Hi, I’m still relatively new to PHP and I’m trying to understand how to sanitize a checkbox within a form.
I’ve done a search through Google, but what I’ve come across gives short explanations that I don’t really understand.
Okay, so here’s what I do understand. I can add the values to an array, check the array for the expected values, and what doesn’t match those expected values will be sent as a null value. The problem lies in how to implement the array and how to check it. I understand how to sanitize and validate input boxes, that’s really no problem. However, checkboxes have me confused.
Is there anyone who can help me understand what I’m trying to do? I’m not certain why this is evading me, but it is and I’m wondering if maybe I’ve overcomplicated the whole thing.
Here’s what I have so far:
PHP
[php]
<?php // Initializing Error Variables To Null. $nameError =""; $emailError =""; $websiteError =""; $name = $_POST['name']; $email = $_POST['email']; $website = $_POST['website']; $checkboxInput1 = $_POST['checkboxInput1']; $checkboxInput2 = $_POST['checkboxInput2']; $checkboxInput3 = $_POST['checkboxInput3']; $checkboxInput4 = $_POST['checkboxInput4']; $checkboxInput5 = $_POST['checkboxInput5']; $spamField = $_POST['sField']; $statusMsg = ''; $msgClass = ''; if(isset($_POST['submit'])){ if($_POST['name'] != "") { $_POST['name'] = filter_var($_POST['name'], FILTER_SANITIZE_STRING); if ($_POST['name'] == "") { $nameError = "Please enter a valid name."; } } else { $nameError = "Please enter your name."; } if($_POST['email'] != "") { $_POST['email'] = filter_var($_POST['email'], FILTER_SANITIZE_EMAIL); $_POST['email'] = filter_var($_POST['email'], FILTER_VALIDATE_EMAIL); if($_POST['email'] == "") { $emailError = "Please enter a valid email."; } } else { $emailError = "Please enter your email."; } if($_POST['website'] != "") { $_POST['website'] = filter_var($_POST['website'], FILTER_SANITIZE_URL); $_POST['website'] = filter_var($_POST['website'], FILTER_VALIDATE_URL); if ($_POST['website'] == "") { $websiteError = "Please enter a valid website start with http:// "; } } else { $websiteError = "Please enter your website URL."; } if($_POST['checkboxInput1'] != "") { if ($_POST['checkboxInput1'] == "") { } } else { } if($_POST['sField'] != "") { $_POST['sField'] = filter_var($_POST['sField'], FILTER_SANITIZE_STRING); if ($_POST['sField'] == "") { } } else { $sFieldError = "Contact Administration"; } $toEmail = '[email protected]'; $emailSubject = $name.': Contact Request'; $htmlContent = 'Form Submitted
Name
'.$name.'
'.$email.'
Website
'.$website.'
Checkbox Input 1
'.$checkboxInput1.'
Checkbox Input 2
'.$checkboxInput2.'
Checkbox Input 3
'.$checkboxInput3.'
Checkbox Input 4?
'.$checkboxInput4.'
Checkbox Input 5
'.$checkboxInput5.'
'; // Set content-type header for sending HTML email $headers = "MIME-Version: 1.0" . "\r\n"; $headers .= "Content-type:text/html;charset=UTF-8" . "\r\n"; // Additional headers $headers .= 'From: '.$name.' <'.$email.'>'. "\r\n"; // Send email if(mail($toEmail, $emailSubject, $htmlContent, $headers)){ $statusMsg = 'Your contact request has been submitted successfully!'; $msgClass = 'succdiv'; } else { $statusMsg = 'There seems to have been an error with your submission. Contact administration for a resolution.'; $msgClass = 'errordiv'; } } ?>[/php]
HTML
<?php if(!empty($statusMsg)){ ?>
<p class="statusMsg <?php echo !empty($msgClass)?$msgClass:''; ?>">
<?php echo $statusMsg; ?>
</p>
<?php } ?>
<!-- ---- FORM ---- -->
<form id="form" action="" method="post">
<h2>Form</h2>
<div>
<input type="text" id="nameFirst" name="name" />
<label for="nameFirst">
<span>Name</span>
</label>
<span class="hint">
<p><?php echo $nameError;?></p>
</span>
</div>
<div>
<input type="email" id="eAddy" name="email" />
<label for="eAddy">
<span>Contact Email</span>
</label>
<span class="hint">
<p><?php echo $emailError;?></p>
</span>
</div>
<div>
<input type="url" id="siteAddress" name="website" />
<label for="siteAddress">
<span>Website Address</span>
</label>
<span class="hint">
<p><?php echo $websiteError;?></p>
</span>
</div>
<div>
<input type="checkbox" id="cbID1" name="checkboxInput1" class="cbSwitch" />
<label for="cbID1">Checkbox Input 1</label>
</div>
<div>
<input type="checkbox" id="cbID2" name="checkboxInput2" class="cbSwitch" />
<label for="cbID2">Checkbox Input 2</label>
</div>
<div>
<input type="checkbox" id="cbID3" name="checkboxInput3" class="cbSwitch" />
<label for="cbID3">Checkbox Input 3</label>
</div>
<div>
<input type="checkbox" id="cbID4" name="checkboxInput4" class="cbSwitch" />
<label for="cbID4">Checkbox Input 4</label>
</div>
<div>
<input type="checkbox" id="cbID5" name="checkboxInput5" class="cbSwitch" />
<label for="cbID5">Checkbox Input 5</label>
</div>
<input type="text" id="sField" class="col" name="sField" />
<button id="submit" name="submit" type="submit" value="Submit">Submit</button>
</form>