Link to home
Start Free TrialLog in
Avatar of oo7ml
oo7ml

asked on

IF statement based on selection from drop down menu

Hi, my site has a contact form that allows customers to send a message. The contact form has a drop down menu which allows the customer to choose from 3 products that they want to enquire about.

I have 3 different email addresses for each product as 3 different administrators are responsible for each product. At the moment the contact form is emailed to all 3 administrators.

How can i change my code below so that if a certain product is selected from the contact form, only the administrator responsible for that product is emailed:

CONTACT FORM

<form name="contact" id="form" action="contact.processor.php" onSubmit="return validate_form(this);" enctype="multipart/form-data" method="post">
         
<div class="form_heading">Name:</div>
<div><input type="text" class="form_input" name="name" size="30" maxlength="35" tabindex="1" /></div>
           
<div class="form_heading">Phone Number:</div>
<div><input type="text" class="form_input" name="phone" size="30" maxlength="20" tabindex="2" /></div>
           
<div class="form_heading">Email:</div>
<div><input type="text" class="form_input" name="email" size="30" maxlength="49" tabindex="3" /></div>
           
<div class="form_heading">Product:</div>
<div>
<select name="product" tabindex="4">
   <option value="All" selected>--- All Products ---</option>
   <option value="Product A">Product A</option>
   <option value="Product B">Product B</option>
   <option value="Product C">Product C</option>
</select>
</div> 
                   
<div><input name="submit" tabindex="5" type="submit" id="submit" value="Send" /> <input type="reset" tabindex="7" name="Reset" value="Reset" /></div>
             
</form>

Open in new window


PHP
<?php
     
        $todayis    = date("l, F j, Y, g:i a") ;
       
        $name       = $_POST['name'];
        $phone      = $_POST['phone'];
        $email      = $_POST['email'];
        $product    = $_POST['product'];
       
        $body = " $todayis [EST] \n
        Name: $name \n
        Phone: $phone \n
        Email: $email \n
        Product Enquiry: $product \n
        ";

$to         = "product-a@gmail.com, product-b@gmail.com, product-c@gmail.com";
$subject    = "Contact Us";
$from       = "From: $email\r\n";

mail($to, $subject, $body, $from);

?>

Open in new window


Thanks in advance...
ASKER CERTIFIED SOLUTION
Avatar of Beverley Portlock
Beverley Portlock
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
For expansion purposes (i.e. more then three products in the future) I would use an associative array (Ideally you would use a relational database for this but that may be overkill for you at this stage).

For a quick solution, insert the following at the top of your php code i.e. line 2 ...

$prod_info = array(
    'Product A' => 'product-a@gmail.com',
    'Product B' => 'product-b@gmail.com',
    'Product C' => 'product-c@gmail.com'
    );

And change line 17 (as above) to ...

$to = $prod_info[$_POST['product']];

Avatar of oo7ml
oo7ml

ASKER

Would it be a bad idea to directly insert the email addresses into the drop down menu:

   <option value="emaila">Product A</option>
   <option value="emailb">Product B</option>
   <option value="emailc">Product C</option>

as the email addresses are listed on my contact page
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
"Would it be a bad idea to directly insert the email addresses into the drop down menu:"

Yes - that would be an atrocious idea, possibly the worst thing you could do. Here is why.....

You put the email into the drop-down and you then use the drop down to send an email to

mail( $_POST['email'],......... etc

I (a malicious hacker) then come along with my spam email which I POST to your form with the email of my choice filled in. Your script then obligingly sends the spam and a week later your inbox is full of bounced spam and your server is blaclisted as an open spam relay.

Don't do it! Never, ever, ever, ever, ever trust information coming from a form. Always assume it is tainted, always assume it needs cleaning before use or storage in a database.

Would it be a bad idea to directly insert the email addresses into the drop down menu:

   <option value="emaila">Product A</option>
   <option value="emailb">Product B</option>
   <option value="emailc">Product C</option>

as the email addresses are listed on my contact page
If you did this spammers would be able to harvest your email addresses (including the ones on your contact page).  

The convention these days is not to have any email addresses on your web site at all and use a form to allow your customers contact you.

John
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial