I am working on adding security onto my contact form and I can't seem to find the reason as to why I get errors. Currently, when I test the php form, I get this error: Parse error: syntax error, unexpected T_IF in /home/content/86/5284386/html/websitenamewashere/contact.php on line 16
Here is my php:

<?php
 
if(isset($_POST['email'])) {
 
     
 
 
    $to = "yahoo@gmail.com";
 
    $subject = "Contact Form Submission;
 

 
    function died($error) {
 
 
        echo "We are very sorry, but there were error(s) found with the form you submitted. ";
 
        echo "These errors appear below.<br /><br />";
 
        echo $error."<br /><br />";
 
        echo "Please go back and fix these errors.<br /><br />";
 
        die();
 
    }
 
     
 
    // validation expected data exists
 
    if(!isset($_POST['contact-name']) ||
  
        !isset($_POST['contact-email']) ||
 
        !isset($_POST['contact-phone']) ||
 
        !isset($_POST['child_info'])) {
 
        died('We are sorry, but there appears to be a problem with the form you submitted.');       
 
    }
 
     


        $contactname = $_POST["contact-name"]; //required

        $contactemail = $_POST["contact-email"]; //required

        $contactphone = $_POST["contact-phone"]; //required

        $child_info = $_POST["child_info"]; //required

 
     
 
    $error_message = "";
 
    $email_exp = '/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/';
 
  if(!preg_match($email_exp,$contactemail)) {
 
    $error_message .= 'The Email Address you entered does not appear to be valid.<br />';
 
  }
 
    $string_exp = "/^[A-Za-z .'-]+$/";
    $numb_exp = '/^[0-9.-]';
 
  if(!preg_match($string_exp,$contactname)) {
 
    $error_message .= 'The First Name you entered does not appear to be valid.<br />';
 
  }
 
  if(!preg_match($numb_exp,$contactphone)) {
 
    $error_message .= 'The Phone Number you entered does not appear to be valid.<br />';
 
  }
 
  if(strlen(child_info) < 2) {
 
    $error_message .= 'The Comments you entered do not appear to be valid.<br />';
 
  }
 
  if(strlen($error_message) > 0) {
 
    died($error_message);
 
  }
 
    $email_message = "Form details below.\n\n";
 
     
 
    function clean_string($string) {
 
      $bad = array("content-type","bcc:","to:","cc:","href");
 
      return str_replace($bad,"",$string);
 
    }
 
     
 
    $email_message .= "First Name: ".clean_string($contactname)."\n";
  
    $email_message .= "Email: ".clean_string($contactemail)."\n";
 
    $email_message .= "Telephone: ".clean_string($contactphone)."\n";
 
    $email_message .= "Child Information: ".clean_string($child_info)."\n";
 
     
 
     
 
 
$headers = 'From: '.$contactemail."\r\n".
 
'Reply-To: '.$contactemail."\r\n" .
 
'X-Mailer: PHP/' . phpversion();
 
@mail($email_to, $email_subject, $email_message, $headers);  
 
?>
 


 
Thank you for contacting us. We will be in touch with you very soon.
 
 
 
<?php
 
}
 
?>

My HTML:

<form action="contact.php" class="footer-form" method="post">
<p class="title">How can we be of service?</p>

<div class="form-group">
    <strong>
        <input type="text" class="form-control" name="contact-name" id="contact-name" placeholder="Name:">
    </strong>
</div>
<div class="form-group">
    <strong>
        <input type="email" class="form-control" name="contact-email"" id="contact-email" placeholder="E-mail:">
    </strong>
</div>
<div class="form-group">
    <strong>
        <input type="phone" class="form-control" name="contact-phone" id="contact-phone" placeholder="Phone:">
    </strong>
</div>
<div class="form-group">
    <strong> 
        <input type="text" class="form-control" name="child_info" id="child_info" placeholder="Tell us about your child:">
    </strong>
</div>
<button type="submit" class="btn btn-default waves-effect waves-button waves-float waves-classic"><strong>Submit</strong></button>

On this line: $subject = "Contact Form Submission;
Its supposed to be: $subject = "Contact Form Submission";

I pasted it in wrong.

Member Avatar

diafol

The " should have sorted out the IF error.

if(strlen(child_info) < 2) {

This appears to be a constant, but I see no declaration. Are you referring to $child_info?
Also:

@mail($email_to, $email_subject, $email_message, $headers);

$email_to and $email_subject do not exist?

These issues as well as others could be checked with a decent IDE - I think I mentioned this before. My version of PHPStorm picked the quote issue and these two other cases out immediately.

commented: :) +10

Why?!?

?>


Thank you for contacting us. We will be in touch with you very soon.



<?php

}

?>
commented: :) +10

@diafol, I am gonna go download phpstorm...

@pixelsoul... should i remove that >.>

it's correct, but u modify it incorreclty,

$to = "yahoo@gmail.com";
$subject = "Contact Form Submission;

u should change it to

@mail($to, $subject, $email_message, $headers);  

To display the success message,

echo "Thank you for contacting us. We will be in touch with you very soon."
}?>

instead of

    ?>
    Thank you for contacting us. We will be in touch with you very soon.
    <?php
    }
    ?>
commented: :) +0

@Lau, i tried those changes, and still had errors :/

what is the error?

commented: :) +0

It says: Parse error: syntax error, unexpected T_IF in /home/content/86/5284386/html/thenameofmywebsite/contact.php on line 16

can u repost code? and is the line 16 same as the line 16 above?

commented: :) +0

Yes, the code is the same as the above. There were comments, i removed them, that is the only difference.

Sorry for late reply.

Ok, first thing I want to point out is, please dont directly copy and paste any code from any website, u may refer, but dont copy.

U may follow the example, but please, type it by urself, you will learn from that.

I had fixed the problem, error for ur code is cause by the space. Try this code below:

<?php 
 if (isset ($_POST['email'])) 
 { 
    $to = "yahoo@gmail.com";
    $subject = "Contact Form Submission";


    function died($error)
    {
        echo "We are very sorry, but there were error(s) found with the form you submitted. ";
        echo "These errors appear below.<br /><br />";
        echo $error."<br /><br />";
        echo "Please go back and fix these errors.<br /><br />";
        die();
    }

    if(!isset($_POST['contact-name'])||!isset($_POST['contact-email'])||!isset($_POST['contact-phone'])||!isset($_POST['child-info'])){
         died('We are sorry, but there appears to be a problem with the form you submitted.');
     }

    $contactname = $_POST['contact-name']; //required
    $contactemail = $_POST['contact-email']; //required
    $contactphone = $_POST['contact-phone']; //required
    $child_info = $_POST['child_info']; //required
    $error_message = "";

    $email_exp = '/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/';

     if(!preg_match($email_exp,$contactemail)) {
         $error_message .= 'The Email Address you entered does not appear to be valid.<br />';
     }

     $string_exp = "/^[A-Za-z .'-]+$/";
     $numb_exp = '/^[0-9.-]';

     if(!preg_match($string_exp,$contactname)) {
         $error_message .= 'The First Name you entered does not appear to be valid.<br />';
     }

     if(!preg_match($numb_exp,$contactphone)) {
         $error_message .= 'The Phone Number you entered does not appear to be valid.<br />';
     }

     if(strlen($child_info) < 2) {
        $error_message .= 'The Comments you entered do not appear to be valid.<br />';
    }

     if(strlen($error_message) > 0) {
         died($error_message);
     }

     $email_message = "Form details below.\n\n";

     function clean_string($string) {
         $bad = array("content-type","bcc:","to:","cc:","href");
         return str_replace($bad,"",$string);
     }

     $email_message .= "First Name: ".clean_string($contactname)."\n";
     $email_message .= "Email: ".clean_string($contactemail)."\n";
     $email_message .= "Telephone: ".clean_string($contactphone)."\n";
     $email_message .= "Child Information: ".clean_string($child_info)."\n";

     $headers = 'From: '.$contactemail."\r\n".
         'Reply-To: '.$contactemail."\r\n" .
         'X-Mailer: PHP/' . phpversion();

     @mail($to, $subject, $email_message, $headers);
     echo "Thank you for contacting us. We will be in touch with you very soon.";
 }
?>
commented: :) +10

@Lau, Sorry about that, I was trying to work on an old form of mine and wanted to see there was a better alternative. I saw that one and wanted to see if i can work off of that.

U may follow the example, but please, type it by urself, you will learn from that.

I will do that

I had fixed the problem, error for ur code is cause by the space. Try this code below:

I am gonna take a look at the code when I get home (its 2:00 am and I coming home from a wedding...)

Alright, so I tried running the code, the results are much more positive. I don't get any of the errors I get before but the form security doesn't seem to work because I can just click submit and it just keeps refreshing the page and it doesn't collect any of the inputs (it doesn't show in my email)? Did I forget to add anything?

Oh, and this is the form I worked on before. This was the one where I can submit the form and I can collect the inputs but the form lacks security and has odd glitches to it (incase you wanted to see it...):

<?php 
        $contactname = $_POST["contact-name"];
        $contactemail = $_POST["contact-email"];
        $contactphone = $_POST["contact-phone"];
        $child_info = $_POST["child_info"];
        $to      = 'yahoo@gmail.com';
        $subject = 'Contact Form Submission!';

        $v1 = "
                <html> <body> <style>
                    h1 {color:#000066;}
                    table {border:1px solid black; background: #e3f0ff;}
                </style> <h1>Hello, this form has been submitted!</h1> <img src= 'logo1.png' /> <table rules='all' style='border-color: #ffb300;' cellpadding='10' width='500px'> <tr style='background: #ffb300;'><td>First Name: $contactname</td> <tr style='background: #fafafa;'><td>Email: $contactemail</td> <tr style='background: #fafafa;'><td>Phone: $contactphone</td><tr style='background: #fafafa;'><td>Child Information: $child_info</td></table> </body> </html> ";
        $message = $v1; 
        $headers  = "From: $from\r\n"; 
        $headers .= "Content-type: text/html\r\n"; 
        mail($to, $subject, $message, $headers); 
        echo "Message has been sent..."; //Page RE DIRECT 
        echo $v1;
    //******************************************************************************************************************************//



        $contactname = $_POST["contact-name"];
        $contactemail = $_POST["contact-email"];
        $contactphone = $_POST["contact-phone"];
        $child_info = $_POST["child_info"];
        $verificationmsg = 'Thank you for your inquiry, we will contact you shortly! <br>Best,<br>M<br>©Name of Company was here :)(TM) All Rights Reserved 2015';
        $subject = 'Message Confirmed!';
        $v1 = "
                <html> <body> <style>
                    #disclosure {font-size: 8px; color: #333;}
                    h1 {color:#000066;}
                    table {border:1px solid black;}
                </style> <img src= 'logo1.png' /> <table rules='all' style='border-color: #ffb300;' cellpadding='10' width='500px'> <tr style='background: #ffb300;'><td>Email Confirmation <tr style='background: #fafafa;'><td>Hello  $contactname, your message has been recieved! We will contact you shortly! <br><br>Best, <br>M<br>©M(TM) All Rights Reserved 2015 </div> </table> </body> </html> ";
        $headers  = "From: $from\r\n"; 
        $headers .= "Content-type: text/html\r\n"; 
         mail($contactemail, $subject, $verificationmsg, $headers);    

          $count= count(file("main_form.csv"));                       
            $today = date("d M Y h:i A");
            echo $today;
            echo $v1;

    $cvsData = "\n" . $count . "," . $today . "," . $contactname . "," . $contactemail . "," . $contactphone . "," . $child_info;

     $fp = fopen("main_form.csv", "a" );
     if($fp){
         fwrite($fp, $cvsData);
         fclose($fp);
         }                   

    ?>

<2cents>
If you're trying to create this in the most optimal way, I would recommend trying some already developed classes.

For example, combining
https://github.com/PHPMailer/PHPMailer with https://github.com/Wixel/GUMP

Or whatever classes you wanted to use in place of those.
There are a number of classes out there for this stuff you could choose from.

It would make this a quicker process of setting this up, and the classes could be used over and over easily.

Just my thoughts on this.
</2cents>

commented: +0

I would do that, but I... well... have no clue how to use them (don't ask :P):/ That is why I prefer to do it like the way I do, that way, I never have to ask a basic question like I have already. All I would need is a solution but I haven't had much success so far. Based on Lau's version, do you know what could have went wrong?

Incase anyone was going to try this... don't try merging the two codes, it doesn't work...

Member Avatar

diafol

A simple output of the $_POST superglobal will tell you if the vars you think are being passed are actually being passed:

print_r($_POST); // or do a var_dump

Where do i put that superglobal?

do u check whether u enter this if?

if(isset($_POST['email'])) {

if does, just like @diafol said, using

print_r($_POST);

to check what u posted, add this on the top of page, if u sure that u enter the if function, add this inside the function.

And u want to receive the email for this? As @pixelsoul said, trying some already developed classes. And if u are using local server, u need to configure then to receive email.

So, I made some progress on the php. The security part works and so does the part where i get a copy of the inputs into my csv. The only part that still doesn't work is the email part of it... Here is what it is now:

<?php 
$contactname  = $_POST["contact-name"];
$contactemail = $_POST["contact-email"];
$contactphone = $_POST["contact-phone"];
$child_info   = $_POST["child_info"];
$to           = 'yahoo@gmail.com';
$subject      = 'Contact Form Submission!';

//******************************************************************************************************************************//

if(isset($_POST['contact-email'])) {
    $to      = "yahoo@gmail.com";
    $subject = "Contact Form Submission";

    function died($error)
    {
        echo "We are very sorry, but there were error(s) found with the form you submitted. ";
        echo "These errors appear below.<br /><br />";
        echo $error . "<br /><br />";
        echo "Please go back and fix these errors.<br /><br />";
        die();
    }

    if(!isset($_POST['contact-name']) || !isset($_POST['contact-email']) || !isset($_POST['contact-phone']) || !isset($_POST['child_info'])) {
        died('We are sorry, but there appears to be a problem with the form you submitted.');
    }

    $contactname   = $_POST['contact-name']; //required
    $contactemail  = $_POST['contact-email']; //required
    $contactphone  = $_POST['contact-phone']; //required
    $child_info    = $_POST['child_info']; //required
    $error_message = "";

    $email_exp = '/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/';

    if(!preg_match($email_exp, $contactemail)) {
        $error_message .= 'The Email Address you entered does not appear to be valid.<br />';
    }

    $string_exp = "/^[A-Za-z .'-]+$/";
    $numb_exp   = '/^[0-9.-]/';

    if(!preg_match($string_exp, $contactname)) {
        $error_message .= 'The First Name you entered does not appear to be valid.<br />';
    }

    if(!preg_match($numb_exp, $contactphone)) {
        $error_message .= 'The Phone Number you entered does not appear to be valid.<br />';
    }

    if(strlen($child_info) < 2) {
        $error_message .= 'The Comments you entered do not appear to be valid.<br />';
    }

    if(strlen($error_message) > 0) {
        died($error_message);
    }

     $email_message = "Form details below.\n\n";

     function clean_string($string) {
         $bad = array("content-type","bcc:","to:","cc:","href");
         return str_replace($bad,"",$string);
     }

     $email_message .= "First Name: ".clean_string($contactname)."\n";
     $email_message .= "Email: ".clean_string($contactemail)."\n";
     $email_message .= "Telephone: ".clean_string($contactphone)."\n";
     $email_message .= "Child Information: ".clean_string($child_info)."\n";

     $headers = 'From: '.$contactemail."\r\n".
         'Reply-To: '.$contactemail."\r\n" .
         'X-Mailer: PHP/' . phpversion();

     @mail($to, $subject, $email_message, $headers);
     echo "Thank you for contacting us. We will be in touch with you very soon.";
 }



    //******************************************************************************************************************************//



        $v1 = "
                <html> <body> <style>
                    h1 {color:#000066;}
                    table {border:1px solid black; background: #e3f0ff;}
                </style> <h1>Hello, this form has been submitted!</h1> <img src= 'logo1.png' /> <table rules='all' style='border-color: #ffb300;' cellpadding='10' width='500px'> <tr style='background: #ffb300;'><td>First Name: $contactname</td> <tr style='background: #fafafa;'><td>Email: $contactemail</td> <tr style='background: #fafafa;'><td>Phone: $contactphone</td><tr style='background: #fafafa;'><td>Child Information: $child_info</td></table> </body> </html> ";
        $message = $v1; 
        $headers  = "From: $from\r\n"; 
        $headers .= "Content-type: text/html\r\n"; 
        mail($to, $subject, $message, $headers); 
        echo "Message has been sent..."; //Page RE DIRECT 
        echo $v1;


    //******************************************************************************************************************************//



        $contactname = $_POST["contact-name"];
        $contactemail = $_POST["contact-email"];
        $contactphone = $_POST["contact-phone"];
        $child_info = $_POST["child_info"];
        $verificationmsg = 'Thank you for your inquiry, we will contact you shortly! <br>Best,<br>ME!<br>©LRCC(TM) All Rights Reserved 2015';
        $subject = 'Message Confirmed!';
        $v1 = "
                <html> <body> <style>
                    #disclosure {font-size: 8px; color: #333;}
                    h1 {color:#000066;}
                    table {border:1px solid black;}
                </style> <img src= 'logo1.png' /> <table rules='all' style='border-color: #ffb300;' cellpadding='10' width='500px'> <tr style='background: #ffb300;'><td>Email Confirmation <tr style='background: #fafafa;'><td>Hello  $contactname, your message has been recieved! We will contact you shortly! <br><br>Best, <br>ME!<br>©LRCC(TM) All Rights Reserved 2015 </div> </table> </body> </html> ";
        $headers  = "From: $from\r\n"; 
        $headers .= "Content-type: text/html\r\n"; 
         mail($contactemail, $subject, $verificationmsg, $headers);    

          $count= count(file("main_form.csv"));                       
            $today = date("d M Y h:i A");
            echo $today;
            echo $v1;

    $cvsData = "\n" . $count . "," . $today . "," . $contactname . "," . $contactemail . "," . $contactphone . "," . $child_info;

     $fp = fopen("main_form.csv", "a" );
     if($fp){
         fwrite($fp, $cvsData);
         fclose($fp);
         }                   

    ?>

Any suggestions?

I'm confused.

Why are you setting these 3 different time?

$contactname  = $_POST["contact-name"];
$contactemail = $_POST["contact-email"];
$contactphone = $_POST["contact-phone"];
$child_info   = $_POST["child_info"];

And which mail function is not working? I'm counting 3 of those as well.
If they're all not sending, then you might not have PHP mail settings set correctly.

@Pixel, well... i had them repeated 3 times... because... ummm... I have no idea why I did that to begin with. But anyways, I got it to work, but what was weird is that I started getting the emails literally a few hours late.