www.webdeveloper.com
Results 1 to 2 of 2

Thread: Form sends after failing validation

  1. #1
    Join Date
    Jun 2006
    Location
    Boston, MA
    Posts
    383

    Unhappy Form sends after failing validation

    hey guys, this issue is killin' me. i need another set of eyes. i grabbed a standard php contact form script with captcha and made a few adjustments. i added an email array and dropdown to select a department(chooses an addy within the array) i've also echoed the results as opposed to shooting over to a 'thank you' page. my problem is my form will send regardless of my department choice, and i'll get a 'message sent' and 'invalid department' error and the form stays filled in once sent. can anybody help me out?

    test here:
    http://getrapidcharge.com/rcsite/contact.php

    HANDLER
    PHP Code:
    <?php 
    session_start
    ();

    $errors '';
    $name '';
    $visitor_email '';
    $visitor_telephone '';
    $visitor_subject '';
    $visitor_hear '';
    $user_message '';
    $your_email '';
    $department '';

        
    $contactAry = array(
        
    'Sales' => 'sales@email.com',
        
    'Advertising' => 'advertising@email.com',
        );    
        
    if(isset(
    $_POST['submit']))
    {    
        
    $name $_POST['name'];
        
    $visitor_email $_POST['email'];
        
    $visitor_telephone $_POST['telephone'];
        
    $visitor_subject $_POST['subject'];
        
    $visitor_hear $_POST['hear'];
        
    $user_message $_POST['message'];
        
    $your_email $_POST['department'];
        
        
    ///------------Do Validations-------------
        
    if(!array_key_exists($_POST['department'], $contactAry))
        {
        
    $invaliddept '';
        
    $invaliddept .= "<p class='fail' align='center'>Invalid department</p>";
        }
        else
        {
        
    $your_email $contactAry[$_POST['department']];
        }
        
        if(empty(
    $name)||empty($visitor_email))
        {
            
    $errors .= "\n<p class='captcha-miss' align='center'>Please Fill out Required Fields.</p>";    
        }
        if(
    IsInjected($visitor_email))
        {
            
    $errors .= "\n Bad email entry!";
        }
        if(empty(
    $_SESSION['6_letters_code'] ) ||
          
    strcasecmp($_SESSION['6_letters_code'], $_POST['6_letters_code']) != 0)
        {
        
    //Note: the captcha code is compared case insensitively.
        //if you want case sensitive match, update the check above to
        // strcmp()
            
    $errors .= "\n <p class='captcha-miss' align='center'>The captcha code does not match!</p>";
        }
        
        if(empty(
    $errors))
        {
            
    //send the email
            
    $to $your_email;
            
    $subject="Form Submission From Contact Page";
            
    $from $your_email;
            
    $ip = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '';
            
            
    $body "$name submitted the contact form for $department:\n".
            
    "Name: $name\n".
            
    "Email: $visitor_email \n".
            
    "Telephone: $visitor_telephone \n\n".
            
    "How did you hear about us? $visitor_hear \n\n".
            
    "Subject: $visitor_subject \n\n".
            
    "Message: \n ".
            
    "$user_message\n".
            
    "IP: $ip\n";    
            
            
    $headers "From: $from \r\n";
            
    $headers .= "Reply-To: $visitor_email \r\n";
            
            
    mail($to$subject$body,$headers);
            
            
    $success '';
            
    $success .= "<p class='success' align='center'>Your message sent!</p>";
        }
    }

    // Function to validate against any email injection attempts
    function IsInjected($str)
    {
      
    $injections = array('(\n+)',
                  
    '(\r+)',
                  
    '(\t+)',
                  
    '(%0A+)',
                  
    '(%0D+)',
                  
    '(%08+)',
                  
    '(%09+)'
                  
    );
      
    $inject join('|'$injections);
      
    $inject "/$inject/i";
      if(
    preg_match($inject,$str))
        {
        return 
    true;
      }
      else
        {
        return 
    false;
      }
    }
    ?>

    FORM
    PHP Code:
    <?php echo $success?>
    <?php 
    echo $invaliddept?>
    <?php
    if(!empty($errors)){
    echo 
    "<p class='err'>".nl2br($errors)."</p>";
    }
    ?>
    <div id='contact_form_errorloc' class='err'></div>
    <form method="POST" name="contact_form" 
    action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>">
    <p>
    <label for='department'><strong>Department</strong></label><br>
    <select name="department" id="department">
    <option>Select Department...</option>
    <?php 
    foreach($contactAry as $department => $your_email)
    {
        echo 
    "<option value='$department'>$department</option>\n";
    }
     
    ?>
    </select>
    </p>
    <p>
    <label for='name'><strong>Name</strong></label><br>
    <input type="text" name="name" value='<?php echo htmlentities($name?>' class="contact_input shadow">
    </p>
    <p>
    <label for='email'><strong>Email</strong></label><br>
    <input type="text" name="email" value='<?php echo htmlentities($visitor_email?>' class="contact_input shadow">
    </p>
    <p>
    <label for='telephone'><strong>Telephone</strong></label><br>
    <input type="text" name="telephone" value='<?php echo htmlentities($visitor_telephone?>' class="contact_input shadow">
    </p>
    <p>
    <label for='hear'><strong>How did you hear about us?</strong></label><br>
    <input type="text" name="hear" value='<?php echo htmlentities($visitor_hear?>' class="contact_input shadow">
    </p>
    <p>
    <label for='subject'><strong>Subject</strong></label><br>
    <input type="text" name="subject" value='<?php echo htmlentities($visitor_subject?>' class="contact_input shadow">
    </p>
    <p>
    <label for='message'><strong>Message</strong></label> <br>
    <textarea name="message" rows=8 cols=35 style="border:none;width:310px;" class="shadow"><?php echo htmlentities($user_message?></textarea>
    </p>
    <p>
    <img src="script/captcha_code_file.php?rand=<?php echo rand(); ?>" id='captchaimg' ><br />
    <label for='message'>Enter the code above here:</label><br>
    <input id="6_letters_code" name="6_letters_code" type="text" style="border:none;" class="shadow"><br />
    <small>Can't read the image? click <a href='javascript: refreshCaptcha();'>here</a> to refresh</small>
    </p>
    <input type="submit" value="Submit" name='submit' class="rapidcharge-contact-btn">
    </form>
    <script>
    var frmvalidator  = new Validator("contact_form");
    //remove the following two lines if you like error message box popups
    frmvalidator.EnableOnPageErrorDisplaySingleBox();
    frmvalidator.EnableMsgsTogether();

    frmvalidator.addValidation("department","req","You forgot to choose a department!");
    frmvalidator.addValidation("name","req","You forgot to enter your name!"); 
    frmvalidator.addValidation("email","req","You forgot to enter your email!"); 
    frmvalidator.addValidation("subject","req","You forgot to enter a subject!"); 
    frmvalidator.addValidation("hear","req","How did you hear about us?");
    frmvalidator.addValidation("message","req","No message? hrmph!"); 
    </script>
    <script>
    function refreshCaptcha()
    {
        var img = document.images['captchaimg'];
        img.src = img.src.substring(0,img.src.lastIndexOf("?"))+"?rand="+Math.random()*1000;
    }
    </script>
    "Problems cannot be solved by the same level of thinking that created them.

  2. #2
    Join Date
    May 2004
    Location
    chennai, tamil nadu, India
    Posts
    437
    Should this

    Code:
    $invaliddept = '';
        $invaliddept .= "<p class='fail' align='center'>Invalid department</p>";
    be

    Code:
    $errors = '';
        $errors .= "<p class='fail' align='center'>Invalid department</p>";
    Chris, Senior Developer,
    www.Chrisranjana.com

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles