I am trying to sanitize the output of what should be a simple email script, but it only outputs a blank page. Here is the script:
<?php
define("EMAIL", "info@silentpost.net");
if(isset($_POST['submit'])) {
//include validation class
include('./support/validate.class.php');
//assign post data to variables
$_POST['name'] = filter_var($_POST['name'], FILTER_SANITIZE_STRING);
$_POST['email'] = filter_var($_POST['email'], FILTER_SANITIZE_EMAIL);
$_POST['message'] = filter_var($_POST['message'], FILTER_SANITIZE_STRING);
$name = trim($_POST['name']);
$email = trim($_POST['email']);
$message = trim($_POST['message']);
//start validating our form
$v = new validate();
$v->validateStr($name, "name", 3, 75);
$v->validateEmail($email, "email");
$v->validateStr($message, "message", 5, 1000);
if(!$v->hasErrors()) {
$header = "From: $email
" . "Reply-To: $email
";
$subject = "email from silentpost.net website!";
$email_to = EMAIL;
$emailMessage = "Name: " . $name . "
";
$emailMessage .= "Email: " . $email . "
";
$emailMessage .= $message;
@mail($email_to, $subject ,$emailMessage ,$header );
} else {
//set the number of errors message
$message_text = $v->errorNumMessage();
//store the errors list in a variable
$errors = $v->displayErrors();
//get the individual error messages
$nameErr = $v->getError("name");
$emailErr = $v->getError("email");
$messageErr = $v->getError("message");
}//end error check
}// end isset
?>
If I omit the following code, the script will run fine:
$_POST['name'] = filter_var($_POST['name'], FILTER_SANITIZE_STRING);
$_POST['email'] = filter_var($_POST['email'], FILTER_SANITIZE_EMAIL);
$_POST['message'] = filter_var($_POST['message'], FILTER_SANITIZE_STRING);
if necessary, I will include the class, but I don't think it is an issue with the class, as removing the filter_var lines outputs correctly.
Any help would be appreciated.
