Kevin_M_Schafer
02-20-2012, 09:20 PM
I'm working on a news tip line feedback form and I would like to remove the e-mail field. I don't need an e-mail field at all.
It doesn't matter with the other fields -- they can come and go, but for some reason the e-mail field affects the operation of the form if it's removed. I've used this setup on my new site several times just by tweaking it. In all those instances, I've always needed an e-mail field.
Any help in removing the e-mail field would be greatly appreciated.
<?php
/*
This is the e-mail address you want to send to.
*/
$webmaster_email = "My_Mail";
/*
These are the URLs of supporting pages.
*/
$feedback_page = "feedback_form.html";
$error_page = "error_message.html";
$thankyou_page = "thank_you.html";
/*
This loads the form field data into variables;
add additional fields here.
*/
$comments = $_REQUEST['comments'] ;
$name = $_REQUEST['name'] ;
$phone = $_REQUEST['phone'] ;
$email_address = $_REQUEST['email_address'] ;
/*
This checks for e-mail injection and carriage return
used by spammers to inject CC list.
*/
function isInjected($str) {
$injections = array('(\n+)',
'(\r+)',
'(\t+)',
'(%0A+)',
'(%0D+)',
'(%08+)',
'(%09+)'
);
$inject = join('|', $injections);
$inject = "/$inject/i";
if(preg_match($inject,$str)) {
return true;
}
else {
return false;
}
}
$body =
'Name: ' . $name .
PHP_EOL .
'E-mail: ' . $email_address .
PHP_EOL .
'Phone: ' . $phone .
PHP_EOL .
'Comments: ' . $comments;
// If user tries to access php script directly, redirect to the comment form.
if (!isset($_REQUEST['email_address'])) {
header( "Location: $feedback_page" );
}
// If any fields in form are empty, redirect to the error page.
elseif (empty($comments) || empty($name) || empty($phone) || empty($email_address)) {
header( "Location: $error_page" );
}
// If email injection is detected, go to error page.
elseif ( isInjected($email_address) ) {
header( "Location: $error_page" );
}
// Send email then redirect to the thank you page if all things met.
else {
mail( "$webmaster_email", "Feedback Form Results",
$body, "From: $email_address" );
header( "Location: $thankyou_page" );
}
?>
--Kevin
.
It doesn't matter with the other fields -- they can come and go, but for some reason the e-mail field affects the operation of the form if it's removed. I've used this setup on my new site several times just by tweaking it. In all those instances, I've always needed an e-mail field.
Any help in removing the e-mail field would be greatly appreciated.
<?php
/*
This is the e-mail address you want to send to.
*/
$webmaster_email = "My_Mail";
/*
These are the URLs of supporting pages.
*/
$feedback_page = "feedback_form.html";
$error_page = "error_message.html";
$thankyou_page = "thank_you.html";
/*
This loads the form field data into variables;
add additional fields here.
*/
$comments = $_REQUEST['comments'] ;
$name = $_REQUEST['name'] ;
$phone = $_REQUEST['phone'] ;
$email_address = $_REQUEST['email_address'] ;
/*
This checks for e-mail injection and carriage return
used by spammers to inject CC list.
*/
function isInjected($str) {
$injections = array('(\n+)',
'(\r+)',
'(\t+)',
'(%0A+)',
'(%0D+)',
'(%08+)',
'(%09+)'
);
$inject = join('|', $injections);
$inject = "/$inject/i";
if(preg_match($inject,$str)) {
return true;
}
else {
return false;
}
}
$body =
'Name: ' . $name .
PHP_EOL .
'E-mail: ' . $email_address .
PHP_EOL .
'Phone: ' . $phone .
PHP_EOL .
'Comments: ' . $comments;
// If user tries to access php script directly, redirect to the comment form.
if (!isset($_REQUEST['email_address'])) {
header( "Location: $feedback_page" );
}
// If any fields in form are empty, redirect to the error page.
elseif (empty($comments) || empty($name) || empty($phone) || empty($email_address)) {
header( "Location: $error_page" );
}
// If email injection is detected, go to error page.
elseif ( isInjected($email_address) ) {
header( "Location: $error_page" );
}
// Send email then redirect to the thank you page if all things met.
else {
mail( "$webmaster_email", "Feedback Form Results",
$body, "From: $email_address" );
header( "Location: $thankyou_page" );
}
?>
--Kevin
.