Page 1 of 1

Required fields on form are not working

Posted: Thu Jan 17, 2008 8:11 pm
by ggrant3
I have a basic form that I made and I listed all of the fields as required, meaning they have to be filled out or the visitor will get an error message stating they left out their email, name, topic, etc...(before the form is able to be emailed to me).

The code is:

Code: Select all

<?php
include('includes/corefuncs.php');
if (function_exists('nukeMagicQuotes')) {
    nukeMagicQuotes();
    }
    
// Process the email
if (array_key_exists('send', $_POST)) {
    $to = 'my email address'; 
    $subject = 'Contact Us Form Feedback';
    
// List expected fields
    $expected = array('name', 'email', 'topic', 'comments');
    
// Set required fields
    $required = array('name', 'email', 'topic', 'comments');
    
// Create empty array for any missing fields
    $missing = array ();
    
// Assume that there is nothing suspect
    $suspect = false;
// Create a pattern to locate suspect phrases
    $pattern = '/Content-Type:|Bcc:|Cc:/i';
    
// Function to check for suspect phrases
    function isSuspect($val, $pattern, &$suspect) {
    
    // If the variable is an array, loop through each element
    // And pass it recursively back to the same function
    if (is_array($val)) {
        foreach ($val as $item) {
            isSuspect($item, $pattern, $suspect);
            }
        }
        else {
    // If one of the suspect phrases is found, set Boolean to True
        if (preg_match($pattern, $val)) {
        $suspect = true;
        }
        }
        }
    // Check the $_POST array and any subarrays for suspect content
        isSuspect($_POST, $pattern, $suspect);
    
    if ($suspect) {
        $mailSent = false;
        unset($missing);
        }
    else {      
    
// Process the $_POST variables
    foreach ($_POST as $key => $value) {
    
// Assign to temporary variable and strip whitespace in not an array
    $temp = is_array($value) ? $value : trim($value);
    
// if empty and required, add to $missing array
    if (empty($temp) && in_array($key, $required)) {
        array_push($missing, $key);
        }
// Otherwise, assign to a variable of the same name as $key
    elseif (in_array($key, $expected)) {
    ${$key} = $temp;
    }
   }
  } 
  
// Validate the email address
    if (!empty($email)) {
     // Regex to ensure no illegal characters in email address
     $checkEmail = '/^[^@]+@[^\s\r\n\'";,@%]+$/';
     // Regect the email address if it doesn't match
     if (!preg_match($checkEmail, $email)) {
        array_push($missing, 'email');
        }
    }
  
// Go ahead only if not suspect and all requried fields OK
    if (!$suspect && empty($missing)) { 
 
 
// Build the message
$message = "Name: $name\n\n";
$message .= "Email: $email\n\n";
$message .= "Topic: $topic\n\n";
$message .= "Comments: $comments";
 
// Limit line length to 70 characters
$message = wordwrap($message, 70);
 
// Create additional headers
$additionalHeaders = "From: Contact Us<my email address>\r\n";
    
// Send it
$mailSent = mail($to, $subject, $message, $additionalHeaders);
if ($mailSent) {
// redirect the page with a fully qualified URL
    header('Location: TestContactConfirmation.php');
    exit;
}
}
}
    ?>
 
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Contact Us</title>
</head>
<body>
<h1>Contact Us</h1>
<?php
if ($_POST && isset($missing) && !empty($missing)) {
?>
    <p class="warning">Please complete the missing item(s) indicated.</p>
    <?php
    }
elseif ($_POST && !$mailSent) {
?>
    <p class="warning">Sorry, there was a problem sending your message.  Please try again.</p>
    <?php
    }
    elseif ($_POST && $mailSent) {
    ?>
    <p><strong>Your message has been sent.  Thank You for your feedback.</strong></p>
    <?php } ?>
    
<form action="TestContactConfirmation.php" method="post">
<table width="650" border="0" align="center" cellpadding="10" cellspacing="5">
  <tr>
    <td height="31" colspan="2"><font size="2">(<font color="red">*</font> = a required field)</font></td>
    </tr>
  <tr>
    <td width="300" height="31" bgcolor="#F5F5F5"><div align="right"><font size="2" color="red">*</font><strong>Name:</strong>:
    </div></td>
    <td width="300" bgcolor="#F5F5F5">
    <input id="name" name="name" type="text" class="formbox" 
    <?php
    if (isset($missing)) {
    echo 'value="'.htmlentities($_POST['name']).'"';
    } ?> />
 <?php
    if (isset($missing) && in_array('name', $missing)) { ?>
    <span class="warning"><div style= "color:red">Please enter your name</div>
    <?php } ?></td>
  </tr>
  <tr>
    <td bgcolor="#CECECE"><div align="right"><font size="2" color="red">*</font><strong>Email:</strong></div></td>
    <td bgcolor="#CECECE">
    <input name="email" type="text" size="40" maxlength="60" <?php if (isset($missing)) {
    echo 'value="'.htmlentities($_POST['email']).'"';
    } ?>/>
    
    <?php
    if (isset($missing) && in_array('email', $missing)) { ?>
    <span class="warning"><div style= "color:red">Please enter your email address</div>
    <?php } ?></td>
  </tr>
 
 
<tr>
    <td bgcolor="#F5F5F5"><div align="right"><font size="2" color="red">*</font><strong>Topic:</strong></div></td>
    <td bgcolor="#F5F5F5">
    <select name="topic" id="topic">
    <option value=""
    <?php 
    if (!$_POST || $_POST['topic'] == '') { ?>
    selected="selected"
    <?php } ?>
     >Please select a topic</option>
<option value="Order Status"
<?php if (isset($missing) && $_POST['topic'] == 'Order Status') { ?>
selected="selected"
<?php } ?>
>Order Status</option>
<option value="Shipping Questions"
<?php if (isset($missing) && $_POST['topic'] == 'Shipping Questions') { ?>
selected="selected"
<?php } ?>
>Shipping Questions</option>
<option value="Product Information"
<?php if (isset($missing) && $_POST['topic'] == 'Product Information') { ?>
selected="selected"
<?php } ?>
>Product Information</option>
<option value="Other"<?php if (isset($missing) && $_POST['topic'] == 'Other') { ?>
selected="selected"
<?php } ?>
>Other</option>
</select>
 
<?php
    if (isset($missing) && in_array('topic', $missing)) { ?>
    <span class="warning"><div style= "color:red">Please enter your topic</div><?php } ?>
</td>
  </tr>
  <tr>
    <td bgcolor="#CECECE"><div align="right"><font size="2" color="red">*</font><strong>Comments:</strong></div></td>
    <td bgcolor="#CECECE">
    <textarea name="comments" cols="60" rows="7"><?php
    if (isset($missing)) {
    echo htmlentities($_POST['comments']);
    } ?></textarea>
    
    <?php
    if (isset($missing) && in_array('comments', $missing)) { ?>
    <span class="warning"><div style= "color:red">Please enter your comments</div><?php } ?>    </td>
  </tr>
  
  
  <tr>
    <td colspan="2">
    <div align="center"> 
    <input name="send" id="send" type="submit" value="Submit My Comments" />
</div></td>
    </tr>
</table>
</form>
</body>
</html>
For some reason it doesn't send out an error message when someone submits the form and leaves out one or all of the required sections, it just allows the form to be submitted.

What is wrong?