Solved

COntact Form- Java Script

Posted on 2011-03-25
12
446 Views
Last Modified: 2012-05-11
I have a contact form validator which is java script, i also have an extra validation on the submit button in that form, HOWEVER for some reason that I cannot figure out, the majority of the time, I get forms returned back to me with the proper information.. HOWEVER sometimes i receive BLANK FORMS and this is no good.. i need to see why these forms are allowed to return null values, when I have tried to validate the form twice. Any one can help me that would be GREAT!!

here the the java script from the contactformvalidator.js, if any one sees an error, please let me know, thank you in advance

function Form1_Validator(theForm)
{

  if (theForm.first_name.value == "")
  {
    alert("Please enter a value for the \"First Name\" field.");
    theForm.first_name.focus();
    return (false);
  }

  if (theForm.last_name.value == "")
  {
    alert("Please enter a value for the \"Last Name\" field.");
    theForm.last_name.focus();
    return (false);
  }

  if (theForm.phone.value == "")
  {
    alert("Please enter a value for the \"Phone\" field.");
    theForm.phone.focus();
    return (false);
  }

  if (theForm.email.value == "")
  {
    alert("Please enter a value for the \"Email\" field.");
    theForm.email.focus();
    return (false);
  }

  if (theForm.best_time_to_contact.value == "")
  {
    alert("Please enter a value for the \"Best Time To Contact\" field.");
    theForm.best_time_to_contact.focus();
    return (false);
  }


  if (theForm.address.value == "")
  {
    alert("Please enter a value for the \"Address\" field.");
    theForm.address.focus();
    return (false);
  }

  if (theForm.city.value == "")
  {
    alert("Please enter a value for the \"City\" field.");
    theForm.city.focus();
    return (false);
  }


  if (theForm.state.selectedIndex < 0)
  {
    alert("Please select one of the \"State\" options.");
    theForm.state.focus();
    return (false);
  }

  if (theForm.state.selectedIndex == 0)
  {
    alert("The first \"State\" option is not a valid selection.  Please choose one of the other options.");
    theForm.state.focus();
    return (false);
  }

  if (theForm.zip_code.value == "")
  {
    alert("Please enter a value for the \"Zip Code\" field.");
    theForm.zip_code.focus();
    return (false);
  }

  if (theForm.zip_code.value.length > 10)
  {
    alert("Invalid length in the \"Zip Code\" field.  Please re-enter.");
    theForm.zip_code.focus();
    return (false);
  }

  if (theForm.source.selectedIndex == 0)
  {
    alert("Please choose one of the options for how you heard about us.");
    theForm.source.focus();
    return (false);
  }

  return (true);
}
0
Comment
Question by:julianne26
  • 6
  • 6
12 Comments
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 35217308
Blank forms can be spam that is posted directly to your action page.  That skips your validation script completely.  What kind of 'action page' do you have?
0
 

Author Comment

by:julianne26
ID: 35217349
this is the contact page the contact from.. is this what you meant by "action page"?

http://www.carlyleatthepalace.com/contact.html
0
 
LVL 83

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 500 total points
ID: 35217463
Every form has a action attribute.  Yours is 'action="send_form.php" '.  Spammers operate by reading your page and sending info directly to your action page thus skipping the validation javascript.  That is why the action page needs to validate the info also to try to filter out obvious spam.  Spammers don't sit there and type something into your form, spam is almost all automated.
<form action="send_form.php" method="post" name="Form_1" id="Form_1"  onsubmit="return Form1_Validator(this)">

Open in new window

0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:julianne26
ID: 35217517
Ok i am using send_form.php.. is there any code that i need to look for to delete in the php?
0
 

Author Comment

by:julianne26
ID: 35217538
Here is the PHP code for the send_form.php.. do you see any errors.. or where the spam might be??

<?
$from_name       = $HTTP_POST_VARS['first_name'];
            $from_email = $HTTP_POST_VARS['email'];
            $to_name       = "Carlyle at The Palace";
            $to_email       = "gschneider@carlyleonthegreen.net";
       $to_emailb       = "jkranitz@carlyleonthegreen.net";
            $to_emailc      = "skirschbaum@carlyleatthepalace.com";
            $to_emaild       = "julie@targetgroupmedia.com";


            $subject       = "Carlyle at The Palace Website Submission Form";

            $headers        = "MIME-Version: 1.0\r \n";
            $headers      .= "Content-type: text/html; charset=UTF-8\r \n";
            $headers      .= "From: \"".$from_name."\" <".$from_email.">\r \n";
            $headers      .= "Reply-To: \"".$from_name."\" <".$from_email.">\r \n";
            $headers      .= "X-Priority: 3\r \n";
            $headers      .= "X-MSMail-Priority: High\r \n";
            $headers      .= "X-Mailer: Just My Server";
            $date             = date('d.m.Y');
            
            
            $message = "<html><head><style type=text/css>body, table, td {font-family: verdana; font-size: 11px; color: #325169; padding: 5px;} </style></head>";
            $message .= "<body leftmargin=50px>";
            $message .= "<table><tr><td colspan=2 align=center><b>Carlyle at The Palace <br> Website Submission Form</b></td></tr>";
            $message .= "<tr><td align=left>First Name:</td><td align=left>".$HTTP_POST_VARS['first_name']."</td></tr>";
            $message .= "<tr><td align=left>Last Name:</td><td align=left>".$HTTP_POST_VARS['last_name']."</td></tr>";
            $message .= "<tr><td align=left>Phone:</td><td align=left>".$HTTP_POST_VARS['phone']."</td></tr>";
            $message .= "<tr><td align=left>Email:</td><td align=left>".$HTTP_POST_VARS['email']."</td></tr>";
            $message .= "<tr><td align=left>Best time to Contact:</td><td align=left>".$HTTP_POST_VARS['best_time_to_contact']."</td></tr>";
            $message .= "<tr><td align=left>Address:</td><td align=left>".$HTTP_POST_VARS['address']."</td></tr>";
            $message .= "<tr><td align=left>Address 2:</td><td align=left>".$HTTP_POST_VARS['address2']."</td></tr>";
            $message .= "<tr><td align=left>City:</td><td align=left>".$HTTP_POST_VARS['city']."</td></tr>";
            $message .= "<tr><td align=left>State:</td><td align=left>".$HTTP_POST_VARS['state']."</td></tr>";
            $message .= "<tr><td align=left>Zip Code:</td><td align=left>".$HTTP_POST_VARS['zip_code']."</td></tr>";
            $message .= "<tr><td align=left>Event type Social:</td><td align=left>".$HTTP_POST_VARS['event_type_social']."</td></tr>";
            $message .= "<tr><td align=left>Event type Corporate:</td><td align=left>".$HTTP_POST_VARS['event_type_corporate']."</td></tr>";                                           
            $message .= "<tr><td align=left>Event type Other:</td><td align=left>".$HTTP_POST_VARS['event_type_other']."</td></tr>";
            $message .= "<tr><td align=left>Source:</td><td align=left>".$HTTP_POST_VARS['source']."</td></tr>";

            $message .= "<tr><td align=left>Comments or Questions: </td><td align=left>".$HTTP_POST_VARS['comments']."</td></tr>";
            $message .= "<tr><td>&nbsp;</td><td>&nbsp;</td></tr></table></body></html>";
            
            mail("$to_name<$to_email>", $subject, $message, $headers);
            mail("$to_name<$to_emailb>", $subject, $message, $headers);
            mail("$to_name<$to_emailc>", $subject, $message, $headers);
            mail("$to_name<$to_emaild>", $subject, $message, $headers);

            
?>

<head>

<title>Carlyle at The Palace Website Submission Form</title>
<link href="carlylepalace.css" rel="stylesheet" type="text/css" />
<!--[if IE 6]>
<link href="ie6scrollfix.css" rel="stylesheet" type="text/css" />
<![endif]-->
<script type="text/javascript" src="swfobject.js"></script>
<script type="text/javascript" src="contactformvalidator.js"></script>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"></head>
<body>
<table cellpadding="0" cellspacing="0" border="0" width="100%">
<tr>
<td align="center" valign="top">
<table cellpadding="0" cellspacing="0" border="0" width="754" height="721" style="background-image:url(images/main_bg.jpg); background-repeat:no-repeat;">
<tr>
  <td height="94" align="center" valign="top"><img src="images/sendemail_header.jpg" width="754" height="94" align="top"></td>
</tr>
<tr>
<td align="center" valign="top" style="padding-top:70px"><p class="team_type2">&nbsp;</p>
  <p class="team_type2">Your request has been sent.</p>
<p><strong><a href="http://www.carlyleatthepalace.com/" class="team_type" id="team_type">Back to Carlyle at The Palace</a></strong></p>
</td>
</tr>
</table>
</td>
</tr>
</table>

</body>
</html>
0
 

Author Comment

by:julianne26
ID: 35217662
also i just found another contactformvalidator in the scripts folder of the ftp, at the end the code the return value is true.. the other conatfromvalidator in the ftp the return value is false.. could this have anything to do with the forms returning blank??
0
 
LVL 83

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 500 total points
ID: 35217666
I don't think you understand yet.  I can make up my own form here on my computer that will POST to "send_form.php" on your server that can contain nothing or whatever values I want to send and it will not have to go thru your validation javascript.

You should consider checking the POST info in "send_form.php" before you send it.  At least you're not using an external user entered email address to send to because that would be an open invitation to spam relaying.  If your "send_form.php" recieves a POST that doesn't have the required information, you can consider it spam and not send it.  You can use essentially the same checks that you are using in your javascript.  However, if it doesn't pass validation in PHP, then it probably did not come from your page with the form and validation on it and you can probably consider it spam at that point and don't send the emails.

You should probably replace "$HTTP_POST_VARS" with "$_POST".  http://www.php.net/manual/en/reserved.variables.post.php
0
 

Author Comment

by:julianne26
ID: 35217806
i am confused when you say don't send the emails if its spam.. i don't want to send emails, I just want to make sure the form we have on our website is is being validated correctly. If there is an issue with spam, then i want to know how to solve the issue that will make the form validate the right way. I will take your suggestion and replace the $HTTP_POST_VARS with $_POST, will this solve the issue i am having with our clients receiving blank forms.. bc they are livid.. and I am trying to trouble shoot this the best that I can, thanks for all your help so far...
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 35217807
You really should have only one 'contactformvalidator' just to eliminate confusion.  I suppose if your page was getting the wrong one, it could be part of your problem.
0
 
LVL 83

Accepted Solution

by:
Dave Baldwin earned 500 total points
ID: 35217851
"send_form.php" sends email to four people when the form on the contact page is posted.  I am saying that you also have to check or 'validate' the info on the PHP page to prevent people from sending spam to your clients.  This is a common issue with web page forms.  Validation in javascript is to help the desired users to fill out the form correctly.  Validation on the PHP page is to keep the undesired users out.
0
 

Author Comment

by:julianne26
ID: 35217941
GREAT feed back!! one more question.. i am going to delete one of the validation java script  forms... but i need to know which one... the first java script returns the value true at the end of the code (the code i pasted above).. and the other java script returns false.. which one should i keep?
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 35218510
The one you posted above looks fine to me.  It has 'return false' on all the errors and 'return true' if there aren't and that's what you want.
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Problem to the codes 19 100
java script collapsible 1 219
Jquery validation not working. 29 160
CS6 Adobe Dreamweaver Alphanumeric list 4 98
For those who don't know, Adobe Dreamweaver is a popular commercial web editor that enables you to design, build and manage complex websites. The editor is a WYSIWYG (What You See Is What You Get) web editor, which means that you can create your web…
I still run into .cgi files every now and then. In some instances, I actually prefer the simplicity of a .cgi script to other options. Since I use DreamWeaver extensively, what I needed was a way to open .cgi scripts in Dreamweaver. And I wanted to …
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question