Thread: PHP form sanitization help
View Single Post
Old 01-05-2013, 08:47 PM   PM User | #1
codernoob
New Coder

 
Join Date: Sep 2012
Posts: 26
Thanks: 17
Thanked 0 Times in 0 Posts
codernoob is an unknown quantity at this point
Question PHP form sanitization help
Hi,

I am completely new to PHP.. and have been trying to build a webform for a website.

I have set the form using HTML/CSS right and have added a JS script to validate it on the client side (it basically throws an error if the input isnt correct) on the website.

But the issue is my PHP back-end form processor aint working right .. I think am getting XSS attacks .. and would like some help to edit my current PHP form.

Can someone help me with it? The pHp code is below:
Code:
<?php
$title = $_POST['title'];
$name = $_POST['name'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$designation = $_POST ['jobt'];
$company = $_POST['cname'];
$event = $_POST['event'];
$purpose = $_POST['purpose'];
$message = $_POST['message'];
$TandC = $_POST['TandC'];
$formcontent=" From: \n Name: $title $name \n Email: $email \n Phone: $phone \n Designation: $designation \n Company: $company \n event: $event  \n Interested in being a: $purpose \n Message: $message";
$recipient = "brochure@xyz.com";
$subject = "Brochure Request";
$mailheader = "From: $email \r\n";
mail($recipient, $subject, $formcontent, $mailheader) or die("Error!");
if (isset($_POST['email'])) {
header("Location:thanks.html");
}
?>
codernoob is offline   Reply With Quote