Page 1 of 1

form analysis and send

Posted: Tue Jun 23, 2009 5:25 am
by gum1982
Hi ive just been given a brief in which my client wants to have users fill out a form and dependant on the results that they have filled out it will send a specific email relating to those results.

What is the best way too start this i always like to ask you guys first.

Re: form analysis and send

Posted: Tue Jun 23, 2009 9:01 am
by CyG64
Hi,

two options: one is, do all the tests in JavaScript in the clients browser, avoiding to send all the data to the server and returning with ome 'error messages'

two is : send the data to the php server and test and report any errors from here.

I suggest the JS version because the user gets less frustrated if the form is complex and several returns to the server are required.

Otherwise someone can 'copy' your fine JavaScript code.

http://HoloGuides.com/php

Re: form analysis and send

Posted: Tue Jun 23, 2009 9:11 am
by gum1982
ok thanks for the reply

Re: form analysis and send

Posted: Tue Jun 23, 2009 11:23 am
by Eric!
I would process the results with php dynamically. Put your html form data into a form.inc file with the ability to pass variables like error messages, or graphics which can be turned on to indicate a field is in error. You process the form, do your checking in php, then repost your form.inc with the error messages set. If there are no errors, then you can continue to send the mail out.

Using Javascript works, but you'll still need to add php filters to prevent injection attacks. And for a professional site, I wouldn't bother with any Javascript checking.

Re: form analysis and send

Posted: Tue Jun 23, 2009 11:32 am
by gum1982
Hi thanks for the replys

basically they want a marketing tool.

the want it to be intergrated into a mailing list.

they will have say 5 different emails which will be sent out dependant on the results of the fields on the form say radio buttons or check boxes. so if they check a few sections about food they will send out the marketing email about food.

sorry i dont think i explained myself properly before.

Re: form analysis and send

Posted: Tue Jun 23, 2009 12:07 pm
by Eric!
Is this form going to be open for public access? If you don't want your domain to get hijacked by a spammer, which has happened to me and causes lots of problems, then make sure you protect your fields against injection attacks inside your PHP code before you pass anything to the mail() function.

And I searched around quickly for some examples on how to do dynamic php forms and did find anything I liked.

You make a form with html and places to prompt for errors, like the red *This field is required type of things. Then you use inline php where you want to display those errors

<br>Some Random form box here<br><? if(isset($error1)) {echo $err1_msg;}?>

Now when you first display this text (include("form.inc")) nothing will show up after the text. So let's say the user leaves this box blank and the value isn't set. You process the fields again with your script, notice the field wasn't entered, then set $err1_msg="<b>Please Enter A Value Here</b>"; then do the (include"form.inc") again and suddenly the form will be repainted with the error messages. You can get quite complicated with the messages and display graphics, help boxes, other links, etc. you can do this all with one form and a php script. The user will never be able to see your code.

For and example of the type of filtering to use for injection attempts, see the comments in the _mail.php code to get some ideas. Also look at the comments in _mail.php for ideas.
viewtopic.php?f=1&t=101854&st=0&sk=t&sd=a