doubi1928 2013-08-21 18:28
浏览 72
已采纳

php联系表单验证(无效的电子邮件仍然发送)

So I am putting together a form and was recommended that I validate the form. I found a tutorial but seem to still be having problems getting the php to function.

The html for the form:

<div id="FGSform"> 
<form action="/working/wp-content/themes/NEW/mail.php" method="post" name="contactFGS"          id="contactFGS">
<ul>
<li>
    <label for="first-name">First Name</label>
<br>
    <input type="text" id="firstname" name="firstname" required aria-required="true">
</li>
<br>
<li>
    <label for="last-name">Last Name</label><br>
    <input type="text" id="lastname" name="lastname" required aria-required="true">
</li>
<br>
<li>
    <label for="email">Email</label>
<br>
    <input type="email" id="email" name="email" required aria-required="true">
</li>
<br>
<li>
  <label for="contact-reason" id="reason" name="reason">Reason for Contact</label>
      <select id="reason" name="reason" required>
      <option value="."></option>
      <option value="Print Services">Print Services</option>
      <option value="Design Services">Design Services</option>
      <option value="Employment">Employment</option>
      <option value="Questions">Questions</option>
      <option value="Other">Other</option>     
      </select> 
</li>
<br>
<li>
  <label for="comments">Comments</label>
<br>
    <textarea name="contactcomments" id="contactcomments" cols="40" rows="10" required></textarea>
</li> 
<br>
<li>
    <input type="radio" id="newsletter" name="newsletter">
    <label for="signmeup">Sign me up for newsletter, updates and other information about FGS</label>  
</li>
<br>
<li>
<input type="submit" value="Send" name="submit">
</li>

Here is the php:

<?php
/*Validate and Sanitaize */

    if (isset($_POST['submit'])){

}

if ($_POST['firstname'] != "") {
    $_POST['firstname'] = filter_var($_POST['firstname'], FILTER_SANITIZE_STRING);
    if ($_POST['firstname'] == "") {
        $errors .= 'Please enter a valid name.<br/><br/>';
    }       
} else {
    $errors .= 'Please enter your name.</br>';
}   

if ($_POST['lastname'] != "") {
    $_POST['lastname'] = filter_var($_POST['lastname'], FILTER_SANITIZE_STRING);
    if ($_POST['lastname'] == "") {
        $errors .= 'Please enter a valid name.<br/><br/>';
    }       
} else {
    $errors .= 'Please enter your last name.</br>';
}

if ($_POST['emial'] != "") {
    $email = filter_var($_POST['email'], FILTER_SANITIZE_EMAIL);
    if (!filter_var($email, FILTER_VALITDATE_EMAIL)) {
        $errors .="$email is <strong>NOT</strong> a valid email address.<br/<br/>";
    }
} else {
    $errors .= 'Please enter your email address.<br/>';
}

if (isset($_REQUEST['reason']) && $_REQUEST['reason'] =='.') {
    echo 'Please select a reason for contacting.<br/>';
}

if ($_POST['contactcomments'] != "") {  
    $_POST['contactcomments'] = filter_var($_POST['contactcomments'], FILTER_SANITIZE_STRING);
    if ($_POST['contactcomments'] == "") {
        $errors .='Please enter a message to send.<br/>';
    }
} else {
    $errors .='Please enter a message to send.<br/>';
}





 /* Email Variables */
 $emailSubject = 'Website Mail!'; 
$webMaster = 'email@here.com';



 /* Data Variables */
 $firstname = $_POST['firstname'];
 $lastname = $_POST['lastname'];
$email = $_POST['email'];
$reason = $_POST['reason'];
$contactcomments = $_POST['contactcomments'];
$newsletter = $_POST['newsletter'];





$body = <<<EOD
<br><hr><br>
Name: $firstname <br>
Last Name: $lastname <br>
Email: $email <br>
Reason: $reason <br>
Comments: $contactcomments <br>
Newsletter = $newsletter <br>
EOD;
$headers = "From: $email
";
$headers .= "Content-type: text/html
";
$success = mail($webMaster, $emailSubject, $body,
$headers);


/* Results rendered as HTML */
$theResults = <<<EOD
<html>
<head>
<title>sent message</title>
 <meta http-equiv="refresh" content="3;URL=http://mywebsite.com/working/?       page_id=8">
<style type="text/css">
<!--
body {
background-color: #fff; 
font-family: Arial, Helvetica, sans-serif;
font-size: 20px;
font-style: normal;
line-height: normal;
font-weight: normal;
color: #555555;
text-decoration: none;
padding-top: 200px;
margin-left: 150px;
width: 800px;
}
-->
</style>
</head>
<div align="center">Thank you! We will contact you back as soon as posible.</div>
</div>
</body>
</html>
EOD;
echo "$theResults";
?>

The problem that I am having is a person can submit and invalid e-mail as well they can choose the invalid selection item.

I have the action of the form connected to the php file but I wasn't sure if I need to have each form element call the the specific if/then statement of the php file.

I am new to php so this has proven to be a real challenge.

Thank you to anyone who helps.

  • 写回答

3条回答 默认 最新

  • drnf09037160 2013-08-21 18:52
    关注

    You have a few options.

    In your form take out value="." in <option value="."></option>

    then change this if (isset($_REQUEST['reason']) && $_REQUEST['reason'] =='.') {

    to

    if (!isset($_REQUEST['reason'])) { and that option will work (tested)

    Be sure to make the change for if ($_POST['emial'] != "") {

    to if ($_POST['email'] != "") {

    Along with Dimitri Mostrey's answer.

    You could also try what you already have, but include exit; at the end like this and add ! in your if isset:

    Notice the added ! which wasn't in your handler and needs it.

    Otherwise, using if (isset, you're telling "if it is set" which it isn't.

    if (!isset($_REQUEST['reason']) || $_REQUEST['reason'] =='.') {
    echo 'Please select a reason for contacting.<br/>';

exit;

    Email validation

    Underneath if (isset($_POST['submit'])){

    add $email = $_POST['email'];

    Then change:

    if ($_POST['email'] != "") {


    $email = filter_var($_POST['email'], FILTER_SANITIZE_EMAIL);
    if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
        $errors .="$email is <strong>NOT</strong> a valid email address.<br/<br/>";
    }
}

    to

    if(!filter_var($email, FILTER_VALIDATE_EMAIL))
  {
  echo "E-mail is not valid";

exit;

  }

    Here's a total rewrite:

    NOTE: It is better to put your variables at the top, instead of further down below.

    I added $email = $_POST['email']; underneath if (isset($_POST['submit'])){

    <?php
/*Validate and Sanitize */

    if (isset($_POST['submit'])){

    $email = $_POST['email'];

}

$error = ""; // added by me

if ($_POST['firstname'] != "") {
    $_POST['firstname'] = filter_var($_POST['firstname'], FILTER_SANITIZE_STRING);
    if ($_POST['firstname'] == "") {
        $errors .= 'Please enter a valid name.<br/><br/>';
    }       
} else {
    $errors .= 'Please enter your name.</br>';
}   

if ($_POST['lastname'] != "") {
    $_POST['lastname'] = filter_var($_POST['lastname'], FILTER_SANITIZE_STRING);
    if ($_POST['lastname'] == "") {
        $errors .= 'Please enter a valid name.<br/><br/>';
    }       
} else {
    $errors .= 'Please enter your last name.</br>';
}


/*
if ($_POST['email'] != "") {


    $email = filter_var($_POST['email'], FILTER_SANITIZE_EMAIL);
    if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
        $errors .="$email is <strong>NOT</strong> a valid email address.<br/<br/>";
    }
}
*/

if(!filter_var($email, FILTER_VALIDATE_EMAIL))
  {
  echo "E-mail is not valid";

exit;

  }

else {
    $errors .= 'Please enter your email address.<br/>';
}

if (!isset($_REQUEST['reason']) || $_REQUEST['reason'] =='.') {
    echo 'Please select a reason for contacting.<br/>';

exit;
}

if ($_POST['contactcomments'] != "") {  
    $_POST['contactcomments'] = filter_var($_POST['contactcomments'], FILTER_SANITIZE_STRING);
    if ($_POST['contactcomments'] == "") {
        $errors .='Please enter a message to send.<br/>';
    }
} else {
    $errors .='Please enter a message to send.<br/>';
}


 /* Email Variables */
 $emailSubject = 'Website Mail!'; 
$webMaster = 'kmurray@frgraphicsolutions.com';


 /* Data Variables */
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$email = $_POST['email'];
$reason = $_POST['reason'];
$contactcomments = $_POST['contactcomments'];
$newsletter = $_POST['newsletter'];


$body = <<<EOD
<br><hr><br>
Name: $firstname <br>
Last Name: $lastname <br>
Email: $email <br>
Reason: $reason <br>
Comments: $contactcomments <br>
Newsletter = $newsletter <br>
EOD;
$headers = "From: $email
";
$headers .= "Content-type: text/html
";
$success = mail($webMaster, $emailSubject, $body, $headers);

/* Results rendered as HTML */
$theResults = <<<EOD
<html>
<head>
<title>sent message</title>
<meta http-equiv="refresh" content="3;URL=http://frgraphicsolutions.com/working/?page_id=8">

<style type="text/css">
<!--
body {
background-color: #fff; 
font-family: Arial, Helvetica, sans-serif;
font-size: 20px;
font-style: normal;
line-height: normal;
font-weight: normal;
color: #555555;
text-decoration: none;
padding-top: 200px;
margin-left: 150px;
width: 800px;
}
-->
</style>
</head>
<div align="center">Thank you! We will contact you back as soon as possible.</div>
</div>
</body>
</html>
EOD;
echo "$theResults";
?>
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(2条)

报告相同问题?

悬赏问题

  • ¥100 set_link_state
  • ¥15 虚幻5 UE美术毛发渲染
  • ¥15 CVRP 图论 物流运输优化
  • ¥15 Tableau online 嵌入ppt失败
  • ¥100 支付宝网页转账系统不识别账号
  • ¥15 基于单片机的靶位控制系统
  • ¥15 真我手机蓝牙传输进度消息被关闭了,怎么打开?(关键词-消息通知)
  • ¥15 装 pytorch 的时候出了好多问题,遇到这种情况怎么处理?
  • ¥20 IOS游览器某宝手机网页版自动立即购买JavaScript脚本
  • ¥15 手机接入宽带网线,如何释放宽带全部速度