Log in

View Full Version : PHP form not submitting email, but redirecting to sender.php URL


katebellami
12-03-2013, 01:30 PM
Hi, I have a form that I tweaked from a free online form I found (not very well versed in PHP, and definitely not in PHP5 yet!). When you click the submit button, rather than sending the email and posting the thank you message, it just takes you to the sender.php 'page' which is blank. Here is the HTML code:




<form name="dform" action="sender.php" method="post">
<table>
<tr>
<td>
email : <input type="text" name="email_from" style="width:215px; height:15px; overflow:hidden; background-color:#ffffff; border:solid; border-width:1px; border-color:#6986B7; font-family: Arial, Helvetica, sans-serif; color:#6986B7; font-size:14; letter-spacing:1px;" />

&nbsp;
child’s age: years <select name="age_years">
<option value="0" style="background-color:#ffffff;">0</option>
<option value="1" style="background-color:#ffffff;">1</option>
<option value="2" style="background-color:#ffffff;">2</option>
<option value="3" style="background-color:#ffffff;">3</option>
<option value="4" style="background-color:#ffffff;">4</option>
<option value="5" style="background-color:#ffffff;">5</option>
</select>


months <select name="age_months">
<option value="0" style="background-color:#ffffff;">0</option>
<option value="1" style="background-color:#ffffff;">1</option>
<option value="2" style="background-color:#ffffff;">2</option>
<option value="3" style="background-color:#ffffff;">3</option>
<option value="4" style="background-color:#ffffff;">4</option>
<option value="5" style="background-color:#ffffff;">5</option>
<option value="6" style="background-color:#ffffff;">6</option>
<option value="7" style="background-color:#ffffff;">7</option>
<option value="8" style="background-color:#ffffff;">8</option>
<option value="9" style="background-color:#ffffff;">9</option>
<option value="10" style="background-color:#ffffff;">10</option>
<option value="11" style="background-color:#ffffff;">11</option>
<option value="12" style="background-color:#ffffff;">12</option>
</select>
</td>
<td>

<input type="image" src="images/hb-learnmorebutton.png" value="submit" name="submit" style="border:none; background:#ffffff; margin-left:10px;" />
</td></tr></table>

</form>



And here is the PHP code from sender.php:



<?php
if(isset($_POST['email'])) {

// EDIT THE 2 LINES BELOW AS REQUIRED
$email_to = "kate@madisonandmi.com";
$email_subject = "Contact Form Submission";


function died($error) {
// your error code can go here
echo "Oops!";
echo "These errors appear below.<br /><br />";
echo $error."<br /><br />";
echo "Please fix these errors and try again.<br /><br />";
die();
}

// validation expected data exists
if(!isset($_POST['email']) ||
!isset($_POST['age_years']) ||
!isset($_POST['age_months'])) {
died('We are sorry, but there appears to be a problem with the form you submitted.');
}

$email_from = $_POST['email']; // required
$telephone = $_POST['age_years']; // required
$comments = $_POST['age_months']; // required

$error_message = "";
$email_exp = '/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/';
if(!preg_match($email_exp,$email_from)) {
$error_message .= 'The Email Address you entered does not appear to be valid.<br />';
}
$string_exp = "/^[A-Za-z .'-]+$/";

if(!preg_match($string_exp,$age_years)) {
$error_message .= 'Please enter your childs age in years.<br />';
}
if(strlen($age_months) < 2) {
$error_message .= 'Please enter your childs age in months.<br />';
}
if(strlen($error_message) > 0) {
died($error_message);
}
$email_message = "Form details below.\n\n";

function clean_string($string) {
$bad = array("content-type","bcc:","to:","cc:","href");
return str_replace($bad,"",$string);
}

$email_message .= "Email: ".clean_string($email_from)."\n";
$email_message .= "Years: ".clean_string($age_years)."\n";
$email_message .= "Months: ".clean_string($age_months)."\n";


// create email headers
$headers = 'From: '.$email_from."\r\n".
'Reply-To: '.$email_from."\r\n" .
'X-Mailer: PHP/' . phpversion();
@mail($email_to, $email_subject, $email_message, $headers);
?>
<!-- include your own success html here -->
<link href="style.css" rel="stylesheet" type="text/css">
<body class="center">

Thank you for your interest in haepi bean! <br />We will be in touch soon!

<?php
}
?>
traq
12-03-2013, 07:05 PM
To answer why your sender.php page is blank, it's because you have no form field named email, and so your if() condition is not met. You have age_years, age_months, submit, and email_from.

However, I have seen this contact form example before, and I will recommend against using it. It has bad validation, bad mailing practices, bad user experience, and security vulnerabilities.

If you're interested in "starting from scratch" -as you stated in your other thread- why not start from scratch?

Your form is basically fine.
<form name="dform" action="sender.php" method="post">
<p>
<label>email: <input type="text" name="email_from"></label>
<p>
<label>child’s age (years):
<select name="age_years">
<option value="0">0</option>
<option value="1">1</option>
<option value="2">2</option>
<option value="3">3</option>
<option value="4">4</option>
<option value="5">5</option>
</select>
</label>
<p>
<label>child's age (months):
<select name="age_months">
<option value="0">0</option>
<option value="1">1</option>
<option value="2">2</option>
<option value="3">3</option>
<option value="4">4</option>
<option value="5">5</option>
<option value="6">6</option>
<option value="7">7</option>
<option value="8">8</option>
<option value="9">9</option>
<option value="10">10</option>
<option value="11">11</option>
<option value="12">12</option>
</select>
</label>
<p>
<input type="image" src="images/hb-learnmorebutton.png" value="submit" name="submit">
</form>

Let's think about how to process it.
<?php
// make sure form was submitted, including all required fiels
if(
isset( $_POST['submit'] )
&& isset( $_POST['email_from'] )
&& isset( $_POST['age_years'] )
&& isset( $_POST['age_months'] )
){

// validate email address (see http://php.net/filter_var):
$email_from = filter_var( $_POST['email_from'] );

// if the filter fails, $email_from will be false
if( $email_from === false ){

// add an error message
$err = "Please enter a valid email address.";
}

// validate age selections. the regex specifies digits only.
$age_years = filter_var( $_POST['age_years'],FILTER_VALIDATE_REGEXP,'/^[\d]+$/' );
$age_months = filter_var( $_POST['age_months'],FILTER_VALIDATE_REGEXP,'/^[\d]+$/' );

// if the filter fails, the variable(s) will be false.
// because these are <select> fields, they should _always_ pass.
// if they do not, it means that someone has been manipulating the form
// - quite possibly indicating an attack attempt.
// stop processing immediately.
if(
$age_years === false
|| $age_months === false
){
die();
}

// check if there is an error.
if( empty( $err ) ){

// no error; proceed.
$to = "your@email.address";
$subject = "Contact Form Submission";

// compose email body.
$message = "Email: $email_from\n"
."Years: $age_years\n"
."Months: $age_months\n";

// compose email headers.
$headers = "From: $email_from\r\n"
."Sender: auto@your-website.com\r\n";

// send
if( mail( $to,$subject,$message,$headers ) ){

// accepted by mail server
header( "Location: http://your-website.com/email-success" );
exit;
}else{

// not
header( "Location: http://your-website.com/email-failed" );
exit;
}
}else{

// error; show error message.
?>
<h1>Oops!</h1>
<p><?= $err ?></p>
<p>Please <a href="link/to/form">go back</a> and try again.</p>
<?php
}
}