I am having some difficulty in my form not working as expected. Effectively when I click the submit button it will send the email even when I (think) have set up validation to stop it from sending until all of the relevant fields are completed.
<?php
$page_title = "EcoPiggy: PHP Contact Us- Testing";
// define variables and set to empty values
$firstName = $lastName = $email = $telephone = $message = $marketingConsent = $copyEmail = "";
$firstNameErr = $lastNameErr = $emailErr = $telephoneErr = $messageErr = "";
if (isset($_POST['signup'])) {
if (!empty($_POST['tracey'])) {
die;
}
$marketingConsent = ($_POST["marketingConsent"]);
$copyEmail = ($_POST["copyEmail"]);
if (empty($_POST["firstName"])) {
$firstNameErr = "* First Name is required";
} else {
$firstName = test_input($_POST["firstName"]);
if (!preg_match("/^[a-zA-Z0-9 ]*$/", $firstName)) {
$firstNameErr = "* Only letters and white space allowed";
}
$min = 3;
if (strlen($firstName) < $min) {
$firstNameErr = "Validation failed: Too Small minimum 3 characters";
}
$max = 45;
if (strlen($firstName) > $max) {
$firstNameErr = "Validation failed: Too Large maximum 45 characters";
}
}
if (empty($_POST["lastName"])) {
$lastNameErr = "* Last Name is required";
} else {
$lastName = test_input($_POST["lastName"]);
if (!preg_match("/^[a-zA-Z0-9 ]*$/", $lastName)) {
$lastNameErr = "* Only letters and white space allowed";
}
$min = 3;
if (strlen($lastName) < $min) {
$lastNameErr = "Validation failed: Too Small minimum 3 characters";
}
$max = 45;
if (strlen($lastName) > $max) {
$lastNameErr = "Validation failed: Too Large maximum 45 characters";
}
}
if (empty($_POST["email"])) {
$emailErr = "* email address is required";
} else {
$email = test_input($_POST["email"]);
// check if e-mail address is well-formed
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailErr = "* Invalid email format";
}
$min = 6;
if (strlen($email) < $min) {
$emailErr = "Validation failed: Too Small minimum 6 characters";
}
$max = 60;
if (strlen($email) > $max) {
$emailErr = "Validation failed: Too Large maximum 60 characters";
}
}
if (empty($_POST["telephone"])) {
$telephoneErr = "* Please enter your telephone number";
} else {
$telephone = test_input($_POST["telephone"]);
if (!preg_match("/^[1-9][0-9]{6-13}*$/", $telephone)) {
$telephoneErr = "* Only numbers and white space allowed";
}
$min = 6;
if (strlen($telephone) < $min) {
$lastNameErr = "Validation failed: Too Small minimum 6 characters";
}
$max = 13;
if (strlen($telephone) > $max) {
$telephoneErr = "Validation failed: Too Large maximum 13 characters";
}
}
if (empty($_POST["message"])) {
$messageErr = "* Your message is required";
} else {
$message = test_input($_POST["message"]);
$min = 3;
if (strlen($message) < $min) {
$messageErr = "Validation failed: Too Small minimum 3 characters";
}
$max = 1000;
if (strlen($message) > $max) {
$messageErr = "Validation failed: Too Large maximum 45 characters";
}
}
if ($marketingConsent == 0) {
$marketingConsent = "Thank you for trusting us to contact periodically with 3rd party promotions";
} else {
$marketingConsent = "I do not want the information to be used by anybody for direct marketing purposes";
}
$create_email = '<ul>';
$create_email .='<li>First Name: ' . $firstName . '</li>';
$create_email .='<li>Last Name: ' . $lastName . '</li>';
$create_email .='<li>Telephone Number: ' . $telephone . '</li>';
$create_email .='<li>Email address: ' . $email . '</li>';
$create_email .='<li>Your message: ' . $message . '</li>';
$create_email .='<li>Marketing consent: ' . $marketingConsent . '</li>';
$create_email .='<li>Cc: ' . $copyEmail . '</li>';
$create_email .= '</ul>';
$header1 = "From: webform#ecopiggy.co.uk \r\n";
$header1 .= "Reply-To: {$email} \r\n";
if ($copyEmail == 1) {
$header1 .= "Cc: {$email}\r\n";
} else {
$header1 .= "";
}
$header1 .= "MIME-Version: 1.0" . "\r\n";
$header1 .= "Content-Type: text/html; charset=ISO-8859-1";
$to = "hello#ecopiggy.co.uk";
$subject = 'Ecopiggy - Contact-Us' . strftime("%T", time());
$message = $create_email;
$headers = $header1;
$result = mail($to, $subject, $message, $headers);
if (isset($result)) {
redirect_to("thankyou.php");
} else {
redirect_to("contact-us.php");
}
}
?>
Can anyone assist in where this validation is going wrong?
Many Thanks,
Asa.
The problem is, even though you're validating your form inputs you're not checking whether any error exists or not before constructing the mail i.e whether $firstNameErr, $lastNameErr etc. are empty or not.
if(empty($firstNameErr) && empty($lastNameErr) && empty($emailErr) && empty($telephoneErr) && empty($messageErr)){
// construct the mail and send it
}else{
// display error messages
}
So your existing code should be like this:
<?php
$page_title = "EcoPiggy: PHP Contact Us- Testing";
// define variables and set to empty values
$firstName = $lastName = $email = $telephone = $message = $marketingConsent = $copyEmail = "";
$firstNameErr = $lastNameErr = $emailErr = $telephoneErr = $messageErr = "";
if (isset($_POST['signup'])) {
if (!empty($_POST['tracey'])) {
die;
}
$marketingConsent = ($_POST["marketingConsent"]);
$copyEmail = ($_POST["copyEmail"]);
if(empty($_POST["firstName"])) {
$firstNameErr = "* First Name is required";
} else {
$firstName = test_input($_POST["firstName"]);
if (!preg_match("/^[a-zA-Z0-9 ]*$/",$firstName)) {
$firstNameErr = "* Only letters and white space allowed";
}
$min=3;
if(strlen($firstName) < $min) {
$firstNameErr = "Validation failed: Too Small minimum 3 characters";
}
$max=45;
if(strlen($firstName) > $max) {
$firstNameErr = "Validation failed: Too Large maximum 45 characters";
}
}
if(empty($_POST["lastName"])) {
$lastNameErr = "* Last Name is required";
} else {
$lastName = test_input($_POST["lastName"]);
if (!preg_match("/^[a-zA-Z0-9 ]*$/",$lastName)) {
$lastNameErr = "* Only letters and white space allowed";
}
$min=3;
if(strlen($lastName) < $min) {
$lastNameErr = "Validation failed: Too Small minimum 3 characters";
}
$max=45;
if(strlen($lastName) > $max) {
$lastNameErr = "Validation failed: Too Large maximum 45 characters";
}
}
if(empty($_POST["email"])) {
$emailErr = "* email address is required";
} else {
$email = test_input($_POST["email"]);
// check if e-mail address is well-formed
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailErr = "* Invalid email format";
echo $emailErr;
}
$min=6;
if(strlen($email) < $min) {
$emailErr = "Validation failed: Too Small minimum 6 characters";
}
$max=60;
if(strlen($email) > $max) {
$emailErr = "Validation failed: Too Large maximum 60 characters";
}
}
if(empty($_POST["telephone"])) {
$telephoneErr = "* Please enter your telephone number";
} else {
$telephone = test_input($_POST["telephone"]);
if (!preg_match("/^[1-9][0-9]{6-13}*$/",$telephone)) {
$telephoneErr = "* Only numbers and white space allowed";
}
$min=6;
if(strlen($telephone) < $min) {
$lastNameErr = "Validation failed: Too Small minimum 6 characters";
}
$max=13;
if(strlen($telephone) > $max) {
$telephoneErr = "Validation failed: Too Large maximum 13 characters";
}
}
if(empty($_POST["message"])) {
$messageErr = "* Your message is required";
} else {
$message = test_input($_POST["message"]);
$min=3;
if(strlen($message) < $min) {
$messageErr = "Validation failed: Too Small minimum 3 characters";
}
$max=1000;
if(strlen($message) > $max) {
$messageErr = "Validation failed: Too Large maximum 45 characters";
}
}
if($marketingConsent == 0) {
$marketingConsent = "Thank you for trusting us to contact periodically with 3rd party promotions";
} else {
$marketingConsent = "I do not want the information to be used by anybody for direct marketing purposes";
}
if(empty($firstNameErr) && empty($lastNameErr) && empty($emailErr) && empty($telephoneErr) && empty($messageErr)){
$create_email = '<ul>';
$create_email .='<li>First Name: '.$firstName.'</li>';
$create_email .='<li>Last Name: '.$lastName.'</li>';
$create_email .='<li>Telephone Number: '.$telephone.'</li>';
$create_email .='<li>Email address: '.$email.'</li>';
$create_email .='<li>Your message: '.$message.'</li>';
$create_email .='<li>Marketing consent: '.$marketingConsent.'</li>';
$create_email .='<li>Cc: '.$copyEmail.'</li>';
$create_email .= '</ul>';
echo $create_email;
$header1 = "From: webform#ecopiggy.co.uk \r\n";
$header1 .= "Reply-To: {$email} \r\n";
if ($copyEmail == 1) {
$header1 .= "Cc: {$email}\r\n";
} else {
$header1 .= "";
}
$header1 .= "MIME-Version: 1.0" ."\r\n";
$header1 .= "Content-Type: text/html; charset=ISO-8859-1";
$to = "hello#ecopiggy.co.uk";
$subject = 'Ecopiggy - Contact-Us' .strftime("%T", time());
$message = $create_email;
$headers = $header1;
$result = mail($to, $subject, $message, $headers);
if (isset($result)) {
redirect_to("thankyou.php");
} else {
redirect_to("contact-us.php");
}
}else{
// display errors
}
}
?>
You are doing browser side validation and for that purpose javascript is best. http://www.w3schools.com/js/js_validation.asp this is the link where you can find validation.
