Contact Form Validation How-to

General PHP Help
#1

I have the following code in a file called contactus.php:

<td colspan=2> <b>Please enter the text you see in the box below:</b><br> <img src="CaptchaSecurityImages.php?width=100&amp;height=40&amp;characters=5" alt="captcha" /> <input id="security_code" name="security_code" type="text" /></td> </tr>

I need to validate this security code and do one of the following:

Show thank you page and send email with data entered contact page
or
show thank you page with error and request user to reenter captcha.

I can send the following files if needed:

Contactus.php
Feedback.php
thank you.php
CaptchaSecurityImages.php

please help.
thanks
Jongleur

#2

i used the code for captcha from here:
http://www.white-hat-web-design.co.uk/blog/php-captcha-security-images/

#3

The three files are here:
contactus.php:

<html lang="en">

<head>

<title></title>

</head>

<body>

<div id="wrapper" class="contact">



<div id="container">



<div id="left">



<?php include("top-left-green.php"); ?>



<img src="/images/box-top.gif" alt="box top">



<div id="box">





<img id="clip" src="/images/clip.gif" alt="clip logo">



<div id="box-content">



<a href="#"><img class="box-menu"  src="/images/box-menu-links.gif" alt="quick links"></a>





<p class="top"></p>

<h4 id="box-search">SEARCH</h4>



<form action="#">

<div>

<input id="search-box" type="text">

<input id="glass" type="image" src="/images/glass.gif" alt="magnifying glass">

</div>

</form>



</div><!--end #box-content -->





</div><!--end #box -->



<img src="/images/box-bottom.gif" alt="box bottom">



</div><!-- end #left-->



<div id="right">



<img src="/images/bigtop.gif" alt="big top">

<!-- begin #contactus-content-->

<form method=post action="/feedback.php">

<div id="admissions-content">

<div id="generic-font">



<table width=440 border=0 cellspacing=10 cellpadding=0>

	<tr>

		<td valign=top align=left>

We would like to hear from you if you have a query about the enrolment of your child at our school. Please use the form below to write to us.

		</td>

	</tr>

	<tr>

		<td valign=top align=left>

			<b>Full Name:</b><br>

		<input type=text name="name" size=35></td>

	</tr>

	<tr>

		<td valign=top align=left>

			<b>Email:</b><br>

		<input type=text name="email" size=35></td>

	</tr>

	<tr>

		<td valign=top align=left>

			<b>Phone:</b><br>

		<input type=text name="phone" size=35></td>

	</tr>

	<tr>

		<td valign=top>

			<b>How did you hear about us?</b><br>

		<input type=radio name="fromwho" value="A popular search engine">&nbsp;A popular search engine<br>

		<input type=radio name="fromwho" value="Link from another site">&nbsp;Link from another site<br>

		<input type=radio name="fromwho" value="From a friend">&nbsp;From a friend

		</td>

	</tr>

	<tr><td></td></tr>

	<tr>

		<td colspan=2>&nbsp;</td>

	</tr>

	<tr>

		<td colspan=2 valign=top align=left>

			<b>Please write your query / comment / suggestion in the box below:

			</b><br>

		<textarea cols=70 rows=10 name="comments"></textarea></td>

	</tr>

	<tr>
	<td colspan=2>
		<b>Please enter the text you see in the box below:</b><br>
		<img src="CaptchaSecurityImages.php?width=100&amp;height=40&amp;characters=5" alt="captcha" />
		<input id="security_code" name="security_code" type="text" /></td>
	</tr>
	<td colspan=2>
		<input type="submit" value="Send Message">
		<input type="reset" value="Clear the form"></td>
	</tr>

</table>



<!-- Option 2 -->

<INPUT TYPE="hidden" NAME="success" VALUE="http://www.mywebsite.com">



<input type="hidden" name="required_fields" value="Name,email">

</div></div><!-- end #contactus-content-->

</form>



<img src="/images/bigbot.gif" alt="big bottom">



</div><!-- end #right -->



<?php include("footer.php"); ?>





</div><!--end #container -->

</div><!-- end #wrapper -->



</body>

</html>

[hr]
The Thank you page text is here:

<?php
?>
<html lang="en">

<head>







<title>Thankyou from our school</title>



<link rel="stylesheet" type="text/css" href="/css/main.css">

</head>

<body>

<div id="wrapper" class="home">

<div id="container">



<div id="left">



<?php include("top-left.php"); ?>





<div id="box">



<img src="/images/box-top.gif" alt="box top">



<img id="clip" src="/images/clip.gif" alt="clip logo">



<div id="box-content">



<a href="#"><img class="box-menu"  src="/images/box-menu-links.gif" alt="quick links"></a>





<h4 id="box-search">SEARCH</h4>



<form action="#">

<div>

<input id="search-box" type="text">

<input id="glass" type="image" src="/images/glass.gif" alt="magnifying glass">

</div>

</form>



</div><!--end #box-content -->



<img src="/images/box-bottom.gif" alt="box bottom">



</div><!--end #box -->



</div><!-- end #left-->



<div id="right">



<img src="/images/bigtop.gif" alt="big top">

<!-- begin #contactus-content-->

<div id="admissions-content">

<div id="generic-font">

<p class="p-margin-bottom">
<!--<?php

if(($_SESSION['security_code'] == $_POST['security_code']) && (!empty($_SESSION['security_code'])) ) {
	// Insert you code for processing the form here, e.g emailing the submission, entering it into a database. 
	echo 'Thank you for your comments. We will reply as soon as possible. Please click on the our logo to be redirected to the homepage.';
	echo 'If you do not hear from us within 2 school days, kindly write to us at contactus AT mysite DOT org, or call us on XXXXX for we have probably not received your message because of a technical snag.';
	unset($_SESSION['security_code']);
} else {
	// Insert your code for showing an error message here
	echo 'You did not enter the correct security text, please reenter it by clicking the back button on your browser.';
	echo 'Your session code entered is "'.$_POST['security_code'].'"';
		
}
?>-->

Thank you for your comments. We will reply as soon as possible. Please click on the school's logo or <a href="/">here</a> to be redirected to the homepage..</p>
<p class="p-margin-bottom">
If you do not hear from us within 2 school days, kindly write to us at contactus AT mysite DOT org, or call us on XXXXX for we have probably not received your message because of a technical snag. </p>


</div></div><!-- end #contactus-content-->



<img src="/images/bigbot.gif" alt="big bottom">



</div><!-- end #right -->



<?php include("footer.php"); ?>





</div><!--end #container -->

</div><!--end #wrapper -->

</body>

</html>

[hr]
And lastly, the feedback file is here:

<?php

/*

    CHFEEDBACK.PHP Feedback Form PHP Script Ver 2.13.0

    Generated by thesitewizard.com's Feedback Form Wizard 2.13.0.

    Copyright 2000-2008 by Christopher Heng. All rights reserved.

    thesitewizard is a trademark of Christopher Heng.



    Get the latest version, free, from:

        http://www.thesitewizard.com/wizards/feedbackform.shtml



	You can read the Frequently Asked Questions (FAQ) at:

		http://www.thesitewizard.com/wizards/faq.shtml

	

	I can be contacted at:

		http://www.thesitewizard.com/feedback.php

	Note that I do not normally respond to questions that have

	already been answered in the FAQ, so *please* read the FAQ.



    LICENCE TERMS

    

    1. You may use this script on your website, with or

    without modifications, free of charge.

    

    2. You may NOT distribute or republish this script,

    whether modified or not. The script can only be

    distributed by the author, Christopher Heng.

    

    3. THE SCRIPT AND ITS DOCUMENTATION ARE PROVIDED

    "AS IS", WITHOUT WARRANTY OF ANY KIND, NOT EVEN THE

    IMPLIED WARRANTY OF MECHANTABILITY OR FITNESS FOR A

    PARTICULAR PURPOSE. YOU AGREE TO BEAR ALL RISKS AND

    LIABILITIES ARISING FROM THE USE OF THE SCRIPT,

    ITS DOCUMENTATION AND THE INFORMATION PROVIDED BY THE

    SCRIPTS AND THE DOCUMENTATION.



    If you cannot agree to any of the above conditions, you

    may not use the script. 

    

    Although it is not required, I would be most grateful

    if you could also link to thesitewizard.com at:



       http://www.thesitewizard.com/



*/

/*
if(($_SESSION['security_code'] == $_POST['security_code']) && (!empty($_SESSION['security_code'])) ) {
	// Insert you code for processing the form here, e.g emailing the submission, entering it into a database. 
	echo 'Thank you for your comments. We will reply as soon as possible. Please click on the our logo to be redirected to the homepage.';
	echo 'If you do not hear from us within 2 school days, kindly write to us at contactus AT mysite DOT org, or call us on XXXXX for we have probably not received your message because of a technical snag.';
	unset($_SESSION['security_code']);
} else {
	// Insert your code for showing an error message here
	echo 'You did not enter the correct security text, please reenter it by clicking the back button on your browser.';
	echo 'Your session code entered is "'.$_POST['security_code'].'"';
		
}*/

// ------------- CONFIGURABLE SECTION ------------------------



// $mailto - set to the email address you want the form

// sent to, eg

//$mailto		= "[email protected]" ;



$mailto = '[email protected], [email protected], [email protected]';

$bmailto = '[email protected], [email protected]';



// the pages to be displayed, eg

$formurl = "http://www.mysite.org/calls/contactus.shtml" ;

$errorurl = "http://www.mysite.org/calls/phpfeederror.html" ;

$thankyouurl = "http://www.mysite.org/thankyou.php" ;



$email_is_required = 1;

$name_is_required = 1;

$uself = 0;

$use_envsender = 0;

$use_webmaster_email_for_from = 0;

$use_utf8 = 1;



// -------------------- END OF CONFIGURABLE SECTION ---------------



$headersep = (!isset( $uself ) || ($uself == 0)) ? "\r\n" : "\n" ;

$content_type = (!isset( $use_utf8 ) || ($use_utf8 == 0)) ? 'Content-Type: text/plain; charset="iso-8859-1"' : 'Content-Type: text/plain; charset="utf-8"' ;

if (!isset( $use_envsender )) { $use_envsender = 0 ; }

$envsender = "$mailto" ;

$name = $_POST['name'] ;

$email = $_POST['email'] ;

$phone = $_POST['phone'] ;

$fromwho = $_POST['fromwho'] ;

$howtorespond = $_POST['howtorespond'] ;

$aboutadmissions = $_POST['foradmissions'] ;

$comments = $_POST['comments'] ;

$http_referrer = getenv( "HTTP_REFERER" );



$aboutMessage = 'This is an admission inquiry';

if($aboutadmissions == 2) {

	$mailto= $bmailto; 

};



if($aboutadmissions == 2) { 

	$mailto= $bmailto;

	$_POST['aboutMessage'] = 'This is NOT an admission inquiry';	

};



// $subject - set to the Subject line of the email, eg

//$subject	= "Feedback Form" ;



$subject = "$name contacted school from the website" ;





if (!isset($_POST['email'])) {

	header( "Location: $formurl" );

	exit ;

}

if (($email_is_required && (empty($email) || !ereg("@", $email))) || ($name_is_required && empty($name))) {

	header( "Location: $errorurl" );

	exit ;

}

if ( ereg( "[\r\n]", $name ) || ereg( "[\r\n]", $email ) ) {

	header( "Location: $errorurl" );

	exit ;

}

if (empty($email)) {

	$email = $mailto ;

}

$fromemail = (!isset( $use_webmaster_email_for_from ) || ($use_webmaster_email_for_from == 0)) ? $email : $mailto ;



if (get_magic_quotes_gpc()) {

	$comments = stripslashes( $comments );

}



$messageproper =

	"This message was sent from:\n" .

	"$http_referrer\n" .

	"------------------------------------------------------------\n" .

	"Name of sender: $name\n" .

	"Email of sender: $email\n" .

	"Phone number of sender: $phone\n" .

	"How did sender hear of website: $fromwho\n" .

	"How to respond to sender : $howtorespond\n" .

	"Purpose of contacting the school: $aboutMessage\n" .



	"------------------------- COMMENTS -------------------------\n\n" .

	$comments .

	"\n\n------------------------------------------------------------\n" ;



$headers =

	"From: \"$name\" <$email>" . $headersep . "Reply-To: \"$name\" <$email>" . $headersep . "X-Mailer: chfeedback.php 2.13.0" .

	$headersep . 'MIME-Version: 1.0' . $headersep . $content_type ;



if ($use_envsender) {

	mail($mailto, $subject, $messageproper, $headers, $envsender );

}

else {

	mail($mailto, $subject, $messageproper, $headers );

}

header( "Location: $thankyouurl" );

exit ;



?>
Sponsor our Newsletter | Privacy Policy | Terms of Service