...

View Full Version : Contactform, functions aren't done.



simolokid
01-28-2010, 08:13 PM
Hi there,

My first post on this entire forum, and probably a very dumb one as I'm sure im missing something small.

But to let you know what's going on:

I've recently started making my own site, and trying to code everything myself. A contact form is obviously something to learn to do. Now I've downloaded serveral examples, looped trough most tutorials and stuff. The problem is, I made the entire form myself now, but it doesn't validate any of the input.

Altough I did make it do it, it simply won't. It isn't returning 'undefined function' errors, so it does open the functions.

What am I missing here?

Contactform code:

<?php
include("includes/functions.php");
session_start();

/* $_POSTS */
$name = $_POST['name'];
$email = $_POST['email'];
$subject = $_POST['subject'];
$question = $_POST['question'];
$code = $_POST['code'];
/*email settings */
$to = "simoscript@hotmail.com";
$from = "noreply@simolokid.nl";
$subject_mail = "Contactform - Simolokid";
$thank_you_url = "http://www.simolokid.nl/thankyou.php";
$error = array();

if(isset($_POST['submit'])){
if(!empty($name)){
$name = clean_var($name);
$name = htmlspecialchars($name, ENT_QUOTES);
$length = 30;
$test = strlen($name);
if($test > 30){
$error[] = "The name field may only contain 30 characters.";
}
}
else{
$error[] = "You need to fill in the name field.";
}
if(!empty($email)){
if(!validEmail($email)){
$error[] = "You haven't filled in a <b> valid </b> email adress";
}
}
if(!empty($subject)){
$subject = clean_var($subject);
$subject = htmlspecialchars($subject, ENT_QUOTES);
$length = 30;
$test = strlen($subject);
if($test > 30){
$error[] = "The subject field may only contain 30 characters";
}
}
if(!empty($question)){
if(function_exists('clean_var')){
$question = clean_var($question);
}
if(function_exists('htmlspecialchars')){
$question = htmlspecialchars($subject, ENT_QUOTES);
}
$length = 300;
$test = strlen($question);
if($test > 300){
$error[] = "The question field may only contain 300 characters";
}
}
if(!empty($code)){
include_once "securimage.php";
$securimage = new Securimage();
$valid = $securimage->check($code);
if(!$valid){
$error[] = "You didn't fill in the correct code.";
}
}
if(function_exists('htmlspecialchars_decode')){
$name = htmlspecialchars_decode($name, ENT_QUOTES);
}
if(function_exists('htmlspecialchars_decode')){
$subject = htmlspecialchars_decode($subject, ENT_QUOTES);
}
if(function_exists('htmlspecialchars_decode')){
$message = htmlspecialchars_decode($message, ENT_QUOTES);
}
$time = date("j:n:Y");
$day = date("s:i:G");
$msg = "Email adress: $email
Name: $name
Day: $time
Time: $day

Message: $message

";
$mailing = mail($to, $subject_mail, $msg, "Contactform Simolokid.nl");
if($mailing){
$mailing = $check;
header("Location: $thank_you_url");
}
else{
$error[] = "Your mail has not been send, due to an error. Please try again later";

}
}

else{
?>
*html code here*

functions.php

function validEmail($email)
{
$isValid = true;
$atIndex = strrpos($email, "@");
if (is_bool($atIndex) && !$atIndex)
{
$isValid = false;
}
else
{
$domain = substr($email, $atIndex+1);
$local = substr($email, 0, $atIndex);
$localLen = strlen($local);
$domainLen = strlen($domain);
if ($localLen < 1 || $localLen > 64)
{
// local part length exceeded
$isValid = false;
}
else if ($domainLen < 1 || $domainLen > 255)
{
// domain part length exceeded
$isValid = false;
}
else if ($local[0] == '.' || $local[$localLen-1] == '.')
{
// local part starts or ends with '.'
$isValid = false;
}
else if (preg_match('/\\.\\./', $local))
{
// local part has two consecutive dots
$isValid = false;
}
else if (!preg_match('/^[A-Za-z0-9\\-\\.]+$/', $domain))
{
// character not valid in domain part
$isValid = false;
}
else if (preg_match('/\\.\\./', $domain))
{
// domain part has two consecutive dots
$isValid = false;
}
else if (!preg_match('/^(\\\\.|[A-Za-z0-9!#%&`_=\\/$\'*+?^{}|~.-])+$/', str_replace("\\\\","",$local)))
{
// character not valid in local part unless
// local part is quoted
if (!preg_match('/^"(\\\\"|[^"])+"$/',
str_replace("\\\\","",$local)))
{
$isValid = false;
}
}
if ($isValid && function_exists('checkdnsrr'))
{
if (!(checkdnsrr($domain,"MX") || checkdnsrr($domain,"A"))) {
// domain not found in DNS
$isValid = false;
}
}
}
return $isValid;
}
function clean_var($variable) {
$variable = strip_tags(stripslashes(trim(rtrim($variable))));
return $variable;
}


Thanks for any help or advice!

