SitePoint Sponsor

User Tag List

Results 1 to 15 of 15
  1. #1
    SitePoint Zealot maffp's Avatar
    Join Date
    Jun 2005
    Location
    UK
    Posts
    158
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Question Which redirect should i use after contact form submission?

    Hi!

    As the title says, I have a php contact form which after sending outputs a simple white page with either 'message sent' or error details.

    I would like it to redirect after 5 seconds or something (with an optional link too). Which type of redirect should I use?

    Thanks

  2. #2
    He's No Good To Me Dead silver trophybronze trophy stymiee's Avatar
    Join Date
    Feb 2003
    Location
    Slave I
    Posts
    23,423
    Mentioned
    2 Post(s)
    Tagged
    1 Thread(s)
    If you want to wait five seconds the a meta redirect is what you'll need.

  3. #3
    I meant that to happen silver trophybronze trophy Raffles's Avatar
    Join Date
    Sep 2005
    Location
    Tanzania
    Posts
    4,662
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    It would be better to redirect to a more useful page immediately, like where the form was sent from, and then put a small message on that page, e.g. above the form, saying 'message sent' or whatever error there was. I find 5-second pages annoying and I bet a lot of people do too.

  4. #4
    SitePoint Zealot maffp's Avatar
    Join Date
    Jun 2005
    Location
    UK
    Posts
    158
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Good Call. Which code is best though?

  5. #5
    In memoriam gold trophysilver trophybronze trophy Dan Schulz's Avatar
    Join Date
    May 2006
    Location
    Aurora, Illinois
    Posts
    15,476
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You're going to want to have the PHP script handle that.

  6. #6
    SitePoint Zealot maffp's Avatar
    Join Date
    Jun 2005
    Location
    UK
    Posts
    158
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Really?

    How would I do that then? My contact form currently outputs to email.php which send the email and then uses 'echo' to say whether it has sent or not (and for whatever reason).

    What could I add to make it redirect using PHP?

  7. #7
    SitePoint Author silver trophybronze trophy

    Join Date
    Nov 2004
    Location
    Ankh-Morpork
    Posts
    12,158
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    PHP Code:
    <?php
        
    // process submission and send email ...

        
    header('Location: http://example.com/confirm.php');
    ?>
    Birnam wood is come to Dunsinane

  8. #8
    I meant that to happen silver trophybronze trophy Raffles's Avatar
    Join Date
    Sep 2005
    Location
    Tanzania
    Posts
    4,662
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Or on your page called contact.php you make the form's action be "contact.php" (i.e. you only need one script). At the top of contact.php you check if the form has been submitted (i.e. there's email, message etc. details in the POST array - you must validate these). Then if all goes well and the email is sent, you print "Message sent" and you end the script there (you don't put the form underneath). Then the user can choose where to go from there (this is where a good navigation system is important).

    If there's an error, you print "There was an error: you have not entered a valid [whatever]". Following that, you print the form again and, ideally, the values that were entered correctly the first time are present there as the values in the form fields. Then the user only needs to make a small adjustment.

  9. #9
    SitePoint Zealot maffp's Avatar
    Join Date
    Jun 2005
    Location
    UK
    Posts
    158
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi Raffles,

    I was gonna do that but my php files are in my root folder (i.e. www.domain.co.uk/contact.php) so wouldn't spammers be able to more easily view the PHP file and see how my form works? Including any email addresses that are contained in it.

    I'm just putting pieces of info together from bits that I've read. Would this be right?

  10. #10
    SitePoint Zealot maffp's Avatar
    Join Date
    Jun 2005
    Location
    UK
    Posts
    158
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I've currently got:

    index.php
    page1.php
    page2.php
    contact.php
    confirmedsent.php
    includes/header.inc.php
    includes/footer.inc.php
    includes/email.php

  11. #11
    In memoriam gold trophysilver trophybronze trophy Dan Schulz's Avatar
    Join Date
    May 2006
    Location
    Aurora, Illinois
    Posts
    15,476
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    If your form page is written properly, spammers will be able to do two things with it. And Jack left town...

  12. #12
    I meant that to happen silver trophybronze trophy Raffles's Avatar
    Join Date
    Sep 2005
    Location
    Tanzania
    Posts
    4,662
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Nobody can view your php files' source (unless you've specifically set up your server to show the source code when the .phps file extension is used, but this isn't enabled by default) and it doesn't matter whether they're in the root or in a subfolder.
    So as long as you write secure code, anything in your PHP file that you don't output to HTML is safe from the spammers, including email addresses.

  13. #13
    SitePoint Zealot maffp's Avatar
    Join Date
    Jun 2005
    Location
    UK
    Posts
    158
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Raffles
    Nobody can view your php files' source (unless you've specifically set up your server to show the source code when the .phps file extension is used, but this isn't enabled by default) and it doesn't matter whether they're in the root or in a subfolder.
    So as long as you write secure code, anything in your PHP file that you don't output to HTML is safe from the spammers, including email addresses.
    Oh, cool. Any ideas where I might have got that idea from? Or got confused by?

    Quote Originally Posted by Dan Schulz
    If your form page is written properly, spammers will be able to do two things with it. And Jack left town...
    Wha'?!

  14. #14
    In memoriam gold trophysilver trophybronze trophy Dan Schulz's Avatar
    Join Date
    May 2006
    Location
    Aurora, Illinois
    Posts
    15,476
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Meaning they won't be able to use your form to spam other people.

    As for the "and Jack left town..." comment, it's short-hand for "Jack and [self-censored]. And Jack left town." Meaning, they'll be able to do nothing malicious with it (like spam other people, or use an SQL injection attack to wipe out your database).

  15. #15
    I meant that to happen silver trophybronze trophy Raffles's Avatar
    Join Date
    Sep 2005
    Location
    Tanzania
    Posts
    4,662
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by maffp View Post
    Oh, cool. Any ideas where I might have got that idea from? Or got confused by?
    Maybe you got confused with javascript?


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •