Page 1 of 1

PHP refresh or location on contact form entry

Posted: Mon Mar 24, 2014 8:18 am
by AndyT2k14
Hi all, I hope someone can help me with this, I have a contact form on my website here > http://www.eco-fireplaces.co.uk . At the moment if a client doesn't fill in all the details correctly he ends up on this page > http://www.eco-fireplaces.co.uk/php/mailform.php depending on what information was missing the mailform.php will display a different message. What I want to do is, when the message is displayed I want the mailform.php message to redirect the user back to the original form within 5 seconds of showing the error message. I have managed to do this once the form has been completed but I'm not sure where to put the correct coding in the mailform.php file.

Hopefully somebody can help me I will try and post both the form codes and PHP code used below :

Also I could use a good Captcha for this form as it doesn't seem to have one at the minute and I'm worried about getting spam emails, if anyone could use the coding I already have and where to implement the Captcha code that would be very much appreciated too, my site is mainly directed at the over 50's so an easy sum calculation captcha would probably work best.

Many thanks for you time

Andy

The HTML code for the form - filename : index.html :

Code: Select all

<form method="post" id="captcha_form" name="captcha_form" action="http://www.eco-fireplaces.co.uk/php/mailform.php">
<fieldset><ol>
    <li><label class="solo" for="firstname">Name:</label><span class="required"></span><input type="text" class="soloinput" name="firstname" id="firstname" value="" />
    </li><li><label class="solo" for="lastname">Surname:</label><span class="required"></span><input type="text" class="soloinput" name="lastname" id="lastname" value="" />                         
	</li><li><label class="solo" for="email">Email:</label><span class="required"></span><input type="text" class="soloinput" name="email" id="email" value="" />
	</li><li><label class="solo" for="phone">Phone:</label> <input type="text" class="soloinput" name="phone" id="phone" value="" />
	</li><li><label class="solo" for="subject">Subject:</label> <input type="text" class="soloinput" name="subject" id="subject" value="" />
	</li><li><label class="solo" for="message">Message:</label><span class="required"></span>
    
    <div class="soloinput"><textarea class="soloinput" name="message" id="message" ></textarea></div>
    
    </li>
        
    <div class="send"><input name="submit" style="cursor: pointer;" id="submit" type="submit" value="Send"/></textarea></div> 

	</li></ol>
</fieldset></form>
The PHP code to verify the form content - filename : mailform.php :

Code: Select all

<?php 
$dontsendemail = 0;
$possiblespam = FALSE;
$strlenmessage = "";
$email = $_REQUEST['email']; 
$message = $_REQUEST['message']; 
$subject = $_REQUEST['subject'];
$emailaddress = "showroom@eco-fireplaces.co.uk"; /* NOTE: Although your email address is visible here in this code, the person contacting you will never see this email address. Your email address will remain on your server, and it will not be sent from your server to the person contacting you. It will also remain invisible to spam bots. Your email address	is also never stored on any of our servers. You can choose to delete or not delete this note when you publish this page. It will not change the functionality of the contact form. */

// Check human test input box
if(isset($_REQUEST["htest"]) && $_REQUEST["htest"] != "") die("Possible spam detected. Please hit your browser back button and check your entries."); 
// Check email address function
function checkemail($field) {
	// checks proper syntax
	if( !preg_match( "/^([a-zA-Z0-9])+([a-zA-Z0-9._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9._-]+)+$/", $field))
	{
		die("Improper email address detected. Please hit your browser back button and enter a proper email address."); 
		return 1;
	}
}
// Check month function
function checkmonth($field,$checkrequiredob) {
    if($checkrequiredob == 0) {
		if(!preg_match("/^[\s]{0,5}$|^(0|January|February|March|April|May|June|July|August|September|October|November|December)$/", $field)) die("Improper month of birth detected. Please hit your browser back button and try again.");  
	}
	else {
		if(!preg_match("/^(January|February|March|April|May|June|July|August|September|October|November|December)$/", $field)) die("Improper month of birth detected. Please hit your browser back button and try again."); 
	}
}
// Spamcheck function
function spamcheck($field) {
	if(preg_match("/to:/i",$field) || preg_match("/cc:/i",$field) || preg_match("/\r/i",$field) || preg_match("/i\n/i",$field) || preg_match("/%0A/i",$field)){ 
		$possiblespam = TRUE;
	}else $possiblespam = FALSE;
	if ($possiblespam) {
		die("Possible spam attempt detected. If this is not the case, please edit the content of the contact form and try again.");
		return 1;
	}
}
// Spamcheck URL function
function spamcheckurl($field) {
	if(preg_match("/to:/i",$field) || preg_match("/cc:/i",$field) || preg_match("/\r/i",$field) || preg_match("/\n/i",$field)){ 
		$possiblespam = TRUE;
	}else $possiblespam = FALSE;
	if ($possiblespam) {
		die("Possible spam attempt detected. If this is not the case, please edit the content of the contact form and try again.");
		return 1;
	}
}
function strlencheck($field,$minlength,$maxlength,$minresponse,$maxresponse) {
	if (strlen($field) < $minlength){
		die($minresponse); 
		return 1;
	}
	if (strlen($field) > $maxlength){
		die($maxresponse); 
		return 1;
	}
}
function checkphone($field,$checkrequirephone,$warning) {
	if($checkrequirephone == 0) {
		if(!preg_match("/^([\s]{0,10})$|^(((\+)?[1-9]{1,2})?([-\s\.])?((\(\d{1,4}\))|\d{1,4})(([-\s\.])?)(((\d{1,12}){1})|((\d{3,4}([-\s\.])?){2,3})){1}([\s]{0,10}))$/", $field)) die($warning);
	}		
	else {
		if(!preg_match("/^((\+)?[1-9]{1,2})?([-\s\.])?((\(\d{1,4}\))|\d{1,4})(([-\s\.])?)(((\d{1,12}){1})|((\d{3,4}([-\s\.])?){2,3})){1}([\s]{0,10})$/", $field)) die($warning);
	}
}
function checkpriority($field,$checkrequirepriority) {
	if($checkrequirepriority == 0) {
		if(!preg_match("/^[\s]{0,10}$|^[\d]$/",$field)) die("Improper priority detected. Please hit your browser back button and try again.");
	}
	else {
		if(!preg_match("/^[\d]$/",$field)) die("Improper priority detected. Please hit your browser back button and try again.");
	}
}

$firstname = $_REQUEST['firstname'];
$lastname = $_REQUEST['lastname'];strlencheck($firstname,1,60,"You have not entered a proper first name. Please hit your browser back button and check your name entry.","You have entered a first name that is too long. Please hit your browser back button and check your name entry."); strlencheck($lastname,1,60,"You have not entered a proper last name. Please hit your browser back button and check your name entry.","You have entered a last name that is too long. Please hit your browser back button and check your name entry.");$phone = $_REQUEST['phone'];checkphone($phone,0,"Improper first phone number detected. Please hit your browser back button and try again."); if ($dontsendemail == 0) $dontsendemail = spamcheck($_REQUEST["htest"]);
if ($dontsendemail == 0) $dontsendemail = spamcheck($firstname)+spamcheck($lastname);
if ($dontsendemail == 0) $dontsendemail = spamcheck($phone);

if ($dontsendemail == 0) $dontsendemail = checkemail($email);
if ($dontsendemail == 0) $dontsendemail = spamcheck($email);
if ($dontsendemail == 0) $dontsendemail = spamcheck($subject);
if ($dontsendemail == 0) $dontsendemail = strlencheck($email,10,255,"The email address field is too short. Please hit your browser back button and check your entry.<br />","The email address you have entered is too long. Please hit your browser back button and check your entry."); //NOTE: An extremely small number of people worldwide have email addresses that are shorter than 10 characters. Though they exist, I as a webmaster who receives 200 emails per day have never seen a valid email address that was shorter than 12 characters. However, email addresses of length 13 characters are fairly common. I recommend that you do not reduce the 10 unless you plan on using internal emails from a business that has short email addresses, but that you do not raise the 10 so that you can avoid accidentally eliminating real contacts. Feel free to delete this message when you read it. It will not reduce the functionality of this contact form.

if ($dontsendemail == 0) $dontsendemail = strlencheck($subject,1,255,"You did not choose a subject. Please hit your browser back button and check your entry.<br />","The subject you have entered is too long. Please hit your browser back button and check your entry.");

if ($dontsendemail == 0) $dontsendemail = strlencheck($message,10,10000,"The message field is too short. Please hit your browser back button and check your entry.<br />","Your message is limited to 10000 characters. Please hit your browser back button and shorten your message."); //NOTE: If you want your users to send you messages longer than 10000 characters long, modify the 10000 to a larger number. Similarly, if you want your maximum message length to be shorter and more to the point, reduce the 10000 to a smaller number. 
if ($dontsendemail == 0) $dontsendemail = strlencheck($emailaddress,8,255,"You have not selected a recipient of your message. Please hit your browser back button and check your entry.<br />","Possible spam detected. Please hit your browser back button and choose a recipient for your email.");
if ($dontsendemail == 0) {
	$message="";
	$message.="Name: ".$firstname." ".$lastname."\r\n";
	$message.="Phone: ".$phone."\r\n";
	
	$message=$message."\r\nMessage:\r\n".$_REQUEST['message'];
	mail($emailaddress,"$subject",$message,"From: $email" ); include "http://www.eco-fireplaces.co.uk/php/email_sent.php";
}
The sent email PHP code which sends the user back on correct completion of the form - filename : email_sent.php :

Code: Select all

<!DOCTYPE HTML>
<html lang="en-US">
    <head>
        <meta charset="UTF-8">
        <meta http-equiv="refresh" content="5; url=http://www.eco-fireplaces.co.uk">
        <title>Email confirmation</title>
    </head>
    <body>
    <H2>Thank you for your enquiry, we will respond within 48 hours.</H2>
        <!-- Note: don't tell people to `click` the link, just tell them that it is a link. -->
        If you are not redirected automatically in 5 seconds, please click <a href='http://eco-fireplaces.co.uk/'>HERE</a>
    </body>
</html>

Re: PHP refresh or location on contact form entry

Posted: Mon Mar 24, 2014 8:31 am
by Celauran
Why not store the error messages in a session variable, use a header redirect if the submission contains errors, and check for the existence of the session variable above the form itself?

Re: PHP refresh or location on contact form entry

Posted: Mon Mar 24, 2014 9:51 am
by AndyT2k14
Hi Celauran thanks for your reply, this sounds like a good point you have made but i'm afraid I am a bit of a Rookie when it comes to PHP coding :/ i'm not too bad with HTML but PHP is another thing all together :) would you be able to provide me with an example of how to create a session variable and how to implement a header redirect if the submission contains errors?

Your help and advice is much appreciated

Andy

Re: PHP refresh or location on contact form entry

Posted: Mon Mar 24, 2014 10:17 am
by Celauran
For reference: Sessions manual

In short, place session_start() at the beginning of your PHP files (the page with the form will need to be a PHP file as well). $_SESSION is simply another array, so $_SESSION['foo'] = bar. This is a good place to store error messages. Finally, you can send headers with the header function.

Code: Select all

<?php

session_start();

// validation here

if (! $valid) {
    header('Location: some_page.php');
    exit;
} else {
    // send mail here
}
Then, in the page containing the form:

Code: Select all

<?php

session_start();

if (isset($_SESSION['errors'])) {
    print_r($_SESSION['errors']);
}

?>

HTML goes here
(Don't actually use print_r; format it properly according to your page styles.)