Solved

contact form ending

Posted on 2014-04-11
6
526 Views
Last Modified: 2014-04-25
The code below is for a contact form. It validates name, email, and messages. However when it is successfully submitted, the form disappears and a thank you message is displayed. I am not a PHP programmer. So I need some help in keeping the form on the page in addition to the thank you message. Thank you very much in advance.

From a high level:
...
<?php if($form_complete === FALSE): ?>
...
 <?php else: ?><p>Thank you for your Message!</p><?php endif; ?>

<?php

// Set email variables
$email_to = 'youremail@address.com';
$email_subject = 'Form submission';

// Set required fields
$required_fields = array('fullname','email','comment');

// set error messages
$error_messages = array(
	'fullname' => 'Please enter a Name to proceed.',
	'email' => 'Please enter a valid Email Address to continue.',
	'comment' => 'Please enter your Message to continue.'
);

// Set form status
$form_complete = FALSE;

// configure validation array
$validation = array();

// check form submittal
if(!empty($_POST)) {
	// Sanitise POST array
	foreach($_POST as $key => $value) $_POST[$key] = remove_email_injection(trim($value));
	
	// Loop into required fields and make sure they match our needs
	foreach($required_fields as $field) {		
		// the field has been submitted?
		if(!array_key_exists($field, $_POST)) array_push($validation, $field);
		
		// check there is information in the field?
		if($_POST[$field] == '') array_push($validation, $field);
		
		// validate the email address supplied
		if($field == 'email') if(!validate_email_address($_POST[$field])) array_push($validation, $field);
	}
	
	// basic validation result
	if(count($validation) == 0) {
		// Prepare our content string
		$email_content = 'New Website Comment: ' . "\n\n";
		
		// simple email content
		foreach($_POST as $key => $value) {
			if($key != 'submit') $email_content .= $key . ': ' . $value . "\n";
		}
		
		// if validation passed ok then send the email
		mail($email_to, $email_subject, $email_content);
		
		// Update form switch
		$form_complete = TRUE;
	}
}

function validate_email_address($email = FALSE) {
	return (preg_match('/^[^@\s]+@([-a-z0-9]+\.)+[a-z]{2,}$/i', $email))? TRUE : FALSE;
}

function remove_email_injection($field = FALSE) {
   return (str_ireplace(array("\r", "\n", "%0a", "%0d", "Content-Type:", "bcc:","to:","cc:"), '', $field));
}

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

	<title>welcome</title>
	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
	
	<link href="contact/css/contactform.css" rel="stylesheet" type="text/css" />
	
	<script type="text/javascript">
		var nameError = '<?php echo $error_messages['fullname']; ?>';
		var emailError = '<?php echo $error_messages['email']; ?>';
		var commentError = '<?php echo $error_messages['comment']; ?>';
	</script>

</head>

<body>

<div id="formWrap">
	<div id="form">
    <?php if($form_complete === FALSE): ?>
    <form action="contact.php" method="post" id="comments_form">
    	<div id="row">
        	<div class="label"> ur name</div>
            <div class="input">
            	<input type="text" id="fullname" class="detail" name="fullname" value="" />
</div>
             <div class="context">e.g. john smith</div>
        </div>
        
        <div id="row">
        	<div class="label"> ur email</div>
            <div class="input">
            	<input type="text" id="email" class="detail" name="email" value="<?php echo isset($_POST['email'])? $_POST['email'] : ''; ?>" />
                <?php if(in_array('email', $validation)): ?><span class="error"><?php echo $error_messages['email']; ?></span><?php endif; ?>
</div>
             <div class="context">email not share</div>
        </div>
        
         <div id="row">
        	<div class="label"> ur msg</div>
            <div class="input">
            	<textarea id="comment" class="mess" name="comment"/><?php echo isset($_POST['comment'])? $_POST['comment'] : ''; ?></textarea><?php echo isset($_POST['comment'])? $_POST['comment'] : ''; ?>
                </div>
             
        </div>
        
        <div class="submit"><input type="submit" id="submit" name="submit" value="send msg" /></div>
        </form>
        <?php else: ?>
<p>Thank you for your Message!</p>
<?php endif; ?>

</div>
</div>

</body>
</html>

Open in new window

0
Comment
Question by:leblanc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
6 Comments
 
LVL 35

Accepted Solution

by:
Dan Craciun earned 250 total points
ID: 39995658
Delete line 88 - <?php if($form_complete === FALSE): ?>

Replace line 117-119 with:
<?php if($form_complete === TRUE): ?>
<p>Thank you for your Message!</p>
<?php endif; ?>

HTH,
Dan
0
 
LVL 1

Author Comment

by:leblanc
ID: 39996230
Awesome... How do you reset the form... Thank you very much
0
 
LVL 35

Assisted Solution

by:Dan Craciun
Dan Craciun earned 250 total points
ID: 39996254
Add a reset button to the form, so the user can reset it.
<button type="reset" value="Reset">Reset</button>

Or, use JS and reset it on load or on another event:
document.getElementById("comments_form").reset();
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 110

Assisted Solution

by:Ray Paseur
Ray Paseur earned 250 total points
ID: 40003832
The code snippet with the question looks very suspicious to me.  It may be old or from an uncertain source.  For better or worse, if you're not a PHP programmer, trying to copy untested examples of code is a sure recipe for catastrophe.  Eventually you will copy something with a security vulnerability.  You really don't want to do that.

As one example, the best-practices method for validating an email address has not used a regular expression since PHP5.2+  That's several years ago!  Please see these pages for information on the upgrades to PHP and how to use the current technology filters.
http://php.net/ChangeLog-5.php#5.2.0
http://php.net/manual/en/function.filter-var.php
http://php.net/manual/en/filter.filters.php
http://php.net/manual/en/filter.filters.validate.php

If you want to learn this stuff, this article will give you some good learning resources and, more importantly, steer you away from the many terrible examples that litter the internet:
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_11769-And-by-the-way-I-am-new-to-PHP.html

And if you don't have time or don't want to learn this stuff, consider hiring a programmer to do the work for you.  It won't cost much and good work products will be in hand much faster.  As the great firefighter Red Adair famously said, "If you think it's expensive to hire a professional, just wait until you hire an amateur!"
0
 
LVL 1

Author Comment

by:leblanc
ID: 40003984
Ray,

Thanks for the info. I got my codes from this tutorial, https://www.youtube.com/watch?v=fBfXQqDcNSk&index=22&list=PLUWoaEuQPDX5h2rbVEP4-ErVIdbNQgl_H.
I am not a PHP kind of programmer. But from the tutorial, the form seems to be straight forward. So you are saying that using regular expression for form validation in PHP is not a best practice.
0
 
LVL 110

Assisted Solution

by:Ray Paseur
Ray Paseur earned 250 total points
ID: 40004084
Yes, I would choose the PHP filter.  Here's why:

Almost every regular expression is complicated and difficult to understand.  As a result, there is latent risk that the regular expression might match or miss something unwanted.  The internet is full of regular expressions that are only partially right, leading to innumerable run-time failures in PHP applications.  That is why PHP developed the filters.  They are not perfect, but they are PHP built-ins and subject to a lot of scrutiny from the community, including bug reports.  Your regular expression is yours and yours alone.  And frankly, I am not better than all of the programmers working on PHP, so I would rather rely on them than on myself alone.

These are "jokes" but they ring true for experienced developers!
https://xkcd.com/208/
https://xkcd.com/1171/

Here is my demonstration script showing how to validate an email address.

<?php // demo/email_validation.php
error_reporting(E_ALL);


// A FUNCTION TO TEST FOR A VALID EMAIL ADDRESS, RETURN TRUE OR FALSE
// SEE MAN PAGE: http://php.net/manual/en/intro.filter.php
function check_valid_email($email, $rout=TRUE)
{
    // LIST OF BLOCKED DOMAINS
    $bogus = array
    ( '@unknown.com'
    , '@example.com'
    , '@gooseball.org'
    )
    ;

    // IF THE EMAIL STRING IS IMPROPERLY FORMED
    if(filter_var($email, FILTER_VALIDATE_EMAIL) === FALSE) return FALSE;

    // TEST TO SEE IF THE DOMAIN IS IN OUR BLOCKED LIST
    foreach ($bogus as $badguy)
    {
        if (stripos($email, $badguy)) return FALSE;
    }

    // FILTER_VAR DOES NOT TEST IF THE DOMAIN IS ROUTABLE
    if ($rout)
    {
        $domain = explode('@', $email);

        // MAN PAGE: http://php.net/manual/en/function.checkdnsrr.php
        if ( checkdnsrr($domain[1], "MX") || checkdnsrr($domain[1], "A") ) return TRUE;

        // EMAIL IS NOT ROUTABLE
        return FALSE;
    }
    return TRUE;
}



// DEMONSTRATE THE FUNCTION IN ACTION
$e = NULL;
if (!empty($_GET["e"]))
{
    $e = $_GET["e"];
    if (check_valid_email($e))
    {
        echo "<br/>VALID: $e \n";
    }
    else
    {
        echo "<br/>BOGUS: $e \n";
    }
}


// END OF PROCESSING - CREATE THE FORM USING HEREDOC NOTATION
$form = <<<ENDFORM
<form>
TEST A STRING FOR A VALID EMAIL ADDRESS:
<input name="e" value="$e" />
<input type="submit" />
</form>
ENDFORM;

echo $form;

Open in new window

0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Because your company can’t afford for you to make SEO mistakes, you’ll want to ensure you’re taking the right steps each and every time you post a new piece of content. This list of optimization do’s and don’ts can help you become an SEO wizard.
Color can increase conversions, create feelings of warmth or even incite people to get behind a cause. If you want your website to really impact site visitors, then it is vital to consider the impact color has on them.
The viewer will receive an overview of the basics of CSS showing inline styles. In the head tags set up your style tags: (CODE) Reference the nav tag and set your properties.: (CODE) Set the reference for the UL element and styles for it to ensu…
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question