and as you mention that you are using HYML5 so just add "required " in your tag so it means this field is mandatory.there are other predefined validation are available in HTML5
Your script clears all of the variables, then checks $_POST variables. However when the check is then passed, you are not setting the new value - unless there is a test_input function you haven't shown above:
$telephone = test_input($_POST["telephone"]);
So at the top of the page you set
$telephone = '';
You then check if
$_POST['telephone'];
is valid, and if it is you set $telephone to a value that has no way of resolving. Then in your email you try to send $telephone, but that value is still null.
Related
Having a strange issue with my contact form. For some reason my code works fine if I do not have the $name tag in my code. It has to be something simple I am missing! Here is my code:
<?php
$error = ""; $successMessage = "";
if ($_POST) {
if (!$_POST["email"]) {
$error .= "An email address is required.<br>";
}
if (!$_POST["content"]) {
$error .= "The content field is required.<br>";
}
if (!$_POST["subject"]) {
$error .= "The subject is required.<br>";
}
if ($_POST['email'] && filter_var($_POST["email"], FILTER_VALIDATE_EMAIL) === false) {
$error .= "The email address is invalid.<br>";
}
if (!$_POST["name"]) {
$error .= "Full name is required.<br>";
}
if ($error != "") {
$error = '<div class="alert alert-danger" role="alert"><p>There were error(s) in your form:</p>' . $error . '</div>';
} else {
$name = $_POST['name'];
$emailTo = "name#example.com";
$subject = $_POST['subject'];
$content = $_POST['content'];
$headers = 'From: '.$_POST['name'].' <'.$_POST['email'].">\r\n";
if (mail($name, $emailTo, $subject, $content, $headers)) {
echo "<script>alert('Message Sent Successfully');</script>";
echo "<script>window.location = 'index.php';</script>";
} else {
$error = '<div class="alert alert-danger" role="alert"><p><strong>Your message couldn\'t be sent - please try again later</div>';
}
}
}
?>
It works fine if I just have subject, email, and content. Here is my code for that:
<?php
$error = ""; $successMessage = "";
if ($_POST) {
if (!$_POST["email"]) {
$error .= "An email address is required.<br>";
}
if (!$_POST["content"]) {
$error .= "The content field is required.<br>";
}
if (!$_POST["subject"]) {
$error .= "The subject is required.<br>";
}
if ($_POST['email'] && filter_var($_POST["email"], FILTER_VALIDATE_EMAIL) === false) {
$error .= "The email address is invalid.<br>";
}
if ($error != "") {
$error = '<div class="alert alert-danger" role="alert"><p>There were error(s) in your form:</p>' . $error . '</div>';
} else {
$emailTo = "me#mydomain.com";
$subject = $_POST['subject'];
$content = $_POST['content'];
$headers = "From: ".$_POST['email'];
if (mail($emailTo, $subject, $content, $headers)) {
echo "<script>alert('Message Sent Successfully');</script>";
echo "<script>window.location = 'index.php';</script>";
} else {
$error = '<div class="alert alert-danger" role="alert"><p><strong>Your message couldn\'t be sent - please try again later</div>';
}
}
}
?>
Hopefully someone can see where I went wrong.
Thanks!
In my contact form i recently added a selector ( http://shopzuinig.nl/contact.html ) and styled it the way i wanted, but when i fill in the form and press send, the choice for a location is not included in the e-mail i receive. Can someone provide me with the PHP code to make this happen?
Here is my current PHP code:
<?php
error_reporting (E_ALL ^ E_NOTICE);
$post = (!empty($_POST)) ? true : false;
$replyto='restaurant#dellitalia.nl';
$subject = 'Verzoek via de website';
if($post)
{
function ValidateEmail($email)
{
$regex = "/([a-z0-9_\.\-]+)". # name
"#". # at
"([a-z0-9\.\-]+){2,255}". # domain & possibly subdomains
"\.". # period
"([a-z]+){2,10}/i"; # domain extension
$eregi = preg_replace($regex, '', $email);
return empty($eregi) ? true : false;
}
$name = stripslashes($_POST['name']);
$email = trim($_POST['email']);
$message = stripslashes($_POST['message']);
$phone = stripslashes($_POST['phone']);
$answer = trim($_POST['answer']);
$verificationanswer="6"; // plz change edit your human answer
$from=$email;
$to=$replyto;
$error = '';
$headers= "From: $name <" . $email . "> \n";
$headers.= "Reply-to:" . $email . "\n";
$headers .= 'MIME-Version: 1.0' . "\r\n";
$headers = "Content-Type: text/html; charset=utf-8\n".$headers;
// Checks Name Field
if(!$name || !$email || $email && !ValidateEmail($email) || $answer <> $verificationanswer || !$message || strlen($message) < 1)
{
$error .= 'De velden zijn niet correct ingevuld.<br />';
}
if(!$error)
{
$messages.="Name: $name <br>";
$messages.="Email: $email <br>";
$messages.="Message: $message <br>";
$mail = mail($to,$subject,$messages,$headers);
if($mail)
{
echo 'OK';
if($autorespond == "yes")
{
include("autoresponde.php");
}
}
}
else
{
echo '<div class="error">'.$error.'</div>';
}
}
?>
Location Missing in your message. Include location to get location details in your mail.
if(!$error)
{
$mydropdown=$_POST['mydropdown'];
$mydropdown=mysql_real_escape_string($mydropdown);
$messages.="Name: $name <br>";
$messages.="Email: $email <br>";
$messages.="Message: $message <br>";
$messages.="Location: $mydropdown<br>"; // Missing. Include Location Here
$mail = mail($to,$subject,$messages,$headers);
if($mail)
{
echo 'OK';
if($autorespond == "yes")
{
include("autoresponde.php");
}
}
}
so i'm still relatively new to PHP and have been building a order form that can validate the fields before sending, as well as checking for spam.
From testing the below code works fine in returning errors and so on, but when I enter correct information I dont get any emails.
It was working fine before i added the Vaildation part to it but now im getting the problem above. Again i am still learning so any pointers would be nice, thanks
<?php
function spamcheck($field) {
$field=filter_var($field, FILTER_SANITIZE_EMAIL);
if(filter_var($field, FILTER_VALIDATE_EMAIL)) {
return TRUE;
} else {
return FALSE;
}
}
?>
<?php
if (!isset($_POST["submit"])) {
?>
Form
<?php }
else
{
if (isset($_POST["email"])) {
$mailcheck = spamcheck($_POST["email"]);
if ($mailcheck==FALSE) {
echo "Invalid input";
}
//field vailation
else {
if (isset($_POST['submit'])) {
$errors = array();
if (!empty($_POST["fullname"])) {
$fullname = $_POST["fullname"];
$pattern = "/^[a-zA-Z0-9\_]{2,20}/";
if (preg_match($pattern,$fullname)){ $fullname = $_POST["fullname"];}
else{ $errors[] = 'Your Name can only contain _, 1-9, A-Z or a-z 2-20 long.';}
} else {$errors[] = 'You forgot to enter your First Name.';}
if (!empty($_POST["contact"])) {
$contact = $_POST["contact"];
$pattern = "/^[0-9\_]{6,20}/";
if (preg_match($pattern,$contact)){ $contact = $_POST["contact"];}
else{ $errors[] = 'Your contact number can only be numbers, or is too short';}
} else {$errors[] = 'You forgot to enter your contact number.';}
}
//end vaildation
else{
$fullname = $_POST["fullname"];
$email = $_POST["email"];
$address = $_POST["address"];
$address2 = $_POST["address2"];
$town = $_POST["town"];
$postcode = $_POST["postcode"];
$contact = $_POST["contact"];
$shipping = $_POST["shipping"];
$extra = $_POST["extra"];
$extra = wordwrap($extra, 70);
$message = '
Full Name: ' . $fullname . '
Delivery Address: ' . $address . '
Delivery Address2: ' . $address2 . '
Town/City: ' . $town . '
Postal Code: ' . $postcode . '
Contact: ' . $contact . '
Email Address: ' . $email . '
Special instructions: ' . $extra . '
Shipping Method: ' . $shipping . '
';
mail("myemail#myaddress.com","Order form",$message,"email: $email\n");
echo
"<html>
<body><br><br>
Order successful, we will be in contact shortly<br>
</body>
</html>";
}
}
}
}
?>
<?php
if (isset($_POST['submit'])) {
if (!empty($errors)) {
echo '<hr /><h3>The following occurred:</h3><ul>';
foreach ($errors as $msg) { echo '<li>'. $msg . '</li>';}
echo '</ul><h3>Your mail could not be sent due to input errors.</h3><hr />';}
else{echo
"<html>
<body><br><br>
Order successful, we will be in contact shortly<br>
</body>
</html>";
}
}
?>
After using error_reporting(E_ALL); ive noticed that im getting an error unexpected 'else' (T_ELSE) for the else at the top of the second block of code, so I tried moving code to :
<?php
error_reporting(E_ALL);
if (!isset($_POST["submit"])) {
}
else
{
And left the form above this so that when the sumbit button is pressed the forms wont dissapear. Which is not giving me any errors but still not email once submitted
I am currently working on a form that needs two post actions with one submit button. I am not extremely versed in PHP, only know enough to make my way around current tasks, until now.
Here is the code for the page the form is on:
<?php
if ($_POST) {
if (empty($_POST['first']) ||
empty($_POST['last']) ||
empty($_POST['email']) ||
empty($_POST['location'])) {
$errors = 1;
} elseif (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
$errors = 2;
} else {
$to = "emailgoeshere#gmail.com";
$subject = "Blah blah blah";
$message .= "Name: ".$_POST['first']." ".$_POST['last']."\n";
$message .= "Email: ".$_POST['email']."\n";
$message .= "Cell Phone: ".$_POST['cell']."\n";
$message .= "Location: ".$_POST['location']."\n";
$from = $_POST['email'];
$headers = "From:" . $from;
mail($to,$subject,$message,$headers);
header('Location: freepass.php');
exit;
}
}
if ($errors == 1) {
$errors = "Please fill out all fields";
} elseif ($errors == 2) {
$errors = "Please enter a valid email";
}
?>
This is the form action:
<form action="<?php echo $_SERVER['PHP_SELF'] ?>" method="post">
This is the code on the page that the data will pass to:
<html>
<head>
</head>
<body>
<?php echo $_POST["first"]; ?> <?php echo $_POST["last"]; ?>
<br>
<?php echo $_POST["email"]; ?>
<br>
<?php echo $_POST["cell"]; ?>
<br>
<?php echo $_POST["location"]; ?>
</body>
</html>
This is a very quick solution but it should do the trick.
if ($_POST) {
$errors = null;
$error_message = "<ul>";
if (empty($_POST['first']) ||
empty($_POST['last']) ||
empty($_POST['email']) ||
empty($_POST['location'])) {
$errors = 1;
}
if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
$errors = 2;
}
if($errors == null) {
$to = "grimegriever#gmail.com";
$subject = "City Fitness 7-Day Pass Applicant";
$message .= "Name: ".$_POST['first']." ".$_POST['last']."\n";
$message .= "Email: ".$_POST['email']."\n";
$message .= "Cell Phone: ".$_POST['cell']."\n";
$message .= "Location: ".$_POST['location']."\n";
$from = $_POST['email'];
$headers = "From:" . $from;
mail($to, $subject, $message, $headers);
header('Location: freepass.php');
exit;
} else {
if ($errors == 1) {
$error_message .= "<li>Please fill out all fields</li>";
}
if ($errors == 2) {
$error_message .= "<li>Please enter a valid email</li>";
}
$error_message .= "</ul>";
}
}
I'm sure there are much more efficient solutions, but this will work.
This question already has answers here:
PHP mail function doesn't complete sending of e-mail
(31 answers)
Closed 8 years ago.
OK, my php email script is hosted on another server to my form. It has worked fine until recently, but a couple of unrelated changes seem to have buggered things up. I think I have an idea what might be going on, but let me explain the problem first.
At first I thought it was an issue with depricated !eregi commands. So, I changed them all to !preg_match, but that apparently wasn't the only issue.
The form appears to work, there are no errors being reported, and the success page is parsing, but no email is ever sent (yes, I checked my spam folder). Around the same time the issues started, I moved the website and domain that the original php mail script is hosted on to a different server that (one that I can't host php files on), but kept the php mail script on the old server. Of course, without the domain pointing to that web server the external referencing stopped working. So, I just dropped the file into a subdomain on the old server, and re-referenced the form accordingly. It now connects fine, and as I said, parses the script through to the success page.
The email hosting for this server was never changed. So, ththere shouldn't be an issue, but I think the problem is related to that domain name change. Any thoughts? Script and form address below:
<?php
ini_set("display_errors", "1");
error_reporting(E_ALL);
if(isset($_POST['email'])) {
// set the EMAIL TO options
$email_to = "jr#creativeheat.co.uk";
$email_bcc = "jr#creativeheat.co.uk";
$email_subject = "Website booking inquiry";
// grab referal info from POST
$path = explode('/', $_SERVER['HTTP_REFERER']);
$referer = $path[2];
// redirect to error page
function died($error) {
$path = explode('/', $_SERVER['HTTP_REFERER']);
$referer = $path[2];
header( 'Location: http://'.$referer.'/'.$error ) ;
exit;
}
// grab the checkbox values and change them to strings
if (isset($_POST['booking_0'])) { $book1 = $_POST['booking_0']; if( $book1 == 'Bedroom(s)') { $book1 = " The Bedroom(s) \n"; }} else {$book1 = "\n";}
if (isset($_POST['booking_1'])) { $book2 = $_POST['booking_1']; if( $book2 == 'Meeting Room') { $book2 = " The Meeting Room \n";}} else {$book2 = "\n";}
if (isset($_POST['booking_2'])) { $book3 = $_POST['booking_2']; if( $book3 == 'Barn') { $book3 = " The Barn \n"; }} else {$book3 = "\n";}
if (isset($_POST['booking_3'])) { $book4 = $_POST['booking_3']; if( $book4 == 'Campsite') { $book4 = " The Campsite \n";}} else {$book4 = "\n";}
// clear the ERRORTYPE & ERROR_MESSAGE variables
$errortype = "";
$error_message = "";
// then check for an all false in the checkbox group
if (!isset($_POST['booking_0']) && !isset($_POST['booking_1']) && !isset($_POST['booking_2']) && !isset($_POST['booking_3'])) {
// provided none of the checkboxes are ticked set the DIED function parameter to ERRORTYPE = BOOKINGERR
$error_message = 'error';
$errortype = 'bookingerr';
if(strlen($error_message) > 0) {
died($errortype) ;
}
// alternate bruteforce redirect to NO BOOKING TYPE SELECTED page
// header( 'Location: http://'.$referer.'/booking/'.$errortype ) ;
}
// check everything else
// reset the ERROR variables
$errortype = "";
$error_message = "";
// check the ISSET state of the remaining required fields
if(!isset($_POST['first_name']) ||
!isset($_POST['last_name']) ||
!isset($_POST['number']) ||
!isset($_POST['email']) ||
!isset($_POST['adults']) ||
!isset($_POST['children']) ||
!isset($_POST['from_date']) ||
!isset($_POST['to_date']) ||
!isset($_POST['disabled']) ||
!isset($_POST['parking']) ||
!isset($_POST['general'])) {
// redirect to GENERAL INVALIDATION page
$error_message = 'error';
$errortype = 'requirederror' ;
if(strlen($error_message) > 0) {
died($errortype) ;
}
}
// set FIELD variables
$first_name = $_POST['first_name']; // required
$last_name = $_POST['last_name']; // required
$telephone = $_POST['number']; // required
$email_from = $_POST['email']; // required
$adults = $_POST['adults']; // required
$children = $_POST['children']; // required
$fdate = $_POST['from_date']; // required
$tdate = $_POST['to_date']; // required
$disabled = $_POST['disabled']; // not required
$parking = $_POST['parking']; // not required
$comments = $_POST['general']; // not required
// begin INVALID field character checks
$email_exp = "/^[A-Z0-9._%-]+#[A-Z0-9.-]+\.[A-Z]{2,4}$/i";
$errortype = "";
$error_message = "";
if(!preg_match($email_exp,$email_from)) {
// redirect to INVALID EMAIL page
$error_message = 'error';
$errortype = 'emailinvalid';
if(strlen($error_message) > 0) {
died($errortype) ;
}
}
$string_exp = "/^[a-z .'-]+$/i";
$errortype = "";
$error_message = "";
if(!preg_match($string_exp,$first_name)) {
// redirect to INVALID FIRSTNAME page
$error_message = 'error';
$errortype = 'fnameerror' ;
if(strlen($error_message) > 0) {
died($errortype) ;
}
}
$errortype = "";
$error_message = "";
if(!preg_match($string_exp,$last_name)) {
// redirect to INVALID LASTNAME page
$error_message = 'error';
$errortype = 'lnameerror' ;
if(strlen($error_message) > 0) {
died($errortype) ;
}
}
$errortype = "";
$error_message = "";
if(strlen($comments) < 2 && strlen($comments) > 0) {
// redirect to INVALID COMMENTS page
