Problem with "message" field in form


#1

Hi, I’ve tried to create a contact form and the error log on my cpanel says" Undefined index: message on line 8" of the php code.

Line 8 is:

$message = trim($_POST[“message”]);

I’ve tried using the same id in the form tag and message tag, but that doesn’t solve the problem. When I use a site like HTML Tidy, for some reason the textarea tag for the message field completely disappears, so I am guessing it is not picking up the html for some reason.

If you can take a look, I would appreciate anything that you can point out that may be off. HTML code is listed first followed by PHP codoe. Thank you! You can also check the live website (allieteachesenglish.com).

HTML Code (stripped all the style and classes, that’s why there are so many divs)

    <form class="" id="message" method="post" action="assets/php/contact.php">
   <div class="row">
  <div class="col-sm-6">
  <div class="form-group"> 
 <input id="name" name="name" type="text" placeholder="Name" class="form-control" required="">
</div>
</div>
<div class="col-sm-6">
<div class="form-group">  
<input id="email" name="email"  placeholder="Email" type="text" class="form-control" required="">
 </div>
 </div>
<div class="col-sm-12">
 <div class="form-group">  
 <textarea id="message" class="form-control" rows="6" placeholder="Message"></textarea>
  </div>
   <div class="form-group text-center">
   <button id="submit" type="submit" name="submit" class="btn btn-primary">SEND MESSAGE</button>
   </div>
   </div>
</div>
</form>

Php

if ($_SERVER["REQUEST_METHOD"] == "POST") {

    $name = strip_tags(trim($_POST["name"]));
    $name = str_replace(array("\r","\n"),array(" "," "),$name);
    $email = filter_var(trim($_POST["email"]), FILTER_SANITIZE_EMAIL);
    $message = trim($_POST["message"]);


    if ( empty($name) OR empty($message) OR !filter_var($email, FILTER_VALIDATE_EMAIL)) {
        http_response_code(400);
        echo "Oops! There was a problem with your submission. Please complete the form and try again.";
        exit;
    }

    // Change your email hosting here
    $recipient = "allie@allieteachesenglish.com"; 

    // Set the email subject.
    $subject = "New contact from $name";


    $email_content = "Name: $name\n";
    $email_content .= "Email: $email\n\n";
    $email_content .= "Message:\n$message\n";


    $email_headers = "From: $name <$email>";


    if (mail($recipient, $email_content, $email_headers)) {
        http_response_code(200);
        echo "Thank You! Your message has been sent.";
    } else {
        http_response_code(500);
        echo "Oops! Something went wrong and we couldn't send your message.";
    }

} else {
    http_response_code(403);
    echo "There was a problem with your submission, please try again.";
}

#2

Try $message = trim(filter_input(INPUT_POST, “message”));

First, you need to filter the input or someone can enter code into it. This will protect you against hackers.
Next, your input field has no name assigned to it. Change this:

<textarea id="message" class="form-control" rows="6" placeholder="Message"></textarea>

To this:

<textarea name="message" id="message" class="form-control" rows="6" placeholder="Message"></textarea>

For posted fields, you need to use NAME not ID. Hope this helps!


#3

Thank you! Adding the name stopped the error message, but it’s still not sending…no message on the error log, so it’s probably something with my server again.

Also, the message filter code didn’t work, not sure why, but something about that code brought the error message again.


#4

To filter an input, it depends if it is a GET or a POST. Normally you have an input like:
<input type="text" name="message">
Then, you use this to get it in a posted form…
$message = filter_input(INPUT_POST, “message”);
For text-areas, you can alter the filter to fit them so hackers can not enter programs.
Here is a link that has some details for you: https://www.w3schools.com/php/func_filter_input.asp

This is assuming that you have a standard PHP server running. I have never seen it just not work.
You can turn on all of your error reporting at the top of your page and see if it gives you more info on it.
Do this by adding these two lines at the top of the <?PHP area…

    error_reporting(E_ALL);
    ini_set('display_errors', '1');

This might show up other errors not being displayed. Hope this helps…


#5

Sure feels like something is missing here. :thinking: