PHP validation not working when trying to implement email sender.

General PHP Help
#1

If I include the email portion at the bottom of the code - to send an email with the form details, the form validators don’t work. If I remove the email function - the validators work, but of course I don’t get an email.

What is wrong with this? Why can’t the validator run, then if all is okay, send the email? There has to be a connection issue somewhere. What am i missing in the email portion - don’t I have to say something like - if all fields entered okay - then send email…What do I have to add to this. Or is this just totally bogus way of doing it? I pulled this from W3 php validation.

[php]<?php
// define variables and set to empty values
$company=""; $fname=""; $lname=""; $email=""; $phone=""; $address=""; $city=""; $provincestate=""; $country=""; $location=""; $size=""; $type=""; $message="";

if ($_SERVER[“REQUEST_METHOD”] == “POST”) {
$company = test_input($_POST[“company”]);
$fname = test_input($_POST[“first-name”]);
$lname = test_input($_POST[“last-name”]);
$email = test_input($_POST[“email”]);
$phone = test_input($_POST[“phone”]);
$address = test_input($_POST[“address”]);
$city = test_input($_POST[“city”]);
$provincestate = test_input($_POST[“provincestate”]);
$country = test_input($_POST[“country”]);
$location = test_input($_POST[“location”]);
$size = test_input($_POST[“size”]);
if(isset($_POST[“type”])){ $type = $_POST[“type”];}
$message = test_input ($_POST[“message”]);
}

function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}

// define variables and set to empty values
$companyErr=""; $fnameErr=""; $lnameErr=""; $emailErr=""; $phoneErr=""; $addressErr=""; $cityErr=""; $provincestateErr=""; $countryErr=""; $locationErr=""; $sizeErr=""; $typeErr=""; $messageErr="";

if ($_SERVER[“REQUEST_METHOD”] == “POST”) {

if (empty($_POST["company"])) {
$company = "";

} else {
$company = test_input($_POST[“company”]);

}

if (empty($_POST[“first-name”])) {
$fnameErr = “First name is required”;
} else {
$fname = test_input($_POST[“first-name”]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$fname)) {
$fnameErr = “Only letters and white space allowed”;
header(‘Location: contact.php’);
}
}

if (empty($_POST[“last-name”])) {
$lnameErr = “Last name is required”;
} else {
$lname = test_input($_POST[“last-name”]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$lname)) {
$lnameErr = “Only letters allowed”;
header(‘Location: contact.php’);
}
}

if (empty($_POST[“email”])) {
$emailErr = “Email is required”;
} else {
$email = test_input($_POST[“email”]);
// check if e-mail address is well-formed
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailErr = “Invalid email format”;
header(‘Location: contact.php’);
}
}

if (empty($_POST[“phone”])) {
$phoneErr = “Phone number is required”;
} else {
$phone = test_input($_POST[“phone”]);
// check if phone number only contains 10 digits with no formatting
if (!preg_match("/^[0-9]{10}+$/",$phone)) {
$phoneErr = “Only enter a 10 digit number”;
header(‘Location: contact.php’);
}
}

if (empty($_POST[“address”])) {
$address = “”;
} else {
$address = test_input($_POST[“address”]);
}

if (empty($_POST[“city”])) {
$city = “”;
} else {
$city = test_input($_POST[“city”]);
}

if (empty($_POST[“provincestate”])) {
$provincestate = “”;
} else {
$provincestate = test_input($_POST[“provincestate”]);
}

if (empty($_POST[“country”])) {
$country = “”;
} else {
$country = test_input($_POST[“country”]);
}

if (empty($_POST[“location”])) {
$locationErr = “Location is required”;
} else {
$location = test_input($_POST[“location”]);
// check if location only contains letters
if (!preg_match("/^[a-zA-Z ]*$/",$location)) {
$locationErr = “Please enter a city”;
header(‘Location: contact.php’);
}
}

if (empty($_POST[“size”])) {
$sizeErr = “Please enter a number”;
} else {
$size = test_input($_POST[“size”]);
}

if (empty($_POST[“type”])) {
$typeErr = “Please select 1”;
} else {
$type = test_input($_POST[“type”]);
}

if (empty($_POST[“message”])) {
$message = “”;
} else {
$message = test_input($_POST[“message”]);
}
}

$myemail = ‘[email protected]’;//<-----Put Your email address here.

//if ($_SERVER[“REQUEST_METHOD”] == “POST”) {
//add these error showing
// if($companyErr) exit(“Error : $companyErr”);
//if($fnameErr) exit(“Error : $fnameErr”);
//if($lnameErr) exit(“Error : $lnameErr”);
//if($emailErr) exit(“Error : $emailErr”);
//if($phoneErr) exit(“Error : $phoneErr”);
//if($locationErr) exit(“Error : $locationErr”);
//if($sizeErr) exit(“Error : $sizeErr”);
//if($typeErr) exit(“Error : $typeErr”);

$to = $myemail; 
$email_subject = "Inquiry from: $fname $lname";
$email_body = "You have received a new inquiry from:".
"\n
 \n Name: $fname $lname \n Email: $email \n Phone Number: $phone
 \n Address: $address \n City: $city \n Province/State: $provincestate \n Country: $country
 \n I have a project in: $location \n The project type is: $type  \n The estimated project size is: $size
 \n Message: $message"; 

$headers = "From: $email\n"; 
$headers .= "Reply-To: $email";

mail($to,$email_subject,$email_body,$headers);

//redirect to the 'thank you' page

header(‘Location: thankyou.html’);
exit();
}
?>[/php]

#2

Well, where to start? First, place all your functions outside of your if statements. Usually, they are placed
at the top of the PHP code. Every time PHP calls a function it rescans the page to find the function, so put
it at the top to speed it up. And, functions are skipped over when processing PHP until they are called.

Next, never use this line
if ($_SERVER[“REQUEST_METHOD”] == “POST”) {
Check for the Submit button value. Just because the page was posted does not mean that the
SEND/PROCESS/SUBMIT button was pressed. A good hacker could post his page to your page and it
was process even though nobody every pressed your submit button. Just not secure.

You test for a post, then stop and add in a function and empty out variables and the check for the same
post again. Silly waste. Compares are slow. Set up the functions first, empty the variables and then check
for post by checking the submit button.

Next, your error system is very silly. You create separate error variables for each error? Then set them to
nothing and then check and fill them. That makes for a mess of error variables to display. An easier way is
to create one string for the errors, like $errors=""; And, check for, let’s say missing name. If the name is
missing just add the error message to the one variable like $errors.=“You did not enter a name!
”; In
this way you end up with one string that can be easily displayed. You do not care what the errors are when
you display it. They will know by the text displayed. And, in this way, you can test it in one simple compare.
Just check if $error=="", if it is mail it, if not empty, display it. Easy… Along with that, you check if the item
is empty and if so, you empty it??? Crazy. Already is empty. Waste of code.

Lastly, if you use a header() function, it moves you to that page. But, in your code, you exit() after that???
Not possible… Remove the exit() line.

So, there is somewhere to start. Fix all of these errors and repost your new version and let us know if it
is working or where it is failing… This is a very common question here and everyone seems to do this a
bit different. You generally have it mapped out, just a few logic issues and the error system to fix.

Good luck… Waiting to see the next version…

Sponsor our Newsletter | Privacy Policy | Terms of Service