form validation

using the onsubmit event in your form

i.e.

<form method="post" action="contact5.php" onsubmit ="return checkemail(email)">

where checkemail is a client-side function which validates the email.

if the function returns false, the form is not submitted. if it is true, the form is submitted to Contact5.php.

Hi All,

i wonder if anyone can help me. I've got a form where you can enter your email address and a surname to search for, when clicking on the submit button the form is processed with a PHP page and sent via email.

What I want to do is check that the email address field in the form is filled in before being submitted.

The code for each is shown below:

The form:

<form method="post" action="contact5.php">
Email Address:<br />
<input name="email" type="text" class="style1"><br>
Surname To Search:<br>
<input name="q" type="text" class="style1"><br>
<input type="submit">
</form>

The processing php code:

<table width="640" cellpadding="0" cellspacing="0">
<tr>
<td id="header">Surname Search</td>
</tr>
<tr>
<td id="navigation" align="center"><?
$to = "admin@personally-yours.co.uk";
$subject = "Surname Search";
$email = $_REQUEST['email'];
$message = $_REQUEST['q'];
$body = "Hello, Im looking for the surname '$message'\n\nRegards\n\n $email";
$headers = "From: $email";
ini_set("sendmail_from", "admin@personally-yours.co.uk");
$sent = mail($to, $subject, $body, $headers);
if($sent)
{print "Thank You for your query. We will reply within 24 hours.";}
else
{print "We encountered an error sending your mail";}
?><br />
  <br /><br /><br /><a href="javascript:history.back(-1);">Click here</a> to return to the previous page.
</td>
</tr>
</table>

i wouldn't use javascript to do it because that could be disabled. I would validate it via php. This code is how I would do it:

<?php

$thispage = $_SERVER['PHP_SELF'];

$form =<<<HTML
<form action="$thispage" method="post">
	Email Address:<br /><input type="text" name="email" class="style1" /><br />
	Surname To Search:<br /><input type="text" name="q" class="style1" /><br />
	<input type="submit" name="submit" value="Search" />
</form>
HTML;

if (isset($_POST['submit'])) {
	$emal = $_POST['email'];
	$name = $_POST['q'];
	$error = array();
	if ($emal == '') {
		$error[] = 'Email Address is Blank';
	}
	if ($mess == '') {
		$error[] = 'Surname is Blank';
	}
	if (count($error) > 0) {
		foreach ($error as $value) {
			echo '<font color="red">' . $value . '</font><br />';
		}
		echo $form;
	}
	else {
		$to   = 'admin@peronally-yours.co.uk';
		$from = $emal;
		$mess = 'Hello, I\'m looking for the surname \'' . $name . '\'\n\nRegards,\n\n' . $emal;
		$mail = mail($to, $subj, $mess, "From: $email");
		if ($mail) {
			$result = 'Thank you for your query. We will reply within 24 hours.';
		}
		else {
			$result = 'We encountered an error sending your mail';
		}
$html =<<<HTML
<table width="640" cellpadding="0" cellspacing="0">
	<tr>
		<td id="header">Surname Search</td>
	</tr>
	<tr>
		<td id="navigation" align="center">$result</td>
	</tr>
	<tr>
		<td><a href="$thispage">Click here</a> to return to the previous page</td>
	</tr>
</table>
HTML;
		echo $html;
	}
}
else {
	echo $form;
}

?>

Hi there,

sorry for the late reply, only had chance to look at this just now. I cant seem to get the code below to work.

Can anybody else help?

Cheers

i wouldn't use javascript to do it because that could be disabled. I would validate it via php. This code is how I would do it:

<?php

$thispage = $_SERVER['PHP_SELF'];

$form =<<<HTML
<form action="$thispage" method="post">
	Email Address:<br /><input type="text" name="email" class="style1" /><br />
	Surname To Search:<br /><input type="text" name="q" class="style1" /><br />
	<input type="submit" name="submit" value="Search" />
</form>
HTML;

if (isset($_POST['submit'])) {
	$emal = $_POST['email'];
	$name = $_POST['q'];
	$error = array();
	if ($emal == '') {
		$error[] = 'Email Address is Blank';
	}
	if ($mess == '') {
		$error[] = 'Surname is Blank';
	}
	if (count($error) > 0) {
		foreach ($error as $value) {
			echo '<font color="red">' . $value . '</font><br />';
		}
		echo $form;
	}
	else {
		$to   = 'admin@peronally-yours.co.uk';
		$from = $emal;
		$mess = 'Hello, I\'m looking for the surname \'' . $name . '\'\n\nRegards,\n\n' . $emal;
		$mail = mail($to, $subj, $mess, "From: $email");
		if ($mail) {
			$result = 'Thank you for your query. We will reply within 24 hours.';
		}
		else {
			$result = 'We encountered an error sending your mail';
		}
$html =<<<HTML
<table width="640" cellpadding="0" cellspacing="0">
	<tr>
		<td id="header">Surname Search</td>
	</tr>
	<tr>
		<td id="navigation" align="center">$result</td>
	</tr>
	<tr>
		<td><a href="$thispage">Click here</a> to return to the previous page</td>
	</tr>
</table>
HTML;
		echo $html;
	}
}
else {
	echo $form;
}

?>

Try

if (isset($_POST['submit'])) {
    $emal = htmlspecialchars($_POST['email']);
    $name = htmlspecialchars($_POST['q']);
unset($error);

    $error = array();
    if ($emal == '') {

        $error[] .= 'Email Address is Blank';

    }

    if ($mess == '') {

        $error[] .= 'Surname is Blank';

    }
if ($emal != "" && !preg_match('/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/',
        $emal)) {
        $error[] .=  'Invalid email address';
    }

    if ($error[0] != null) {

        foreach ($error as $value) {

            echo '<font color="red">' . $value . '</font><br />';

        }

        echo $form;

    } else {
        $to = 'admin@peronally-yours.co.uk';
        $from = $emal;
        $mess = 'Hello, I\'m looking for the surname \'' . $name . '\'\n\nRegards,\n\n' .
            $emal;

        $mail = mail($to, $subj, $mess, "From: $email");
        if ($mail) {

            $result = 'Thank you for your query. We will reply within 24 hours.';
        } else {

            $result = 'We encountered an error sending your mail';
        }

Also, in this part of the code $mail = mail($to, $subj, $mess, "From: $email"); there is no variable $email defined in your code.

Sam

I've tried your code too and still cant't get it to work.

I've tried your code too and still cant't get it to work.

How do you mean "can't get it to work"? What doesn't work? Do you get errors?

Add this to the top of your code

error_reporting(E_ALL);

ini_set('display_errors', true);

Sam

I've tried the code and inserted the error reporting code into it but the $html variable doesnt get displayed it is just blank.

Nothing happens.

I've tried the code and inserted the error reporting code into it but the $html variable doesnt get displayed it is just blank.

Nothing happens.

Hmm.. I'm not entirely sure, except you don't have <html><head><title></title></head>or<body></body></html> tags anywhere, which could cause a problem in your browser if you try to just post a <form> without telling the browser it's looking for HTML. Unless you do and didn't post all the code, that is..

Either that, or for all your if statements, add elses:

if ($emal == '') {

 

$error[] .= 'Email Address is Blank';

 

} else {   }

 

if ($mess == '') {

 

$error[] .= 'Surname is Blank';

 

} else {  }

if ($emal != "" && !preg_match('/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/',

$emal)) {

$error[] .= 'Invalid email address';

} else {   }

You've still got the problem of $email, no where in your code do you define $email, yet your From header in your email is "From: $email".

Sam