$error_message = 'error';
$errortype = 'commentserror' ;
if(strlen($error_message) > 0) {
died($errortype) ;
}
}
$string_exp = "/^[0-9 .-]+$/i";
$errortype = "";
$error_message = "";
if(!preg_match($string_exp,$telephone)) {
// redirect to INVALID TELEPHONE page
$error_message = 'error';
$errortype = 'telephoneerror' ;
if(strlen($error_message) > 0) {
died($errortype) ;
}
}
// failsafe
if(strlen($error_message) > 0) {
died($errortype) ;
}
// begin EMAIL MESSAGE creation
$email_message = "Form details below.\n\n";
// remove ILLEGAL data from submitted fields
function clean_string($string) {
$bad = array("content-type","bcc:","to:","cc:","href");
return str_replace($bad,"",$string);
}
// set EMAIL_MESSAGE variable from data gathered from form
$email_message .= "Name: ".clean_string($first_name)." ".clean_string($last_name)."\n";
$email_message .= "Contact number: ".clean_string($telephone)."\n";
$email_message .= "Email address: ".clean_string($email_from)."\n\n";
$email_message .= "Interested in availability of the following: \n";
$email_message .= $book1.$book2.$book3.$book4."\n";
$email_message .= "Date from: ".clean_string($fdate)."\n";
$email_message .= "Date to: ".clean_string($tdate)."\n\n";
$email_message .= "Number of...\n";
$email_message .= "Adults: ".clean_string($adults)."\n";
$email_message .= "Children: ".clean_string($children)."\n\n";
$email_message .= "Disabled? ".clean_string($disabled)."\n";
$email_message .= "Parking? ".clean_string($parking)."\n\n";
$email_message .= "Additional Information: \n\n";
$email_message .= clean_string($comments);
// create EMAIL HEADERS
$headers = 'From: '.$email_from."\r\n".'Reply-To: '.$email_from."\r\n".'Bcc: '.$email_bcc."\r\n".'X-Mailer: PHP/' . phpversion();
#mail($email_to, $email_subject, $email_message, $headers);
// redirect to SUCCESS page
header( 'Location: http://'.$referer.'/success' ) ;
exit;
}
?>
form address: http://www.claverhammeetinghouse.org.uk/booking/
EDIT:
After installing PHPmailer the code now looks like this:
<?php
// new
require_once('class.phpmailer.php');
//end new
ini_set("display_errors", "1");
error_reporting(E_ALL);
if(isset($_POST['email'])) {
// set the EMAIL TO options
$email_to = "jr#creativeheat.co.uk";
$email_bcc = "jr#creativeheat.co.uk";
$email_subject = "Website booking inquiry";
// grab referal info from POST
$path = explode('/', $_SERVER['HTTP_REFERER']);
$referer = $path[2];
// redirect to error page
function died($error) {
$path = explode('/', $_SERVER['HTTP_REFERER']);
$referer = $path[2];
header( 'Location: http://'.$referer.'/'.$error ) ;
exit;
}
// grab the checkbox values and change them to strings
if (isset($_POST['booking_0'])) { $book1 = $_POST['booking_0']; if( $book1 == 'Bedroom(s)') { $book1 = " The Bedroom(s) \n"; }} else {$book1 = "\n";}
if (isset($_POST['booking_1'])) { $book2 = $_POST['booking_1']; if( $book2 == 'Meeting Room') { $book2 = " The Meeting Room \n";}} else {$book2 = "\n";}
if (isset($_POST['booking_2'])) { $book3 = $_POST['booking_2']; if( $book3 == 'Barn') { $book3 = " The Barn \n"; }} else {$book3 = "\n";}
if (isset($_POST['booking_3'])) { $book4 = $_POST['booking_3']; if( $book4 == 'Campsite') { $book4 = " The Campsite \n";}} else {$book4 = "\n";}
// clear the ERRORTYPE & ERROR_MESSAGE variables
$errortype = "";
$error_message = "";
// then check for an all false in the checkbox group
if (!isset($_POST['booking_0']) && !isset($_POST['booking_1']) && !isset($_POST['booking_2']) && !isset($_POST['booking_3'])) {
// provided none of the checkboxes are ticked set the DIED function parameter to ERRORTYPE = BOOKINGERR
$error_message = 'error';
$errortype = 'bookingerr';
if(strlen($error_message) > 0) {
died($errortype) ;
}
// alternate bruteforce redirect to NO BOOKING TYPE SELECTED page
// header( 'Location: http://'.$referer.'/booking/'.$errortype ) ;
}
// check everything else
// reset the ERROR variables
$errortype = "";
$error_message = "";
// check the ISSET state of the remaining required fields
if(!isset($_POST['first_name']) ||
!isset($_POST['last_name']) ||
!isset($_POST['number']) ||
!isset($_POST['email']) ||
!isset($_POST['adults']) ||
!isset($_POST['children']) ||
!isset($_POST['from_date']) ||
!isset($_POST['to_date']) ||
!isset($_POST['disabled']) ||
!isset($_POST['parking']) ||
!isset($_POST['general'])) {
// redirect to GENERAL INVALIDATION page
$error_message = 'error';
$errortype = 'requirederror' ;
if(strlen($error_message) > 0) {
died($errortype) ;
}
}
// set FIELD variables
$first_name = $_POST['first_name']; // required
$last_name = $_POST['last_name']; // required
$telephone = $_POST['number']; // required
$email_from = $_POST['email']; // required
$adults = $_POST['adults']; // required
$children = $_POST['children']; // required
$fdate = $_POST['from_date']; // required
$tdate = $_POST['to_date']; // required
$disabled = $_POST['disabled']; // not required
$parking = $_POST['parking']; // not required
$comments = $_POST['general']; // not required
// begin INVALID field character checks
$email_exp = "/^[A-Z0-9._%-]+#[A-Z0-9.-]+\.[A-Z]{2,4}$/i";
$errortype = "";
$error_message = "";
if(!preg_match($email_exp,$email_from)) {
// redirect to INVALID EMAIL page
$error_message = 'error';
$errortype = 'emailinvalid';
if(strlen($error_message) > 0) {
died($errortype) ;
}
}
$string_exp = "/^[a-z .'-]+$/i";
$errortype = "";
$error_message = "";
if(!preg_match($string_exp,$first_name)) {
// redirect to INVALID FIRSTNAME page
$error_message = 'error';
$errortype = 'fnameerror' ;
if(strlen($error_message) > 0) {
died($errortype) ;
}
}
$errortype = "";
$error_message = "";
if(!preg_match($string_exp,$last_name)) {
// redirect to INVALID LASTNAME page
$error_message = 'error';
$errortype = 'lnameerror' ;
if(strlen($error_message) > 0) {
died($errortype) ;
}
}
$errortype = "";
$error_message = "";
if(strlen($comments) < 2 && strlen($comments) > 0) {
// redirect to INVALID COMMENTS page
$error_message = 'error';
$errortype = 'commentserror' ;
if(strlen($error_message) > 0) {
died($errortype) ;
}
}
$string_exp = "/^[0-9 .-]+$/i";
$errortype = "";
$error_message = "";
if(!preg_match($string_exp,$telephone)) {
// redirect to INVALID TELEPHONE page
$error_message = 'error';
$errortype = 'telephoneerror' ;
if(strlen($error_message) > 0) {
died($errortype) ;
}
}
// failsafe
if(strlen($error_message) > 0) {
died($errortype) ;
}
// begin EMAIL MESSAGE creation
$email_message = "Form details below.\n\n";
// remove ILLEGAL data from submitted fields
function clean_string($string) {
$bad = array("content-type","bcc:","to:","cc:","href");
return str_replace($bad,"",$string);
}
// set EMAIL_MESSAGE variable from data gathered from form
$email_message .= "Name: ".clean_string($first_name)." ".clean_string($last_name)."\n";
$email_message .= "Contact number: ".clean_string($telephone)."\n";
$email_message .= "Email address: ".clean_string($email_from)."\n\n";
$email_message .= "Interested in availability of the following: \n";
$email_message .= $book1.$book2.$book3.$book4."\n";
$email_message .= "Date from: ".clean_string($fdate)."\n";
$email_message .= "Date to: ".clean_string($tdate)."\n\n";
$email_message .= "Number of...\n";
$email_message .= "Adults: ".clean_string($adults)."\n";
$email_message .= "Children: ".clean_string($children)."\n\n";
$email_message .= "Disabled? ".clean_string($disabled)."\n";
$email_message .= "Parking? ".clean_string($parking)."\n\n";
$email_message .= "Additional Information: \n\n";
$email_message .= clean_string($comments);
// create EMAIL HEADERS
$headers = 'From: '.$email_from."\r\n".'Reply-To: '.$email_from."\r\n".'Bcc: '.$email_bcc."\r\n".'X-Mailer: PHP/' . phpversion();
//new
new PHPMailer($email_to, $email_subject, $email_message, $headers);
//end new
// old #mail($email_to, $email_subject, $email_message, $headers);
//end old
// redirect to SUCCESS page
header( 'Location: http://'.$referer.'/success' ) ;
exit;
}
?>
Try using only "\n" instead of "\r\n" on $headers as documented in the PHP reference. http://php.net/manual/de/function.mail.php