Solved

COntact Form- Java Script

Posted on 2011-03-25
12
442 Views
Last Modified: 2012-05-11
I have a contact form validator which is java script, i also have an extra validation on the submit button in that form, HOWEVER for some reason that I cannot figure out, the majority of the time, I get forms returned back to me with the proper information.. HOWEVER sometimes i receive BLANK FORMS and this is no good.. i need to see why these forms are allowed to return null values, when I have tried to validate the form twice. Any one can help me that would be GREAT!!

here the the java script from the contactformvalidator.js, if any one sees an error, please let me know, thank you in advance

function Form1_Validator(theForm)
{

  if (theForm.first_name.value == "")
  {
    alert("Please enter a value for the \"First Name\" field.");
    theForm.first_name.focus();
    return (false);
  }

  if (theForm.last_name.value == "")
  {
    alert("Please enter a value for the \"Last Name\" field.");
    theForm.last_name.focus();
    return (false);
  }

  if (theForm.phone.value == "")
  {
    alert("Please enter a value for the \"Phone\" field.");
    theForm.phone.focus();
    return (false);
  }

  if (theForm.email.value == "")
  {
    alert("Please enter a value for the \"Email\" field.");
    theForm.email.focus();
    return (false);
  }

  if (theForm.best_time_to_contact.value == "")
  {
    alert("Please enter a value for the \"Best Time To Contact\" field.");
    theForm.best_time_to_contact.focus();
    return (false);
  }


  if (theForm.address.value == "")
  {
    alert("Please enter a value for the \"Address\" field.");
    theForm.address.focus();
    return (false);
  }

  if (theForm.city.value == "")
  {
    alert("Please enter a value for the \"City\" field.");
    theForm.city.focus();
    return (false);
  }


  if (theForm.state.selectedIndex < 0)
  {
    alert("Please select one of the \"State\" options.");
    theForm.state.focus();
    return (false);
  }

  if (theForm.state.selectedIndex == 0)
  {
    alert("The first \"State\" option is not a valid selection.  Please choose one of the other options.");
    theForm.state.focus();
    return (false);
  }

  if (theForm.zip_code.value == "")
  {
    alert("Please enter a value for the \"Zip Code\" field.");
    theForm.zip_code.focus();
    return (false);
  }

  if (theForm.zip_code.value.length > 10)
  {
    alert("Invalid length in the \"Zip Code\" field.  Please re-enter.");
    theForm.zip_code.focus();
    return (false);
  }

  if (theForm.source.selectedIndex == 0)
  {
    alert("Please choose one of the options for how you heard about us.");
    theForm.source.focus();
    return (false);
  }

  return (true);
}
0
Comment
Question by:julianne26
  • 6
  • 6
12 Comments
 
LVL 82

Expert Comment

by:Dave Baldwin
Comment Utility
Blank forms can be spam that is posted directly to your action page.  That skips your validation script completely.  What kind of 'action page' do you have?
0
 

Author Comment

by:julianne26
Comment Utility
this is the contact page the contact from.. is this what you meant by "action page"?

http://www.carlyleatthepalace.com/contact.html
0
 
LVL 82

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 500 total points
Comment Utility
Every form has a action attribute.  Yours is 'action="send_form.php" '.  Spammers operate by reading your page and sending info directly to your action page thus skipping the validation javascript.  That is why the action page needs to validate the info also to try to filter out obvious spam.  Spammers don't sit there and type something into your form, spam is almost all automated.
<form action="send_form.php" method="post" name="Form_1" id="Form_1"  onsubmit="return Form1_Validator(this)">

Open in new window

0
 

Author Comment

by:julianne26
Comment Utility
Ok i am using send_form.php.. is there any code that i need to look for to delete in the php?
0
 

Author Comment

by:julianne26
Comment Utility
Here is the PHP code for the send_form.php.. do you see any errors.. or where the spam might be??

<?
$from_name       = $HTTP_POST_VARS['first_name'];
            $from_email = $HTTP_POST_VARS['email'];
            $to_name       = "Carlyle at The Palace";
            $to_email       = "gschneider@carlyleonthegreen.net";
       $to_emailb       = "jkranitz@carlyleonthegreen.net";
            $to_emailc      = "skirschbaum@carlyleatthepalace.com";
            $to_emaild       = "julie@targetgroupmedia.com";


            $subject       = "Carlyle at The Palace Website Submission Form";

            $headers        = "MIME-Version: 1.0\r \n";
            $headers      .= "Content-type: text/html; charset=UTF-8\r \n";
            $headers      .= "From: \"".$from_name."\" <".$from_email.">\r \n";
            $headers      .= "Reply-To: \"".$from_name."\" <".$from_email.">\r \n";
            $headers      .= "X-Priority: 3\r \n";
            $headers      .= "X-MSMail-Priority: High\r \n";
            $headers      .= "X-Mailer: Just My Server";
            $date             = date('d.m.Y');
            
            
            $message = "<html><head><style type=text/css>body, table, td {font-family: verdana; font-size: 11px; color: #325169; padding: 5px;} </style></head>";
            $message .= "<body leftmargin=50px>";
            $message .= "<table><tr><td colspan=2 align=center><b>Carlyle at The Palace <br> Website Submission Form</b></td></tr>";
            $message .= "<tr><td align=left>First Name:</td><td align=left>".$HTTP_POST_VARS['first_name']."</td></tr>";
            $message .= "<tr><td align=left>Last Name:</td><td align=left>".$HTTP_POST_VARS['last_name']."</td></tr>";
            $message .= "<tr><td align=left>Phone:</td><td align=left>".$HTTP_POST_VARS['phone']."</td></tr>";
            $message .= "<tr><td align=left>Email:</td><td align=left>".$HTTP_POST_VARS['email']."</td></tr>";
            $message .= "<tr><td align=left>Best time to Contact:</td><td align=left>".$HTTP_POST_VARS['best_time_to_contact']."</td></tr>";
            $message .= "<tr><td align=left>Address:</td><td align=left>".$HTTP_POST_VARS['address']."</td></tr>";
            $message .= "<tr><td align=left>Address 2:</td><td align=left>".$HTTP_POST_VARS['address2']."</td></tr>";
            $message .= "<tr><td align=left>City:</td><td align=left>".$HTTP_POST_VARS['city']."</td></tr>";
            $message .= "<tr><td align=left>State:</td><td align=left>".$HTTP_POST_VARS['state']."</td></tr>";
            $message .= "<tr><td align=left>Zip Code:</td><td align=left>".$HTTP_POST_VARS['zip_code']."</td></tr>";
            $message .= "<tr><td align=left>Event type Social:</td><td align=left>".$HTTP_POST_VARS['event_type_social']."</td></tr>";
            $message .= "<tr><td align=left>Event type Corporate:</td><td align=left>".$HTTP_POST_VARS['event_type_corporate']."</td></tr>";                                           
            $message .= "<tr><td align=left>Event type Other:</td><td align=left>".$HTTP_POST_VARS['event_type_other']."</td></tr>";
            $message .= "<tr><td align=left>Source:</td><td align=left>".$HTTP_POST_VARS['source']."</td></tr>";

            $message .= "<tr><td align=left>Comments or Questions: </td><td align=left>".$HTTP_POST_VARS['comments']."</td></tr>";
            $message .= "<tr><td>&nbsp;</td><td>&nbsp;</td></tr></table></body></html>";
            
            mail("$to_name<$to_email>", $subject, $message, $headers);
            mail("$to_name<$to_emailb>", $subject, $message, $headers);
            mail("$to_name<$to_emailc>", $subject, $message, $headers);
            mail("$to_name<$to_emaild>", $subject, $message, $headers);

            
?>

<head>

<title>Carlyle at The Palace Website Submission Form</title>
<link href="carlylepalace.css" rel="stylesheet" type="text/css" />
<!--[if IE 6]>
<link href="ie6scrollfix.css" rel="stylesheet" type="text/css" />
<![endif]-->
<script type="text/javascript" src="swfobject.js"></script>
<script type="text/javascript" src="contactformvalidator.js"></script>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"></head>
<body>
<table cellpadding="0" cellspacing="0" border="0" width="100%">
<tr>
<td align="center" valign="top">
<table cellpadding="0" cellspacing="0" border="0" width="754" height="721" style="background-image:url(images/main_bg.jpg); background-repeat:no-repeat;">
<tr>
  <td height="94" align="center" valign="top"><img src="images/sendemail_header.jpg" width="754" height="94" align="top"></td>
</tr>
<tr>
<td align="center" valign="top" style="padding-top:70px"><p class="team_type2">&nbsp;</p>
  <p class="team_type2">Your request has been sent.</p>
<p><strong><a href="http://www.carlyleatthepalace.com/" class="team_type" id="team_type">Back to Carlyle at The Palace</a></strong></p>
</td>
</tr>
</table>
</td>
</tr>
</table>

</body>
</html>
0
 

Author Comment

by:julianne26
Comment Utility
also i just found another contactformvalidator in the scripts folder of the ftp, at the end the code the return value is true.. the other conatfromvalidator in the ftp the return value is false.. could this have anything to do with the forms returning blank??
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 82

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 500 total points
Comment Utility
I don't think you understand yet.  I can make up my own form here on my computer that will POST to "send_form.php" on your server that can contain nothing or whatever values I want to send and it will not have to go thru your validation javascript.

You should consider checking the POST info in "send_form.php" before you send it.  At least you're not using an external user entered email address to send to because that would be an open invitation to spam relaying.  If your "send_form.php" recieves a POST that doesn't have the required information, you can consider it spam and not send it.  You can use essentially the same checks that you are using in your javascript.  However, if it doesn't pass validation in PHP, then it probably did not come from your page with the form and validation on it and you can probably consider it spam at that point and don't send the emails.

You should probably replace "$HTTP_POST_VARS" with "$_POST".  http://www.php.net/manual/en/reserved.variables.post.php
0
 

Author Comment

by:julianne26
Comment Utility
i am confused when you say don't send the emails if its spam.. i don't want to send emails, I just want to make sure the form we have on our website is is being validated correctly. If there is an issue with spam, then i want to know how to solve the issue that will make the form validate the right way. I will take your suggestion and replace the $HTTP_POST_VARS with $_POST, will this solve the issue i am having with our clients receiving blank forms.. bc they are livid.. and I am trying to trouble shoot this the best that I can, thanks for all your help so far...
0
 
LVL 82

Expert Comment

by:Dave Baldwin
Comment Utility
You really should have only one 'contactformvalidator' just to eliminate confusion.  I suppose if your page was getting the wrong one, it could be part of your problem.
0
 
LVL 82

Accepted Solution

by:
Dave Baldwin earned 500 total points
Comment Utility
"send_form.php" sends email to four people when the form on the contact page is posted.  I am saying that you also have to check or 'validate' the info on the PHP page to prevent people from sending spam to your clients.  This is a common issue with web page forms.  Validation in javascript is to help the desired users to fill out the form correctly.  Validation on the PHP page is to keep the undesired users out.
0
 

Author Comment

by:julianne26
Comment Utility
GREAT feed back!! one more question.. i am going to delete one of the validation java script  forms... but i need to know which one... the first java script returns the value true at the end of the code (the code i pasted above).. and the other java script returns false.. which one should i keep?
0
 
LVL 82

Expert Comment

by:Dave Baldwin
Comment Utility
The one you posted above looks fine to me.  It has 'return false' on all the errors and 'return true' if there aren't and that's what you want.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
HTML coding help 6 62
Responsive CSS Layout? 6 43
CRM 2011 Opportunity Bug 18 131
.dwt files not viewable in browser - why? 2 48
I still run into .cgi files every now and then. In some instances, I actually prefer the simplicity of a .cgi script to other options. Since I use DreamWeaver extensively, what I needed was a way to open .cgi scripts in Dreamweaver. And I wanted to …
This article is very specific and is only intended to help if you are installing Dreamweaver 8 in a Windows 7 environment with Office 2007 installed.   I'm not sure why Microsoft tends to release OS' that should not be released but they do.  Windows…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now