Problems with php contact form

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
keress
Forum Newbie
Posts: 22
Joined: Thu Jul 14, 2005 5:25 pm

Problems with php contact form

Post by keress »

feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]


I've got a contact form that was working fine on my testing server, but when it was uploaded to my client's server, it stopped working correctly.  It helped a good deal when they installed php (duh) but I'm still getting an error for the checkboxes if they are left blank.  It works fine if all fields are filled, but if these checkboxes are left blank, I get an error mesage.  (Still waiting for word on what kind of server they're on.)

Here's the error message:

[quote]Notice: Undefined index: plugs in W:\websites\business\acf\acfplugs\feedback.php on line 18

Notice: Undefined index: hanging in W:\websites\business\acf\acfplugs\feedback.php on line 20

Warning: Cannot modify header information - headers already sent by (output started at W:\websites\business\acf\acfplugs\feedback.php:18) in W:\websites\business\acf\acfplugs\feedback.php on line 58
[/quote]

Here's the html:

[syntax="html"] <p> Which products interest you: </p>
          <p>
              <label>
              <input name="plugs" type="checkbox" id="plugs" value="x" />
                Plugs </label>
              <br />
              <label>
              <input name="bedding" type="checkbox" id="bedding" value="x" />
                Bedding Plants </label>
              <br />
              <label>
              <input name="hanging" type="checkbox" id="hanging" value="x" />
                Pots and Hanging Baskets </label>
              <br />
              <label>
              <input name="strawberry" type="checkbox" id="strawberry" value="x" />
                Strawberry plugs </label>
            <br />
              <label> <br />
                Comments
                <textarea name="comment" cols="50" rows="8" id="comment"></textarea>
              </label>
            </p>
And here's the php[/syntax]

Code: Select all

<?php

$send_to = "linda@lkcwebdesign.com"; 
$recipient = "linda@lkcwebdesign.com";
$subject = "Aarons Creek Farm Feedback";
$additional_headers = "From: linda@lkcwebdesign.com\r\n";
$additional_headers .="Content-type: text/html; charset=iso-8859-1\r\n";

$company = $_POST['company'] ;
$name = $_POST['name'] ;
$street = $_POST['street'];
$city = $_POST['city'] ;
$state = $_POST['state'] ;
$zip = $_POST['zip'] ;
$phone = $_POST['phone'] ;
$faxnumber = $_POST['faxnumber'] ;
$emailaddress = $_POST['emailaddress'];
$plugs = $_POST['plugs'] ;
$bedding = $_POST['bedding'] ;
$hanging = $_POST['hanging'] ;
$strawberry = $_POST['strawberry'] ;

$comment = $_POST['comment'] ;
$http_referrer = getenv( "HTTP_REFERER" );
$email_body = 
'
<html>
<head>
<title>Aarons Creek Farms Tour &mdash; Attendance Feedback</title>

</head>

<body>
<table width="554" border="0" align="center" cellpadding="10" cellspacing="0">
   <tr>
    <td width="534" valign="top" bgcolor="#F4FFFF">	 <div align="center">
          <h1>ACF Feedback </h1>    
    </div>   
		   <p>Company:  '.$company.'  </p> 
		    <p>Name:  '.$name.' </p>
		    <p>Email address:  '.$emailaddress.'</p>
		    <p>Street:  '.$street.' </p>
	        <p> City:  '.$city.' </p>
	        <p> State:  '.$state.' </p>
	        <p> Zip:  '.$zip.' </p>
	        <p>Fax number:  '.$faxnumber.' </p>
        <p>Plugs:  '.$plugs.' </p>
	    <p>Bedding:  '.$bedding.' </p>
	    <p>Hanging:  '.$hanging.' </p>
	    <p>Strawberry:  '.$strawberry.' </p>
	    <p> Comments:  '.$comment.'  </p>    </td>
  </tr>
</table>
</body>
</html>
';
if(mail($send_to,$subject,$email_body,$additional_headers)){ 
  header("location: http://www.acfplugs.com/thank-you.htm"); 
}else{ 
   header("location: http://www.acfplugs.com/error-form.htm"); 
}
?>

feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
matthijs
DevNet Master
Posts: 3360
Joined: Thu Oct 06, 2005 3:57 pm

Post by matthijs »

The notices are there because the variables weren't posted. If you do an isset() check you prevent the notices. Like

Code: Select all

if (isset($_POST['plugs'])) {
  $plugs = $_POST['plugs'] ; 
}
And the same for the other variables.

I would advice to do some input validation as well.

The warning is there because the notices were sent to the browser.
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

That also means that display_errors is on, which is a security no-no. You should turn it off for production environments.
keress
Forum Newbie
Posts: 22
Joined: Thu Jul 14, 2005 5:25 pm

Post by keress »

That also means that display_errors is on, which is a security no-no. You should turn it off for production environments.
How do I turn it off?

Thanks for the reply. So I need to write that code:

Code: Select all

if (isset($_POST['plugs'])) { 
  $plugs = $_POST['plugs'] ; 
}
for each of the variables? I thought I was declaring the variables with the

Code: Select all

$company = $_POST['company'] ;
statements.
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Turning off display_errors should be done in php.ini (remember to restart the web server after the change).

As for declaring variable like:

Code: Select all

$company = $_POST['company'];
If there is an empty $_POST array (meaning a form was not submitted) then you are trying to reference an undefined index of the $_POST array, which throws a warning. Typically, you would initialize a variable to the empty value for its type (string '', integer 0, boolean false, array array()). So to initialize the $company var, you would do something like this:

Code: Select all

<?php
$company = '';
?>
Then to reassign it based on the $_POST value you would do something like this:

Code: Select all

<?php
$company = '';

if (isset($_POST['company']))
{
    $company = $_POST['company'];
}
?>
Another way would be to use empty() to check for isset() and with a value.

Code: Select all

<?php
$company = '';

if (!empty($_POST['company'])) // ! represents negation, or the opposite of
{
    $company = $_POST['company'];
}
?>
And lastly you could use the ternary operator to shorten the code, if you want, though it does make it a little less readable for maintenance purposes:

Code: Select all

<?php
$company = !empty($_POST['company']) ? $_POST['company'] : '';
?>
Hope that helps shed some light on what you are asking.
keress
Forum Newbie
Posts: 22
Joined: Thu Jul 14, 2005 5:25 pm

Post by keress »

Thanks, that worked, and it made sense.

How should I go about adding input validation?
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Sorry, been on vacation for the last 10 days or so.

As for validation, there are tons of tutorials on the web for that. Typically they are language agnostic, so the concepts are really what you are after. I would do a Google search for server side input validation, sanitization, filtration, etc.
Post Reply