PDA

View Full Version : save form data to db and send via email



ianhaney
03-09-2016, 08:55 PM
Hi

I am in the middle of testing a form that I would like to store the submitted data to a database and then send a email out

The email is being sent but the data is not being added to the database, is it ok if someone can quickly glance over the coding to see what I have done wrong or missed please



<?php

$servername = "";
$username = "";
$password = "";
$dbname = "";

// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}

// Escape user inputs for security
$fullname = mysqli_real_escape_string($conn, $_POST['fullname']);
$emailaddress = mysqli_real_escape_string($conn, $_POST['emailaddress']);
$phonenumber = mysqli_real_escape_string($conn, $_POST['phonenumber']);
$amountloan = mysqli_real_escape_string($conn, $_POST['amountloan']);

$sql = "INSERT INTO loan_enquiries (fullname, emailaddress, phonenumber, amountloan)
VALUES ('$fullname', '$emailaddress', '$phonenumber', '$amountloan')";

if ($conn->query($sql) === TRUE) {
echo "Connection Success";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}

$conn->close();

$your_email ='email_address here';// <<=== update to your email address

session_start();
$errors = '';
$name = '';
$visitor_email = '';
$phone = '';
$loanamount = '';

if(isset($_POST['submit']))
{

$name = $_POST['name'];
$visitor_email = $_POST['email'];
$phone = $_POST['phone'];
$loanamount = $_POST['loanamount'];
///------------Do Validations-------------
if(empty($name)||empty($visitor_email)||empty($phone)||empty($loanamount))
{
$errors .= "\n Name, Email, Phone and Loan Amount are required fields. ";
}
if(IsInjected($visitor_email))
{
$errors .= "\n Bad email value!";
}
if(empty($_SESSION['6_letters_code'] ) ||
strcasecmp($_SESSION['6_letters_code'], $_POST['6_letters_code']) != 0)
{
//Note: the captcha code is compared case insensitively.
//if you want case sensitive match, update the check above to
// strcmp()
$errors .= "\n The captcha code does not match!";
}

if(empty($errors))
{
//send the email
$to = $your_email;
$subject="New Loan Enquiry";
$from = $your_email;
$ip = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '';

$body = "A user $name submitted the contact form:\n".
"Name: $name\n".
"Email: $visitor_email \n".
"Phone: $phone \n".
"Loan Amount: \n ".
"$loanamount\n".

$headers = "From: $from \r\n";
$headers .= "Reply-To: $visitor_email \r\n";

mail($to, $subject, $body,$headers);

header('Location: thank-you.php');
}
}

// Function to validate against any email injection attempts
function IsInjected($str)
{
$injections = array('(\n+)',
'(\r+)',
'(\t+)',
'(%0A+)',
'(%0D+)',
'(%08+)',
'(%09+)'
);
$inject = join('|', $injections);
$inject = "/$inject/i";
if(preg_match($inject,$str))
{
return true;
}
else
{
return false;
}
}
?>


below is the html form script



<form method="POST" name="contact_form_loan" action="loan-mailer.php">
<p>
<label for='name'>Name: </label><br>
<input type="text" name="name" value='<?php echo htmlentities($name) ?>'>
</p>
<p>
<label for='email'>Email: </label><br>
<input type="text" name="email" value='<?php echo htmlentities($visitor_email) ?>'>
</p>
<p>
<label for='phone'>Phone: </label><br>
<input type="text" name="phone" value='<?php echo htmlentities($phone) ?>'>
</p>
<p>
<label for='loanamount'>Loan Amount: </label><br>
<input type="text" name="loanamount" value='<?php echo htmlentities($loanamount) ?>'>
</p>
<p>
<img src="captcha_code_file.php?rand=<?php echo rand(); ?>" id='captchaimg' ><br>
<label for='message'>Enter the code above here :</label><br>
<input id="6_letters_code" name="6_letters_code" type="text"><br>
<small>Can't read the image? click <a href='javascript: refreshCaptcha();'>here</a> to refresh</small>
</p>
<input type="submit" value="Submit" name='submit'>
</form>


Just thought could it be that I need to add id to the input field tag or need to change the name part within the input field?

These are the errors I am getting in loan-mailer.php

Notice: Undefined index: fullname in /home/broadway/public_html/sites/first-quality-finance/loan-mailer.php on line 20

Notice: Undefined index: emailaddress in /home/broadway/public_html/sites/first-quality-finance/loan-mailer.php on line 21

Notice: Undefined index: phonenumber in /home/broadway/public_html/sites/first-quality-finance/loan-mailer.php on line 22

Notice: Undefined index: amountloan in /home/broadway/public_html/sites/first-quality-finance/loan-mailer.php on line 23

Is that cause of the names different or need to be added in the input tag?

Thank you in advance

Ian

ianhaney
03-09-2016, 10:28 PM
Sorry I have sorted the issue and works perfect now, I think it was a mixture of the names being different so made sure all the names were the same for the input fields etc.