - headers already sent by (output started at /home/foxclo98/test.foxclone.com/contact.php:85) in /home/foxclo98/test.foxclone.com/contact.php on line 103 this error, if you read it and notice where the output is occurring at, happens to be the line where the previous warning about the $email variable is being output. the previous warning being output to the browser is the output that's preventing the header() from working. Quote Link to comment Share on other sites More sharing options...
foxclone Posted April 17, 2022 Author Share Posted April 17, 2022 Thanks for the explanation. Everything is working properly now. Quote Link to comment Share on other sites More sharing options...
foxclone Posted April 17, 2022 Author Share Posted April 17, 2022 One final problem - the success message still displays even after exiting the website then returning to the contact page. It's not a cache problem, I've cleared it on 3 different browsers and it still appears after exiting the website then re-opening the contact page. Here's the current code: <?php // initialization session_start(); $email_contact = "help@foxclone.com"; $email_website = "webmaster@foxclone.com"; // definition of permitted types/subject/category. use to dynamically build the option list, // pre-selecting any existing choice, and used in the validation logic $permitted_types = ['Questions', 'Report Problem', 'Suggestion', 'Other', 'Website Problem']; $post = []; // array to hold a trimmed working copy of the form data $errors = []; // array to hold user/validation errors // post method form processing if($_SERVER['REQUEST_METHOD'] == 'POST') { // trim all the data at once $post = array_map('trim',$_POST); // if any of the fields are arrays, use a recursive call-back function here instead of php's trim function // inputs: name, email, type/subject/category, message - all required // validate the inputs if($post['name'] === '') { $errors['name'] = 'Name is required.'; } if($post['email'] === '') { $errors['email'] = 'Email is required.'; } else { // while it is true that the following email format validation will produce an error // for an empty value, you should specifically tell the visitor what is wrong with what // they submitted if (false === filter_var($post['email'], FILTER_VALIDATE_EMAIL)) { $errors['email'] = 'The Email Address you entered does not appear to be valid.'; } } if($post['type'] === '') { $errors['type'] = 'You must select a Type/Subject/Category.'; } else { // you will only see the following error due to a programming mistake or someone/something submitting their own values if(!in_array($post['type'],$permitted_types)) { $errors['type'] = 'The selected Type is invalid.'; // you would want to log the occurrence of this here... } } if($post['message'] === '') { $errors['message'] = 'Message is required.'; } else { if(strlen($post['message']) < 10) { $errors['message'] = 'The Message must be at least 10 characters.'; } } // if no errors, use the submitted data if(empty($errors)) { // apply htmlentities() to help prevent cross site scripting when viewing the received email in a browser $formcontent = htmlentities("From: {$post['name']}\r\nEmail: {$post['email']}\r\nSubject: {$post['type']}\r\nMessage: {$post['message']}", ENT_QUOTES); if ($post['type'] === "Website Problem") { $recipient=$email_website; } else { $recipient=$email_contact; } $email = $post['email']; // add $post['email'] as a Reply-to: header if desired, it is one, valid email address at this point $mailheader = "From: $email\r\n"; if(!mail($recipient, $post['type'], $formcontent, $mailheader)) { // an error // setup the user error message $errors['mail'] = 'The email could not be sent, the site owner has been notified.'; // system error handling goes here... - datatime, get the last error message, include the mail parameter values... // at this point, all parameters are either an internal value, have been validated they they are just an expected // value/format, or have had htmlentities() applied. } // if no errors at this point, success if(empty($errors)) { $_SESSION['success_message'] = "Mail Sent. Thank you {$post['name']}, we will contact you shortly.."; die(header("Refresh:0")); } } } // html document starts here... ?> <?php // display any success message if(!empty($_SESSION['success_message'])) { // for demo purposes, just output it as a paragraph. add any markup/styling you want echo '<p>'; echo htmlentities($_SESSION['success_message'], ENT_QUOTES); echo " - <a href='index.php#home' style='color:#ff0099;'> Return Home</a>"; echo '</p>'; unset($_SESSION['success_message']); } ?> <?php // display any errors if(!empty($errors)) { // for demo purposes, just output them as a paragraph. add any markup/styling you want echo '<p>'; echo implode('<br>',$errors); echo '</p>'; } ?> <?php // (re)display the form here..., re-populating the fields with any existing values ?> <?php require_once("header.php");?> <style> input, select { width: 20rem; line-height:30px; border:2px solid #2f496e; padding: 0; margin: 0; height: 30px; -moz-box-sizing: border-box; -webkit-box-sizing: border-box; box-sizing: border-box; font: 500 1rem sans-serif; background: #fff; } .input { text-indent: 3px; } </style> </head> <body> <?PHP require_once("navbar.php"); ?> <!--****************** * CONTACT * *******************--> <div class="head__h1"> Need help? Have a suggestion? Why not send us an email?</div> <div class="subtext"> We'll get back to you soon </div> <div class ="download"> <div class="cont__row" style="background-color: #d9b44a;"> <div class="cont__column"> <form method="POST"> <label>Name</label><br> <input type="text" name="name"><br> <br> <label>Email</label><br> <input type="email" name="email"><br> <br> <label>Select a Category</label> <br> <select name="type" id="category" size="1"> <option value=''> </option> <option value='Questions'>Questions</option> <option value="Report Problem">Report Problem</option> <option value='Suggestion'>Suggestion</option> <option value='Other'>Other</option> <option value="Website Problem"> Website Problem</option> </select> </div> <div class="cont__column"> <label>Message</label><br> <textarea name="message" rows="10" cols="50" style="font: 500 1rem sans-serif"></textarea><br> <br> <div class="button"> <input type="image" id="myimage" src="images/email1.jpg" style="height:40px; width:160px;"/> </form> </div> </div> </div> </div> <?PHP require_once("footer.php"); ?> Â Quote Link to comment Share on other sites More sharing options...
Solution foxclone Posted April 17, 2022 Author Solution Share Posted April 17, 2022 @mac_gyver Disregard - I forgot to turn caching off for my main site. Thanks for all your help. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.