Required fields on form are not working
Posted: Thu Jan 17, 2008 8:11 pm
I have a basic form that I made and I listed all of the fields as required, meaning they have to be filled out or the visitor will get an error message stating they left out their email, name, topic, etc...(before the form is able to be emailed to me).
The code is:
For some reason it doesn't send out an error message when someone submits the form and leaves out one or all of the required sections, it just allows the form to be submitted.
What is wrong?
The code is:
Code: Select all
<?php
include('includes/corefuncs.php');
if (function_exists('nukeMagicQuotes')) {
nukeMagicQuotes();
}
// Process the email
if (array_key_exists('send', $_POST)) {
$to = 'my email address';
$subject = 'Contact Us Form Feedback';
// List expected fields
$expected = array('name', 'email', 'topic', 'comments');
// Set required fields
$required = array('name', 'email', 'topic', 'comments');
// Create empty array for any missing fields
$missing = array ();
// Assume that there is nothing suspect
$suspect = false;
// Create a pattern to locate suspect phrases
$pattern = '/Content-Type:|Bcc:|Cc:/i';
// Function to check for suspect phrases
function isSuspect($val, $pattern, &$suspect) {
// If the variable is an array, loop through each element
// And pass it recursively back to the same function
if (is_array($val)) {
foreach ($val as $item) {
isSuspect($item, $pattern, $suspect);
}
}
else {
// If one of the suspect phrases is found, set Boolean to True
if (preg_match($pattern, $val)) {
$suspect = true;
}
}
}
// Check the $_POST array and any subarrays for suspect content
isSuspect($_POST, $pattern, $suspect);
if ($suspect) {
$mailSent = false;
unset($missing);
}
else {
// Process the $_POST variables
foreach ($_POST as $key => $value) {
// Assign to temporary variable and strip whitespace in not an array
$temp = is_array($value) ? $value : trim($value);
// if empty and required, add to $missing array
if (empty($temp) && in_array($key, $required)) {
array_push($missing, $key);
}
// Otherwise, assign to a variable of the same name as $key
elseif (in_array($key, $expected)) {
${$key} = $temp;
}
}
}
// Validate the email address
if (!empty($email)) {
// Regex to ensure no illegal characters in email address
$checkEmail = '/^[^@]+@[^\s\r\n\'";,@%]+$/';
// Regect the email address if it doesn't match
if (!preg_match($checkEmail, $email)) {
array_push($missing, 'email');
}
}
// Go ahead only if not suspect and all requried fields OK
if (!$suspect && empty($missing)) {
// Build the message
$message = "Name: $name\n\n";
$message .= "Email: $email\n\n";
$message .= "Topic: $topic\n\n";
$message .= "Comments: $comments";
// Limit line length to 70 characters
$message = wordwrap($message, 70);
// Create additional headers
$additionalHeaders = "From: Contact Us<my email address>\r\n";
// Send it
$mailSent = mail($to, $subject, $message, $additionalHeaders);
if ($mailSent) {
// redirect the page with a fully qualified URL
header('Location: TestContactConfirmation.php');
exit;
}
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Contact Us</title>
</head>
<body>
<h1>Contact Us</h1>
<?php
if ($_POST && isset($missing) && !empty($missing)) {
?>
<p class="warning">Please complete the missing item(s) indicated.</p>
<?php
}
elseif ($_POST && !$mailSent) {
?>
<p class="warning">Sorry, there was a problem sending your message. Please try again.</p>
<?php
}
elseif ($_POST && $mailSent) {
?>
<p><strong>Your message has been sent. Thank You for your feedback.</strong></p>
<?php } ?>
<form action="TestContactConfirmation.php" method="post">
<table width="650" border="0" align="center" cellpadding="10" cellspacing="5">
<tr>
<td height="31" colspan="2"><font size="2">(<font color="red">*</font> = a required field)</font></td>
</tr>
<tr>
<td width="300" height="31" bgcolor="#F5F5F5"><div align="right"><font size="2" color="red">*</font><strong>Name:</strong>:
</div></td>
<td width="300" bgcolor="#F5F5F5">
<input id="name" name="name" type="text" class="formbox"
<?php
if (isset($missing)) {
echo 'value="'.htmlentities($_POST['name']).'"';
} ?> />
<?php
if (isset($missing) && in_array('name', $missing)) { ?>
<span class="warning"><div style= "color:red">Please enter your name</div>
<?php } ?></td>
</tr>
<tr>
<td bgcolor="#CECECE"><div align="right"><font size="2" color="red">*</font><strong>Email:</strong></div></td>
<td bgcolor="#CECECE">
<input name="email" type="text" size="40" maxlength="60" <?php if (isset($missing)) {
echo 'value="'.htmlentities($_POST['email']).'"';
} ?>/>
<?php
if (isset($missing) && in_array('email', $missing)) { ?>
<span class="warning"><div style= "color:red">Please enter your email address</div>
<?php } ?></td>
</tr>
<tr>
<td bgcolor="#F5F5F5"><div align="right"><font size="2" color="red">*</font><strong>Topic:</strong></div></td>
<td bgcolor="#F5F5F5">
<select name="topic" id="topic">
<option value=""
<?php
if (!$_POST || $_POST['topic'] == '') { ?>
selected="selected"
<?php } ?>
>Please select a topic</option>
<option value="Order Status"
<?php if (isset($missing) && $_POST['topic'] == 'Order Status') { ?>
selected="selected"
<?php } ?>
>Order Status</option>
<option value="Shipping Questions"
<?php if (isset($missing) && $_POST['topic'] == 'Shipping Questions') { ?>
selected="selected"
<?php } ?>
>Shipping Questions</option>
<option value="Product Information"
<?php if (isset($missing) && $_POST['topic'] == 'Product Information') { ?>
selected="selected"
<?php } ?>
>Product Information</option>
<option value="Other"<?php if (isset($missing) && $_POST['topic'] == 'Other') { ?>
selected="selected"
<?php } ?>
>Other</option>
</select>
<?php
if (isset($missing) && in_array('topic', $missing)) { ?>
<span class="warning"><div style= "color:red">Please enter your topic</div><?php } ?>
</td>
</tr>
<tr>
<td bgcolor="#CECECE"><div align="right"><font size="2" color="red">*</font><strong>Comments:</strong></div></td>
<td bgcolor="#CECECE">
<textarea name="comments" cols="60" rows="7"><?php
if (isset($missing)) {
echo htmlentities($_POST['comments']);
} ?></textarea>
<?php
if (isset($missing) && in_array('comments', $missing)) { ?>
<span class="warning"><div style= "color:red">Please enter your comments</div><?php } ?> </td>
</tr>
<tr>
<td colspan="2">
<div align="center">
<input name="send" id="send" type="submit" value="Submit My Comments" />
</div></td>
</tr>
</table>
</form>
</body>
</html>What is wrong?