simple feedback form... what's wrong with my codes?
Posted: Mon Jul 03, 2006 6:32 am
Is there anything wrong with this code?? I've recevied the feedback when I opend my email, but it only showed the input contained in "$Other" and "$Feedback"! I'm not sure how this radio button is used though, including the chek box and the menu list.
Here's the codes:
Do I need to post here the the html form codes? Thanks!
Here's the codes:
Code: Select all
Code: Select all
<?php
if (!isset($_POST['Submit'])) {
echo "<h1>Error</h1>\n
<p>Accessing this page directly is not allowed.</p>";
exit;
}
function cleanUp($data) {
$data = strip_tags($data);
$data = trim(htmlentities($data));
return $data;
}
$title = cleanUp($_POST['mr']);
$title = cleanUp($_POST['mrs']);
$title = cleanUp($_POST['ms']);
$FirstName = cleanUp($_POST['txtFirstName']);
$LastName = cleanUp($_POST['txtLastName']);
$Email = cleanUp($_POST['txtEmail']);
$URL = cleanUp($_POST['txtURL']);
$Country = cleanUp($_POST['menuCountry']);
$connSpeed = cleanUp($_POST['28kbps']);
$connSpeed = cleanUp($_POST['56kbps']);
$connSpeed = cleanUp($_POST['dsl']);
$connSpeed = cleanUp($_POST['t1']);
$Concerning = cleanUp($_POST['menuConcerning']);
$Other = cleanUp($_POST['txtOther']);
$Feedback = cleanUp($_POST['txtFeedback']);
$Contact = cleanUp($_POST['yes']);
if ((empty($FirstName)) || (empty($LastName)) || (empty($Email)) || (empty($Concerning)) || (empty($Feedback))) {
echo "<h2>Input Error</h2>\n
<p><strong>Name</strong>, <strong>e-mail</strong> and <strong>comments</strong> are required fields. Please fill them in and try again:</p>";
echo "<form action=\"feedback.php\" method=\"post\"><p>";
echo "<input type=\"radio\" name=\"title\" id=\"mr\" value=\"$title\" /> Mr<br />";
echo "<input type=\"radio\" name=\"title\" id=\"mrs\" value=\"$title\" /> Mrs<br />";
echo "<input type=\"radio\" name=\"title\" id=\"ms\" value=\"$title\" /> Ms<br />";
echo "<input type=\"text\" name=\"txtFirstName\" id=\"txtFirstName\" value=\"$FirstName\" /> First Name<br />";
echo "<input type=\"text\" name=\"txtLastName\" id=\"txtLastName\" value=\"$LastName\" /> Last Name<br />";
echo "<input type=\"text\" name=\"txtEmail\" id=\"txtEmail\" value=\"$Email\" /> Email<br />";
echo "<input type=\"text\" name=\"txtURL\" id=\"txtURL\"> value=\"$URL\" /> URL<br />";
echo "<input type=\"text\" name=\"menuCountry\" id=\"Email\" value=\"$Country\" /> Country<br />";
echo "<input type=\"radio\" name=\"connSpeed\" id=\"28kbps\" value=\"$connSpeed\" /> 28kbps modem<br />";
echo "<input type=\"radio\" name=\"connSpeed\" id=\"56kbps\" value=\"$connSpeed\" /> 56kbps modem<br />";
echo "<input type=\"radio\" name=\"connSpeed\" id=\"dsl\" value=\"$connSpeed\" /> DSL<br />";
echo "<input type=\"radio\" name=\"connSpeed\" id=\"t1\" value=\"$connSpeed\" /> T1 or higher<br />";
echo "<input type=\"text\" name=\"menuConcerning\" id=\"menuConcerning\" value=\"$Concerning\" /> Concerning<br />";
echo "<input type=\"text\" name=\"txtOther\" id=\"txtOther\" value=\"$Other\" /> Other<br />";
echo "<textarea name=\"txtFeedback\" id=\"txtFeedback\">$Feedback</textarea> Feedback<br />";
echo "<input type=\"checkbox\" name=\"checkboxContact\" id=\"checkboxContact\ value=\"yes\" />";
echo "<input type=\"Submit\" name=\"Submit\" id=\"Submit\" value=\"Submit\" />";
echo "</p></form>";
exit;
}
if (!ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$",$Email)) {
echo "<h2>Input Error</h2>\n
<p>The e-mail address \"$Email\" isn't valid. Please edit it and try again:</p>";
echo "<form action=\"feedback.php\" method=\"post\"><p>";
echo "<input type=\"radio\" name=\"title\" id=\"mr\" value=\"$mr\" /> Title<br />";
echo "<input type=\"radio\" name=\"title\" id=\"mrs\" value=\"$mrs\" /> Title<br />";
echo "<input type=\"radio\" name=\"title\" id=\"ms\" value=\"$ms\" /> Title<br />";
echo "<input type=\"text\" name=\"txtFirstName\" id=\"txtFirstName\" value=\"$FirstName\" /> First Name<br />";
echo "<input type=\"text\" name=\"txtLastName\" id=\"txtLastName\" value=\"$LastName\" /> Last Name<br />";
echo "<input type=\"text\" name=\"txtEmail\" id=\"txtEmail\" value=\"$Email\" /> Email<br />";
echo "<input type=\"text\" name=\"txtURL\" id=\"txtURL\"> value=\"$URL\" /> URL<br />";
echo "<input type=\"text\" name=\"menuCountry\" id=\"Email\" value=\"$Country\" /> Country<br />";
echo "<input type=\"radio\" name=\"connSpeed\" id=\"28kbps\" value=\"$28kbps\" /> Connection Speed<br />";
echo "<input type=\"radio\" name=\"connSpeed\" id=\"56kbps\" value=\"$56kbps\" /> Connection Speed<br />";
echo "<input type=\"radio\" name=\"connSpeed\" id=\"dsl\" value=\"$dsl\" /> Connection Speed<br />";
echo "<input type=\"radio\" name=\"connSpeed\" id=\"t1\" value=\"$t1\" /> Connection Speed<br />";
echo "<input type=\"text\" name=\"menuConcerning\" id=\"menuConcerning\" value=\"$Concerning\" /> Concerning<br />";
echo "<input type=\"text\" name=\"txtOther\" id=\"txtOther\" value=\"$Other\" /> Other<br />";
echo "<textarea name=\"txtFeedback\" id=\"txtFeedback\">$Feedback</textarea> Feedback<br />";
echo "<input type=\"checkbox\" name=\"checkboxContact\" id=\"checkboxContact\" value=\"yes\" />";
echo "<input type=\"Submit\" name=\"Submit\" id=\"Submit\" value=\"Submit\" />";
echo "</p></form>";
exit;
}
$Email = preg_replace("([\r\n])", "", $Email);
$find = "/(content-type|bcc:|cc:)/i";
if (preg_match($find, $FirstName) || preg_match($find, $Email) || preg_match($find, $URL) || preg_match($find, $Feedback)) {
echo "<h1>Error</h1>\n
<p>No meta/header injections, please.</p>";
exit;
}
$recipient = "youremail@whatever.com";
$subject = "Subject here";
$message = "Title: $title \n";
$message = "FirstName: $FirstName \n";
$message = "LastName: $LastName \n";
$message .= "E-mail: $Email \n";
$message .= "URL: $URL \n";
$message = "Country: $Country \n";
$message = "Connection Speed: $connSpeed \n";
$message = "Concerning: $Concerning \n";
$message = "Other: $Other \n";
$message .= "Feedback: $Feedback";
$headers = "From: My Form \r\n";
$headers .= "Reply-To: $Email";
if (mail($recipient,$subject,$message,$headers)) {
echo "<p>Mail sent successfully.</p>";
} else {
echo "<p>Mail not sent this time.</p>";
}
?>Do I need to post here the the html form codes? Thanks!