Form Email Content

csosa · November 19, 2015, 10:49pm

Hi, whenever a user fills out a form and leave certain inputs that
are not required, it still sends that input field in the email. is their
a way not send the empty fields?

this is an example of what I got in the email test I did to myself
I didnt fill in certain fields and they were still sent blank.

ralphm · November 19, 2015, 11:32pm

You can just set up some if statements to filter out results if they are blank.

csosa · November 19, 2015, 11:39pm

Thought so. May I get an example of one? I am not too familiar
with PHP much.

  <input type="text" name="IfYesAllergies" placeholder="If Yes, Allergic to?">

ralphm · November 19, 2015, 11:50pm

It’s more to do with the PHP code that builds the body of your email message. Could you post your PHP script?

csosa · November 19, 2015, 11:53pm

Ill put for download its pretty long thats why.
meddentalinfoengine.php (8.8 KB)

ralphm · November 20, 2015, 12:18am

I’m not a PHP person (or a programmer), so what I’m going to suggest will work, but it’s very inefficient. Still, we noobs have to survive somehow!

So, for each item you want to make conditional, you could replace something like this—

$Body .= "Age: ";
$Body .= $PatientAge;
$Body .= "\n";

with this

if ($_POST['PatientAge']) {
    $Body .= "Age: ";
    $Body .= $PatientAge;
    $Body .= "\n";
}

That way, you’ll only see output in the email if something was actually entered in that field.

As I said, though, it’s very inefficient to write this out each time, but I’ll leave it to someone else to make your code more efficient.

csosa · November 20, 2015, 12:19am

I see thank you though!!

ralphm · November 20, 2015, 12:24am

I should have asked if there’s a separate script to handle the $validation. If so, there might be more to it than this. Without it, your form is pretty insecure.

csosa · November 20, 2015, 12:29am

No I don’t I am using HTML5: Form Validation, leaving the work to
the browser.

required="required"

Should I be using JS? or is that a choice now a days?
Is using JS better?

Mittineague · November 20, 2015, 12:38am

First thing I would try is using something like this to get rid of ~60 lines of code

foreach($_POST as $key => $value) {
  $post_key = $key;
  $$post_key = trim(stripslashes($value));
}

* where are the slashes coming from?
is Trim a custom function or a typo?

csosa · November 20, 2015, 1:14am

Not sure I got this from another source.

What is this for?

foreach($_POST as $key => $value) {
  $post_key = $key;
  $$post_key = trim(stripslashes($value));
}

sorry not familiar with PHP much…im a noob

Mittineague · November 20, 2015, 1:19am

To get rid of the ~60 lines of code that essentially all do the same thing.
for example, instead of
$PatientName = Trim(stripslashes($_POST['PatientName']));
for each $_POST variable, it loops through them all creating a variable from the key and and assigning the “processed” value

csosa · November 20, 2015, 1:21am

oh ok I see

so just to be clear I delete all this:

$PatientName = Trim(stripslashes($_POST['PatientName'])); 
$PatientAge = Trim(stripslashes($_POST['PatientAge'])); 
$PhysName = Trim(stripslashes($_POST['PhysName']));

etc etc…

and replace with this:

foreach($_POST as $key => $value) {
  $post_key = $key;
  $$post_key = trim(stripslashes($value));
}

felgall · November 20, 2015, 1:34am

Yes - provided that timming off the leading and trailing whitespace and removing slashes is all that is needed to ensure that all the fields contain valid values. If that isn’t the case then your original code doesn’t work either (even if you were to fix the typo)

ralphm · November 20, 2015, 1:34am

Both of those are handy, but largely useless in terms of preventing malicious injections by spammers.

Mittineague · November 20, 2015, 3:54am

The exact details of constraint validation aren’t all that clear to me, but AFAICT it’s more for immediate feedback to the user than it is to replace proper validation / sanitization

That is, use it to help honest users, but don’t rely on it alone for protection against malicious users.

felgall · November 20, 2015, 4:58am

Any client side validation should be repeated on the server as a minimum (assuming that there is no validation that can’t be done easily in the browser that you only apply on the server).

SamA74 · November 20, 2015, 1:19pm

Some older browsers don’t even recognise the validation from html. It is useful, but not to be relied upon.

Since you are using php to process the form, it would seem natural to use php for validation. Using server side scripting would also get around problems with people not having js enabled.

RyanReese · November 20, 2015, 2:13pm

Use Javascript AND PHP for validation. Javascript to save users the refresh that PHP gives, but obviously plan for JS being off, as Sam mentioned.

csosa · November 20, 2015, 4:49pm

True, at the time of writing, only Chrome and Opera supported HTML5 validation,
although other browsers are expected to follow. Most developers at the moment
will continue using Javascript to validate forms…