Kind regards,

Simolokid.

mlseim
01-28-2010, 08:35 PM
First of all, on your HTML form, do you have a variable named "submit"?
(you didn't show us your form).

simolokid
01-28-2010, 08:37 PM
First of all, on your HTML form, do you have a variable named "submit"?
(you didn't show us your form).

Oops, I tought i'd skip the html to keep the volume of the code down.. forgot that having the form objectnames would actually be handy to have

here you go:


<form action="" method="post" >
<table>
<tr><td><label for="name">Name</label></td><td><input type="text" name="name" value="" /></td></tr>
<tr><td><label for="email">Email</label></td><td><input type="text" name="email" value="" /></td></tr>
<tr><td><label for="subject">Subject</label></td><td><input type="text" name="subject" value="" /></td></tr>
<tr><td><label for="question">Question</label></td><td><textarea name="question"></textarea></td></tr>
<td>&nbsp;</td><td><img id="captcha" src="securimage_show.php" alt="CAPTCHA Image" /></td></tr>
<tr><td><label for="code">Code</label></td><td><input type="text" name="code" value="" /></td></tr>
<a href="#" onclick="document.getElementById('captcha').src = "securimage_show.php?" + Math.random(); return false">Click here if you cannot recognize the code.</a>
<tr><td>&nbsp;</td><td><input type="submit" name="submit" value="Send" /></td></tr>
</table>
</form>

Guess my answer is yes to that question!

Btw, if it wasn't, then it wouldn't mail either. It's actually working now, but simply not validating.

tomws
01-28-2010, 09:51 PM
What do you mean when you say "it doesn't validate any of the input"? If you mean it doesn't catch something like an empty email address, that would be because you haven't handled that condition. What specific problems are you having?

mlseim
01-28-2010, 09:53 PM
I don't see anywhere that it returns back to the form with the error message.

What do you want it to do when there is an error?
If you return back to the form, you have no way to re-display their data,
as their information never gets saved in sessions or cookies. So, I guess you'll
have to figure-out what is supposed to happen.

Also, there must be some sessions used for the captcha ... does that also not work?

simolokid
01-29-2010, 10:33 AM
I don't see anywhere that it returns back to the form with the error message.

What do you want it to do when there is an error?
If you return back to the form, you have no way to re-display their data,
as their information never gets saved in sessions or cookies. So, I guess you'll
have to figure-out what is supposed to happen.

Also, there must be some sessions used for the captcha ... does that also not work?

1. it should display the errors underneath the form;


<form action="" method="post" >
<table>
<tr><td><label for="name">Name</label></td><td><input type="text" name="name" value="<?php echo ($_SESSION['name']);?>" /></td></tr>
<tr><td><label for="email">Email</label></td><td><input type="text" name="email" value="<?php echo ($_SESSION['email']);?>" /></td></tr>
<tr><td><label for="subject">Subject</label></td><td><input type="text" name="subject" value="<?php echo ($_SESSION['subject']);?>" /></td></tr>
<tr><td><label for="question">Question</label></td><td><textarea name="question"><?php echo ($_SESSION['question']);?></textarea></td></tr>
<td>&nbsp;</td><td><img id="captcha" src="securimage_show.php" alt="CAPTCHA Image" /></td></tr>
<tr><td><label for="code">Code</label></td><td><input type="text" name="code" value="" /></td></tr>
<a href="#" onclick="document.getElementById('captcha').src = "securimage_show.php?" + Math.random(); return false">Click here if you cannot recognize the code.</a>
<tr><td>&nbsp;</td><td><input type="submit" name="submit" value="Send" /></td></tr>
</table>
</form>
<br /><br />(Please enter the text in the image above. Text is not case sensitive.)<br />
<?php
if(!empty($error)){
foreach($error as $key){
echo "$key <br />";
}
}
?>

2. Captcha doesn't work either, altough i do actually start the session at the very beginning of my php code.

3. I guess its $_SESSION['name'] = $_POST['name'] and then make the value of the inputfield $_SESSION['name'] if the session isn't empty?

Zend studio ( my framework ) tells me several functions and classes aren't defined, altough i did include the file.. so >.<

[edit] did some work on the value of inputfields with the sessions, also putted some comments in the rest of the code


<?php
include("includes/functions.php");
session_start();
if(!empty($_SESSION)){
if(!empty($_SESSION['name'])){
$_SESSION['name'] = $name;
}
elseif(!empty($_SESSION['email'])){
$_SESSION['email'] = $email;
}
elseif(!empty($_SESSION['subject'])){
$_SESSION['subject'] = $subject;
}
elseif(!empty($_SESSION['question'])){
$_SESSION['question'] = $question;
}
}

/* $_POSTS */
$name = $_POST['name'];
$email = $_POST['email'];
$subject = $_POST['subject'];
$question = $_POST['question'];
$code = $_POST['code'];
/*email settings */
$to = "simoscript@hotmail.com";
$from = "noreply@simolokid.nl";
$subject_mail = "Contactform - Simolokid";
$thank_you_url = "http://www.simolokid.nl/thankyou.php";
$error = array();

if(isset($_POST['submit'])){
//if $name is filled in
if(!empty($name)){
$name = clean_var($name);
$name = htmlspecialchars($name, ENT_QUOTES);
$length = 30;
$test = strlen($name);
if($test > 30){
$error[] = "The name field may only contain 30 characters.";
}
}
else{
//if $name isn't filled in
$error[] = "You need to fill in the name field.";
}
if(!empty($email)){
//if email is filled in
if(!validEmail($email)){
// if it isn't valid
$error[] = "You haven't filled in a <b> valid </b> email adress";
}
}
if(!empty($subject)){
//if subject is filled in
$subject = clean_var($subject);
$subject = htmlspecialchars($subject, ENT_QUOTES);
$length = 30;
$test = strlen($subject);
if($test > 30){
$error[] = "The subject field may only contain 30 characters";
}
}
if(!empty($question)){
//if question is filled in
if(function_exists('clean_var')){
$question = clean_var($question);
}
if(function_exists('htmlspecialchars')){
$question = htmlspecialchars($subject, ENT_QUOTES);
}
$length = 300;
$test = strlen($question);
if($test > 300){
$error[] = "The question field may only contain 300 characters";
}
}
if(!empty($code)){
include_once "securimage.php";
$securimage = new Securimage();
$valid = $securimage->check($code);
if(!$valid){
$error[] = "You didn't fill in the correct code.";
}
}
if(function_exists('htmlspecialchars_decode')){
$name = htmlspecialchars_decode($name, ENT_QUOTES);
}
if(function_exists('htmlspecialchars_decode')){
$subject = htmlspecialchars_decode($subject, ENT_QUOTES);
}
if(function_exists('htmlspecialchars_decode')){
$message = htmlspecialchars_decode($message, ENT_QUOTES);
}
$time = date("j:n:Y");
$day = date("s:i:G");
$msg = "Email adress: $email
Name: $name
Day: $time
Time: $day

Message: $message

";
$mailing = mail($to, $subject_mail, $msg, "Contactform Simolokid.nl");
if($mailing){
$mailing = $check;
header("Location: $thank_you_url");
}
else{
$error[] = "Your mail has not been send, due to an error. Please try again later";

}
}

else{
?>*html code*

Regarding the not catching an empy email adress, it does handle that condition?

if(!empty($email)){
//if email is filled in
if(!validEmail($email)){
// if it isn't valid
$error[] = "You haven't filled in a <b> valid </b> email adress";
}
}

So if it isn't filled in, it should display the html form again, since the if isn't true ? Or am I missing something here?

mlseim
01-29-2010, 01:00 PM
How does it get back to the form page when it errors,
and how do the error messages get passed back?
There must be some coding that we're missing from your posts?

simolokid
01-29-2010, 01:29 PM
How does it get back to the form page when it errors,
and how do the error messages get passed back?
There must be some coding that we're missing from your posts?

When it errors it adds the errior msg to the error array, thereby creating several errors if multiple fields aren't filled.

If fields arent filled it will go back to the form and display the $error array underneath..

You aren't missing any code.. I simply do not understand what would be missing since from my point of vieuw, its all there.. just not working >.<

tomws
01-29-2010, 01:45 PM
You're misunderstanding your logic, I think. Here's a pseudo-code representation of what I'm seeing. mlseim, correct me if you see something wrong with this:

if(isset($_POST['submit']))
{
if (a field has an error)
{
set the $error variable;
}
}
else
{
show_the_form;
}
Simplistic, but that's essentially all you're doing. There's no connection between the validation and the re-displaying of the form.

In light of that, now consider the email "validation".

if (the email address is not empty)
{
do some tests;
}
else
{
I don't care;
}

simolokid
01-29-2010, 01:52 PM
You're misunderstanding your logic, I think. Here's a pseudo-code representation of what I'm seeing. mlseim, correct me if you see something wrong with this:

if(isset($_POST['submit']))
{
if (a field has an error)
{
set the $error variable;
}
}
else
{
show_the_form;
}
Simplistic, but that's essentially all you're doing. There's no connection between the validation and the re-displaying of the form.

In light of that, now consider the email "validation".

if (the email address is not empty)
{
do some tests;
}
else
{
I don't care;
}

Hmm, i will look at that within now and a couple of houres.. seems pen and paper are going to be needed... Don't have that much experience with PHP yet.. let's try setting up a nice if/else structure and code from there..

Thanks for you help, wether it works or not =P

simolokid
01-29-2010, 06:02 PM
Hmm, i will look at that within now and a couple of houres.. seems pen and paper are going to be needed... Don't have that much experience with PHP yet.. let's try setting up a nice if/else structure and code from there..

Thanks for you help, wether it works or not =P


O.K.... that went a lot crappier then I originally tought it'd go.. here's my code so far.

Could someone give me a basic structure of what it should be? Since I'm guessing this is all but simplistic and normal.

Thanks :)


<?php
include("includes/functions.php");
session_start();

/* $_POSTS */
$name = $_POST['name'];
$email = $_POST['email'];
$subject = $_POST['subject'];
$question = $_POST['question'];
$code = $_POST['code'];
/*email settings */
$to = "simoscript@hotmail.com";
$from = "noreply@simolokid.nl";
$subject_mail = "Contactform - Simolokid";
$thank_you_url = "http://www.simolokid.nl/thankyou.php";
$error = array();

/* $_SESSIONS */
if(!empty($_SESSION)){
if(!empty($_SESSION['name'])){
$_SESSION['name'] = $name;
}
elseif(!empty($_SESSION['email'])){
$_SESSION['email'] = $email;
}
elseif(!empty($_SESSION['subject'])){
$_SESSION['subject'] = $subject;
}
elseif(!empty($_SESSION['question'])){
$_SESSION['question'] = $question;
}
}

//if submit button has been pressed
if(isset($_POST['submit'])){
//if $name is filled in
if(!empty($name)){
//clean from crap
$name = clean_var($name);
//clean from even more crap
$name = htmlspecialchars($name, ENT_QUOTES);
//set length for strlen
$length = 30;
//actually assign it
$test = strlen($name);
//if it's bigger then the max number
if($test > 30){
//add the message to $error array
$error[] = "The name field may only contain 30 characters.";
}
}
else{
//if $name isn't filled in add message to $error array
$error[] = "You need to fill in the name field.";
}
//if mail is filled in
if(!empty($email)){
//if email isnt valid
if(!validEmail($email)){
// add to $error
$error[] = "You haven't filled in a <b> valid </b> email adress";
}
}
if(!empty($subject)){
//if subject is filled in- clean from a lot of crap
$subject = clean_var($subject);
$subject = htmlspecialchars($subject, ENT_QUOTES);
//set length
$length = 30;
$test = strlen($subject);
// if its bigger then the max
if($test > 30){
$error[] = "The subject field may only contain 30 characters";
}
}
if(!empty($question)){
//if question is filled in
if(function_exists('clean_var')){
$question = clean_var($question);
}
if(function_exists('htmlspecialchars')){
$question = htmlspecialchars($subject, ENT_QUOTES);
}
$length = 300;
$test = strlen($question);
if($test > 300){
$error[] = "The question field may only contain 300 characters";
}
}
if(!empty($code)){
include_once "securimage.php";
$securimage = new Securimage();
$valid = $securimage->check($code);
if(!$valid){
$error[] = "You didn't fill in the correct code.";
}
}
if(function_exists('htmlspecialchars_decode')){
$name = htmlspecialchars_decode($name, ENT_QUOTES);
}
if(function_exists('htmlspecialchars_decode')){
$subject = htmlspecialchars_decode($subject, ENT_QUOTES);
}
if(function_exists('htmlspecialchars_decode')){
$message = htmlspecialchars_decode($message, ENT_QUOTES);
}
$time = date("j:n:Y");
$day = date("s:i:G");
$msg = "Email adress: $email
Name: $name
Day: $time
Time: $day

Message: $message

";
if(empty($error)){
$mailing = mail($to, $subject_mail, $msg, "Contactform Simolokid.nl");
if($mailing){
$check = $mailing;
header("Location: $thank_you_url");
}
else{
$error[] = "Your mail has not been send, due to an error. Please try again later";
session_start();
?>
*html code*
<h2>Contact</h2>
<p>Fill out the form below</p>
</div>
<div class="post">
<form action="" method="post" >
<table>
<tr><td><label for="name">Name</label></td><td><input type="text" name="name" value="<?php echo ($_SESSION['name']);?>" /></td></tr>
<tr><td><label for="email">Email</label></td><td><input type="text" name="email" value="<?php echo ($_SESSION['email']);?>" /></td></tr>
<tr><td><label for="subject">Subject</label></td><td><input type="text" name="subject" value="<?php echo ($_SESSION['subject']);?>" /></td></tr>
<tr><td><label for="question">Question</label></td><td><textarea name="question"><?php echo ($_SESSION['question']);?></textarea></td></tr>
<tr><td>&nbsp;</td><td><img id="captcha" src="securimage_show.php" alt="CAPTCHA Image" /></td></tr>
<tr><td><label for="code">Code</label></td><td><input type="text" name="code" value="" /></td></tr>
<tr><td>&nbsp;</td><td><a href="#" onclick="document.getElementById('captcha').src = "securimage_show.php?" + Math.random(); return false">Click here if you cannot recognize the code.</a></td></tr>
<tr><td>&nbsp;</td><td><input type="submit" name="submit" value="Send" /></td></tr>
</table>
</form>
<br /><br />(Please enter the text in the image above. Text is not case sensitive.)<br />
<?php
if(!empty($error)){
foreach($error as $key){
echo "$key <br />";
}
}
?>
</div>
</div>
*more html*
<?php
}
}
else{
session_start();
?>
*html *
<h2>Contact</h2>
<p>Fill out the form below</p>
</div>
<div class="post">
<form action="" method="post" >
<table>
<tr><td><label for="name">Name</label></td><td><input type="text" name="name" value="<?php echo ($_SESSION['name']);?>" /></td></tr>
<tr><td><label for="email">Email</label></td><td><input type="text" name="email" value="<?php echo ($_SESSION['email']);?>" /></td></tr>
<tr><td><label for="subject">Subject</label></td><td><input type="text" name="subject" value="<?php echo ($_SESSION['subject']);?>" /></td></tr>
<tr><td><label for="question">Question</label></td><td><textarea name="question"><?php echo ($_SESSION['question']);?></textarea></td></tr>
<tr><td>&nbsp;</td><td><img id="captcha" src="securimage_show.php" alt="CAPTCHA Image" /></td></tr>
<tr><td><label for="code">Code</label></td><td><input type="text" name="code" value="" /></td></tr>
<tr><td>&nbsp;</td><td><a href="#" onclick="document.getElementById('captcha').src = "securimage_show.php?" + Math.random(); return false">Click here if you cannot recognize the code.</a></td></tr>
<tr><td>&nbsp;</td><td><input type="submit" name="submit" value="Send" /></td></tr>
</table>
</form>
<br /><br />(Please enter the text in the image above. Text is not case sensitive.)<br />
<?php
if(!empty($error)){
foreach($error as $key){
echo "$key <br />";
}
}
?>
</div>
</div>
*html*
<?php
}
}
?>

MattF
01-29-2010, 07:53 PM
There's no need to repeat the form code twice. You want something along the lines of the following:



if (isset($_POST['submit']))
{
[all of the processing code here]
[if validation and such is successful, exit the script here]
}
[form code here, not contained within an else statement]


The form won't be displayed when the form is submitted, (providing the validation is true), as you've exited the script within the processing section.

simolokid
01-30-2010, 06:23 PM
There's no need to repeat the form code twice. You want something along the lines of the following:



if (isset($_POST['submit']))
{
[all of the processing code here]
[if validation and such is successful, exit the script here]
}
[form code here, not contained within an else statement]


The form won't be displayed when the form is submitted, (providing the validation is true), as you've exited the script within the processing section.

Worked out, thanks ! :)



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum