PHP Form structure

I have issues with my php form handling at the top of my ‘contact.php’ page. If I don’t fill out the fields, I hit submit, and there is no validation errors, but the page redirects to a blank ‘contact.php’ page. If I fill out the fields, I hit submit, again - the page redirects to a blank ‘contact.php’ page, but I do get an email with the form details. What am I doing wrong…Why isn’t the validation working, and why is it redirecting to a blank page???

[php]<?php
// define variables and set to empty values
$fname = $lname = $email = $phone = $location = $size = $pvtype = $message = “”;

if ($_SERVER[“REQUEST_METHOD”] == “POST”) {
$company = test_input($_POST[“company”]);
$fname = test_input($_POST[“first-name”]);
$lname = test_input($_POST[“last-name”]);
$email = test_input($_POST[“email”]);
$phone = test_input($_POST[“phone”]);
$address = test_input($_POST[“address”]);
$city = test_input($_POST[“city”]);
$provincestate = test_input($_POST[“provincestate”]);
$country = test_input($_POST[“country”]);
$location = test_input($_POST[“location”]);
$size = test_input($_POST[“size”]);
if(isset($_POST[“type”])){ $type = $_POST[‘type’];}
$message = test_input ($_POST[“message”]);
}

function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>

<?php // define variables and set to empty values $companyErr = $fnameErr = $lnameErr = $emailErr = $phoneErr = $addressErr = $cityErr = $provincestateErr = $countryErr = $locationErr = $sizeErr = $typeErr = $messageErr =""; $company = $fname = $lname = $email = $phone = $address = $city = $provincestate = $country = $location = $size = $type =""; if ($_SERVER["REQUEST_METHOD"] == "POST") { if (empty($_POST["company"])) { $company = ""; } else { $company = test_input($_POST["company"]); } if (empty($_POST["first-name"])) { $fnameErr = "First name is required"; } else { $fname = test_input($_POST["first-name"]); // check if name only contains letters and whitespace if (!preg_match("/^[a-zA-Z ]*$/",$fname)) { $fnameErr = "Only letters and white space allowed"; } } if (empty($_POST["last-name"])) { $lnameErr = "Last name is required"; } else { $lname = test_input($_POST["last-name"]); // check if name only contains letters and whitespace if (!preg_match("/^[a-zA-Z ]*$/",$lname)) { $lnameErr = "Only letters allowed"; } } if (empty($_POST["email"])) { $emailErr = "Email is required"; } else { $email = test_input($_POST["email"]); // check if e-mail address is well-formed if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $emailErr = "Invalid email format"; } } if (empty($_POST["phone"])) { $phoneErr = "Phone number is required"; } else { $phone = test_input($_POST["phone"]); // check if phone number only contains 10 digits with no formatting if (!preg_match("/^[0-9]{10}+$/",$phone)) { $phoneErr = "Only enter a 10 digit number"; } } if (empty($_POST["address"])) { $address = ""; } else { $address = test_input($_POST["address"]); } if (empty($_POST["city"])) { $city = ""; } else { $city = test_input($_POST["city"]); } if (empty($_POST["provincestate"])) { $provincestate = ""; } else { $provincestate = test_input($_POST["provincestate"]); } if (empty($_POST["country"])) { $country = ""; } else { $country = test_input($_POST["country"]); } if (empty($_POST["location"])) { $locationErr = "Location is required"; } else { $location = test_input($_POST["location"]); // check if location only contains letters if (!preg_match("/^[a-zA-Z ]*$/",$location)) { $locationErr = "Please enter a city"; } } if (empty($_POST["size"])) { $sizeErr = "Please enter a number"; } else { $size = test_input($_POST["size"]); } if (empty($_POST["type"])) { $typeErr = "Please select 1"; } else { $type = test_input($_POST["type"]); } if (empty($_POST["message"])) { $message = ""; } else { $message = test_input($_POST["message"]); } } ?> <?php $myemail = '[email protected]';//<-----Put Your email address here. if ($_SERVER["REQUEST_METHOD"] == "POST") { { $to = $myemail; $email_subject = "Inquiry from: $fname $lname"; $email_body = "You have received a new inquiry from:". "\n \n Name: $fname $lname \n Email: $email \n Phone Number: $phone \n Address: $address \n City: $city \n Province/State: $provincestate \n Country: $country \n I have a project in: $location \n The project type is: $type \n The estimated project size is: $size \n Message: $message"; $headers = "From: $myemail\n"; $headers .= "Reply-To: $email"; mail($to,$email_subject,$email_body,$headers); //redirect to the 'thank you' page header('Location: thankyou.html'); exit(); } } ?>[/php]

On a quick glance I believe your problem is here:

[php] $fname = $lname = $email = $phone = $location = $size = $pvtype = $message = “”;[/php]

And

Here:

[php]$companyErr = $ = $lnameErr = $emailErr = $phoneErr = $addressErr = $cityErr = $provincestateErr = $countryErr = $locationErr = $sizeErr = $typeErr = $messageErr ="";
$company = $fname = $lname = $email = $phone = $address = $city = $provincestate = $country = $location = $size = $type ="";
[/php]

Try doing
$companyErr=’’;
fnameErr=’’;

Without testing, it appears you are overwriting all your variables which is why the page is blank.

Doing this,

[php]$fname = $lname = $email = $phone = $location = $size = $pvtype = $message = “”;[/php]
Is just bad form and in other languages will cause the system to go nuts.

The reason your page is blank, if the code you posted if for that page, is you don;t print/ echo anything.

Why do you call test_input multiple times? You send the post data to the function. Then using the post data again, call it again.

Hey guys,

Okay, I’ve gotten this far - I implemented your syntax and I’ve managed to get the page to redirect as it should. My problem now is validation.

In the php code - I run through error checking, then I send email. My problem is right now the validation isn’t working when the user hits submit. I must be missing something in the ‘email’ portion of the code at the bottom. a return or something…

If I take the email stuff out, I get the validations red error messages beside unfilled fields in the form - just like I want it to. Why when I try to add the email, does the validation get skipped?

I do not understand PHP. I’ve taken this code from a tutorial and modified it. I can’t learn it fast enough for what I am doing.

Thanks for any suggestions.

[php]<?php
// define variables and set to empty values
$company=""; $fname="";$lname="";$email="";$phone="";$address="";$city="";$provincestate="";$country="";$location="";$size= $type="";$message="";

if ($_SERVER[“REQUEST_METHOD”] == “POST”) {
$company = test_input($_POST[“company”]);
$fname = test_input($_POST[“first-name”]);
$lname = test_input($_POST[“last-name”]);
$email = test_input($_POST[“email”]);
$phone = test_input($_POST[“phone”]);
$address = test_input($_POST[“address”]);
$city = test_input($_POST[“city”]);
$provincestate = test_input($_POST[“provincestate”]);
$country = test_input($_POST[“country”]);
$location = test_input($_POST[“location”]);
$size = test_input($_POST[“size”]);
if(isset($_POST[“type”])){ $type = $_POST[“type”];}
$message = test_input ($_POST[“message”]);
}

function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}

// define variables and set to empty values
$companyErr=""; $fnameErr=""; $lnameErr=""; $emailErr=""; $phoneErr=""; $addressErr=""; $cityErr=""; $provincestateErr=""; $countryErr=""; $locationErr=""; $sizeErr=""; $typeErr=""; $messageErr="";
$company=""; $fname=""; $lname=""; $email=""; $phone=""; $address=""; $city=""; $provincestate=""; $country=""; $location=""; $size=""; $type=""; $message="";

if ($_SERVER[“REQUEST_METHOD”] == “POST”) {

if (empty($_POST["company"])) {
$company = "";

} else {
$company = test_input($_POST[“company”]);

}

if (empty($_POST[“first-name”])) {
$fnameErr = “First name is required”;

} else {
$fname = test_input($_POST[“first-name”]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$fname)) {
$fnameErr = “Only letters and white space allowed”;
}
}

if (empty($_POST[“last-name”])) {
$lnameErr = “Last name is required”;

} else {
$lname = test_input($_POST[“last-name”]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$lname)) {
$lnameErr = “Only letters allowed”;

}

}

if (empty($_POST[“email”])) {
$emailErr = “Email is required”;
} else {
$email = test_input($_POST[“email”]);
// check if e-mail address is well-formed
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailErr = “Invalid email format”;

}

}

if (empty($_POST[“phone”])) {
$phoneErr = “Phone number is required”;
} else {
$phone = test_input($_POST[“phone”]);
// check if phone number only contains 10 digits with no formatting
if (!preg_match("/^[0-9]{10}+$/",$phone)) {
$phoneErr = “Only enter a 10 digit number”;

}

}

if (empty($_POST[“address”])) {
$address = “”;
} else {
$address = test_input($_POST[“address”]);
}

if (empty($_POST[“city”])) {
$city = “”;
} else {
$city = test_input($_POST[“city”]);
}

if (empty($_POST[“provincestate”])) {
$provincestate = “”;
} else {
$provincestate = test_input($_POST[“provincestate”]);
}

if (empty($_POST[“country”])) {
$country = “”;
} else {
$country = test_input($_POST[“country”]);
}

if (empty($_POST[“location”])) {
$locationErr = “Location is required”;

} else {
$location = test_input($_POST[“location”]);
// check if location only contains letters
if (!preg_match("/^[a-zA-Z ]*$/",$location)) {
$locationErr = “Please enter a city”;

}

}

if (empty($_POST[“size”])) {
$sizeErr = “Please enter a number”;
} else {
$size = test_input($_POST[“size”]);
}

if (empty($_POST[“type”])) {
$typeErr = “Please select 1”;
} else {
$type = test_input($_POST[“type”]);
}

if (empty($_POST[“message”])) {
$message = “”;
} else {
$message = test_input($_POST[“message”]);
}
}
?>[/php]

[php]// define variables and set to empty values
$company=""; $fname="";$lname="";$email="";$phone="";$address="";$city="";$provincestate="";$country="";$location="";$size= $type="";$message="";[/php]

You are defining these twice?

If everything is ok you will get a blank page as you have no success output. Also with all the if checking you could run a foreach on $_POST

I thought it was redundant with the variables too. I’ve reduced this.

I am getting redirected to the thank-you page. This part works.

The problem isn’t redirection. Its validation. If I include the email sending - the validation is skipped. If I remove the email sending, the validation works.

if it fails on a part you need it to stop otherwise you will have errors and still send the email.
php runs top to bottom.

so exit; or $error = 1; then check $error before sending the email.
if(!isset($error)){
//send email
}

[php] if (empty($_POST[“last-name”])) {
$lnameErr = “Last name is required”;
exit;
} else {
$lname = test_input($_POST[“last-name”]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$lname)) {
$lnameErr = “Only letters allowed”;
exit;
}
}[/php]

Unfortunately no that doesn’t help.

I understand it runs top to bottom. So if I am asking:

if ($server[“request_method”] == “post”) {
//email etc…

Why is it not running through the validation first (which is at the top) - and then sending the email? If the validation is at the top, shouldn’t it stop the user from sending email if there are invalid entries??? This is what I am not understanding.

Stopping it with exit just breaks it and does nothing. Why doesn’t it stop during the validation?

the way i’m seeing it,

validation,send email,redirection

what it’s doing - validation finds error, it still sends email, redirection
instead of
validation finds error, doesn’t send email, outputs error

correct?

you are telling it to echo errors but not to stop sending the email?

Yes. That is the exact pipeline I am trying to create. But I am missing a string to tell it top stop and print the errors.

I have the html set up with echo spans to show error messages beside each input in red text. I just don’t know how to tell it to stop if it sees an error. Placing the exits in the if statements just prints a blank page. How do I tell it to stop and print the errors before sending the email?

like i mentioned a few posts above. on validation, if there is an issue with validation $error = 1;

then on the email part, if isset($error) dont send email or redirect.

[php]if (empty($_POST[“last-name”])) {
$lnameErr = “Last name is required”;
$error = 1;
} else {
$lname = test_input($_POST[“last-name”]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$lname)) {
$lnameErr = “Only letters allowed”;
$error = 1;
}
}[/php]

[php]if ($server[“request_method”] == “post” && !isset($error)){
//email etc…
[/php]

Okay I will try this. And you know what I didn’t adD the (isset) line. Maybe that will do it.

Thanks for your help.

I’ll chime in on the subject and give you how I handle blank fields.

First I would get away from using $_SERVER for that is going to cause you security issues down the road.

Just my two cents.

Any ways this is what I do on my registration page.

[php]$data = []; // Create an array:

/* Set the submit button */
$register_action = filter_input(INPUT_POST, ‘submit’, FILTER_SANITIZE_SPECIAL_CHARS);

/* Check to see if submit button has be clicked */
if (isset($register_action) && $register_action == ‘Register’) {

/* Gather all the user’s input fields */
$data[‘confirmation_code’] = generate_confirmation_number();
$data[‘first_name’] = filter_input(INPUT_POST, ‘first_name’, FILTER_SANITIZE_SPECIAL_CHARS);
$data[‘last_name’] = filter_input(INPUT_POST, ‘last_name’, FILTER_SANITIZE_SPECIAL_CHARS);
$data[‘username’] = filter_input(INPUT_POST, ‘username’, FILTER_SANITIZE_SPECIAL_CHARS);
$data[‘email’] = filter_input(INPUT_POST, ‘email’, FILTER_SANITIZE_SPECIAL_CHARS);
$data[‘subject’] = filter_input(INPUT_POST, ‘subject’, FILTER_SANITIZE_SPECIAL_CHARS);

/* Check to see if any of the input fields are empty */
foreach ($data as $key => $value) {
if ($value) {
$errMsg[‘blank’] = “Empty Input, Please Fillout Completely!”;
}

// Continue on with coding…

}[/php]

Of course there is many ways to go about doing this and this is just one of many thousands ways of doing it. I just thought I would give you some food for thought.

[member=32030]lothop[/member] - I tried to implement the code you recommended. Now the form is stopping and reporting errors for the user upon invalid/empty inputs, but now its stopping even if the fields are valid and proper. Upon submit, the page just reloads with clear fields and doesn’t send email or redirect. So this means a) I just have something else stopping it because of my code. Or b) this isn’t the method that’s going to work, this whole php script is just bad.

I may just have to put it aside at this point, remove the contact form completely. I have to get the site live asap and just don’t know enough about server side php. Here is the latest code if anyone wants to chime in on what else could be the issue. In the meantime, I shall move onto completing the html.

Thanks for your help guys, I didn’t think it would be this difficult.

[php]<?php
// define variables and set to empty values
$company=""; $fname=""; $lname=""; $email=""; $phone=""; $address=""; $city=""; $provincestate=""; $country=""; $location=""; $size=""; $type=""; $message="";

if ($_SERVER[“REQUEST_METHOD”] == “POST”) {
$company = test_input($_POST[“company”]);
$fname = test_input($_POST[“first-name”]);
$lname = test_input($_POST[“last-name”]);
$email = test_input($_POST[“email”]);
$phone = test_input($_POST[“phone”]);
$address = test_input($_POST[“address”]);
$city = test_input($_POST[“city”]);
$provincestate = test_input($_POST[“provincestate”]);
$country = test_input($_POST[“country”]);
$location = test_input($_POST[“location”]);
$size = test_input($_POST[“size”]);
if(isset($_POST[“type”])){ $type = $_POST[“type”];}
$message = test_input ($_POST[“message”]);
}

function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}

$companyErr=""; $fnameErr=""; $lnameErr=""; $emailErr=""; $phoneErr=""; $addressErr=""; $cityErr=""; $provincestateErr=""; $countryErr=""; $locationErr=""; $sizeErr=""; $typeErr=""; $messageErr="";

if ($_SERVER[“REQUEST_METHOD”] == “POST”) {

if (empty($_POST["company"])) {
$company = "";

} else {
$company = test_input($_POST[“company”]);

}

if (empty($_POST[“first-name”])) {
$fnameErr = “First name is required”;
$error = 1;
} else {
$fname = test_input($_POST[“first-name”]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$fname)) {
$fnameErr = “Only letters and white space allowed”;
$error = 1;
}
}

if (empty($_POST[“last-name”])) {
$lnameErr = “Last name is required”;
$error = 1;
} else {
$lname = test_input($_POST[“last-name”]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$lname)) {
$lnameErr = “Only letters allowed”;
$error = 1;
}
}

if (empty($_POST[“email”])) {
$emailErr = “Email is required”;
$error = 1;
} else {
$email = test_input($_POST[“email”]);
// check if e-mail address is well-formed
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailErr = “Invalid email format”;
$error = 1;
}
}

if (empty($_POST[“phone”])) {
$phoneErr = “Phone number is required”;
$error = 1;
} else {
$phone = test_input($_POST[“phone”]);
// check if phone number only contains 10 digits with no formatting
if (!preg_match("/^[0-9]{10}+$/",$phone)) {
$phoneErr = “Only enter a 10 digit number”;
$error = 1;
}
}

if (empty($_POST[“address”])) {
$address = “”;
} else {
$address = test_input($_POST[“address”]);
}

if (empty($_POST[“city”])) {
$city = “”;
} else {
$city = test_input($_POST[“city”]);
}

if (empty($_POST[“provincestate”])) {
$provincestate = “”;
} else {
$provincestate = test_input($_POST[“provincestate”]);
}

if (empty($_POST[“country”])) {
$country = “”;
} else {
$country = test_input($_POST[“country”]);
}

if (empty($_POST[“location”])) {
$locationErr = “Location is required”;
$error = 1;
} else {
$location = test_input($_POST[“location”]);
// check if location only contains letters
if (!preg_match("/^[a-zA-Z ]*$/",$location)) {
$locationErr = “Please enter a city”;
$error = 1;
}
}

if (empty($_POST[“size”])) {
$sizeErr = “Please enter a number”;
$error = 1;
} else {
$size = test_input($_POST[“size”]);
}

if (empty($_POST[“type”])) {
$typeErr = “Please select 1”;
$error = 1;
} else {
$type = test_input($_POST[“type”]);
}

if (empty($_POST[“message”])) {
$message = “”;
} else {
$message = test_input($_POST[“message”]);
}
}

$myemail = ‘xxxxxxxxxxxxxxxxx’;//<-----Put Your email address here.

if ($server[“REQUEST_METHOD”] == “post” && !isset($error)){

$to = $myemail; 
$email_subject = "Inquiry from: $fname $lname";
$email_body = "You have received a new inquiry from:".
"\n
 \n Name: $fname $lname \n Email: $email \n Phone Number: $phone
 \n Address: $address \n City: $city \n Province/State: $provincestate \n Country: $country
 \n I have a project in: $location \n The project type is: $type  \n The estimated project size is: $size
 \n Message: $message"; 

$headers = "From: $email\n"; 
$headers .= "Reply-To: $email";

mail($to,$email_subject,$email_body,$headers);

//redirect to the 'thank you' page

header(‘Location: thankyou.html’);
exit();
}
?>[/php]

HTML

[code]<form id=“contact-form” method=“post” action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">

[/code]

Just noticed while refreshing in on my local server that it is seeing an ‘undefined variable’ in this line:[php]if ($server[“REQUEST_METHOD”] == “post” & !isset($error)){[/php]

How should I define $error?

Above that line:

$error=’’;

Still says undefined…

[php]$error=’’;
if ($server[“REQUEST_METHOD”] == “post” && !isset($error)){
$to = $myemail;
$email_subject = “Inquiry from: $fname $lname”;
$email_body = “You have received a new inquiry from:”.
“\n
\n Name: $fname $lname \n Email: $email \n Phone Number: $phone
\n Address: $address \n City: $city \n Province/State: $provincestate \n Country: $country
\n I have a project in: $location \n The project type is: $type \n The estimated project size is: $size
\n Message: $message”;

$headers = "From: $email\n"; 
$headers .= "Reply-To: $email";

mail($to,$email_subject,$email_body,$headers);

//redirect to the 'thank you' page

header(‘Location: thankyou.html’);
exit();
}[/php]

Copy and paste the error.

I would. But it flashes quickly once I load the page then disappears. It’s says undefined variable on wamp…line… (the line of with the ($error). Maybe it’s just a local server glitch???

Regardless of this. I still can’t get this form working. Pulling my hair out…

Comment out line that the header is on. The header is redirecting you before you can see what is happening.