simple feedback form... what's wrong with my codes?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
joseph
Forum Newbie
Posts: 24
Joined: Mon Jul 03, 2006 6:15 am

simple feedback form... what's wrong with my codes?

Post by joseph »

Is there anything wrong with this code?? I've recevied the feedback when I opend my email, but it only showed the input contained in "$Other" and "$Feedback"! I'm not sure how this radio button is used though, including the chek box and the menu list.

Here's the codes:

Code: Select all

<?php
if (!isset($_POST['Submit'])) {
   echo "<h1>Error</h1>\n
      <p>Accessing this page directly is not allowed.</p>";
   exit;
}

function cleanUp($data) {
   $data = strip_tags($data);
   $data = trim(htmlentities($data));
   return $data;
}

$title        = cleanUp($_POST['mr']);
$title        = cleanUp($_POST['mrs']);
$title        = cleanUp($_POST['ms']);
$FirstName      = cleanUp($_POST['txtFirstName']);
$LastName     = cleanUp($_POST['txtLastName']);
$Email       = cleanUp($_POST['txtEmail']);
$URL         = cleanUp($_POST['txtURL']);
$Country     = cleanUp($_POST['menuCountry']);
$connSpeed       = cleanUp($_POST['28kbps']);
$connSpeed       = cleanUp($_POST['56kbps']);
$connSpeed       = cleanUp($_POST['dsl']);
$connSpeed       = cleanUp($_POST['t1']);
$Concerning  = cleanUp($_POST['menuConcerning']);
$Other      = cleanUp($_POST['txtOther']);
$Feedback   = cleanUp($_POST['txtFeedback']);
$Contact    = cleanUp($_POST['yes']);


if ((empty($FirstName)) || (empty($LastName)) || (empty($Email)) || (empty($Concerning)) || (empty($Feedback))) {
   echo "<h2>Input Error</h2>\n
     <p><strong>Name</strong>, <strong>e-mail</strong> and <strong>comments</strong> are required fields. Please fill them in and try again:</p>";

   echo "<form action=\"feedback.php\" method=\"post\"><p>";
   echo "<input type=\"radio\" name=\"title\" id=\"mr\" value=\"$title\" /> Mr<br />";
   echo "<input type=\"radio\" name=\"title\" id=\"mrs\" value=\"$title\" /> Mrs<br />";
   echo "<input type=\"radio\" name=\"title\" id=\"ms\" value=\"$title\" /> Ms<br />";
   echo "<input type=\"text\" name=\"txtFirstName\" id=\"txtFirstName\" value=\"$FirstName\" /> First Name<br />";
   echo "<input type=\"text\" name=\"txtLastName\" id=\"txtLastName\" value=\"$LastName\" /> Last Name<br />";
   echo "<input type=\"text\" name=\"txtEmail\" id=\"txtEmail\" value=\"$Email\" /> Email<br />";
   echo "<input type=\"text\" name=\"txtURL\" id=\"txtURL\"> value=\"$URL\" /> URL<br />";
   echo "<input type=\"text\" name=\"menuCountry\" id=\"Email\" value=\"$Country\" /> Country<br />";
   echo "<input type=\"radio\" name=\"connSpeed\" id=\"28kbps\" value=\"$connSpeed\" /> 28kbps modem<br />";
   echo "<input type=\"radio\" name=\"connSpeed\" id=\"56kbps\" value=\"$connSpeed\" /> 56kbps modem<br />";
   echo "<input type=\"radio\" name=\"connSpeed\" id=\"dsl\" value=\"$connSpeed\" /> DSL<br />";
   echo "<input type=\"radio\" name=\"connSpeed\" id=\"t1\" value=\"$connSpeed\" /> T1 or higher<br />";
   echo "<input type=\"text\" name=\"menuConcerning\" id=\"menuConcerning\" value=\"$Concerning\" /> Concerning<br />";
   echo "<input type=\"text\" name=\"txtOther\" id=\"txtOther\" value=\"$Other\" /> Other<br />";
   echo "<textarea name=\"txtFeedback\" id=\"txtFeedback\">$Feedback</textarea> Feedback<br />";
   echo "<input type=\"checkbox\" name=\"checkboxContact\" id=\"checkboxContact\ value=\"yes\" />";
   echo "<input type=\"Submit\" name=\"Submit\" id=\"Submit\" value=\"Submit\" />";
   echo "</p></form>";

   exit;
}

if (!ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$",$Email)) {
echo "<h2>Input Error</h2>\n
<p>The e-mail address \"$Email\" isn't valid. Please edit it and try again:</p>";

   echo "<form action=\"feedback.php\" method=\"post\"><p>";
   echo "<input type=\"radio\" name=\"title\" id=\"mr\" value=\"$mr\" /> Title<br />";
   echo "<input type=\"radio\" name=\"title\" id=\"mrs\" value=\"$mrs\" /> Title<br />";
   echo "<input type=\"radio\" name=\"title\" id=\"ms\" value=\"$ms\" /> Title<br />";
   echo "<input type=\"text\" name=\"txtFirstName\" id=\"txtFirstName\" value=\"$FirstName\" /> First Name<br />";
   echo "<input type=\"text\" name=\"txtLastName\" id=\"txtLastName\" value=\"$LastName\" /> Last Name<br />";
   echo "<input type=\"text\" name=\"txtEmail\" id=\"txtEmail\" value=\"$Email\" /> Email<br />";
   echo "<input type=\"text\" name=\"txtURL\" id=\"txtURL\"> value=\"$URL\" /> URL<br />";
   echo "<input type=\"text\" name=\"menuCountry\" id=\"Email\" value=\"$Country\" /> Country<br />";
   echo "<input type=\"radio\" name=\"connSpeed\" id=\"28kbps\" value=\"$28kbps\" /> Connection Speed<br />";
   echo "<input type=\"radio\" name=\"connSpeed\" id=\"56kbps\" value=\"$56kbps\" /> Connection Speed<br />";
   echo "<input type=\"radio\" name=\"connSpeed\" id=\"dsl\" value=\"$dsl\" /> Connection Speed<br />";
   echo "<input type=\"radio\" name=\"connSpeed\" id=\"t1\" value=\"$t1\" /> Connection Speed<br />";
   echo "<input type=\"text\" name=\"menuConcerning\" id=\"menuConcerning\" value=\"$Concerning\" /> Concerning<br />";
   echo "<input type=\"text\" name=\"txtOther\" id=\"txtOther\" value=\"$Other\" /> Other<br />";
   echo "<textarea name=\"txtFeedback\" id=\"txtFeedback\">$Feedback</textarea> Feedback<br />";
   echo "<input type=\"checkbox\" name=\"checkboxContact\" id=\"checkboxContact\" value=\"yes\" />";
   echo "<input type=\"Submit\" name=\"Submit\" id=\"Submit\" value=\"Submit\" />";
   echo "</p></form>";

   exit;
}

$Email = preg_replace("([\r\n])", "", $Email);

$find = "/(content-type|bcc:|cc:)/i";
if (preg_match($find, $FirstName) || preg_match($find, $Email) || preg_match($find, $URL) || preg_match($find, $Feedback)) {
   echo "<h1>Error</h1>\n
      <p>No meta/header injections, please.</p>";
   exit;
}

$recipient = "youremail@whatever.com";
$subject   = "Subject here";

$message   = "Title: $title \n";
$message   = "FirstName: $FirstName \n";
$message   = "LastName: $LastName \n";
$message  .= "E-mail: $Email \n";
$message  .= "URL: $URL \n";
$message   = "Country: $Country \n";
$message   = "Connection Speed: $connSpeed \n";
$message   = "Concerning: $Concerning \n";
$message   = "Other: $Other \n";
$message  .= "Feedback: $Feedback";

$headers   = "From: My Form \r\n";
$headers  .= "Reply-To: $Email";

if (mail($recipient,$subject,$message,$headers)) {
   echo "<p>Mail sent successfully.</p>";
} else {
   echo "<p>Mail not sent this time.</p>";
}
?>

Do I need to post here the the html form codes? Thanks!
Post Reply